Authenticating the yubikey against the yubico web api
Version 3.00
Authenticate against the Yubico server via the Web \s-1API\s0 in Perl
Sample \s-1CGI\s0 script :-
#!/usr/bin/perl
use CGI;
$cgi = new CGI;
$otp = $cgi->param("otp");
print "Content-type: text/html\n\n";
print "<html>\n";
print "<form method=get>Yubikey : <input type=text name=otp size=40 type=password></form>\n";
use Auth::Yubikey_WebClient;
$id = "<enter your id here>";
$api = "<enter your API key here>";
$nonce = "<enter your nonce here>";
if($otp)
{
$result = Auth::Yubikey_WebClient::yubikey_webclient($otp,$id,$api,$nonce);
# result can be either ERR or OK
print "Authentication result : <b>$result</b><br>";
}
print "</html>\n";
Creates a new Yubikey Webclient connection
use Auth::Yubikey_WebClient;
my $yubi = Auth::Yubikey_WebClient->new({ id => <enter your id here> , api => '<enter your API key here>' , nonce => '<enter your nonce if you have one>' });
You can overwrite the \s-1URL\s0 called if you want to call an alternate authentication server as well :-
use Auth::Yubikey_WebClient;
my $yubi = Auth::Yubikey_WebClient->new({ id => <enter your id here> , api => '<enter your API key here>' , nonce => '<enter your nonce if you have one>', url => 'http://www.otherserver.com/webapi.php' });
Displays the debug info
$yubi->debug();
Prints out some debug information. Useful to be called after authentication to see what Yubico sent back. You can also call the variables yourself, for example if you'd like to see what the token \s-1ID\s0 is, call $yubi->{publicid}. The same goes for all the other variables printed in debug.
Check a \s-1OTP\s0 for validity
$result = $yubi->otp($otp);
Call the otp procedure with the input from the yubikey. It will return the result.
This function will also setup a few internal variables that was returned from Yubico.
Before you can use this module, you need to register for an \s-1API\s0 key at Yubico. This is as simple as logging onto <https://upgrade.yubico.com/getapikey/> and entering your Yubikey's \s-1OTP\s0 and your email address. Once you have the \s-1API\s0 and \s-1ID\s0, you need to provide those details to the module to work.
Phil Massyn, \*(C`<phil at massyn.net>\*(C'
Please report any bugs or feature requests to \*(C`bug-auth-yubikey_webclient at rt.cpan.org\*(C', or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Auth-Yubikey_WebClient <http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Auth-Yubikey_WebClient>. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.
You can find documentation for this module with the perldoc command.
perldoc Auth::Yubikey_WebClient
You can also look for information at:
\s-1RT:\s0 \s-1CPAN\s0's request tracker http://rt.cpan.org/NoAuth/Bugs.html?Dist=Auth-Yubikey_WebClient <http://rt.cpan.org/NoAuth/Bugs.html?Dist=Auth-Yubikey_WebClient>
AnnoCPAN: Annotated \s-1CPAN\s0 documentation http://annocpan.org/dist/Auth-Yubikey_WebClient <http://annocpan.org/dist/Auth-Yubikey_WebClient>
\s-1CPAN\s0 Ratings http://cpanratings.perl.org/d/Auth-Yubikey_WebClient <http://cpanratings.perl.org/d/Auth-Yubikey_WebClient>
Search \s-1CPAN\s0 http://search.cpan.org/dist/Auth-Yubikey_WebClient <http://search.cpan.org/dist/Auth-Yubikey_WebClient>
0.04 - Fixed bug <http://rt.cpan.org/Public/Bug/Display.html?id=51121> 1.00 - Added validation of the request to Yubico (Thanks to Kirill Miazine) 2.00 - Added nounce coding (Thanks to Ludvig af Klinteberg) 2.01 - Response turning into an array due to \r bug (Thanks to Peter Norin)
Copyright 2010 Phil Massyn, all rights reserved.
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.