yubico: make the Yubico cloud URL configurable
This patch adds a field to Config -> Tokens -> Yubico which can
contain another validation server than the Yubico servers.
If there is no configuration stored we still use the Yubico
servers as default.
Any comments?
Jochen
diff --git a/privacyidea/lib/tokens/yubicotoken.py b/privacyidea/lib/tokens/yubicotoken.py
index 7b69fe1…07386a5 100644
— a/privacyidea/lib/tokens/yubicotoken.py
+++ b/privacyidea/lib/tokens/yubicotoken.py
@@ -51,7 +51,7 @@ import binascii
YUBICO_LEN_ID = 12
YUBICO_LEN_OTP = 44
-YUBICO_URL = “http://api.yubico.com/wsapi/2.0/verify”
+DEFAULT_YUBICO_URL = "http://api.yubico.com/wsapi/2.0/verify"
DEFAULT_CLIENT_ID = 20771
DEFAULT_API_KEY = “9iE9DRkPHQDJbAFFC31/dum5I54=”
@@ -138,6 +138,7 @@ class YubicoTokenClass(TokenClass):
apiId = get_from_config("yubico.id", DEFAULT_CLIENT_ID)
apiKey = get_from_config("yubico.secret", DEFAULT_API_KEY)
-
YUBICO_URL = get_from_config("yubico.url", DEFAULT_YUBICO_URL) if apiKey == DEFAULT_API_KEY or apiId == DEFAULT_CLIENT_ID: log.warning("Usage of default apiKey or apiId not recomended!")
diff --git a/privacyidea/static/components/config/views/config.token.yubico.html b/privacyidea/static/components/config/views/config.token.yubico.html
index 4902201…d07c16d 100644
— a/privacyidea/static/components/config/views/config.token.yubico.html
+++ b/privacyidea/static/components/config/views/config.token.yubico.html
@@ -30,4 +30,13 @@
ng-model=“form[‘yubico.secret’]” name=“yubicoKey”>
+
- Yubico URL
- <input type=“text”
-
required
-
class="form-control"
-
placeholder="{{ 'Yubico URL'|translate }}"
-
ng-model="form['yubico.url']" name="yubicoURL">
+
–
The only problem with troubleshooting is that the trouble shoots back.