Beispiel #1
0
 def sign(self, username):
     user = self.users[username]
     devices = [DeviceRegistration.wrap(device)
                for device in user.get('_u2f_devices_', [])]
     challenge = start_authenticate(devices)
     user['_u2f_challenge_'] = challenge.json
     return challenge.json
Beispiel #2
0
    def test_authenticate_single_soft_u2f(self):
        # Register
        device, token = register_token()

        # Authenticate
        sign_request = u2f.start_authenticate([device])

        response1 = token.getAssertion(
            sign_request.authenticateRequests[0].json, FACET)

        assert u2f.verify_authenticate([device], sign_request, response1)
Beispiel #3
0
    def sign(self, user_name, object_dn):

        # Do we have read permissions for the requested attribute
        self.__check_acl(user_name, object_dn, "r")

        user = ObjectProxy(object_dn)
        user_settings = self.__settings[user.uuid] if user.uuid in self.__settings else {}
        devices = [DeviceRegistration.wrap(device)
                   for device in user_settings.get('_u2f_devices_', [])]
        challenge = start_authenticate(devices)
        user_settings['_u2f_challenge_'] = challenge.json
        self.__save_settings()
        return challenge.json
Beispiel #4
0
    def test_authenticate_multiple_soft_u2f(self):
        # Register
        device1, token1 = register_token()
        device2, token2 = register_token([device1])

        # Authenticate
        auth_request_data = u2f.start_authenticate([device1, device2])

        response = token1.getAssertion(
            auth_request_data.authenticateRequests[0].json, FACET)

        assert u2f.verify_authenticate([device1, device2], auth_request_data,
                                       response)
Beispiel #5
0
    def test_authenticate_single_soft_u2f(self):
        # Register
        device, token = register_token()

        # Authenticate
        sign_request = u2f.start_authenticate([device])

        response1 = token.getAssertion(
            sign_request.authenticateRequests[0].json,
            FACET
        )

        assert u2f.verify_authenticate([device], sign_request, response1)
Beispiel #6
0
def userSign(id):
    try:
        user = User().getObjectsByKey("_id", id)[0]
    except Exception as e:
        return abort(404)

    try:
        devices = map(DeviceRegistration.wrap, user.u2f_devices)
    except:
        devices = []

    challenge = start_authenticate(devices)
    user.u2f_challenge = challenge.json
    return challenge.json
Beispiel #7
0
    def get_context_data(self, **kwargs):
        ctx = super().get_context_data()

        devices = [DeviceRegistration.wrap(device.json_data)
                   for device in U2FDevice.objects.filter(confirmed=True, user=self.user)]
        if devices:
            challenge = u2f.start_authenticate(devices, challenge=rand_bytes(32))
            self.request.session['_u2f_challenge'] = challenge.json
            ctx['jsondata'] = challenge.json
        else:
            if '_u2f_challenge' in self.request.session:
                del self.request.session['_u2f_challenge']
            ctx['jsondata'] = None

        return ctx
Beispiel #8
0
    def sign(self, user_name, object_dn):

        # Do we have read permissions for the requested attribute
        self.__check_acl(user_name, object_dn, "r")

        user = ObjectProxy(object_dn)
        user_settings = self.__settings[
            user.uuid] if user.uuid in self.__settings else {}
        devices = [
            DeviceRegistration.wrap(device)
            for device in user_settings.get('_u2f_devices_', [])
        ]
        challenge = start_authenticate(devices)
        user_settings['_u2f_challenge_'] = challenge.json
        self.__save_settings()
        return challenge.json
Beispiel #9
0
    def test_authenticate_multiple_soft_u2f(self):
        # Register
        device1, token1 = register_token()
        device2, token2 = register_token([device1])

        # Authenticate
        auth_request_data = u2f.start_authenticate([device1, device2])

        response = token1.getAssertion(
            auth_request_data.authenticateRequests[0].json,
            FACET
        )

        assert u2f.verify_authenticate([device1, device2],
                                       auth_request_data,
                                       response)
Beispiel #10
0
    def get_context_data(self, **kwargs):
        ctx = super().get_context_data()

        devices = [
            DeviceRegistration.wrap(device.json_data)
            for device in U2FDevice.objects.filter(confirmed=True,
                                                   user=self.request.user)
        ]
        if devices:
            challenge = u2f.start_authenticate(devices,
                                               challenge=rand_bytes(32))
            self.request.session['_u2f_challenge'] = challenge.json
            ctx['jsondata'] = challenge.json
        else:
            if '_u2f_challenge' in self.request.session:
                del self.request.session['_u2f_challenge']
            ctx['jsondata'] = None

        return ctx
Beispiel #11
0
 def activate(self, request):
     return ActivationChallengeResult(
         challenge=dict(u2f.start_authenticate(self.get_u2f_devices())),
     )
Beispiel #12
0
 def activate(self, request):
     return ActivationChallengeResult(challenge=dict(
         u2f.start_authenticate(self.get_u2f_devices())), )