Hello,
I’m using the yubikey with the fellowing script:
Code:
$yubi = new Auth_Yubico('42', 'FOOBAR=',1,1);
$auth = $yubi->verify($otp);
if (PEAR::isError($auth)) {
print "<p>Authentication failed: " . $auth->getMessage();
print "<p>Debug output from server: " . $yubi->getLastResponse();
} else {
print "<p>You are authenticated!";
}
If there is an error PEAR::isError($auth) returns FALSE.
But $auth->getMessage() is set, e.g. REPLAYED_OTP.
This only concerns when I’m testing this with my web hoster. When testing everything with my local web server my system PEAR::isError($auth) returns TRUE if there is an error.
Code:
print_r from $auth my web hoster (PHP 5.3.10):
PEAR_Error Object
(
[error_message_prefix] =>
[mode] => 1
[level] => 1024
[code] =>
[message] => REPLAYED_OTP
[userinfo] =>
[backtrace] => Array
(
[0] => Array
(
[file] => /usr/local/lib/php/PEAR.php
[line] => 527
[function] => PEAR_Error
[class] => PEAR_Error
[object] => PEAR_Error Object
*RECURSION*
[type] => ->
[args] => Array
(
[0] => REPLAYED_OTP
[1] =>
[2] => 1
[3] => 1024
[4] =>
)
[/code]
local web server (PHP 5.3.20):
[code]
PEAR_Error Object
(
[error_message_prefix] =>
[mode] => 1
[level] => 1024
[code] =>
[message] => REPLAYED_OTP
[userinfo] =>
[backtrace] => Array
(
[0] => Array
(
[file] => /Applications/MAMP/bin/php/php5.3.20/lib/php/PEAR.php
[line] => 533
[function] => PEAR_Error
[class] => PEAR_Error
[type] => ->
[args] => Array
(
[0] => REPLAYED_OTP
[1] =>
[2] => 1
[3] => 1024
[4] =>
)
[/code]
It’s no good idea, to trust in PEAR::isError($auth)
Now I’m using:
[code]
$yubi = new Auth_Yubico('42', 'FOOBAR=');
$auth = $yubi->verify($otp);
if ($auth !== true) {
print "<p>Authentication failed: " . $auth->getMessage();
print "<p>Debug output from server: " . $yubi->getLastResponse();
} else {
print "<p>You are authenticated!";
}
Kind regards
Mario
Login
FAQ
Search
