6.1.1.3.1.5.1.14. linotp.lib.tokens.yubikeytoken module¶
This file contains the Yubikey token class where the Yubikey is run in Yubico Mode
- class linotp.lib.tokens.yubikeytoken.YubikeyTokenClass(aToken)[source]¶
Bases: linotp.lib.tokenclass.TokenClass
The Yubikey Token in the Yubico AES mode
- checkOtp(otpVal, counter=None, window=None, options=None)[source]¶
checkOtp - validate the token otp against a given otpvalue
Parameters: - otpVal (string) – the to be verified otpvalue
- counter – the counter state. It is not used by the Yubikey because the current counter value
is sent encrypted inside the OTP value :type counter: int
Parameters: window – the counter +window, which is not used in the Yubikey because the current counter value is sent encrypted inside the OTP, allowing a simple comparison between the encrypted counter value and the stored counter value :type window: int
Parameters: options (dict) – the dict, which could contain token specific info Returns: the counter state or an error code (< 0): -1 if the OTP is old (counter < stored counter) -2 if the private_uid sent in the OTP is wrong (different from the one stored with the token) -3 if the CRC verification fails :rtype: int
- From: http://www.yubico.com/wp-content/uploads/2013/04/YubiKey-Manual-v3_1.pdf
- 6 Implementation details
- check_otp_exist(otp, window=None)[source]¶
checks if the given OTP value is/are values of this very token. This is used to autoassign and to determine the serial number of a token.
- classmethod getClassInfo(key=None, ret='all')[source]¶
getClassInfo - returns a subtree of the token definition
Parameters: - key (string) – subsection identifier
- ret (user defined) – default return value, if nothing is found
Returns: subsection if key exists or user defined
Return type: s.o.
- is_challenge_request(passw, user, options=None)[source]¶
This method checks, if this is a request, that triggers a challenge.
Parameters: - passw (string) – password, which might be pin or pin+otp
- user (User object) – The user from the authentication request
- options (dict) – dictionary of additional request parameters
Returns: true or false