mirror of
				https://github.com/dani-garcia/vaultwarden.git
				synced 2025-10-26 16:00:02 +02:00 
			
		
		
		
	Allows Custom Yubico OTP Server
This commit is contained in:
		
							
								
								
									
										3
									
								
								.env
									
									
									
									
									
								
							
							
						
						
									
										3
									
								
								.env
									
									
									
									
									
								
							| @@ -43,9 +43,10 @@ | ||||
| ## Yubico (Yubikey) Settings | ||||
| ## Set your Client ID and Secret Key for Yubikey OTP | ||||
| ## You can generate it here: https://upgrade.yubico.com/getapikey/ | ||||
| ## TODO: Allow choosing custom YubiCloud server | ||||
| ## You can optionally specify a custom OTP server | ||||
| # YUBICO_CLIENT_ID=11111 | ||||
| # YUBICO_SECRET_KEY=AAAAAAAAAAAAAAAAAAAAAAAA | ||||
| # YUBICO_SERVER=http://yourdomain.com/wsapi/2.0/verify | ||||
|  | ||||
| ## Rocket specific settings, check Rocket documentation to learn more | ||||
| # ROCKET_ENV=staging | ||||
|   | ||||
| @@ -561,7 +561,14 @@ fn verify_yubikey_otp(otp: String) -> JsonResult { | ||||
|     let yubico = Yubico::new(); | ||||
|     let config = Config::default().set_client_id(CONFIG.yubico_client_id.to_owned()).set_key(CONFIG.yubico_secret_key.to_owned()); | ||||
|  | ||||
|     let result = yubico.verify(otp, config); | ||||
|     let result; | ||||
|  | ||||
|     if CONFIG.yubico_server.is_some() { | ||||
|         result = yubico.verify(otp, config.set_api_hosts(vec![CONFIG.yubico_server.to_owned().unwrap()])); | ||||
|     } | ||||
|     else { | ||||
|         result = yubico.verify(otp, config); | ||||
|     } | ||||
|  | ||||
|     match result { | ||||
|         Ok(_answer) => Ok(Json(json!({}))), | ||||
|   | ||||
| @@ -249,6 +249,7 @@ pub struct Config { | ||||
|     yubico_cred_set: bool, | ||||
|     yubico_client_id: String, | ||||
|     yubico_secret_key: String, | ||||
|     yubico_server: Option<String>, | ||||
|  | ||||
|     mail: Option<MailConfig>, | ||||
| } | ||||
| @@ -294,6 +295,7 @@ impl Config { | ||||
|             yubico_cred_set: yubico_client_id.is_some() && yubico_secret_key.is_some(), | ||||
|             yubico_client_id: yubico_client_id.unwrap_or("00000".into()), | ||||
|             yubico_secret_key: yubico_secret_key.unwrap_or("AAAAAAA".into()), | ||||
|             yubico_server: get_env("YUBICO_SERVER"), | ||||
|  | ||||
|             mail: MailConfig::load(), | ||||
|         } | ||||
|   | ||||
		Reference in New Issue
	
	Block a user