def verify_assertion(): challenge = session.get('challenge') assertion_response = request.form credential_id = assertion_response.get('id') user = User.query.filter_by(credential_id=credential_id).first() if not user: return make_response(jsonify({'fail': 'User does not exist.'}), 401) webauthn_user = webauthn.WebAuthnUser(user.ukey, user.username, user.display_name, user.icon_url, user.credential_id, user.pub_key, user.sign_count, user.rp_id) webauthn_assertion_response = webauthn.WebAuthnAssertionResponse( webauthn_user, assertion_response, challenge, ORIGIN, uv_required=False) # User Verification try: sign_count = webauthn_assertion_response.verify() except Exception as e: return jsonify({'fail': 'Assertion failed. Error: {}'.format(e)}) # Update counter. user.sign_count = sign_count db.session.add(user) db.session.commit() login_user(user) return jsonify( {'success': 'Successfully authenticated as {}'.format(user.username)})
def verify_assertion(): challenge = session.get('challenge') assertion_response = request.form credential_id = assertion_response.get('id') user = mitglieder.query.filter_by(credential_id=credential_id).first() if not user: return make_response(jsonify({'fail': 'User does not exist.'}), 401) webauthn_user = webauthn.WebAuthnUser( user.ukey, user.id, user.vorname + " " + user.name, "", user.credential_id, user.pub_key, 0, RP_ID) webauthn_assertion_response = webauthn.WebAuthnAssertionResponse( webauthn_user, assertion_response, challenge, ORIGIN, uv_required=False) # User Verification login_user(user,remember=False,duration=timedelta(minutes=session_ttl)) return jsonify({ 'success': 'Successfully authenticated as {}'.format(user.vorname + " " + user.name) })
def verify_assertion(): print("[ENTER] complete authentcation") # import pdb;pdb.set_trace() challenge = session.get('challenge') assertion_response = request.form import pdb pdb.set_trace() credential_id = assertion_response.get('id') print("assertion_response ", assertion_response) user = User.query.filter_by(credential_id=credential_id).first() if not user: return make_response(jsonify({'fail': 'User does not exist.'}), 401) webauthn_user = webauthn.WebAuthnUser(user.ukey, user.username, user.display_name, user.icon_url, user.credential_id, user.pub_key, user.sign_count, user.rp_id) webauthn_assertion_response = webauthn.WebAuthnAssertionResponse( webauthn_user, assertion_response, challenge, ORIGIN, uv_required=False) # User Verification try: sign_count = webauthn_assertion_response.verify() except Exception as e: print("[ERROR] ", e) return jsonify({'fail': 'Assertion failed. Error: {}'.format(e)}) # Update counter. user.sign_count = sign_count db.session.add(user) db.session.commit() login_user(user) msg = 'Successfully authenticated as ' + user.username + \ '\n\tCredential Id: ' + credential_id print(msg) print("[EXIT] complete authentcation\n") return jsonify( {'success': 'Successfully authenticated as {}'.format(user.username)})
def verify_assertion(): ''' This url is called to authenticate the user ''' challenge = session.get('challenge') assertion_response = request.form credential_id = assertion_response.get('id') credential = database.get_credential(credential_id) if not credential: return make_response(jsonify({'fail': 'User does not exist.'}), 401) webauthn_user = webauthn.WebAuthnUser( credential.ukey, credential.username, credential.display_name, credential.icon_url, credential.credential_id, credential.pub_key, credential.sign_count, credential.rp_id) webauthn_assertion_response = webauthn.WebAuthnAssertionResponse( webauthn_user, assertion_response, challenge, ORIGIN, uv_required=False) # User Verification try: sign_count = webauthn_assertion_response.verify() except Exception as e: raise e return jsonify({'fail': 'Assertion failed. Error: {}'.format(e)}) # Update counter. credential.sign_count = sign_count database.increment_sign_count(credential) satosa_request = Request() satosa_request.userId = credential.username database.make_success(satosa_request) user = User() user.id = credential.username login_user(user) return jsonify({'success': 'User successfully logged in.'})
def assertion_verify_response(): logger = webauthn.WebAuthnLogger() app.logger.debug( '----- [Authentication] Authenticator Response (Native) from Authenticator/Client -----' ) app.logger.debug(str(request.form.to_dict())) app.logger.debug('----- End -----') challenge = session.get('challenge') assertion_response = request.form credential_id = assertion_response.get('id') user = Users.query.filter_by(credential_id=credential_id).first() if not user: app.logger.debug('Credential ID is not found.') return make_response(jsonify({'fail': 'Credential ID is not found.'}), 404) webauthn_user = webauthn.WebAuthnUser(user.ukey, user.username, user.display_name, user.icon_url, user.credential_id, user.pub_key, user.sign_count, user.rp_id) webauthn_assertion_response = webauthn.WebAuthnAssertionResponse( webauthn_user, assertion_response, challenge, ORIGIN, allow_credentials=None, uv_required=False) # User Verification logger.add('----- [Authentication] Received Data -----') try: logger.add( '----- [Authentication] Authenticator Response (Decoded) from Authenticator/Client -----' ) webauthn_tools = webauthn.WebAuthnTools() decoded_assertion_response = webauthn_tools.view_assertion( assertion_response) logger.add(json.dumps(decoded_assertion_response, indent=4)) logger.add('----- End -----') except Exception as e: app.logger.debug('Assertion view failed. Error: {}'.format(e)) logger.add('Attestation view failed. Error: {}'.format(e)) return make_response( jsonify({ 'fail': 'Attestation view failed. Error: {}'.format(e), 'debug_log': logger.get() }), 500) try: logger.add('----- [Authentication] [Verify] Start -----') sign_count = webauthn_assertion_response.verify() logger.add(webauthn_assertion_response.getLog()) logger.add('----- [Authentication] [Verify] End -----') except Exception as e: app.logger.debug('Assertion failed. Error: {}'.format(e)) logger.add('Assertion failed. Error: {}'.format(e)) return jsonify({ 'fail': 'Assertion failed. Error: {}'.format(e), 'debug_log': logger.get() }) # Update counter. user.sign_count = sign_count db.session.add(user) db.session.commit() logger.add('----- [Authentication] Server Successfully Return. -----') return make_response( jsonify({ 'success': u'Successfully Authenticate as {}'.format(user.username), 'debug_log': logger.get() }), 200)