mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2024-12-18 08:02:16 +03:00
Allows Custom Yubico OTP Server
This commit is contained in:
parent
9e0e4b13c5
commit
2433d39df5
3 changed files with 12 additions and 2 deletions
3
.env
3
.env
|
@ -43,9 +43,10 @@
|
|||
## Yubico (Yubikey) Settings
|
||||
## Set your Client ID and Secret Key for Yubikey OTP
|
||||
## You can generate it here: https://upgrade.yubico.com/getapikey/
|
||||
## TODO: Allow choosing custom YubiCloud server
|
||||
## You can optionally specify a custom OTP server
|
||||
# YUBICO_CLIENT_ID=11111
|
||||
# YUBICO_SECRET_KEY=AAAAAAAAAAAAAAAAAAAAAAAA
|
||||
# YUBICO_SERVER=http://yourdomain.com/wsapi/2.0/verify
|
||||
|
||||
## Rocket specific settings, check Rocket documentation to learn more
|
||||
# ROCKET_ENV=staging
|
||||
|
|
|
@ -561,7 +561,14 @@ fn verify_yubikey_otp(otp: String) -> JsonResult {
|
|||
let yubico = Yubico::new();
|
||||
let config = Config::default().set_client_id(CONFIG.yubico_client_id.to_owned()).set_key(CONFIG.yubico_secret_key.to_owned());
|
||||
|
||||
let result = yubico.verify(otp, config);
|
||||
let result;
|
||||
|
||||
if CONFIG.yubico_server.is_some() {
|
||||
result = yubico.verify(otp, config.set_api_hosts(vec![CONFIG.yubico_server.to_owned().unwrap()]));
|
||||
}
|
||||
else {
|
||||
result = yubico.verify(otp, config);
|
||||
}
|
||||
|
||||
match result {
|
||||
Ok(_answer) => Ok(Json(json!({}))),
|
||||
|
|
|
@ -249,6 +249,7 @@ pub struct Config {
|
|||
yubico_cred_set: bool,
|
||||
yubico_client_id: String,
|
||||
yubico_secret_key: String,
|
||||
yubico_server: Option<String>,
|
||||
|
||||
mail: Option<MailConfig>,
|
||||
}
|
||||
|
@ -294,6 +295,7 @@ impl Config {
|
|||
yubico_cred_set: yubico_client_id.is_some() && yubico_secret_key.is_some(),
|
||||
yubico_client_id: yubico_client_id.unwrap_or("00000".into()),
|
||||
yubico_secret_key: yubico_secret_key.unwrap_or("AAAAAAA".into()),
|
||||
yubico_server: get_env("YUBICO_SERVER"),
|
||||
|
||||
mail: MailConfig::load(),
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue