Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/bodik/soft-webauthn

Python software webauthn token
https://github.com/bodik/soft-webauthn

authentication fido2 python webauthn

Last synced: 3 months ago
JSON representation

Python software webauthn token

Host: GitHub
URL: https://github.com/bodik/soft-webauthn
Owner: bodik
License: mit
Created: 2019-06-28T23:35:55.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2023-06-09T19:59:22.000Z (over 1 year ago)
Last Synced: 2024-07-07T11:05:48.619Z (4 months ago)
Topics: authentication, fido2, python, webauthn
Language: Python
Homepage:
Size: 34.2 KB
Stars: 42
Watchers: 4
Forks: 16
Open Issues: 4
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE

Awesome Lists containing this project

awesome-webauthn - Radoslav Bodó: soft-webauthn - Python software webauthn token. (Software Authenticators)
awesome-fido2 - bodik/soft-webauthn

README

        # Python software webauthn token

[![Build Status](https://travis-ci.org/bodik/soft-webauthn.svg?branch=master)](https://travis-ci.org/bodik/soft-webauthn)

Package is used for testing webauthn enabled web applications. The use-case is

authenticator and browser emulation during web application development

continuous integration.

`SoftWebauthnDevice` class interface exports basic navigator interface used for

webauthn features:

* `SoftWebauthnDevice.create(...)` aka `navigator.credentials.create(...)`

* `SoftWebauthnDevice.get(...)` aka `navigator.credentials.get(...)`

To support authentication tests without prior registration/attestation, the

class exports additional functions:

* `SoftWebauthnDevice.cred_init(rp_id, user_handle)`

* `SoftWebauthnDevice.cred_as_attested()`

There is no standard/specification for *Client* (browser) to *Relying party*

(web application) communication. Therefore the class should be be used in a web

application test suite along with other code handling webapp specific tasks

such as conveying *CredentialCreationOptions* from webapp and

*PublicKeyCredential* back to the webapp.

The example usage can be found in `tests/test_interop.py` (Token/Client vs RP

API) and `tests/test_example.py` (Token/Client vs RP HTTP). Despite internal

usage of `yubico/python-fido2` package, the project should be usable againts

other RP implementations as well.

## References

* https://w3c.github.io/webauthn

* https://webauthn.guide/

* https://github.com/Yubico/python-fido2

## Development

```

git clone https://github.com/bodik/soft-webauthn

cd soft-webauthn

ln -s ../../git_hookprecommit.sh .git/hooks/pre-commit

# OPTIONAL, create and activate virtualenv

make venv

. venv/bin/activate

# install dependencies

make install-deps

# profit

make lint

make test

make coverage

```