From eaad1884d40f9cabff98a57a524c17afd00c9fe7 Mon Sep 17 00:00:00 2001
From: Aaron Bieber <aaron@bolddaemon.com>
Date: Sun, 17 Sep 2017 15:41:16 -0600
Subject: [PATCH] Make sure our secret is always uppercase

Non-uppercase secrets that are base32 encoded will fial to decode
unless we upper them.
---
 hotp.go | 3 ++-
 totp.go | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/hotp.go b/hotp.go
index 1232e98..7d2c752 100644
--- a/hotp.go
+++ b/hotp.go
@@ -7,6 +7,7 @@ import (
 	"io"
 	"net/url"
 	"strconv"
+	"strings"
 )
 
 // HOTP represents an RFC-4226 Hash-based One Time Password instance.
@@ -64,7 +65,7 @@ func hotpFromURL(u *url.URL) (*HOTP, string, error) {
 	label := u.Path[1:]
 	v := u.Query()
 
-	secret := v.Get("secret")
+	secret := strings.ToUpper(v.Get("secret"))
 	if secret == "" {
 		return nil, "", ErrInvalidURL
 	}
diff --git a/totp.go b/totp.go
index 10d6782..10a2876 100644
--- a/totp.go
+++ b/totp.go
@@ -10,6 +10,7 @@ import (
 	"io"
 	"net/url"
 	"strconv"
+	"strings"
 	"time"
 )
 
@@ -115,7 +116,7 @@ func totpFromURL(u *url.URL) (*TOTP, string, error) {
 	label := u.Path[1:]
 	v := u.Query()
 
-	secret := v.Get("secret")
+	secret := strings.ToUpper(v.Get("secret"))
 	if secret == "" {
 		return nil, "", ErrInvalidURL
 	}