Dain Nilsson
5575d5838c
Update pre-commit hooks.
2023-07-06 12:34:06 +02:00
Dain Nilsson
354672b9ce
Provide better support in Fido2Server for (de-)serializing JSON.
...
This allows the "options" returned by register_begin/authenticate_begin
to more easily be serialized to JSON, as well as supporting responses
deserialized from JSON to register_complete/authenticate_complete.
See: #146 .
2022-08-10 15:45:39 +02:00
Dain Nilsson
452a02dd06
Drop legacy U2F code.
...
- Remove U2fClient implementation.
- Replace fido2.client.ClientData with fido2.webauthn.CollectedClientData.
- Move verify_app_id from fido2.rpid to fido2.client.
2022-04-26 16:43:44 +02:00
Dain Nilsson
37224ea93c
Enable postponed evaluation of annotations.
2022-04-22 09:02:37 +02:00
Dain Nilsson
7e77545e36
Move AttestationVerifier from server to attestation.
2022-04-21 13:02:33 +02:00
Dain Nilsson
0e961839f1
Refactor WebAuthn data classes.
...
Breaking: The order of 'name' and 'id' arguments has been swapped in the
RP and User Entity classes.
2022-04-19 09:54:43 +02:00
Dain Nilsson
0436ab9026
Add more type hints.
2022-04-15 13:14:33 +02:00
Dain Nilsson
d2a0d71be6
Fix logging when allowList is None.
2022-04-15 11:43:17 +02:00
Dain Nilsson
fd30409b03
Improve type safety.
2022-03-23 17:41:37 +01:00
Dain Nilsson
15d3107c5e
AttestationVerifier.ca_lookup now returns single certificate.
2022-03-02 13:08:13 +01:00
Dain Nilsson
7c46413675
Handle logging of register_begin with no creds.
2022-02-28 15:39:19 +01:00
Dain Nilsson
9926168e76
More logging to client, server and ctap2 classes.
2022-02-28 15:39:18 +01:00
Dain Nilsson
0b51e8e687
Fix typo.
2021-11-09 09:15:20 +01:00
Dain Nilsson
ad373825ea
Remove unneeded params to super().
2021-08-20 10:51:26 +02:00
Dain Nilsson
11e0a8dd2f
Fix/cleanup examples.
2021-08-19 14:10:28 +02:00
Dain Nilsson
fed257922c
More mypy checks/fixes.
2021-08-19 10:31:20 +02:00
Dain Nilsson
9c0d468419
Refactor webauthn classes.
...
- More dataclasses.
- Move binary data classes from ctap2 to webauthn.
- Separate (ctap) AttestationResponse from AttestationObject.
2021-02-03 08:36:28 +01:00
Dain Nilsson
d697287e6b
Some Python 3 improvements.
...
- Remove (object): from classes.
- Use dataclasses instead of namedtuple.
- Add some types.
2021-01-31 20:59:34 +01:00
Dain Nilsson
1c45c611fb
Remove __future__ imports.
2021-01-31 16:36:26 +01:00
Dain Nilsson
1fe7864317
Make attestation verification behavior pluggable.
2021-01-11 14:42:32 +01:00
Dain Nilsson
14c26da980
Server: Don't specify timeout in requests by default.
2020-02-10 15:56:29 +01:00
Dain Nilsson
b1c6ebfd6c
Fido2Server credentials now allow descriptors.
...
register_begin/authenticate_begin can take the list of credentials as
PublicKeyCredentialDescriptors, in addition to AttestedCredentialData.
A new function, to_descriptor, has been added to fido2.server to make
conversion easier.
2019-11-22 10:56:02 +01:00
Dain Nilsson
1c8ba7f0e0
Don't verify attestation if preference is omitted.
2019-11-21 19:02:53 +01:00
Dain Nilsson
7040c1c9a4
Fix Fido2Server constructor.
2019-11-21 15:34:59 +01:00
Dain Nilsson
6035ac02ea
Omit optional values in data classes.
2019-11-21 15:25:45 +01:00
Dain Nilsson
06de9ac562
Add examples/resident_key.py example and fix bugs.
...
- Fix determining UV option in some cases, and handing no
allow_credentials in server.
