def test_action_webauthn_legacy_token(self, mock_complete_authn):
# mock_complete_authn.return_value = ({'keyHandle': 'test_key_handle'},
# 'dummy-touch', 'dummy-counter')
#
# Add a working U2F credential for this test
u2f = U2F.from_dict(
dict(
version='U2F_V2',
keyhandle=
'V1vXqZcwBJD2RMIH2udd2F7R9NoSNlP7ZSPOtKHzS7n_rHFXcXbSpOoX__aUKyTR6jEC8Xv678WjXC5KEkvziA',
public_key=
'BHVTWuo3_D7ruRBe2Tw-m2atT2IOm_qQWSDreWShu3t21ne9c-DPSUdym-H-t7FcjV7rj1dSc3WSwaOJpFmkKxQ',
app_id='https://dev.eduid.se/u2f-app-id.json',
attest_cert='',
description='unit test U2F token',
))
self.user.credentials.add(u2f)
self.app.central_userdb.save(self.user, check_sync=False)
fido2_state = json.dumps(
Fido2Server._make_internal_state(
base64.b64decode(
'3h/EAZpY25xDdSJCOMx1ABZEA5Odz3yejUI3AUNTQWc='),
'preferred'))
self.app.config.fido2_rp_id = 'idp.dev.eduid.se'
data1 = {
'authenticatorData':
'mZ9k6EPHoJxJZNA+UuvM0JVoutZHmqelg9kXe/DSefgBAAAA/w==',
'clientDataJSON':
('eyJjaGFsbGVuZ2UiOiIzaF9FQVpwWTI1eERkU0pDT014MUFCWkVBNU9k'
'ejN5ZWpVSTNBVU5UUVdjIiwib3JpZ2luIjoiaHR0cHM6Ly9pZHAuZGV2LmVkdWlkLnNlIiwidH'
'lwZSI6IndlYmF1dGhuLmdldCJ9'),
'credentialId':
('V1vXqZcwBJD2RMIH2udd2F7R9NoSNlP7ZSPOtKHzS7n/rHFXcXbSpOoX//aUKyTR6jEC8Xv678WjXC5KEkvziA=='
),
'signature':
('MEYCIQC5gM8inamJGUFKu3bNo4fT0jmJQuw33OSSXc242NCuiwIhAIWnVw2Spow72j6J92KaY2rLR6qSXEbLam09ZXbSkBnQ'
),
}
response = self._action(data1=data1, fido2_state=fido2_state)
self.assertEqual(response.status_code, 200)
self.assertEqual(
len(self.app.actions_db.get_actions(self.user.eppn,
'mock-session')), 1)
def test_action_webauthn_legacy_token(self, mock_complete_authn):
#mock_complete_authn.return_value = ({'keyHandle': 'test_key_handle'},
# 'dummy-touch', 'dummy-counter')
#
# Add a working U2F credential for this test
u2f = U2F(version='U2F_V2',
keyhandle='V1vXqZcwBJD2RMIH2udd2F7R9NoSNlP7ZSPOtKHzS7n_rHFXcXbSpOoX__aUKyTR6jEC8Xv678WjXC5KEkvziA',
public_key='BHVTWuo3_D7ruRBe2Tw-m2atT2IOm_qQWSDreWShu3t21ne9c-DPSUdym-H-t7FcjV7rj1dSc3WSwaOJpFmkKxQ',
app_id='https://dev.eduid.se/u2f-app-id.json',
attest_cert='',
description='unit test U2F token'
)
self.user.credentials.add(u2f)
self.app.central_userdb.save(self.user, check_sync=False)
with self.session_cookie(self.browser) as client:
self.prepare(client, Plugin, 'mfa', action_dict=MFA_ACTION)
with self.app.test_request_context():
with client.session_transaction() as sess:
fido2_state = Fido2Server._make_internal_state(
base64.b64decode('3h/EAZpY25xDdSJCOMx1ABZEA5Odz3yejUI3AUNTQWc='), 'preferred')
sess['eduid_action.mfa.webauthn.state'] = json.dumps(fido2_state)
csrf_token = sess.get_csrf_token()
data = json.dumps({'csrf_token': csrf_token,
'authenticatorData': 'mZ9k6EPHoJxJZNA+UuvM0JVoutZHmqelg9kXe/DSefgBAAAA/w==',
'clientDataJSON': 'eyJjaGFsbGVuZ2UiOiIzaF9FQVpwWTI1eERkU0pDT014MUFCWkVBNU9k'+\
