Code Monkey home page Code Monkey logo

u2fval's Introduction

Yubico U2F Validation Server

The Yubico U2F Validation Server (u2fval) is a server that provides U2F registration and authentication through a simple JSON based REST API.

Installation

u2flib-server is installable by one of three means

  1. via pip

  2. via git

  3. via python setup.py

Installation via pip

Run

pip install u2fval

Alternatively, you can run:

pip install u2fval-<version>.tar.gz

Where the .tar.gz file is a source release of the project.

Installation via git

  • Run these commands to check out the source code:

    git clone https://github.com/Yubico/u2fval.git
cd u2fval
git submodule init
git submodule update

  • Build a source release tar ball by running:

    python setup.py sdist

The resulting build will be created in the dist/ subdirectory.

Installation via python setup.py

You can install directly from the git checkout by running the following commands:

python setup.py install

Configuration

Configuration is kept in /etc/yubico/u2fval/u2fval.conf, see the default configuration file for more information (also available in the conf/ directory of any source release of this project).

The Yubico U2F Validation Server needs an SQL database to work. Optionally a memcached server can be used to store transient data which doesn’t need to be persisted to the database (if not available this data will be stored in the main database). The default configuration uses an in-memory SQLite3 database which you probably want to change to something like

SQLALCHEMY_DATABASE_URI = 'sqlite:////etc/yubico/u2fval/u2fval.db'

Once the configuration file has been configured with database credentials, the database can be initialized by running the following command:

u2fval db init

API Clients

To be able to use the server, a client needs to be created. This is done using the u2fval client create command. For example:

u2fval client create example \
  https://example.com/app-identity.json \
  https://example.com

See u2fval client create --help for more information.

Authenticating Clients

Each client request needs to be authenticated. This authentication is outside of the scope of the Yubico U2F Validation Server and can be handled by the webserver or some WSGI middleware. Once authenticated, the client name should be set in the REMOTE_USER server environment variable.

Deployment

The server can either be run standalone (intended for testing purposes) using the u2fval run command, or be hosted by any WSGI capable web server, such as Apache with mod_wsgi enabled.

Accessing the Server

Once the server is set up and at least one client has been created, the client can access the server via the REST API. Find the API documentation in the doc/ directory.

u2fval's People

Contributors

dainnilsson avatar minisu avatar moreati avatar tanji avatar

Watchers

avatar avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.