Permalink
Browse files

Fix readme and added HTTPS validation

  • Loading branch information...
1 parent 75c0d97 commit ca022ceba286b43ecb4adaedfbbf57f6927484b6 @northox committed Jan 23, 2012
Showing with 4 additions and 4 deletions.
  1. +3 −3 README.md
  2. +1 −1 yubikey_authentication.php
View
@@ -10,7 +10,7 @@ PEAR and Curl module are required.
2. Add the plugin in your config file (config/main.inc.php). In this case the plugin directory name is 'yubikey_authentication':
`$rcmail_config['plugins'] = array('yubikey_authentication');`
-3. Set your API keys by visiting https://api.yubico.com/get-api-key/
+3. Set your API keys in config.inc.php by visiting https://api.yubico.com/get-api-key/
`$rcmail_config['yubikey_api_id'] = '';
$rcmail_config['yubikey_api_key'] = '';`
@@ -19,10 +19,10 @@ PEAR and Curl module are required.
1. Ensure "Require Yubikey OTP" is checked
2. Set your "Yubikey ID" by simply pressing on your yubikey (only the first 12 chars will be used).
-5. Test your installation
+5. Test your installation. Your done!
# Security
-Validation of the token is done via HMAC authentication (SHA1).
+Validation of the token is done via HMAC authentication (SHA1) over HTTPS.
# License
GPL2
@@ -64,7 +64,7 @@ function login_after($args)
}
else {
// Check the OTP against Yubikey webservice
- $yubi = new Auth_Yubico(rcmail::get_instance()->config->get('yubikey_api_id'), rcmail::get_instance()->config->get('yubikey_api_key'), true);
+ $yubi = new Auth_Yubico(rcmail::get_instance()->config->get('yubikey_api_id'), rcmail::get_instance()->config->get('yubikey_api_key'), true, true);
$auth = $yubi->verify($yubikey_otp);
if (PEAR::isError($auth)) {

0 comments on commit ca022ce

Please sign in to comment.