wildwolf/yubico-otp

PHP 7-friendly alternative to the official php-yubico client

3.0.3 2024-02-19 23:37 UTC

README

CI Static Code Analysis Quality Gate Status

PHP 7/8-friendly alternative to the official php-yubico client.

Installation

composer require wildwolf/yubico-otp

Usage

$otp      = new WildWolf\Yubico\OTP($id, $secret);
$response = null;
$result   = $otp->verify($code, null, &$response);

Where:

  • $id, $secret are the Client ID and the secret key; you will need to sign up for them;
  • $code is the OTP code to verify (it will look something like ccccccjknjjnfffttntuknrfnkednknkfjegcrhhkuut; see OTP::parsePasswordOTP() for its format);
  • $result is the verification result (true for success, false for failure);
  • $response is the raw response from Yubico (details).

verify() can throw OTPBadResponseException if the response fails the basic sanity checks, OTPTamperedResponseException if the response signature fails to validate, OTPTransportException in case of the issues talking to the OTP server.