def fido2_keys_user_authenticate(user_id): keys = list_fido2_keys(user_id) credentials = list(map(lambda k: pickle.loads(base64.b64decode(k.key)), keys)) auth_data, state = Config.FIDO2_SERVER.authenticate_begin(credentials) create_fido2_session(user_id, state) # API Client only like JSON return jsonify({"data": base64.b64encode(cbor.encode(auth_data)).decode('utf8')})
def fido2_keys_user_authenticate(user_id): keys = list_fido2_keys(user_id) # It is safe to do pickle.loads as we ensure the data represents FIDO key when storing credentials = list( map(lambda k: pickle.loads(base64.b64decode(k.key)), keys)) # nosec auth_data, state = Config.FIDO2_SERVER.authenticate_begin(credentials) create_fido2_session(user_id, state) # API Client only like JSON return jsonify( {"data": base64.b64encode(cbor.encode(auth_data)).decode('utf8')})
def fido2_keys_user_register(user_id): user = get_user_and_accounts(user_id) keys = list_fido2_keys(user_id) credentials = list(map(lambda k: pickle.loads(base64.b64decode(k.key)), keys)) registration_data, state = Config.FIDO2_SERVER.register_begin({ 'id': user.id.bytes, 'name': user.name, 'displayName': user.name, }, credentials, user_verification='discouraged') create_fido2_session(user_id, state) # API Client only like JSON return jsonify({"data": base64.b64encode(cbor.encode(registration_data)).decode('utf8')})
def test_get_fido2_key_returns_and_deletes_an_existing_session(sample_user): create_fido2_session(sample_user.id, "abcd") session = get_fido2_session(sample_user.id) assert Fido2Session.query.count() == 0 assert session == "abcd"
def test_create_fido2_session_deletes_existing_sessions(sample_user): create_fido2_session(sample_user.id, "abcd") create_fido2_session(sample_user.id, "efgh") assert Fido2Session.query.count() == 1
def test_create_fido2_session(sample_user): create_fido2_session(sample_user.id, "abcd") assert Fido2Session.query.count() == 1