josh/django-mfa2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Upgrading to FIDO2==1.0.0

Browse Source
This commit is contained in:
Mohamed ElKalioby
2022-06-13 17:18:00 +03:00
parent d8b10bcdc1
commit 1ebc5bfd2b
2 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
example/example/settings.py
View File

@@ -146,5 +146,5 @@ MFA_SUCCESS_REGISTRATION_MSG="Go to Home"
TOKEN_ISSUER_NAME="PROJECT_NAME" #TOTP Issuer name TOKEN_ISSUER_NAME="PROJECT_NAME" #TOTP Issuer name
U2F_APPID="https://localhost" #URL For U2F U2F_APPID="https://localhost" #URL For U2F
FIDO_SERVER_ID=u"local.mkalioby.com" # Server rp id for FIDO2, it the full domain of your project FIDO_SERVER_ID="localhost" # Server rp id for FIDO2, it the full domain of your project
FIDO_SERVER_NAME=u"TestApp" FIDO_SERVER_NAME="TestApp"

10
mfa/FIDO2.py
View File

@@ -1,6 +1,6 @@
from fido2.client import Fido2Client from fido2.client import Fido2Client
from fido2.server import Fido2Server, PublicKeyCredentialRpEntity from fido2.server import Fido2Server, PublicKeyCredentialRpEntity
from fido2.webauthn import AttestationObject, AuthenticatorData from fido2.webauthn import AttestationObject, AuthenticatorData, CollectedClientData
from django.template.context_processors import csrf from django.template.context_processors import csrf
from django.views.decorators.csrf import csrf_exempt from django.views.decorators.csrf import csrf_exempt
from django.shortcuts import render from django.shortcuts import render
@@ -28,7 +28,7 @@ def recheck(request):
def getServer(): def getServer():
"""Get Server Info from settings and returns a Fido2Server""" """Get Server Info from settings and returns a Fido2Server"""
rp = PublicKeyCredentialRpEntity(settings.FIDO_SERVER_ID, settings.FIDO_SERVER_NAME) rp = PublicKeyCredentialRpEntity(id=settings.FIDO_SERVER_ID, name=settings.FIDO_SERVER_NAME)
return Fido2Server(rp) return Fido2Server(rp)
@@ -51,7 +51,7 @@ def complete_reg(request):
try: try:
data = cbor.decode(request.body) data = cbor.decode(request.body)
client_data = Fido2Client(data['clientDataJSON']) client_data = CollectedClientData(data['clientDataJSON'])
att_obj = AttestationObject((data['attestationObject'])) att_obj = AttestationObject((data['attestationObject']))
server = getServer() server = getServer()
auth_data = server.register_complete( auth_data = server.register_complete(
@@ -68,6 +68,8 @@ def complete_reg(request):
uk.save() uk.save()
return HttpResponse(simplejson.dumps({'status': 'OK'})) return HttpResponse(simplejson.dumps({'status': 'OK'}))
except Exception as exp: except Exception as exp:
import traceback
print(traceback.format_exc())
try: try:
from raven.contrib.django.raven_compat.models import client from raven.contrib.django.raven_compat.models import client
client.captureException() client.captureException()
@@ -112,7 +114,7 @@ def authenticate_complete(request):
credentials = getUserCredentials(username) credentials = getUserCredentials(username)
data = cbor.decode(request.body) data = cbor.decode(request.body)
credential_id = data['credentialId'] credential_id = data['credentialId']
client_data = Fido2Client(data['clientDataJSON']) client_data = CollectedClientData(data['clientDataJSON'])
auth_data = AuthenticatorData(data['authenticatorData']) auth_data = AuthenticatorData(data['authenticatorData'])
signature = data['signature'] signature = data['signature']
try: try: