Skip to content
/ python-yubico-client Public
forked from Kami/python-yubico-client

Python class for verifying Yubico One Time Passwords (OTPs) based on the validation protocol version 2.0.

www.yubico.com

License

BSD-3-Clause license
1 star 19 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

syneus/python-yubico-client

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
demo
demo
 
 
yubico
yubico
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
setup.py
setup.py
 
 

Repository files navigation

Yubico Python Client

Python class for verifying Yubico One Time Passwords (OTPs) based on the validation protocol version 2.0.

Usage

  1. Generate your client id and secret key (this can be done by visiting the Yubico website)
  2. Use the client

Single mode:

from yubico.yubico import Yubico

yubico = Yubico('client id', 'secret key')
yubico.verify('otp')

Multi mode:

from yubico.yubico import Yubico

yubico = Yubico('client id', 'secret key')
yubico.verify_multi(['otp 1', 'otp 2', 'otp 3'])

The verify method will return one of the following values:

  • True - the provided OTP is valid (STATUS=OK)
  • None - server returned one of the following status values: BAD_OTP, BAD_SIGNATURE, MISSING_PARAMETER, OPERATION_NOT_ALLOWED, BACKEND_ERROR, NOT_ENOUGH_ANSWERS, REPLAYED_REQUEST or no response was received from any of the servers in the specified time frame (default timeout = 10 seconds)

The verify_multi method will return one of the following values:

  • True - the provided OTPs are valid (STATUS=OK)
  • False - all the OTPs don't contain the same device id, validation of one of the OTPs failed or 5 seconds (default) has passed between the time when the first and the last OTP was generated

Both methods can also throw one of the following exceptions:

  • StatusCodeError - server returned REPLAYED_OTP status code
  • SignatureVerificationError - server response message signature verification failed
  • InvalidClientIdError - client with the specified id does not exist (server returned NO_SUCH_CLIENT status code)

Notes

If you are using secure connection (https) and want to validate the server certificate, you need to pass verify_cert = True argument when instantiating the yubico class and set CA_CERTS variable in the yubico/httplib_ssl.py file so it points to a file containing trusted CA certificates.

For a backward compatibility, verify_cert is set to False by default.

About

Python class for verifying Yubico One Time Passwords (OTPs) based on the validation protocol version 2.0.

www.yubico.com

Resources

Readme

License

BSD-3-Clause license
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

5 tags

Packages

No packages published