Download the PHP package chroma-x/oath-server-suite without Composer
On this page you can find all versions of the php package chroma-x/oath-server-suite. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download chroma-x/oath-server-suite
More information about chroma-x/oath-server-suite
Files in chroma-x/oath-server-suite
Package oath-server-suite
Short Description A collection of classes to provide second factor authentication like Yubico OTP (Yubikey), Oath (TOTP, HOTP, GoogleAuthenticator) server-side.
License MIT
Homepage http://chroma-x.de/
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package oath-server-suite
PHP Oath Server Suite
A collection of classes to provide second factor authentication like Yubico OTP (Yubikey), Oath (TOTP, HOTP, GoogleAuthenticator) server-side.
For more information about Oath check out https://openauthentication.org/.
More information about TOTP (Time-based One-time Password Algorithm) can be found at Wikipedia.
More information about HOTP (HMAC-based One-time Password Algorithm) can be found at Wikipedia.
For more information about the Yubico OTP authentication mechanism read the „What is YubiKey OTP?“ article at https://developers.yubico.com/OTP/.
Installation
Usage
Autoloading and namesapce
Yubico OTP (YubiCloud)
To use Yubico OTP you need YubiCloud access. You can get free API credentials from https://upgrade.yubico.com/getapikey/.
Validating a Yubico one time password
Oath – Google Authenticator style
Sharing the key name and secret
To allow authentication the client and server has to share a secret. Usually the server dices a secret and displays it alltogether with the key name and the authentication mechanism as a QR code.
Google Authenticator and some other applications and hardware items – like the Yubikey – do not follow the standard by expecting the secrets not as hexadecimal but as Base32 encoded data.
TOTP (Time-based One-time Password Algorithm)
HOTP (HMAC-based One-time Password Algorithm)
Validating a Oath one time password
TOTP (Time-based One-time Password Algorithm)
HOTP (HMAC-based One-time Password Algorithm)
Oath – following the standard
Sharing the key name and secret
TOTP (Time-based One-time Password Algorithm)
HOTP (HMAC-based One-time Password Algorithm)
Validating a Oath one time password
TOTP (Time-based One-time Password Algorithm)
HOTP (HMAC-based One-time Password Algorithm)
Exception handling
PHP Oath Server Suite provides different exceptions – some provided by the PHP Common Exceptions project – for proper handling.
You can find more information about PHP Common Exceptions at Github.
Contribution
Contributing to our projects is always very appreciated.
But: please follow the contribution guidelines written down in the CONTRIBUTING.md document.
License
PHP Oath Server Suite is under the MIT license.
All versions of oath-server-suite with dependencies
lib-curl Version *
chroma-x/common-exceptions Version ~3.0
chroma-x/qr-code-suite Version ~4.0
enygma/yubikey Version ~3.0
skleeschulte/base32 Version *