Skip to content

Instantly share code, notes, and snippets.

@sovannarithcheav

sovannarithcheav/QuarkusYubikeyResource.java

Last active September 1, 2022 07:46
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save sovannarithcheav/b83800a9ce26037a94a8ee919c3c3081 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save sovannarithcheav/b83800a9ce26037a94a8ee919c3c3081 to your computer and use it in GitHub Desktop.
Download ZIP
Java gradle Yubikey Client with com.yubico:yubico-validation-client
Raw
build.gradle
plugins {
id 'java'
id 'io.quarkus'
}
repositories {
mavenCentral()
mavenLocal()
}
dependencies {
implementation enforcedPlatform("${quarkusPlatformGroupId}:${quarkusPlatformArtifactId}:${quarkusPlatformVersion}")
implementation 'io.quarkus:quarkus-arc'
implementation 'io.quarkus:quarkus-resteasy-reactive'
implementation 'io.quarkus:quarkus-rest-client-reactive-jackson'
implementation 'com.yubico:yubico-validation-client2:3.1.0'
implementation 'io.dropwizard:dropwizard-core:2.1.1'
implementation 'io.quarkus:quarkus-resteasy-reactive-qute'
testImplementation 'io.quarkus:quarkus-junit5'
testImplementation 'io.rest-assured:rest-assured'
}
java {
sourceCompatibility = JavaVersion.VERSION_11
targetCompatibility = JavaVersion.VERSION_11
}
compileJava {
options.encoding = 'UTF-8'
options.compilerArgs << '-parameters'
}
compileTestJava {
options.encoding = 'UTF-8'
}
Raw
QuarkusYubikeyResource.java
package kh.sovannarith.info.yubikey.web;
import kh.sovannarith.info.yubikey.helper.Status;
import kh.sovannarith.info.yubikey.request.YubikeyRequest;
import kh.sovannarith.info.yubikey.service.YubikeyClient;
import javax.inject.Inject;
import javax.validation.Valid;
import javax.ws.rs.*;
import javax.ws.rs.core.Response;
import org.eclipse.microprofile.rest.client.inject.RegisterRestClient;
@Path("/two-factor/webauthn")
@RegisterRestClient
public class YubikeyResource {
@Inject
YubikeyClient client;
public YubikeyResource(YubikeyClient client) {
this.client = client;
}
@POST
@Path("register")
public Response register(@Valid YubikeyRequest request) throws Exception {
return Response.ok( client.register(request.username, request.otp)).build();
}
@Path("login")
@POST
public Response login(@Valid YubikeyRequest request) throws Exception {
return Response.ok( client.login(request.username, request.otp)).build();
}
}
Raw
YubikeyClient.java
package kh.sovannarith.info.yubikey.service;
import com.google.common.collect.HashMultimap;
import com.yubico.client.v2.VerificationResponse;
import com.yubico.client.v2.YubicoClient;
import kh.sovannarith.info.yubikey.helper.Status;
import org.eclipse.microprofile.config.inject.ConfigProperty;
import javax.enterprise.context.ApplicationScoped;
@ApplicationScoped
public class YubikeyClient {
@ConfigProperty(name = "yubikey.client-id")
String clientId;
@ConfigProperty(name = "yubikey.api-key")
String apiKey;
private final HashMultimap<String, String> yubikeyIds = HashMultimap.create();
public Status register(String username, String otp) {
try {
VerificationResponse response = YubicoClient.getClient(Integer.valueOf(clientId), apiKey).verify(otp);
if (response.isOk()) {
String yubikeyId = YubicoClient.getPublicId(otp);
yubikeyIds.put(username, yubikeyId);
return Status.OK;
}
return Status.INVALID;
} catch (Exception e) {
return Status.INVALID;
}
}
public Status login(String username, String otp) {
try {
VerificationResponse response = YubicoClient.getClient(Integer.valueOf(clientId), apiKey).verify(otp);
if (response.isOk()) {
String yubikeyId = YubicoClient.getPublicId(otp);
if (yubikeyIds.get(username).contains(yubikeyId)) {
return Status.OK;
}
return Status.YUBIKEY_NOT_COMBINATION;
}
return Status.INVALID;
} catch (Exception e) {
return Status.INVALID;
}
}
}
Raw
YubikeyRequest.java
public class YubikeyRequest {
public String username;
public String otp;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment