Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/bodik/soft-webauthn
Python software webauthn token
https://github.com/bodik/soft-webauthn
authentication fido2 python webauthn
Last synced: about 1 month ago
JSON representation
Python software webauthn token
- Host: GitHub
- URL: https://github.com/bodik/soft-webauthn
- Owner: bodik
- License: mit
- Created: 2019-06-28T23:35:55.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2023-06-09T19:59:22.000Z (over 1 year ago)
- Last Synced: 2024-10-08T12:30:01.266Z (2 months ago)
- Topics: authentication, fido2, python, webauthn
- Language: Python
- Homepage:
- Size: 34.2 KB
- Stars: 45
- Watchers: 4
- Forks: 18
- Open Issues: 5
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
- awesome-webauthn - Radoslav Bodó: soft-webauthn - Python software webauthn token. (Software Authenticators)
- awesome-fido2 - bodik/soft-webauthn
README
# Python software webauthn token
[![Build Status](https://travis-ci.org/bodik/soft-webauthn.svg?branch=master)](https://travis-ci.org/bodik/soft-webauthn)
Package is used for testing webauthn enabled web applications. The use-case is
authenticator and browser emulation during web application development
continuous integration.`SoftWebauthnDevice` class interface exports basic navigator interface used for
webauthn features:* `SoftWebauthnDevice.create(...)` aka `navigator.credentials.create(...)`
* `SoftWebauthnDevice.get(...)` aka `navigator.credentials.get(...)`To support authentication tests without prior registration/attestation, the
class exports additional functions:* `SoftWebauthnDevice.cred_init(rp_id, user_handle)`
* `SoftWebauthnDevice.cred_as_attested()`There is no standard/specification for *Client* (browser) to *Relying party*
(web application) communication. Therefore the class should be be used in a web
application test suite along with other code handling webapp specific tasks
such as conveying *CredentialCreationOptions* from webapp and
*PublicKeyCredential* back to the webapp.The example usage can be found in `tests/test_interop.py` (Token/Client vs RP
API) and `tests/test_example.py` (Token/Client vs RP HTTP). Despite internal
usage of `yubico/python-fido2` package, the project should be usable againts
other RP implementations as well.## References
* https://w3c.github.io/webauthn
* https://webauthn.guide/
* https://github.com/Yubico/python-fido2## Development
```
git clone https://github.com/bodik/soft-webauthn
cd soft-webauthn
ln -s ../../git_hookprecommit.sh .git/hooks/pre-commit# OPTIONAL, create and activate virtualenv
make venv
. venv/bin/activate# install dependencies
make install-deps# profit
make lint
make test
make coverage
```