Updating ChangeLog

CHANGELOG.md

@@ -1,7 +1,22 @@
 # Change Log
+## 2.5.0
+
+   * Bumped fido2 version to 1.0
+   * Fixed: issue in the 'Authorize' button don't show on Firefox and Chrome on iOS.
+     Note: It seems Firefox doesn't support WebAuthn on iOS
+   * Fixed: Support for bootstrap5
+Thanks to @ezrajrice
+
+## 2.4.0
+
+   * Fixed: issue in the 'Authorize' button don't show on Safari Mobile.
+   * Upgrade to FIDO2 0.9.2, to fix issue with Windows 11.
+   * Fixed: Minor Typos.
+
+
 ## 2.3.0
    * Fixed: A missing import Thanks @AndreasDickow
-   * Fixed: `MFA.html` now call `{{block.super}}` for head and content blocks
+   * Fixed: `MFA.html` now call `{{block.super}}` for head and content blocks, thanks @mnelson4
    * Added: #55 introduced `mfa_base.html` which will be extended by `MFA.html` for better styling 
 
 ## 2.2.0

README.md

@@ -20,6 +20,8 @@ For FIDO2, the following are supported
  * **Apple's Touch ID/Face ID** (Chrome 70+ on Mac OS X, Safari on macOS Big Sur, Safari on iOS 14.0+ ),
  * **android-safetynet** (Chrome 70+, Firefox 68+)
  * **NFC devices using PCSC** (Not Tested, but as supported in fido2)
+ * **Soft Tokens** 
+    * [krypt.co](https://krypt.co/): Login by a notification on your phone.
 
 In English :), It allows you to verify the user by security keys on PC, Laptops or Mobiles, Windows Hello (Fingerprint, PIN) on Windows 10 Build 1903+ (May 2019 Update) Touch/Face ID on Macbooks (Chrome, Safari), Touch/Face ID on iPhone and iPad and Fingerprint/Face/Iris/PIN on Android Phones.
 
@@ -185,6 +187,7 @@ function some_func() {
 * [willingham](https://github.com/willingham)
 * [AndreasDickow](https://github.com/AndreasDickow)
 * [mnelson4](https://github.com/mnelson4)
+* [ezrajrice](https://github.com/ezrajrice)
 
 
  # Security contact information

example/example/settings.py

@@ -25,7 +25,7 @@ SECRET_KEY = '#9)q!_i3@pr-^3oda(e^3$x!kq3b4f33#5l@+=+&vuz+p6gb3g'
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True
 
-ALLOWED_HOSTS = []
+ALLOWED_HOSTS = ['*']
 
 
 # Application definition
@@ -146,5 +146,5 @@ MFA_SUCCESS_REGISTRATION_MSG="Go to Home"
 TOKEN_ISSUER_NAME="PROJECT_NAME"      #TOTP Issuer name
 
 U2F_APPID="https://localhost"    #URL For U2F
-FIDO_SERVER_ID=u"localhost"      # Server rp id for FIDO2, it the full domain of your project
+FIDO_SERVER_ID="localhost"      # Server rp id for FIDO2, it the full domain of your project
-FIDO_SERVER_NAME=u"PROJECT_NAME"
+FIDO_SERVER_NAME="TestApp"

mfa/FIDO2.py

@@ -1,6 +1,6 @@
-from fido2.client import ClientData
+from fido2.client import Fido2Client
 from fido2.server import Fido2Server, PublicKeyCredentialRpEntity
-from fido2.ctap2 import AttestationObject, AuthenticatorData
+from fido2.webauthn import AttestationObject, AuthenticatorData, CollectedClientData
 from django.template.context_processors import csrf
 from django.views.decorators.csrf import csrf_exempt
 from django.shortcuts import render
@@ -11,7 +11,7 @@ from django.http import HttpResponse
 from django.conf import settings
 from .models import *
 from fido2.utils import websafe_decode, websafe_encode
-from fido2.ctap2 import AttestedCredentialData
+from fido2.webauthn import AttestedCredentialData
 from .views import login, reset_cookie
 import datetime
 from .Common import get_redirect_url
@@ -28,7 +28,7 @@ def recheck(request):
 
 def getServer():
     """Get Server Info from settings and returns a Fido2Server"""
-    rp = PublicKeyCredentialRpEntity(settings.FIDO_SERVER_ID, settings.FIDO_SERVER_NAME)
+    rp = PublicKeyCredentialRpEntity(id=settings.FIDO_SERVER_ID, name=settings.FIDO_SERVER_NAME)
     return Fido2Server(rp)
 
 
@@ -51,7 +51,7 @@ def complete_reg(request):
     try:
         data = cbor.decode(request.body)
 
-        client_data = ClientData(data['clientDataJSON'])
+        client_data = CollectedClientData(data['clientDataJSON'])
         att_obj = AttestationObject((data['attestationObject']))
         server = getServer()
         auth_data = server.register_complete(
@@ -68,6 +68,8 @@ def complete_reg(request):
         uk.save()
         return HttpResponse(simplejson.dumps({'status': 'OK'}))
     except Exception as exp:
+        import traceback
+        print(traceback.format_exc())
         try:
             from raven.contrib.django.raven_compat.models import client
             client.captureException()
@@ -112,7 +114,7 @@ def authenticate_complete(request):
         credentials = getUserCredentials(username)
         data = cbor.decode(request.body)
         credential_id = data['credentialId']
-        client_data = ClientData(data['clientDataJSON'])
+        client_data = CollectedClientData(data['clientDataJSON'])
         auth_data = AuthenticatorData(data['authenticatorData'])
         signature = data['signature']
         try:

mfa/templates/FIDO2/Add.html

@@ -34,16 +34,16 @@
       if (res["status"] =='OK')
             $("#res").html("<div class='alert alert-success'>Registered Successfully, <a href='{{redirect_html}}'> {{reg_success_msg}}</a></div>")
         else
-            $("#res").html("<div class='alert alert-danger'>Registeration Failed as " + res["message"] + ", <a href='javascript:void(0)' onclick='begin_reg()'> try again or <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")
+            $("#res").html("<div class='alert alert-danger'>Registration Failed as " + res["message"] + ", <a href='javascript:void(0)' onclick='begin_reg()'> try again or <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")
 
