A NodeJS implementation of the Yubico OTP API
npm install yubico-nodeThis is a JS implementation of the Yubico Validation Protocol as outlined in their documentation. All of the extra security precautions are implemented such as using the client secret to hash the request on its way out, and validate the response on its way in. This library is also incredibly small and has no outside dependencies.
- Managed request hashing and response verification
- Typescript types built in
- Environment Variable Defaults
``
YUBICO_CLIENT_ID = Client ID from Yubico
YUBICO_SECRET = Secret from Yubico
YUBICO_SL = The SL to use (0 - 100, fast, or secure)
YUBICO_TIMEOUT = The timeout for the request (number)
YUBICO_API_SERVERS = If you run your own compliant verification servers, place the hosts in a comma separated list (ex. api.yubico.com,api2.yubico.com, etc.)
`
#### constructor(options?: IYubicoConstructor)
The options parameter contains all of the options you might want to set for the verification requests. Some parameters are requrired,options
but having an environment variable suffices for the requirement. The parameter is not required at all of all parameters are met with environment variables.
| option | required | type | default | example |
| ------------ | -------- | -------------------------------- | ------------------ | -------------- |
| clientId | ✅ | string | N/A | "MyClientID" |secret
| | ✅ | string | N/A | "MySecret" |sl
| | | number (0-100),"fast","secure" | none | "secure" |timeout
| | | number | none | "secure" |apiServers
| | | string[] | Yubico API Servers | "secure" |
#### verify(otp: string): Promise
Verify the OTP against the verification servers. This will return a Response class that can be picked apart to get the data you need.
#### getOneTimePassword(): string
Returns the same OTP that was passed into the verify function.
#### getTimestampUTC(): Date
Returns the UTC timestamp that was given in response from the verification server.
#### getTimestamp(): Date
Returns the timestamp from when the key was pressed.
#### getSessionCounter(): number
Returns the internal usage counter provided by the key from when it was pressed.
#### getSessionUse(): number
Returns the internal session usage counter provided by the key from when it was pressed.
#### getStatus(): ResponseStatus
Returns the response status of the request. This should always be ResponseStatus.OK as all other responses will throw an error.
#### getPublicId(): string
Returns the public ID of the key. This is unique to each key, but is encoded in ModHex.
If you need the public ID as a number (aka. the serial number), use getSerialNumber().
#### getSerialNumber():number
Returns the serial number of the key. This is decoded from ModHex and represented as a UIntBE`.