josh/django-mfa2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Removed CBOR and moved to JSON for Communication

Browse Source
This commit is contained in:
Mohamed El-Kalioby
2022-10-17 20:56:09 +03:00
parent 0ddef51eaa
commit 98b361d73d
10 changed files with 191 additions and 463 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
mfa/templates/FIDO2/Add.html
View File

@@ -1,17 +1,31 @@
{% extends "base.html" %}
{% load static %}
{% block head %}
<script type="application/javascript" src="{% static 'mfa/js/cbor.js'%}"></script>
<script type="application/javascript" src="{% static 'mfa/js/ua-parser.min.js'%}"></script>
<script type="application/javascript" src="{% static 'mfa/js/base64url.js'%}"></script>
<script type="application/javascript" src="{% static 'mfa/js/helpers.js'%}"></script>
<script type="application/javascript">
var MakeCredReq = (makeCredReq) => {
makeCredReq.publicKey.challenge = base64url.decode(makeCredReq.publicKey.challenge);
makeCredReq.publicKey.user.id = base64url.decode(makeCredReq.publicKey.user.id);
for(let excludeCred of makeCredReq.publicKey.excludeCredentials) {
excludeCred.id = base64url.decode(excludeCred.id);
}
return makeCredReq
}
function begin_reg(){
fetch('{% url 'fido2_begin_reg' %}',{}).then(function(response) {
if(response.ok)
{
return response.arrayBuffer();
return response.json().then(function (req){
return MakeCredReq(req)
});
}
throw new Error('Error getting registration data!');
}).then(CBOR.decode).then(function(options) {
}).then(function(options) {
//options.publicKey.attestation="direct"
console.log(options)
@@ -19,11 +33,7 @@
}).then(function(attestation) {
return fetch('{% url 'fido2_complete_reg' %}', {
method: 'POST',
headers: {'Content-Type': 'application/cbor'},
body: CBOR.encode({
"attestationObject": new Uint8Array(attestation.response.attestationObject),
"clientDataJSON": new Uint8Array(attestation.response.clientDataJSON),
})
body: JSON.stringify(publicKeyCredentialToJSON(attestation))
});
}).then(function(response) {

33
mfa/templates/FIDO2/Auth_JS.html
View File

@@ -1,30 +1,39 @@
{% load static %}
<script type="application/javascript" src="{% static 'mfa/js/cbor.js' %}"></script>
<script type="application/javascript" src="{% static 'mfa/js/base64url.js' %}"></script>
<script type="application/javascript" src="{% static 'mfa/js/helpers.js' %}"></script>
<script type="application/javascript" src="{% static 'mfa/js/ua-parser.min.js' %}"></script>
<script type="text/javascript">
var GetAssertReq = (getAssert) => {
getAssert.publicKey.challenge = base64url.decode(getAssert.publicKey.challenge);
for(let allowCred of getAssert.publicKey.allowCredentials) {
allowCred.id = base64url.decode(allowCred.id);
}
return getAssert
}
function authen()
{
fetch('{% url 'fido2_begin_auth' %}', {
fetch('{% url 'fido2_begin_auth' %}', {
method: 'GET',
}).then(function(response) {
if(response.ok) return response.arrayBuffer();
if(response.ok) {
return response.json().then(function (req){
return GetAssertReq(req)
});
}
throw new Error('No credential available to authenticate!');
}).then(CBOR.decode).then(function(options) {
}).then(function(options) {
console.log(options)
return navigator.credentials.get(options);
}).then(function(assertion) {
res=CBOR.encode({
"credentialId": new Uint8Array(assertion.rawId),
"authenticatorData": new Uint8Array(assertion.response.authenticatorData),
"clientDataJSON": new Uint8Array(assertion.response.clientDataJSON),
"signature": new Uint8Array(assertion.response.signature)
});
return fetch('{% url 'fido2_complete_auth' %}', {
method: 'POST',
headers: {'Content-Type': 'application/cbor'},
body:res,
headers: {'Content-Type': 'application/json'},
body:JSON.stringify(publicKeyCredentialToJSON(assertion)),
}).then(function (response) {if (response.ok) return res = response.json()}).then(function (res) {
if (res.status=="OK")