Jonathan Street: Updating FIDO U2F to WebAuthn :
by:
blow post content copied from Planet Python
click here to view original post
Back in 2018 I published a post on adding support for FIDO U2F second factor authentication to a flask application. At the time, FIDO U2F was a relatively new technology and, based in part on its development, work had already begun on a new standard. The Web Authentication (WebAuthn) proposal had been published as a draft in 2016 and reached the recommendation standard by 2019.
I recently revisited a project that included FIDO U2F support and realised that the packages I used in the original post were no longer supported with WebAuthn recommended as the successor.
When first searching for alternative packages I found this site and the associated python package. I then paired this with SimpleWebAuthn on the frontend. Unfortunately I was only able to get registering the device to work with this combination and the actual authentication failed.
A major driver between the switch from FIDO U2F to WebAuthn has been a desire to support alternative devices such as the fingerprint scanners on many laptops and phones. Although the demo on webauthn.io works with my device I was unable to create a working implementation. I suspect I may simply have some incompatible settings but I switched to the FIDO2 server implementation from Yubico and quickly had a working solution.
The code created in the original blog post has now been updated and can be found in the github repository.
January 22, 2023 at 02:49AM
Click here for more details...
=============================
The original post is available in Planet Python by
this post has been published as it is through automation. Automation script brings all the top bloggers post under a single umbrella.
The purpose of this blog, Follow the top Salesforce bloggers and collect all blogs in a single place through automation.
============================
Post a Comment