谷歌身份验证可以作为一个公共服务? [英] Google Authenticator available as a public service?

查看:130
本文介绍了谷歌身份验证可以作为一个公共服务?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

有没有使用谷歌的Authenticator 公共API在自运行(如LAMP堆栈)(双因素认证)的Web应用程序?

Is there public API for using the Google Authenticator (two factor authentication) on self-running (e.g. LAMP stack) web apps?

推荐答案

是开源的。我没有用它。但它的使用记录算法(在开源项目页面上列出的RFC说明),以及认证实现支持多个帐户。

The project is open source. I have not used it. But it's using a documented algorithm (noted in the RFC listed on the open source project page), and the authenticator implementations support multiple accounts.

实际的过程很简单。一次性code是,基本上,一个伪随机数发生器。随机数发生器是,一旦给定的种子,或者在开始编号,继续创建随机数字流的公式。给定的种子,而号可以是随机彼此,序列本身是确定性的。所以,一旦你有你的设备和同步,那么随机数的服务器设备创建,每次点击下一个数字键的时候,将是相同的,随机的,数服务器期望。

The actual process is straightforward. The one time code is, essentially, a pseudo random number generator. A random number generator is a formula that once given a seed, or starting number, continues to create a stream of random numbers. Given a seed, while the numbers may be random to each other, the sequence itself is deterministic. So, once you have your device and the server "in sync" then the random numbers that the device creates, each time you hit the "next number button", will be the same, random, numbers the server expects.

一个安全的一次性密码系统比一个随机数发生器更复杂,但概念是类似的。也有其他的细节,以帮助保持同步设备和服务器。

A secure one time password system is more sophisticated than a random number generator, but the concept is similar. There are also other details to help keep the device and server in sync.

所以,没有必要为别人主持的认证一样,说的OAuth。相反,你需要实现的算法,是,谷歌提供了移动设备上的应用程序兼容。该软件是(应该是)可在开源项目。

So, there's no need for someone else to host the authentication, like, say OAuth. Instead you need to implement that algorithm that is compatible with the apps that Google provides for the mobile devices. That software is (should be) available on the open source project.

根据你的成熟,你应该有你需要实现这个过程的服务器端给OSS项目和RFC。我不知道是否有你的服务器软件具体的实施(PHP,Java和.NET等)

Depending on your sophistication, you should have all you need to implement the server side of this process give the OSS project and the RFC. I do not know if there is a specific implementation for your server software (PHP, Java, .NET, etc.)

不过,具体而言,你并不需要一个异地服务来处理这一点。

But, specifically, you don't need an offsite service to handle this.

这篇关于谷歌身份验证可以作为一个公共服务?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