This is a JS implementation of the Yubico Validation Protocol as outlined in their documentation. All of the extra security precautions are implemented such as using the client secret to hash the request on its way out, and validate the response on its way in. This library is also incredibly small and has no outside dependencies.
- Managed request hashing and response verification
- Typescript types built in
- Environment Variable Defaults
The options parameter contains all of the options you might want to set for the verification requests. Some parameters are requrired,
but having an environment variable suffices for the requirement. The options parameter is not required at all of all parameters are met with environment variables.
| option | required | type | default | example |
|---|---|---|---|---|
clientId |
✅ | string |
N/A | "MyClientID" |
secret |
✅ | string |
N/A | "MySecret" |
sl |
number (0-100),"fast","secure" |
none | "secure" |
|
timeout |
number |
none | "secure" |
|
apiServers |
string[] |
Yubico API Servers | "secure" |
Verify the OTP against the verification servers. This will return a Response class that can be picked apart to get the data you need.
Returns the same OTP that was passed into the verify function.
Returns the UTC timestamp that was given in response from the verification server.
Returns the timestamp from when the key was pressed.
Returns the internal usage counter provided by the key from when it was pressed.
Returns the internal session usage counter provided by the key from when it was pressed.
Returns the response status of the request. This should always be ResponseStatus.OK as all other responses will throw an error.
Returns the public ID of the key. This is unique to each key, but is encoded in ModHex.
If you need the public ID as a number (aka. the serial number), use getSerialNumber().
Returns the serial number of the key. This is decoded from ModHex and represented as a UIntBE.