1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
import os
import pytest
from fido2.server import Fido2Server
@pytest.fixture(autouse=True, scope="module")
def preconditions(dev_manager):
if "credBlob" not in dev_manager.info.extensions:
pytest.skip("CredBlob not supported by authenticator")
def test_read_write(client, ctap2, clear_creds):
rp = {"id": "example.com", "name": "Example RP"}
server = Fido2Server(rp)
user = {"id": b"user_id", "name": "A. User"}
create_options, state = server.register_begin(
user,
resident_key_requirement="required",
user_verification="required",
)
# Create a credential
blob = os.urandom(32)
result = client.make_credential(
{
**create_options["publicKey"],
"extensions": {"credBlob": blob},
}
)
auth_data = server.register_complete(state, result)
credentials = [auth_data.credential_data]
assert auth_data.extensions["credBlob"] is True
request_options, state = server.authenticate_begin(
credentials, user_verification="required"
)
selection = client.get_assertion(
{
**request_options["publicKey"],
"extensions": {"getCredBlob": True},
}
)
result = selection.get_response(0)
assert result.response.authenticator_data.extensions.get("credBlob") == blob
|
