Allow to stop OTP generation/CCID-usage when in background

[adlerweb]

• Yubico Authenticator version: 5.0.0
• Operating system and version: Arch x86_64
• YubiKey model and version: Neo
• Bug description summary: Updating OTPs in background might interfere with other processes trying to access YK

While running yubioath-desktop the app will automatically refresh expired (T)OTP-tokens, even when minimized or put into tray/taskbar. This allows for faster access times, however on each update the CCID-interface will briefly be claimed and is unavailable for other processes. When other applications like GPG try to access CCID during this time the connection fails.

Steps to reproduce

• Start yubioath-desktop with any number of TOTP-keys active, preferable low period
• Try to use GPG while yubioath regenerates expired tokens

Expected result

Yubioath-desktop should not block CCID, GPG should work

Actual results

Yubioath-desktop does block CCID, GPG does not work, ssh-agent fails, admin can't connect to the coffee machine and writes a bug report

Other info

Since there are a lot of different usage patterns it would probably be best to make automatic updates while minimized/out of focus an optional feature, refreshing only on user interaction. This way people who heavily rely on YK in other applications (in my case ssh-agent and ansible, so a lot of operations) can still keep yubioath-desktop running and easily accessible while people who do not can keep the current model with faster access times.

[dagheyman]

Thanks for the report, I understand the use case. We'll look into some solution for this.

[dainnilsson]

Yubico Authenticator 6.0 has now been released and uses a new codebase. As such, this issue has been marked with the legacy label, and will be automatically closed in 7 days. If this issue is still relevant to Yubico Authenticator 6, please comment on the issue saying so, and it will be kept open (or be re-opened). Sorry for the inconvenience!