2019-11-18 15:40:49 +01:00
Dain Nilsson
4c48977173
Implement event-based cancellation of requests.
...
- Remove timeout functionality and default timeout.
- Use options.timeout in Fido2Client and WindowsClient.
2019-11-17 19:52:08 +01:00
Dain Nilsson
f3238e44c5
Remove metaclass and use ._wrap/._wrap_list methods instead.
2019-11-13 15:05:13 +01:00
Dain Nilsson
fc3c56fc8b
Add WebAuthn data classes (breaking changes).
...
- New fido2.webauthn classes modeled after the W3C WebAuthn spec introduced.
- Method signatures for client and server classes changed.
- Fido2Client:
- make_credential/get_assertion now take WebAuthn options objects.
- Fido2Server:
- ATTESTATION, USER_VERIFICATION, and AUTHENTICATOR_ATTACHMENT enums
have been replaced with fido2.webauthn classes.
- RelyingParty has been replaced with PublicKeyCredentialRpEntity, and
name is no longer optional.
- Fido2Server.allowed_algorithms now contains a list of
PublicKeyCredentialParameters instead of algorithm identifiers.
2019-11-13 13:22:47 +01:00
Craig Milam
2d8a2e7e1d
moving webathn_type back to client
2019-11-06 13:30:53 -05:00
Craig Milam
290529a71b
refacotring, fixed some issues
2019-11-05 15:27:31 -05:00
Dain Nilsson
cdac6a3cf6
Merge PR #70 .
2019-10-15 09:43:46 +02:00
Dain Nilsson
fba27d4479
Add custom challenge argument to register_begin.
2019-10-15 09:41:04 +02:00
Dain Nilsson
a603b2a2b1
Include 'fmt' in UnsupportedType exception.
2019-10-10 15:48:16 +02:00
CJ Kataki
aeb3fdff10
Fixed formatting issues for black
2019-10-08 16:36:32 -07:00
CJ Kataki
5d54ff7997
Added custom challenge option to Fido2Server
2019-10-08 16:15:53 -07:00
Dain Nilsson
226b0021f1
Reformat with Black.
2019-10-01 09:25:29 +02:00
Arthur Gautier
48270cdf30
a consumer can override the u2f_origin verification
...
This allows a consumer to implement origin verification when using u2f
facets.
Signed-off-by: Arthur Gautier <baloo@gandi.net>
2019-09-05 16:01:52 +00:00
Dain Nilsson
68df3d04b1
Verify UP flag in server.register_complete.
2019-08-16 17:49:20 +02:00
Dain Nilsson
9553b06c38
Merge PR #58 .
2019-08-12 13:46:41 +02:00
Arthur Gautier
1630aa18aa
implement FIDO AppID Exclusion Extension
...
introduced in the spec on 2019/07/31
see: https://github.com/w3c/webauthn/pull/1244
see: https://github.com/w3c/webauthn/issues/1235
Signed-off-by: Arthur Gautier <baloo@gandi.net>
2019-08-09 21:45:18 +00:00
Arthur Gautier
530192e3f5
U2FFido2Server should return the token used for authentication
...
Signed-off-by: Arthur Gautier <baloo@gandi.net>
2019-08-01 20:20:35 +00:00
Dain Nilsson
6230c6a83a
Allow all supported key algorithms by default.
2019-05-09 14:54:01 +02:00
Vlastimil Zíma
bbb41ff2c3
Wrap invalid signature in authentication
2019-05-07 10:37:15 +02:00
Alessandro Carlo Chirico
34ca6c96ef
Add AuthenticatorAttachment support
2019-02-06 19:12:56 +01:00
Dain Nilsson
2886081796
Only check attestation if it's requested.
2018-12-21 12:56:59 +01:00
Dain Nilsson
566fd53de5
Make state JSON serializable.
2018-12-20 17:20:52 +01:00
Dain Nilsson
1c7ab07480
Fix incorrect description in docstring.
2018-12-20 16:28:29 +01:00
Dain Nilsson
273ccdab75
Remove unused variable.
2018-12-20 13:55:05 +01:00
Dain Nilsson
65d8f8dfe8
Add U2FFido2Server with updated example.
...
This new server class allows authentication of existing U2F credentials.
2018-12-20 13:19:43 +01:00