AnyEvent-Yubico

 view release on metacpan or  search on metacpan

lib/AnyEvent/Yubico.pm  view on Meta::CPAN

# Signs a parameter hash using the client API key.
sub sign {
	my ($self, $params) = @_;
	my $content = "";

	foreach my $key (sort keys %$params) {
		$content = $content."&$key=$params->{$key}";
	}
	$content = substr($content, 1);

	my $key = decode_base64($self->{api_key});
	my $signature = encode_base64(hmac_sha1($content, $key), '');

	return $signature;
}

# Parses a response body into a hash.
sub parse_response {
	my $body = shift;
	my $response = {};

	if($body) {
		my @lines = split(' ', $body);
		foreach my $line (@lines) {
			my $index = index($line, '=');
			$response->{substr($line, 0, $index)} = substr($line, $index+1);
		}
	}

	return $response;
}

1;
__END__

=head1 NAME

AnyEvent::Yubico - AnyEvent based Perl extension for validating YubiKey OTPs.
Though AnyEvent is used internally, the module does not impose any particular
coding style on the caller. Provides both blocking and non-blocking methods of 
OTP verification.

=head1 SYNOPSIS

  use AnyEvent::Yubico;
  
  $yk = AnyEvent::Yubico->new({ client_id => 4711, api_key => '<your API key here>' });

  $result = $yk->verify('<YubiKey OTP here>');
  if($result) ...

For more details about the response, instead call verify_sync($otp), which 
returns a hash containing all the parameters that were in the response.

  $result_details = $yk->verify_sync('<YubiKey OTP here>');
  if($result_details->{status} == 'OK') ...


As an alternative, you can call verify_async, which will return a condition 
variable immediately. This can be used if your application already uses an 
asynchronous model. You can also pass a callback as a second parameter to 
verify as well as verify_async, which will be invoked once validation has
completed, with the result.

  $result_cv = $yk->verify_async('<YubiKey OTP here>', sub {
      #Callback invoked when verification is done
      $result_details = shift;
      if($result_details->{status} eq 'OK') ...
  });
  
  #Wait for the result (blocking, same as calling verify directly).
  $result_details = $result_cv->recv;

=head1 DESCRIPTION

Validates a YubiKey OTP (One Time Password) using the YKVAL 2.0 protocol as 
defined here: https://github.com/Yubico/yubikey-val/wiki/ValidationProtocolV20

To use this module, an API key is required, which can be requested here:
https://upgrade.yubico.com/getapikey/

When creating the AnyEvent::Yubico instance, the following arguments can be passed:

=over 4

=item client_id = $id_int

Required. The client ID corresponding to the API key.

=item api_key => $api_key_string

Optional. The API key used to sign requests and verify responses. Without 
this response signatures won't be verified.

=item urls => $array_of_urls

Optional. Defines which validation server URLs to query. The default uses 
the public YubiCloud validation servers. Must support version 2.0 of the 
validation protocol.

Example:

  $yk = AnyEvent::Yubico->new({
      client_id => ...,
      api_key => ...,
      urls => [
          "http://example.com/wsapi/2.0/verify",
          "http://127.0.0.1/wsapi/2.0/verify"
      ]
  });

=item sign_requests => $enable

Optional. When enabled (enabled by default) requests will be signed, as long 
as api_key is also provided.

=item timeout => $seconds

Optional. Timeout parameter sent to the server, see the protocol details for 
more information.



( run in 2.936 seconds using v1.01-cache-2.11-cpan-9581c071862 )