Created
April 14, 2021 05:54
-
-
Save darrenjrobinson/846d42f986a87ca6b280b22e1ba9cf6a to your computer and use it in GitHub Desktop.
v2 PowerShell Script to validate YubiKey using Single Factor. Associated Blogpost https://blog.darrenjrobinson.com/validating-a-yubico-yubikeys-one-time-password-otp-using-single-factor-authentication-and-powershell/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Clear-Host | |
# Client ID obtained after registering here https://upgrade.yubico.com/getapikey/ | |
$clientID = '12345' | |
# Read in the key | |
$getKey = Read-Host 'Insert your YubiKey and touch it until the OTP is received (~2 seconds)' | |
$credentialID = $getKey.Substring(0, 12) | |
# Generate a Nonce | |
$nonce = -join ((65..90) + (97..122) | Get-Random -Count 32 | ForEach-Object { [char]$_ }) | |
$nonce = $nonce.ToLower() | |
# Send Validation Request | |
$response = Invoke-RestMethod -Method Post -Uri "https://api.yubico.com/wsapi/2.0/verify?otp=$($getKey)&id=$($clientID)&timeout=8&sl=50&nonce=$($nonce)" -Headers @{'Content-Type' = 'application/json' } | |
$status = $response -split ("`r`n") | |
# Check the response and output | |
if ($status.Contains("status=OK")) { | |
# SUCCESSFUL | |
write-host "***********SUCCESS****************" | |
write-host "Credential ID $($credentialID)" | |
write-host "Status: $($status[5].Split("=")[1])" | |
write-host "OTP: $($status[2].Split("=")[1])" | |
write-host "Signature: $($status[0].Split("=")[1])" | |
write-host "Timestamp: $($status[1].Split("=")[1])" | |
write-host "Nonce: $($status[3].Split("=")[1])" | |
} | |
else { | |
# ERROR | |
write-host "============ERROR===============" | |
write-host "Credential ID $($credentialID)" | |
write-host "Status: $($status[4].Split("=")[1])" | |
write-host "OTP: $($status[2].Split("=")[1])" | |
write-host "Signature: $($status[0].Split("=")[1])" | |
write-host "Timestamp: $($status[1].Split("=")[1])" | |
write-host "Nonce: $($status[3].Split("=")[1])" | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment