Allows Custom Yubico OTP Server

.env

@@ -43,9 +43,10 @@
 ## Yubico (Yubikey) Settings
 ## Set your Client ID and Secret Key for Yubikey OTP
 ## You can generate it here: https://upgrade.yubico.com/getapikey/
-## TODO: Allow choosing custom YubiCloud server
+## You can optionally specify a custom OTP server
 # YUBICO_CLIENT_ID=11111
 # YUBICO_SECRET_KEY=AAAAAAAAAAAAAAAAAAAAAAAA
+# YUBICO_SERVER=http://yourdomain.com/wsapi/2.0/verify
 
 ## Rocket specific settings, check Rocket documentation to learn more
 # ROCKET_ENV=staging

src/api/core/two_factor.rs

@@ -561,7 +561,14 @@ fn verify_yubikey_otp(otp: String) -> JsonResult {
     let yubico = Yubico::new();
     let config = Config::default().set_client_id(CONFIG.yubico_client_id.to_owned()).set_key(CONFIG.yubico_secret_key.to_owned());
 
-    let result = yubico.verify(otp, config);
+    let result;
+
+    if CONFIG.yubico_server.is_some() {
+        result = yubico.verify(otp, config.set_api_hosts(vec![CONFIG.yubico_server.to_owned().unwrap()]));
+    }
+    else {
+        result = yubico.verify(otp, config);
+    }
 
     match result {
         Ok(_answer) => Ok(Json(json!({}))),

src/main.rs

@@ -249,6 +249,7 @@ pub struct Config {
     yubico_cred_set: bool,
     yubico_client_id: String,
     yubico_secret_key: String,
+    yubico_server: Option<String>,
 
     mail: Option<MailConfig>,
 }
@@ -294,6 +295,7 @@ impl Config {
             yubico_cred_set: yubico_client_id.is_some() && yubico_secret_key.is_some(),
             yubico_client_id: yubico_client_id.unwrap_or("00000".into()),
             yubico_secret_key: yubico_secret_key.unwrap_or("AAAAAAA".into()),
+            yubico_server: get_env("YUBICO_SERVER"),
 
             mail: MailConfig::load(),
         }