Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/sjinks/yubico-otp

PHP 7/8-friendly alternative to the official php-yubico client
https://github.com/sjinks/yubico-otp

2fa authentication otp php security yubico yubico-otp

Last synced: 2 months ago
JSON representation

PHP 7/8-friendly alternative to the official php-yubico client

Host: GitHub
URL: https://github.com/sjinks/yubico-otp
Owner: sjinks
License: mit
Created: 2018-11-27T10:13:38.000Z (about 6 years ago)
Default Branch: master
Last Pushed: 2024-04-24T00:16:38.000Z (9 months ago)
Last Synced: 2024-04-24T03:16:53.418Z (9 months ago)
Topics: 2fa, authentication, otp, php, security, yubico, yubico-otp
Language: PHP
Homepage:
Size: 145 KB
Stars: 3
Watchers: 2
Forks: 0
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # yubico-otp

[![CI](https://github.com/sjinks/yubico-otp/actions/workflows/ci.yaml/badge.svg)](https://github.com/sjinks/yubico-otp/actions/workflows/ci.yaml)

[![Static Code Analysis](https://github.com/sjinks/yubico-otp/actions/workflows/static-code-analysis.yml/badge.svg)](https://github.com/sjinks/yubico-otp/actions/workflows/static-code-analysis.yml)

[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=sjinks_yubico-otp&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=sjinks_yubico-otp)

PHP 7/8-friendly alternative to the official [php-yubico](https://github.com/Yubico/php-yubico) client.

## Installation

```bash

composer require wildwolf/yubico-otp

```

## Usage

```php

$otp      = new WildWolf\Yubico\OTP($id, $secret);

$response = null;

$result   = $otp->verify($code, null, &$response);

```

Where:

  * `$id`, `$secret` are the Client ID and the secret key; you will need to [sign up](https://upgrade.yubico.com/getapikey/) for them;

  * `$code` is the OTP code to verify (it will look something like `ccccccjknjjnfffttntuknrfnkednknkfjegcrhhkuut`; see `OTP::parsePasswordOTP()` for its format);

  * `$result` is the verification result (`true` for success, `false` for failure);

  * `$response` is the raw response from Yubico ([details](https://developers.yubico.com/OTP/Specifications/OTP_validation_protocol.html)).

`verify()` can throw `OTPBadResponseException` if the response fails the basic sanity checks, `OTPTamperedResponseException` if the response signature fails to validate, `OTPTransportException` in case of the issues talking to the OTP server.