def _parse_credential(self, data): credential = Credential() for row in data: credential.id = row["id"] credential.ukey = row["ukey"] credential.credential_id = row["credential_id"] credential.display_name = row["display_name"] credential.pub_key = row["pub_key"] credential.sign_count = row["sign_count"] credential.username = row["username"] credential.rp_id = row["rp_id"] credential.icon_url = row["icon_url"] return credential
def makeUsers(numUsers, maxCredentialsPerUser, priority): Users = {} for u in range(numUsers): memberId = memberid = randomId(4) Users[memberId] = [] for un in range(1): #range(randint(0,maxCredentialsPerUser)): start = now - timedelta(days=randint(0, 12)) end = now + timedelta(days=randint(0, 36)) c = Credential(facility="frontdoor", memberid=memberId, credential=randomId(9), type="fob", effective=start, expiration=end, tag=str(uuid4()), priority=priority) session.add(c) Users[memberId].append(c) session.commit() return Users
def create_credential(repo): credential = Credential(repository_id=repo.id, private_key=PRIVATE_KEY, public_key=PUBLIC_KEY) credential.save() return credential
expiration=end, tag=str(uuid4()), priority=priority) session.add(c) Users[memberId].append(c) session.commit() return Users members = makeUsers(35, 8, 4) cfob = Credential(facility="frontdoor", memberid="3870", credential="16294934", type="fob", effective=now - timedelta(days=5), expiration=now + timedelta(days=360), tag=str(uuid4()), priority=4) ccode = Credential(facility="frontdoor", memberid="1337", credential="4455661", type="passcode", effective=now - timedelta(days=5), expiration=now + timedelta(days=360), tag=str(uuid4()), priority=4) session.add(cfob) session.add(ccode) session.commit()
def add_creds(): cred = Credential(name='empty') cred.put()
def verify_credential_info(): ''' This url is called to verify and register the token ''' challenge = session['challenge'] username = session['register_username'] display_name = session['register_display_name'] ukey = session['register_ukey'] user_exists = database.user_exists(username) if not user_exists or not current_user.is_authenticated or not username == current_user.id: return make_response(jsonify({'fail': 'User not logged in.'}), 401) registration_response = request.form trust_anchor_dir = os.path.join(os.path.dirname(os.path.abspath(__file__)), TRUST_ANCHOR_DIR) trusted_attestation_cert_required = True self_attestation_permitted = True none_attestation_permitted = True webauthn_registration_response = webauthn.WebAuthnRegistrationResponse( RP_ID, ORIGIN, registration_response, challenge, trust_anchor_dir, trusted_attestation_cert_required, self_attestation_permitted, none_attestation_permitted, uv_required=False) # User Verification try: webauthn_credential = webauthn_registration_response.verify() except Exception as e: return jsonify({'fail': 'Registration failed. Error: {}'.format(e)}) credential_id_exists = database.credential_exists( webauthn_credential.credential_id) if credential_id_exists: return make_response( jsonify({'fail': 'Credential ID already exists.'}), 401) existing_user = database.user_exists(username) credential = Credential() if not existing_user or True: if sys.version_info >= (3, 0): webauthn_credential.credential_id = str( webauthn_credential.credential_id, "utf-8") webauthn_credential.public_key = str( webauthn_credential.public_key, "utf-8") credential.id = randint(1, 100000) credential.ukey = ukey credential.username = username credential.display_name = display_name credential.pub_key = webauthn_credential.public_key credential.credential_id = webauthn_credential.credential_id credential.sign_count = webauthn_credential.sign_count credential.rp_id = RP_ID credential.icon_url = 'https://example.com' database.save_credential(credential) database.turn_on(credential.username) else: return make_response(jsonify({'fail': 'User already exists.'}), 401) satosa_request = Request() satosa_request.userId = credential.username database.make_success(satosa_request) user = database.get_user(credential.username) login_user(user) return jsonify({'success': 'User successfully registered.'})