Yubikey 2FA Provider - comments/advice please

jack 2016-09-11 22:40:35 UTC #1

Hi All,

I have created a 2FA provider for the Yubikey OTP token. This is my first app for publication so I would appreciate it if someone could give me a little advice before I submit it to the app store.

https://github.com/jaark/twofactor_yubikey

It is heavily based on twofactor_totp.

I have included the Yubikey PHP authentication library but am not sure if I have included it properly. I am pulling it into the code via a require statement, should I be using the autoloader for this? (and if so how?)

Also I am not sure what I should be putting in as the supported owncloud versions - how does oc version numbers map to nc versions?

Any pointers would be helpful.

TIA

oparoz 2016-09-11 22:52:40 UTC #2

^^^^^^ @LukasReschke

tflidd 2016-09-13 06:05:53 UTC #3

I'm using the normal "Two Factor TOTP Provider"-app (https://apps.owncloud.com/content/show.php/TOTP+TwoFactor+%28Google+Authenticator%29?content=174726) with the Yubico Authenticator (software on the client that generates a OTP every 30s).

jack 2016-09-13 18:38:58 UTC #4

TOTP is a totally different type of OTP than the native Yubikey OTP.

My software works (for me), my only concerns are really packaging and polish. The way I am bringing in the Yubico library pollutes the root namespace which is fine enough for me but not something I would want to inflict on others.

Synthead 2017-08-29 21:39:43 UTC #5

I would also love to use a YubiKey with Nextcloud!

tflidd 2017-08-29 21:44:51 UTC #6

Just do it. With U2F it’s even easier.