WebAuthn API FIDO2 client
Project description
python-fido2-client
WebAuthn API FIDO2 client implementation in Python
Simple implementation in Python, slightly tested against https://github.com/Yubico/python-fido2/tree/master/examples/server. As of today, it is instrumented for interactivity. Tested on python3.6, requires fido2, cbor2, requests.
Calling this example:
import fido2client
c = fido2client.Fido2HttpClient()
c.ssl_verify = False
c.verbose = True
c.authenticate_to(
'https://localhost:5000',
'/api/authenticate/begin',
'/api/authenticate/complete',
)
Will lead to:
$ python test.py
('BEGIN RESPONSE: ', {'publicKey': {'rpId': 'localhost', 'timeout': 30000, 'challenge': b'\x1d\n\xa0!? \x8a\xcd\xca\x1a\xdb\xa2}\xe2\xf7\x9e\x8dyvC{\x83\x08\xa2>o;\x17\x11\x1e\x945\xb3', 'allowCredentials': [{'id': b'\x1e.\xd8c\xcd*\x8a\xebI!\t\x9d\x9d\x99-\xb6\x7f\xfbf\xf5\xa0\xab\xa4@\xbc\xe9\x0e\xf6\xf2^\xbaG:\x07\xdcef\xef\xcf\x0e\xf6\xda\xa9\xbf\x06\x84O\xfb\x00e\x88\x7f\xa7\x11\x00g\x90`\xdf\x85\x97\x95Rf', 'type': 'public-key'}], 'userVerification': 'preferred'}})
Touch your authenticator device...
('ASSERTION: ', AssertionResponse(credential: {'id': b'\x1e.\xd8c\xcd*\x8a\xebI!\t\x9d\x9d\x99-\xb6\x7f\xfbf\xf5\xa0\xab\xa4@\xbc\xe9\x0e\xf6\xf2^\xbaG:\x07\xdcef\xef\xcf\x0e\xf6\xda\xa9\xbf\x06\x84O\xfb\x00e\x88\x7f\xa7\x11\x00g\x90`\xdf\x85\x97\x95Rf', 'type': 'public-key'}, auth_data: AuthenticatorData(rp_id_hash: h'49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d9763', flags: 0x01, counter: 63), signature: h'3046022100c9080974ae855029e00d2d770ae78cb1f524d9953d1f3c5e73e1055ea0ac6a5902210082edf3c9f339e78b3d21ee96bba7b677e7c98542ab4191676cc2f840fa7514b2'))
('CLIENT DATA: ', {"type": "webauthn.get", "clientExtensions": {}, "challenge": "HQqgIT+Kzcoa26J94veejXl2Q3uDCKI+bzsXER6UNbM=", "origin": "https://localhost:5000"})
('COMPLETE RESPONSE: ', {'status': 'OK'})
Authenticated
$
TODO
- error handling
- define details of the state machine for interactive and programmatical use cases
- tests
- support for credential registration
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
fido2client-0.10.5.tar.gz
(3.6 kB
view details)
File details
Details for the file fido2client-0.10.5.tar.gz
.
File metadata
- Download URL: fido2client-0.10.5.tar.gz
- Upload date:
- Size: 3.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.18.1 setuptools/18.5 requests-toolbelt/0.8.0 tqdm/4.28.1 CPython/2.7.10
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 3a7ec6df16293c37ea87fabf427669962629d15349f620b0d679a8dba1878696 |
|
MD5 | 8a763ce534a3cc8c19662c52385cebae |
|
BLAKE2b-256 | b58b24cbe7601515253d752e69d93c107c7d17ab8c5590ea6c87ac010a3d8543 |