通过 
搜索
搜索grizzlyware / yubikey-php
用于验证YubiKey一次性密码的纯PHP接口
1.0.2
2021-05-07 11:24 UTC
Requires
- php: >=5.6
- ext-curl: *
Requires (Dev)
- phpunit/phpunit: ^8
This package is auto-updated.
Last update: 2024-09-07 18:33:02 UTC
README
YubiKey验证库
此库允许您轻松验证YubiKey OTP(一次性密码)。它使用纯PHP编写,只需使用cURL连接到Yubico的服务器即可。
要求
- PHP 5.6+
- cURL
安装
$ composer require grizzlyware/yubikey-php
示例
require 'vendor/autoload.php'; // These can be obtained from Yubico: https://upgrade.yubico.com/getapikey/ $clientId = 12345; // Replace with your client ID $clientSecret = 'YOUR_SECRET'; // Replace with your client secret. This can also be null or omitted, but the requests and responses will not be signed // This will come from your user $otpToValidate = 'OTP_GENERATED_BY_HARDWARE_YUBIKEY'; // Create the validator instance $yubiKeyValidator = new \Grizzlyware\YubiKey\Validator($clientId, $clientSecret); try { // Check the OTP $yubiKeyValidator->verifyOtp($otpToValidate); // OTP was validated successfully } catch(Grizzlyware\YubiKey\Exceptions\Yubico\BadOtpException $e) { // YubiKey failed validation } catch(Grizzlyware\YubiKey\Exceptions\Exception $e) { // Other error relating to Yubico validation } catch(\Exception $e) { // PHP level exception }
验证使用期间密钥是否相同
YubiKey OTP的前12位数字始终相同且对每个密钥唯一。该部分可以存储在您的应用程序中,用于在验证OTP之前与传入的OTP进行比较。您可以通过存储多个OTP前缀将多个YubiKey附加到用户。
安全漏洞
如果您在此项目中发现安全漏洞,请直接联系Grizzlyware Ltd(contact@grizzlyware.com)。所有安全漏洞都将得到及时处理。
鸣谢
Grizzlyware(https://www.grizzlyware.com)开源构建,以促进互联网的更大利益和安全。