2FA authentication changes for Google Authenticator

Hello!
our RDM Client / Server Installation is behind a firewall protected network without any cloud access to google or something else.


We just checked the actual stable client / server (12.5.4) for google authenticator for 2fa: There have changed a lot since 12.0.4, which is in production on our site.


There are only a few quirks, which could be changed by you and then the google authenticator works perfectly in such an locked down environment. And this are :


- Display the QR Code not via Webapi, use an local library for generating the QR Code if an administrator is generating the google authentication
- Display the QR Code not via Webapi, use an local library for generating the QR Code if a user is generating the google authentication, here we got a Web Error (Webexception Remote Name cannot be resolved for www.google.com).


Attached is a screenshot from the german administrator view, where you can see the missing qr code.


We configured 2fa as administrator with an self generated qr code and entered the first secret, which has been accepted. After this 2fa works fine. After entering a wrong secret we got the errors message, wrong secret, which is be fine, after entering a valid secret we are authenticated.


So the only thing to change is the genration of qr codes.


Regards Bernd.