mladoi / yubico-otp

Stub for Yubico OTP verification service

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

yubico-otp

Client for Yubico OTP verification service as described in Validation_Protocol_V2

Usage

import {verifyOtp} from 'yubico-otp-client'

const otp = "OTP string from yubikey"

var result = await verifyOtp({
    apiKey: '<secret key>', 
    clientId: '<client id>', 
    serviceurl: 'https://api.yubico.com/wsapi/2.0/verify'}, otp);

A successful verification result will have this form:

{
  h: 'pGPA07mlKf6XXeZ/0TrIgy5cZCQ=',
  t: '2022-10-06T14:28:05Z0414',
  otp: 'cccfgnhcfbccckvntjgitbjfcleteuvkfrkrjevrrjet',
  nonce: 'd9inSRVLkK1vm9nyNpfj',
  sl: '100',
  status: 'OK',
  deviceId: 'cccfgnhcfbcc',
  signatureValid: true,
  isOk: true
}

Beside the key/values provided by the yubico verification service (Validation_Protocol_V2#Response), the fields deviceId and signatureValid are added to the result.

The field signatureValid will indicate that the returned h value did pass the signature check, while deviceId represents the public key of the yubikey (first 12 chars of OTP). The field isOk will have the boolean value true, only if the response status field equals "OK".

About

Stub for Yubico OTP verification service

License:MIT License


Languages

Language:JavaScript 53.0%Language:TypeScript 47.0%