Skip to main content

WebAuthn API FIDO2 client

Project description

python-fido2-client

WebAuthn API FIDO2 client implementation in Python

Simple implementation in Python, slightly tested against https://github.com/Yubico/python-fido2/tree/master/examples/server. As of today, it is instrumented for interactivity. Tested on python3.6, requires fido2, cbor2, requests.

Calling this example:

import fido2client
c = fido2client.Fido2HttpClient()
c.ssl_verify = False
c.verbose = True

c.authenticate_to(
  'https://localhost:5000',
  '/api/authenticate/begin',
  '/api/authenticate/complete',
)

Will lead to:

$ python test.py
('BEGIN RESPONSE: ', {'publicKey': {'rpId': 'localhost', 'timeout': 30000, 'challenge': b'\x1d\n\xa0!?  \x8a\xcd\xca\x1a\xdb\xa2}\xe2\xf7\x9e\x8dyvC{\x83\x08\xa2>o;\x17\x11\x1e\x945\xb3', 'allowCredentials': [{'id': b'\x1e.\xd8c\xcd*\x8a\xebI!\t\x9d\x9d\x99-\xb6\x7f\xfbf\xf5\xa0\xab\xa4@\xbc\xe9\x0e\xf6\xf2^\xbaG:\x07\xdcef\xef\xcf\x0e\xf6\xda\xa9\xbf\x06\x84O\xfb\x00e\x88\x7f\xa7\x11\x00g\x90`\xdf\x85\x97\x95Rf', 'type': 'public-key'}], 'userVerification': 'preferred'}})

Touch your authenticator device...

('ASSERTION: ', AssertionResponse(credential: {'id': b'\x1e.\xd8c\xcd*\x8a\xebI!\t\x9d\x9d\x99-\xb6\x7f\xfbf\xf5\xa0\xab\xa4@\xbc\xe9\x0e\xf6\xf2^\xbaG:\x07\xdcef\xef\xcf\x0e\xf6\xda\xa9\xbf\x06\x84O\xfb\x00e\x88\x7f\xa7\x11\x00g\x90`\xdf\x85\x97\x95Rf', 'type': 'public-key'}, auth_data: AuthenticatorData(rp_id_hash: h'49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d9763', flags: 0x01, counter: 63), signature: h'3046022100c9080974ae855029e00d2d770ae78cb1f524d9953d1f3c5e73e1055ea0ac6a5902210082edf3c9f339e78b3d21ee96bba7b677e7c98542ab4191676cc2f840fa7514b2'))
('CLIENT DATA: ', {"type": "webauthn.get", "clientExtensions": {}, "challenge":   "HQqgIT+Kzcoa26J94veejXl2Q3uDCKI+bzsXER6UNbM=", "origin": "https://localhost:5000"})
('COMPLETE RESPONSE: ', {'status': 'OK'})
Authenticated
$

TODO

  • error handling
  • define details of the state machine for interactive and programmatical use cases
  • tests
  • support for credential registration

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

fido2client-0.10.5.tar.gz (3.6 kB view details)

Uploaded Source

File details

Details for the file fido2client-0.10.5.tar.gz.

File metadata

  • Download URL: fido2client-0.10.5.tar.gz
  • Upload date:
  • Size: 3.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.18.1 setuptools/18.5 requests-toolbelt/0.8.0 tqdm/4.28.1 CPython/2.7.10

File hashes

Hashes for fido2client-0.10.5.tar.gz
Algorithm Hash digest
SHA256 3a7ec6df16293c37ea87fabf427669962629d15349f620b0d679a8dba1878696
MD5 8a763ce534a3cc8c19662c52385cebae
BLAKE2b-256 b58b24cbe7601515253d752e69d93c107c7d17ab8c5590ea6c87ac010a3d8543

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page