'ejN5ZWpVSTNBVU5UUVdjIiwib3JpZ2luIjoiaHR0cHM6Ly9pZHAuZGV2LmVkdWlkLnNlIiwidH'+\
'lwZSI6IndlYmF1dGhuLmdldCJ9',
'credentialId': 'V1vXqZcwBJD2RMIH2udd2F7R9NoSNlP7ZSPOtKHzS7n/rHFXcXbSpOoX//'+\
'aUKyTR6jEC8Xv678WjXC5KEkvziA==',
'signature': 'MEYCIQC5gM8inamJGUFKu3bNo4fT0jmJQuw33OSSXc242NCuiwIhAIWnVw2Sp'+\
'ow72j6J92KaY2rLR6qSXEbLam09ZXbSkBnQ'}
)
self.app.config['FIDO2_RP_ID'] = 'idp.dev.eduid.se'
response = client.post('/post-action', data=data, content_type=self.content_type_json)
self.assertEquals(response.status_code, 200)
data = json.loads(response.data)
self.assertEquals(len(self.app.actions_db.get_actions(self.user.eppn, 'mock-session')), 1)
mock_idp_app = MockIdPApp(self.app.actions_db)
mock_idp_app.logger = self.app.logger
add_actions(mock_idp_app, self.user, MockTicket('mock-session'))
self.assertEquals(len(self.app.actions_db.get_actions(self.user.eppn, 'mock-session')), 0)
def test_action_webauthn_legacy_token(self, mock_complete_authn):
#mock_complete_authn.return_value = ({'keyHandle': 'test_key_handle'},
# 'dummy-touch', 'dummy-counter')
#
# Add a working U2F credential for this test
u2f = U2F(version='U2F_V2',
keyhandle='V1vXqZcwBJD2RMIH2udd2F7R9NoSNlP7ZSPOtKHzS7n_rHFXcXbSpOoX__aUKyTR6jEC8Xv678WjXC5KEkvziA',
public_key='BHVTWuo3_D7ruRBe2Tw-m2atT2IOm_qQWSDreWShu3t21ne9c-DPSUdym-H-t7FcjV7rj1dSc3WSwaOJpFmkKxQ',
app_id='https://dev.eduid.se/u2f-app-id.json',
attest_cert='',
description='unit test U2F token'
)
self.user.credentials.add(u2f)
self.app.central_userdb.save(self.user, check_sync=False)
with self.session_cookie(self.browser) as client:
self.prepare(client, Plugin, 'mfa', action_dict=MFA_ACTION)
with self.app.test_request_context():
with client.session_transaction() as sess:
fido2_state = Fido2Server._make_internal_state(
base64.b64decode('3h/EAZpY25xDdSJCOMx1ABZEA5Odz3yejUI3AUNTQWc='), 'preferred')
sess['eduid_webapp.actions.actions.mfa.webauthn.state'] = json.dumps(fido2_state)
csrf_token = sess.get_csrf_token()
data = json.dumps({'csrf_token': csrf_token,
'authenticatorData': 'mZ9k6EPHoJxJZNA+UuvM0JVoutZHmqelg9kXe/DSefgBAAAA/w==',
'clientDataJSON': 'eyJjaGFsbGVuZ2UiOiIzaF9FQVpwWTI1eERkU0pDT014MUFCWkVBNU9k'+\
'ejN5ZWpVSTNBVU5UUVdjIiwib3JpZ2luIjoiaHR0cHM6Ly9pZHAuZGV2LmVkdWlkLnNlIiwidH'+\
'lwZSI6IndlYmF1dGhuLmdldCJ9',
'credentialId': 'V1vXqZcwBJD2RMIH2udd2F7R9NoSNlP7ZSPOtKHzS7n/rHFXcXbSpOoX//'+\
'aUKyTR6jEC8Xv678WjXC5KEkvziA==',
'signature': 'MEYCIQC5gM8inamJGUFKu3bNo4fT0jmJQuw33OSSXc242NCuiwIhAIWnVw2Sp'+\
'ow72j6J92KaY2rLR6qSXEbLam09ZXbSkBnQ'}
)
self.app.config['FIDO2_RP_ID'] = 'idp.dev.eduid.se'
response = client.post('/post-action', data=data, content_type=self.content_type_json)
self.assertEquals(response.status_code, 200)
data = json.loads(response.data)
self.assertEquals(len(self.app.actions_db.get_actions(self.user.eppn, 'mock-session')), 1)
