Page MenuHomePhorge

Standalone OTP web service
Closed, WontfixPublic

Description

As suggested in T414, implement a web service providing OTP methods for initialization and validation of one-time-passwords through an API or RPC calls. Besides executing the actual operations using 3rd party libraries for the various OTP methods (e.g. FreeOTP, Yubikey, etc.) this service also stores the necessary information (i.e. secret) associated with user accounts.

The storage of these key-value records shall be abstracted and configurable as well. Backends like MySQL, MongoDB, CouchDB or Redis could be used for storage.

Details

Ticket Type
Task

Event Timeline

bruederli raised the priority of this task from to 60.
bruederli updated the task description. (Show Details)
bruederli changed Ticket Type from Task to Task.
bruederli edited a custom field.
bruederli subscribed.
bruederli added a project: Restricted Project.
bruederli edited a custom field.
bruederli removed a project: Restricted Project.

That looks basically like a subset of privacyidea or lintop (and possibly) others.
Do we really want to travel that path?

I got here from T469, after having added and removed lots of tracing
from kolab_2fa. I think we should just add roundcube logging for T469
and ignore this task (or worry about that later).

vanmeeuwen lowered the priority of this task from 60 to Normal.Mar 28 2019, 8:13 AM
machniak claimed this task.