QR codes are a great way to transport information into a mobile device that would otherwise be tedious to input manually. QR codes have been widely adopted in the marketing space, but there are many other great use cases for QR codes. One use case for QR codes is for transporting secret keys into mobile authenticator applications such as Google Authenticator or Authy. Once the key information has been communicated, the mobile application can begin generating Time-Based One-Time Passwords (TOTPs) for the user.
For demonstration purposes, I created a simple IScript that is capable of returning a QR code for the logged in user. The data inside of the QR code is a 16 character, base32 encoded string. This string is used as the secret key for a mobile authenticator application to generate TOTPs for the user.
CLICK HERE to download the app designer project. Unzip the project from the downloaded file and import the project from file in App Designer. To access the QR code generating IScript, you will need to assign the PSM_QR Permission List to a Role of the users that you want to generate QR codes for.
After performing the security setup, you can login as the privileged user and invoke the IScript. You can point your browser to the following URL to generate a QR code for the user:
And you should get a QR code for the logged in user:
This QR code can be scanned into a mobile authenticator application and it should immediately start generating TOTPs.
QR code generation is a neat functionality, but what I really want to highlight on is how simple the application PeopleCode is behind the IScript. I start off by generating the URL that I want to create the QR code based off of.
/* Generate random 16 character Base32 string */ Local array of string &sBase32Chars = CreateArray("A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "2", "3", "4", "5", "6", "7"); Local integer &i; Local string &sKey; For &i = 1 To 16 &sKey = &sKey | &sBase32Chars [Int(Rand() * 32) + 1]; End-For; /* Supply the (arbitrary) domain name for the account to be associated with */ Local string &sHost = "peoplesoftmods.com"; /* Generate the URL to be scanned into the authentication app */ Local string &sQRUrl = "otpauth://totp/" | %UserId | "@" | &sHost | "?secret=" | &sKey;
Last, I output the SVG QR code and additional details to the screen using the write method of the %Response class.
/* Output the SVG image and the account details */ %Response.Write("<br><b>Scan the QR code or enter the secret key into your authentication app</b><br>"); %Response.Write(&sSVGImage); %Response.Write("<br>Account Name: " | %UserId | "@" | &sHost); %Response.Write("<br>Secret Key: " | &sKey);
In a previous post, I demonstrated how I was able to use the Google Charts API to generate QR codes in PeopleSoft. Using the third-party API was an easy solution to the problem, but I think it is best to limit relying on third-parties as much as possible. In this post, we saw how we can utilize “delivered” techniques to generate QR Codes without creating additional dependencies.