from fido2.server import Fido2Server from fido2.webauthn import (PublicKeyCredentialRpEntity, PublicKeyCredentialUserEntity, PublicKeyCredentialParameters, PublicKeyCredentialCreationOptions) from fido2.client import Fido2Client from fido2.hid import CtapHidDevice import os # Setup the relying party (RP) entity rp = PublicKeyCredentialRpEntity("auth.eggtech.net", "Example RP") # Setup the user entity user = PublicKeyCredentialUserEntity( id=b'user_id', # User ID as bytes name="user@example.com", display_name="User Display Name" ) # Define the public key credential parameters cred_params = [ PublicKeyCredentialParameters("public-key", -7), # ES256 PublicKeyCredentialParameters("public-key", -257) # RS256 ] # FIDO2 Server setup server = Fido2Server(rp) # Generate a random challenge challenge = os.urandom(32) # Manually create the PublicKeyCredentialCreationOptions options = PublicKeyCredentialCreationOptions( rp=rp, user=user, challenge=challenge, pub_key_cred_params=cred_params ) # Start the registration process (adjust this method if needed) registration_data, state = server.register_begin( user=user, challenge=challenge ) # Assuming the device is the first one connected device = next(CtapHidDevice.list_devices(), None) if device is None: raise ValueError("No FIDO device found") # Client instance for the device client = Fido2Client(device, "auth.eggtech.net") # Use the manual options we created for make_credential attestation_object, client_data = client.make_credential(options) # Finalize the registration to validate the response and store the credentials auth_data = server.register_complete(state, client_data, attestation_object)