 
     }, function(reason) {
-       $("#res").html("<div class='alert alert-danger'>Registeration Failed as " +reason +", <a href='javascript:void(0)' onclick='begin_reg()'> try again </a> or <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")
+       $("#res").html("<div class='alert alert-danger'>Registration Failed as " +reason +", <a href='javascript:void(0)' onclick='begin_reg()'> try again </a> or <a href='{% url 'mfa_home' %}'> Go to Security Home</a></div>")
     })
     }
     $(document).ready(function (){
         ua=new UAParser().getResult()
-        if (ua.browser.name == "Safari")
+        if (ua.browser.name == "Safari" || ua.browser.name == "Mobile Safari" )
         {
                 $("#res").html("<button class='btn btn-success' onclick='begin_reg()'>Start...</button>")
         }

mfa/templates/FIDO2/recheck.html

@@ -105,7 +105,7 @@
             $("#main_paragraph").html("FIDO2 must work under secure context")
         } else {
             ua=new UAParser().getResult()
-            if (ua.browser.name == "Safari")
+            if (ua.browser.name == "Safari" || ua.browser.name == "Mobile Safari" || ua.os.name == "iOS" || ua.os.name == "iPadOS")
                 $("#res").html("<button class='btn btn-success' onclick='authen()'>Authenticate...</button>")
             else
                 authen()

mfa/templates/MFA.html

@@ -47,24 +47,24 @@
     <div class="row">
         <div align="center">
             <div class="btn-group">
-            <button class="btn btn-success dropdown-toggle" data-toggle="dropdown">
+            <button class="btn btn-success dropdown-toggle" data-toggle="dropdown" data-bs-toggle="dropdown">
                 Add Method&nbsp;<span class="caret"></span>
             </button>
             <ul class="dropdown-menu">
                 {% if not 'TOTP' in UNALLOWED_AUTHEN_METHODS %}
-                    <li><a href="{% url 'start_new_otop' %}">Authenticator app</a></li>
+                    <li><a class="dropdown-item" href="{% url 'start_new_otop' %}">Authenticator app</a></li>
                 {% endif %}
                 {% if not 'Email' in UNALLOWED_AUTHEN_METHODS %}
-                    <li><a href="{% url 'start_email' %}">Email Token</a></li>
+                    <li><a class="dropdown-item" href="{% url 'start_email' %}">Email Token</a></li>
                 {% endif %}
                 {% if not 'U2F' in UNALLOWED_AUTHEN_METHODS %}
-                    <li><a href="{% url 'start_u2f' %}">Security Key</a></li>
+                    <li><a class="dropdown-item" href="{% url 'start_u2f' %}">Security Key</a></li>
                 {% endif %}
             {% if not 'FIDO2' in UNALLOWED_AUTHEN_METHODS %}
-                    <li><a href="{% url 'start_fido2' %}">FIDO2 Security Key</a></li>
+                    <li><a class="dropdown-item" href="{% url 'start_fido2' %}">FIDO2 Security Key</a></li>
                 {% endif %}
             {% if not 'Trusted_Devices' in UNALLOWED_AUTHEN_METHODS %}
-                    <li><a href="{% url 'start_td' %}">Trusted Device</a></li>
+                    <li><a class="dropdown-item" href="{% url 'start_td' %}">Trusted Device</a></li>
                 {% endif %}
             </ul>
             </div>

setup.py

@@ -4,7 +4,7 @@ from setuptools import find_packages, setup
 
 setup(
     name='django-mfa2',
-    version='2.3.0',
+    version='2.5.0b1',
     description='Allows user to add 2FA to their accounts',
     long_description=open("README.md").read(),
     long_description_content_type="text/markdown",
@@ -24,14 +24,14 @@ setup(
         'ua-parser',
         'user-agents',
         'python-jose',
-        'fido2 == 0.9.1',
+        'fido2 == 1.0.0',
         'jsonLookup'
       ],
     python_requires=">=3.5",
     include_package_data=True,
     zip_safe=False, # because we're including static files
     classifiers=[
-        "Development Status :: 5 - Production/Stable",
+        "Development Status :: 4 - Beta",
         "Environment :: Web Environment",
         "Framework :: Django",
         "Framework :: Django :: 2.0",
@@ -39,6 +39,8 @@ setup(
         "Framework :: Django :: 2.2",
         "Framework :: Django :: 3.0",
         "Framework :: Django :: 3.1",
+        "Framework :: Django :: 3.2",
+        "Framework :: Django :: 4.0",
         "Intended Audience :: Developers",
         "Operating System :: OS Independent",
         "Programming Language :: Python",
@@ -47,6 +49,8 @@ setup(
         "Programming Language :: Python :: 3.6",
         "Programming Language :: Python :: 3.7",
         "Programming Language :: Python :: 3.8",
+        "Programming Language :: Python :: 3.9",
+        "Programming Language :: Python :: 3.10",
         "Topic :: Software Development :: Libraries :: Python Modules",
 ]
 )