Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/GeertJohan/yubigo

Yubigo is a Yubikey client API library that provides an easy way to integrate the Yubico Yubikey into your existing Go-based user authentication infrastructure.
https://github.com/GeertJohan/yubigo

Last synced: 2 months ago
JSON representation

Yubigo is a Yubikey client API library that provides an easy way to integrate the Yubico Yubikey into your existing Go-based user authentication infrastructure.

Awesome Lists containing this project

README

        

## yubigo

Yubigo is a Yubikey client API library that provides an easy way to integrate the Yubikey into any Go application.

## Installation

Installation is simple. Use go get:
`go get github.com/GeertJohan/yubigo`

## Usage

Make sure to import the library: `import "github.com/GeertJohan/yubigo"`

For use with the default Yubico servers, make sure you have an API key. [Request a key][getapikey].

**Basic OTP checking usage:**
```go

// create a new yubiAuth instance with id and key
yubiAuth, err := yubigo.NewYubiAuth("1234", "fdsaffqaf4vrc2q3cds=")
if err != nil {
// probably an invalid key was given
log.Fatalln(err)
}

// verify an OTP string
result, ok, err := yubiAuth.Verify("ccccccbetgjevivbklihljgtbenbfrefccveiglnjfbc")
if err != nil {
log.Fatalln(err)
}

if ok {
// succes!! The OTP is valid!
log.Printf("Used query was: %s\n", result.GetRequestQuery()) // this query string includes the url of the api-server that responded first.
} else {
// fail! The OTP is invalid or has been used before.
log.Println("The given OTP is invalid!!!")
}
```

**Use your own HTTP Client with fine-tuned config:**
While the library works out of the box, it's not recommended to use the default http client.
It is better to configure your own http client with useful timeouts.

For example:
```go
yubigo.HTTPClient = &http.Client{
Timeout: time.Second * 15,
Transport: &http.Transport{
MaxConnsPerHost: 20,
MaxIdleConnsPerHost: 5,
DialContext: (&net.Dialer{
Timeout: 30 * time.Second,
KeepAlive: 60 * time.Second,
}).DialContext,
TLSHandshakeTimeout: 10 * time.Second,
ResponseHeaderTimeout: 10 * time.Second,
ExpectContinueTimeout: 1 * time.Second,
},
}
```

**Do not verify HTTPS certificate:**
```go
// Disable HTTPS cert verification. Use true to enable again.
yubiAuth.HttpsVerifyCertificate(false)
```

**HTTP instead of HTTPS:**
```go
// Disable HTTPS. Use true to enable again.
yubiAuth.UseHttps(false)
```

**Custom API server:**
```go
// Set a list of n servers, each server as host + path.
// Do not prepend with protocol
yubiAuth.SetApiServerList("api0.server.com/api/verify", "api1.server.com/api/verify", "otherserver.com/api/verify")
```

## Licence

This project is licensed under a Simplified BSD license. Please read the [LICENSE file][license].

## Todo
- Test files
- More documentation
- Getters/Setters for some options on the YubiAuth object.

## Protocol & Package documentation

This project is implementing a pure-Go Yubico OTP Validation Client and is following the [Yubico Validation Protocol Version 2.0][validationProtocolV20].

You will find "go doc"-like [package documentation at go.pkgdoc.org][pkgdoc].

[license]: https://github.com/GeertJohan/yubigo/blob/master/LICENSE
[getapikey]: https://upgrade.yubico.com/getapikey/
[pkgdoc]: http://go.pkgdoc.org/github.com/GeertJohan/yubigo
[validationProtocolV20]: http://code.google.com/p/yubikey-val-server-php/wiki/ValidationProtocolV20