Code:
$signature = preg_replace('/\+/', '%2B', $signature);
This will help
and thanks for sharing
| Yubico Forum https://forum.yubico.com/ |
|
| Made a non-pear php implementation https://forum.yubico.com/viewtopic.php?f=3&t=354 |
Page 1 of 1 |
| Author: | vrillusions [ Fri Jul 10, 2009 6:55 pm ] |
| Post subject: | Made a non-pear php implementation |
Been meaning to post this for a while. This is a demo script (sadly I have yet to apply it anywhere) that uses the curl extension in php. It signs the request, sends over ssl, and verifies the response signature. Demo: http://rikku.vrillusions.com/~vr/yubikey-verify.php Source: http://rikku.vrillusions.com/~vr/yubikey-verify.phps Only bug I've been noticing is sometimes the sent signature for message I sent comes back from yubico as invalid. It's reproducable enough that it goes no more than 10 times before I'll see it. Not sure if it's on my end or yubico's since I don't think the official libraries verify it. I'm sending everything over ssl so verifying hashes is redundant. I set this up as a most secure way possible. If anyone can figure out how to fix that part I'd be happy to know. Otherwise this library could be useful for people that don't even want to depend on PEAR. |
|
| Author: | Klaus [ Wed Sep 09, 2009 8:22 pm ] |
| Post subject: | Re: Made a non-pear php implementation |
Code: $signature = preg_replace('/\+/', '%2B', $signature); This will help and thanks for sharing
|
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|