From 22b5d0884c81844addbb0abc76b55e30182c7a67 Mon Sep 17 00:00:00 2001 From: Mohamed ElKalioby Date: Wed, 29 May 2019 13:30:32 +0300 Subject: [PATCH] Upgrade to FIDO2 (0.6) and Supporting Windows Hello --- README.md | 4 ++-- mfa/FIDO2.py | 8 ++++---- setup.py | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index b80f83c..d49d055 100644 --- a/README.md +++ b/README.md @@ -7,9 +7,9 @@ Web Authencation API (WebAuthn) is state-of-the art techology that is expected t ![Andriod Fingerprint](https://cdn-images-1.medium.com/max/800/1*1FWkRE8D7NTA2Kn1DrPjPA.png) -For FIDO2, **security keys**, **Apple's Touch ID (Chrome)** and **android-safetynet** are supported. +For FIDO2, **security keys**, **Windows Hello**, **Apple's Touch ID (Chrome)** and **android-safetynet** are supported. -In English :), It allows you to verify the user by security keys on PC, Laptops, Touch ID on Macboks (Chrome) and Fingerprint/PIN on Andriod Phones. +In English :), It allows you to verify the user by security keys on PC, Laptops, Windows Hello (Fingerprint, PIN) on Windows 10 Build 1903 (May 2019 Update) Touch ID on Macbooks (Chrome) and Fingerprint/PIN on Andriod Phones. Trusted device is a mode for the user to add a device that doesn't support security keys like iOS and andriod without fingerprints or NFC. diff --git a/mfa/FIDO2.py b/mfa/FIDO2.py index 82376ca..b1ce154 100644 --- a/mfa/FIDO2.py +++ b/mfa/FIDO2.py @@ -34,11 +34,11 @@ def begin_registeration(request): }, getUserCredentials(request.user.username)) request.session['fido_state'] = state - return HttpResponse(cbor.dumps(registration_data),content_type='application/octet-stream') + return HttpResponse(cbor.encode(registration_data),content_type='application/octet-stream') @csrf_exempt def complete_reg(request): try: - data = cbor.loads(request.body)[0] + data = cbor.decode(request.body) client_data = ClientData(data['clientDataJSON']) att_obj = AttestationObject((data['attestationObject'])) @@ -79,7 +79,7 @@ def authenticate_begin(request): credentials=getUserCredentials(request.session.get("base_username",request.user.username)) auth_data, state = server.authenticate_begin(credentials) request.session['fido_state'] = state - return HttpResponse(cbor.dumps(auth_data),content_type="application/octet-stream") + return HttpResponse(cbor.encode(auth_data),content_type="application/octet-stream") @csrf_exempt def authenticate_complete(request): @@ -87,7 +87,7 @@ def authenticate_complete(request): username=request.session.get("base_username",request.user.username) server=getServer() credentials=getUserCredentials(username) - data = cbor.loads(request.body)[0] + data = cbor.decode(request.body) credential_id = data['credentialId'] client_data = ClientData(data['clientDataJSON']) auth_data = AuthenticatorData(data['authenticatorData']) diff --git a/setup.py b/setup.py index bb8e086..5df3fbc 100644 --- a/setup.py +++ b/setup.py @@ -4,7 +4,7 @@ from setuptools import find_packages, setup setup( name='django-mfa2', - version='1.2.1', + version='1.3.0', description='Allows user to add 2FA to their accounts', long_description=open("README.md").read(), long_description_content_type="text/markdown", @@ -24,7 +24,7 @@ setup( 'ua-parser', 'user-agents', 'python-jose', - 'fido2 == 0.5', + 'fido2 == 0.6', 'jsonLookup' ], python_requires=">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*",