Upgrade to FIDO2 (0.6) and Supporting Windows Hello

mkalioby · May 29, 2019 · 22b5d08 · 22b5d08
1 parent 9569b0c
commit 22b5d08
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 8 deletions.
diff --git a/README.md b/README.md
@@ -7,9 +7,9 @@ Web Authencation API (WebAuthn) is state-of-the art techology that is expected t
 
 ![Andriod Fingerprint](https://cdn-images-1.medium.com/max/800/1*1FWkRE8D7NTA2Kn1DrPjPA.png)
 
-For FIDO2, **security keys**, **Apple's Touch ID (Chrome)** and **android-safetynet** are supported.
+For FIDO2, **security keys**, **Windows Hello**, **Apple's Touch ID (Chrome)** and **android-safetynet** are supported.
 
-In English :), It allows you to verify the user by security keys on PC, Laptops, Touch ID on Macboks (Chrome) and Fingerprint/PIN on Andriod Phones.
+In English :), It allows you to verify the user by security keys on PC, Laptops, Windows Hello (Fingerprint, PIN) on Windows 10 Build 1903 (May 2019 Update) Touch ID on Macbooks (Chrome) and Fingerprint/PIN on Andriod Phones.
 
 Trusted device is a mode for the user to add a device that doesn't support security keys like iOS and andriod without fingerprints or NFC.
 

diff --git a/mfa/FIDO2.py b/mfa/FIDO2.py
@@ -34,11 +34,11 @@ def begin_registeration(request):
     }, getUserCredentials(request.user.username))
     request.session['fido_state'] = state
 
-    return HttpResponse(cbor.dumps(registration_data),content_type='application/octet-stream')
+    return HttpResponse(cbor.encode(registration_data),content_type='application/octet-stream')
 @csrf_exempt
 def complete_reg(request):
     try:
-        data = cbor.loads(request.body)[0]
+        data = cbor.decode(request.body)
 
         client_data = ClientData(data['clientDataJSON'])
         att_obj = AttestationObject((data['attestationObject']))
@@ -79,15 +79,15 @@ def authenticate_begin(request):
     credentials=getUserCredentials(request.session.get("base_username",request.user.username))
     auth_data, state = server.authenticate_begin(credentials)
     request.session['fido_state'] = state
-    return HttpResponse(cbor.dumps(auth_data),content_type="application/octet-stream")
+    return HttpResponse(cbor.encode(auth_data),content_type="application/octet-stream")
 
 @csrf_exempt
 def authenticate_complete(request):
     credentials = []
     username=request.session.get("base_username",request.user.username)
     server=getServer()
     credentials=getUserCredentials(username)
-    data = cbor.loads(request.body)[0]
+    data = cbor.decode(request.body)
     credential_id = data['credentialId']
     client_data = ClientData(data['clientDataJSON'])
     auth_data = AuthenticatorData(data['authenticatorData'])

diff --git a/setup.py b/setup.py
@@ -4,7 +4,7 @@
 
 setup(
     name='django-mfa2',
-    version='1.2.1',
+    version='1.3.0',
     description='Allows user to add 2FA to their accounts',
     long_description=open("README.md").read(),
     long_description_content_type="text/markdown",
@@ -24,7 +24,7 @@
         'ua-parser',
         'user-agents',
         'python-jose',
-        'fido2 == 0.5',
+        'fido2 == 0.6',
         'jsonLookup'
       ],
     python_requires=">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*",