DokuWiki

It's better when it's simple

User Tools

Site Tools


plugin:twofactoryubiauth

twofactoryubiauth Plugin

Compatible with DokuWiki

  • 2020-07-29 "Hogfather" yes
  • 2018-04-22 "Greebo" unknown
  • 2017-02-19 "Frusterick Manners" unknown
  • 2016-06-26 "Elenor Of Tsort" unknown

plugin Yubikey OTP support plugin for the Twofactor authentication plugin.

Last updated on
2021-09-16
Provides
Helper
Repository
Source
Requires
twofactor
By Keksbendiger

Summary

This module provides the Two Factor Authentication plugin with the needed functionality to use Yubikeys as a means to provide login OTPs.

Installation

Search and install the plugin using the Extension Manager. Refer to Plugins on how to install plugins manually.

This plugin requires configuration prior to being functional. By default it is off and will need to be turned on.

User Setup

In order to use a Yubikey for authentification, the user will have to setup the wiki and twofactoryubiauth to work together. This can be done through the Two Factor configuration link at the upper right menu.

Once at the Two Factor configuration page, there will be a checkbox to enable use of Yubikey Authentification. If a valid Yubikey OTP is provided, the Yubikey will be paired and the module activated.

Once Yubikey and the wiki are synced, the Public ID of the synced Yubikey can be seen in the 2FA settings screen. The user can also check the “Revoke Yubi Authenticator” option and click “save” to unpair the Yubikey and disable the use of this module. In order to use a Yubikey to authenticate after that, the user will need to pair a new Yubikey.

User Login

At login, the user will supply a Yubikey OTP from the paired Yubikey along with their username and password. If the user has configured other modules for two factor authentication, the token field may be left blank to use those other methods.

Configuration and Settings

“enable” - Turn on or off the use of Yubikey for two factor authentication. Default: off “validationServer” - Adress of the server used to validate the Yubi Password. “clientID” - Yubico Client ID used for the signature. “clientSecret” - Secret used to validate the signature mentioned above, leave empty to disable validation.

Development

There is no additional development planned for this plugin at this time.

Change Log

Known Bugs and Issues

None at this time. Law of odds says someone will find something broken soon.

ToDo/Wish List

None at this time

Discussion

Feel free to write anything constructive. My hope is that this plugin will provide many admins with useful functionality.

If on a debian system - ensure that php5-gd is installed, otherwise it will just display a blank page instead of the authenticator image.

plugin/twofactoryubiauth.txt · Last modified: 2021-09-16 14:34 by Keksbendiger