PHP Classes

Pure PHP Yubicloud authentication: Check YubiKeys OTP in multiple servers

Recommend this page to a friend!
  Info   View files Example   Demos   View files View files (4)   DownloadInstall with Composer Download .zip   Reputation   Support forum   Blog    
Last Updated Ratings Unique User Downloads Download Rankings
2023-06-02 (Yesterday) RSS 2.0 feedNot yet rated by the usersTotal: 142 All time: 9,131 This week: 258Up
Version License PHP version Categories
yubicloud 4.3.28GNU Lesser Genera...5.3.0PHP 5, Web services, Security
Description 

Author

This class can check YubiKeys OTP in multiple servers.

It sends HTTP requests to one or more YubiCloud servers to validate OTP (one time password) keys.

The class can send multiple validation HTTP requests in parallel to multiple servers.

Innovation Award
PHP Programming Innovation award nominee
December 2014
Number 8


Prize: One downloadable copy of PhpED Professional
One time passwords are used to implement systems that are more secure by avoiding replay attacks usually caused by reusing stollen passwords.

This class can validate YubiKeys (one time password keys) against network of multiple YubiCloud servers.

Manuel Lemos
Picture of André Liechti
  Performance   Level  
Name: André Liechti <contact>
Classes: 9 packages by
Country: Switzerland Switzerland
Age: 54
All time rank: 4056 in Switzerland Switzerland
Week rank: 40 Up1 in Switzerland Switzerland Up
Innovation award
Innovation award
Nominee: 8x

Winner: 2x

Details

Yubicloud PHP class

Yubicloud PHP class is a GNU LGPL class to check YubiKeys using YubiCloud.

(c) 2014-2019 SysCo systemes de communication sa The Yubicloud PHP class is a subset of the multiOTP open source project. http://www.multiOTP.net/

Current build: 4.3.3.2 (2019-04-24)

No external file is needed (no PEAR, no PECL, no cURL).

Usage

You need a Yubico API key which is free if you have at least one Yubikey. You can ask for your own key here: https://upgrade.yubico.com/getapikey/


<?php
    require_once('yubicloud.class.php');
    $yubicloud = new Yubicloud("my_client_id", "my_secret_key");
    $result = $yubicloud->checkOnYubiCloud($otp_to_check);
?>

Possible returned value is one of the following:


                   OK  The OTP is valid.
              BAD_OTP  The OTP is invalid format.
         REPLAYED_OTP  The OTP has already been seen by the service.
        BAD_SIGNATURE  The HMAC signature verification failed.
    MISSING_PARAMETER  The request lacks a parameter.
       NO_SUCH_CLIENT  The request id does not exist.
OPERATION_NOT_ALLOWED  The request id is not allowed to verify OTPs.
        BACKEND_ERROR  Unexpected error in Yubico servers. Please contact them if you see this error.
   NOT_ENOUGH_ANSWERS  Server could not get requested number of syncs during before timeout.
     REPLAYED_REQUEST  Server has seen the OTP/Nonce combination before.
            BAD_NONCE  Answer Nonce is different from the request Nonce.
     CONNECTION_ERROR  Impossible to make a connection with the YubiCloud servers.
     OTP_IS_DIFFERENT  Answer OTP is different from request OTP.
   OUT_OF_TIME_WINDOW  Timestamp difference with the Yubico servers is bigger than yubicloud_max_time_window.
       SERVER_TIMEOUT  Timeout while waiting an answer from the server.

Check yubicloud.demo.php for a full implementation example.

You can support our open source projects with donations and sponsoring. Sponsorships are crucial for ongoing and future development! If you'd like to support our work, then consider making a donation, any support is always welcome even if it's as low as $1! You can also sponsor the development of a specific feature. Please contact us in order to discuss the detail of the implementation.

[Donate via PayPal by clicking here][1]. [![Donate via PayPal][2]][1] [1]: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=N56M9E2SEAUD4 [2]: https://www.paypalobjects.com/webstatic/mktg/logo/pp_cc_mark_37x23.jpg

And for more PHP classes, have a look on PHPclasses.org, where a lot of authors are sharing their classes for free.

  Yubicloud PHP class demoExternal page  
  Files folder image Files  
File Role Description
Accessible without login Plain text file README.md Doc. Documentation
Plain text file yubicloud.class.php Class Main file (class)
Accessible without login Plain text file LICENSE.md Lic. License text
Accessible without login Plain text file yubicloud.demo.php Example Implementation example

 Version Control Unique User Downloads Download Rankings  
 100%
Total:142
This week:0
All time:9,131
This week:258Up