npm
Sign UpSign In

yubico-otp-client
TypeScript icon, indicating that this package has built-in type declarations

0.0.4 • Public • Published

yubico-otp

Client for Yubico OTP verification service as described in Validation_Protocol_V2

Usage

import {verifyOtp} from 'yubico-otp-client'

const otp = "OTP string from yubikey"

var result = await verifyOtp({
    apiKey: '<secret key>', 
    clientId: '<client id>', 
    serviceurl: 'https://api.yubico.com/wsapi/2.0/verify'}, otp);

A successful verification result will have this form:

{
  h: 'pGPA07mlKf6XXeZ/0TrIgy5cZCQ=',
  t: '2022-10-06T14:28:05Z0414',
  otp: 'cccfgnhcfbccckvntjgitbjfcleteuvkfrkrjevrrjet',
  nonce: 'd9inSRVLkK1vm9nyNpfj',
  sl: '100',
  status: 'OK',
  deviceId: 'cccfgnhcfbcc',
  signatureValid: true,
  isOk: true
}

Beside the key/values provided by the yubico verification service (Validation_Protocol_V2#Response), the fields deviceId and signatureValid are added to the result.

The field signatureValid will indicate that the returned h value did pass the signature check, while deviceId represents the public key of the yubikey (first 12 chars of OTP). The field isOk will have the boolean value true, only if the response status field equals "OK".

/yubico-otp-client/

    Package Sidebar

    Install

    npm i yubico-otp-client

    Repository

    github.com/mladoi/yubico-otp

    Homepage

    github.com/mladoi/yubico-otp#readme

    Weekly Downloads

    3

    Version

    0.0.4

    License

    MIT

    Unpacked Size

    16.4 kB

    Total Files

    13

    Last publish

    Collaborators

    • mladoia
    Try on RunKit
    Report malware