1. Advisor
  2. webauthn
  3. functions
  4. webauthn.WebAuthnUser
View all webauthn analysis

How to use the webauthn.WebAuthnUser function in webauthn

To help you get started, we’ve selected a few webauthn examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github Integreat / cms-django / src / cms / views / authentication / authentication_actions.py View on Github external
def makeWebauthnUsers(user):
    webauthn_users = []

    for key in user.mfa_keys.all():
        webauthn_users.append(webauthn.WebAuthnUser(
            user.id, user.username, '%s %s' % (user.first_name, user.last_name), '',
            str(key.key_id, "utf-8"), key.public_key, key.sign_count, settings.HOSTNAME))

    return webauthn_users
github mimming / snippets / add-a-cat-to-that / app.py View on Github external
def request_security_key():
    email = session['email']

    current_user = admin_users[email]

    challenge = generate_random_string(32)
    session['challenge'] = challenge

    webauthn_user = webauthn.WebAuthnUser(
        current_user['id'],     # user ID
        current_user['email'],  # username
        current_user['email'],  # user display name
        '',  # icon url
        current_user['known_keys'][0]['credential_id'],
        current_user['known_keys'][0]['public_key'],
        current_user['known_keys'][0]['sign_count'],
        RP_ID)

    webauthn_assertion_options = webauthn.WebAuthnAssertionOptions(
        webauthn_user, challenge)

    json_assertion_options = json.dumps(webauthn_assertion_options.assertion_dict)
    # for some reason the allowCredentials ID is a string of bytes.  No bueno for json.dumps
github pretix / pretix / src / pretix / base / models / auth.py View on Github external
def webauthnuser(self):
        return webauthn.WebAuthnUser(
            self.ukey,
            self.user.email,
            str(self.user),
            settings.SITE_URL,
            self.credential_id,
            self.pub_key,
            self.sign_count,
            urlparse(settings.SITE_URL).netloc
        )
github pretix / pretix / src / pretix / base / models / auth.py View on Github external
def webauthnuser(self):
        d = json.loads(self.json_data)
        # We manually need to convert the pubkey from DER format (used in our
        # former U2F implementation) to the format required by webauthn. This
        # is based on the following example:
        # https://www.w3.org/TR/webauthn/#sctn-encoded-credPubKey-examples
        pub_key = pub_key_from_der(websafe_decode(d['publicKey'].replace('+', '-').replace('/', '_')))
        pub_key = binascii.unhexlify(
            'A5010203262001215820{:064x}225820{:064x}'.format(
                pub_key.public_numbers().x, pub_key.public_numbers().y
            )
        )
        return webauthn.WebAuthnUser(
            d['keyHandle'],
            self.user.email,
            str(self.user),
            settings.SITE_URL,
            d['keyHandle'],
            websafe_encode(pub_key),
            1,
            urlparse(settings.SITE_URL).netloc
        )
github Integreat / cms-django / src / cms / views / authentication / authentication_actions.py View on Github external
def mfaVerify(request):
    if 'mfa_user_id' not in request.session:
        return JsonResponse({'success': False, 'error': _('You need to log in first')})

    user = get_user_model().objects.get(id=request.session['mfa_user_id'])

    challenge = request.session['challenge']
    assertion_response = json.loads(request.body)
    credential_id = assertion_response['id']
    key = user.mfa_keys.get(key_id=credential_id.encode('ascii'))


    webauthn_user = webauthn.WebAuthnUser(
        user.id, user.username, '%s %s' % (user.first_name, user.last_name), '',
        str(key.key_id, "utf-8"), str(key.public_key, "utf-8"), key.sign_count, settings.HOSTNAME)

    webauthn_assertion_response = webauthn.WebAuthnAssertionResponse(
        webauthn_user,
        assertion_response,
        challenge,
        settings.BASE_URL)

    try:
        sign_count = webauthn_assertion_response.verify()
    # webauthn does not export AuthenticationRejectedException which directly extends Exception
    # as AuthenticationRejectedException is the only exception that can be raused by verify()
    # it should be okay to just except Exception
    # pylint: disable=broad-except
    except Exception as exception:
github mimming / snippets / add-a-cat-to-that / app.py View on Github external
# Find the user, and verify their credential is correct
    user = admin_users[email]
    known_keys = admin_users[email]['known_keys']

    this_key = None
    for key in known_keys:
        if credential_id == key['credential_id']:
            this_key = key

    if this_key is None:
        return "This key is not recognized for this user.  Try again please."


    # Will raise an error if something isn't correct
    webauthn_user = webauthn.WebAuthnUser(
        user['id'],
        user['email'], # username
        user['email'], # display name
        '', # icon url
        this_key['credential_id'], # maybe issue here because of encoding string vs bytes?
        this_key['public_key'], # maybe issue here because of encoding string vs bytes?
        this_key['sign_count'],
        this_key['rp_id']
    )

    # Will raise an error if something isn't correct
    webauthn_assertion_response = webauthn.WebAuthnAssertionResponse(
        webauthn_user,
        assertion_response,
        challenge,
        ORIGIN,

webauthn

Pythonic WebAuthn

GitHub
BSD-3-Clause
Latest version published 3 months ago

Package Health Score

76 / 100
Full package analysis

Popular webauthn functions

Similar packages