From 9b8340f3e0d49b68cf765b6c982d824c3f89a129 Mon Sep 17 00:00:00 2001 From: devStorm <59678453+developStorm@users.noreply.github.com> Date: Thu, 7 May 2020 02:53:28 -0700 Subject: [PATCH] Black formatted --- app/auth/views/fido.py | 49 +++++++++++++++++------------- app/auth/views/login_utils.py | 2 +- app/auth/views/mfa.py | 6 +++- app/dashboard/views/fido_cancel.py | 4 ++- app/dashboard/views/fido_setup.py | 41 +++++++++++++++---------- 5 files changed, 62 insertions(+), 40 deletions(-) diff --git a/app/auth/views/fido.py b/app/auth/views/fido.py index 170e9fc2..44c3d660 100644 --- a/app/auth/views/fido.py +++ b/app/auth/views/fido.py @@ -40,26 +40,29 @@ def fido(): next_url = request.args.get("next") webauthn_user = webauthn.WebAuthnUser( - user.fido_uuid, user.email, user.name, False, - user.fido_credential_id, user.fido_pk, user.fido_sign_count, RP_ID) + user.fido_uuid, + user.email, + user.name, + False, + user.fido_credential_id, + user.fido_pk, + user.fido_sign_count, + RP_ID, + ) # Handling POST requests if fido_token_form.validate_on_submit(): try: sk_assertion = json.loads(fido_token_form.sk_assertion.data) except Exception as e: - flash('Key verification failed. Error: Invalid Payload', "warning") + flash("Key verification failed. Error: Invalid Payload", "warning") return redirect(url_for("auth.login")) - - challenge = session['fido_challenge'] - credential_id = sk_assertion['id'] + + challenge = session["fido_challenge"] + credential_id = sk_assertion["id"] webauthn_assertion_response = webauthn.WebAuthnAssertionResponse( - webauthn_user, - sk_assertion, - challenge, - SITE_URL, - uv_required=False + webauthn_user, sk_assertion, challenge, SITE_URL, uv_required=False ) is_webauthn_verified = False @@ -67,8 +70,8 @@ def fido(): new_sign_count = webauthn_assertion_response.verify() is_webauthn_verified = True except Exception as e: - LOG.error(f'An error occurred in WebAuthn verification process: {e}') - flash('Key verification failed.', "warning") + LOG.error(f"An error occurred in WebAuthn verification process: {e}") + flash("Key verification failed.", "warning") if is_webauthn_verified: user.fido_sign_count = new_sign_count @@ -88,17 +91,21 @@ def fido(): else: # Verification failed, put else here to make structure clear pass - + # Prepare information for key registration process - session.pop('challenge', None) + session.pop("challenge", None) challenge = secrets.token_urlsafe(32) - - session['fido_challenge'] = challenge.rstrip('=') + + session["fido_challenge"] = challenge.rstrip("=") webauthn_assertion_options = webauthn.WebAuthnAssertionOptions( - webauthn_user, challenge) + webauthn_user, challenge + ) webauthn_assertion_options = webauthn_assertion_options.assertion_dict - return render_template("auth/fido.html", fido_token_form=fido_token_form, - webauthn_assertion_options=webauthn_assertion_options, - enable_otp=user.enable_otp) \ No newline at end of file + return render_template( + "auth/fido.html", + fido_token_form=fido_token_form, + webauthn_assertion_options=webauthn_assertion_options, + enable_otp=user.enable_otp, + ) diff --git a/app/auth/views/login_utils.py b/app/auth/views/login_utils.py index 28e5bcc9..1bbcd8d1 100644 --- a/app/auth/views/login_utils.py +++ b/app/auth/views/login_utils.py @@ -21,7 +21,7 @@ def after_login(user, next_url): if next_url: return redirect(url_for("auth.fido", next_url=next_url)) else: - return redirect(url_for("auth.fido")) + return redirect(url_for("auth.fido")) elif user.enable_otp: session[MFA_USER_ID] = user.id if next_url: diff --git a/app/auth/views/mfa.py b/app/auth/views/mfa.py index a2ff8d3c..efbfe517 100644 --- a/app/auth/views/mfa.py +++ b/app/auth/views/mfa.py @@ -55,4 +55,8 @@ def mfa(): else: flash("Incorrect token", "warning") - return render_template("auth/mfa.html", otp_token_form=otp_token_form, enable_fido=(user.fido_uuid is not None)) + return render_template( + "auth/mfa.html", + otp_token_form=otp_token_form, + enable_fido=(user.fido_uuid is not None), + ) diff --git a/app/dashboard/views/fido_cancel.py b/app/dashboard/views/fido_cancel.py index 44e64f5f..d50b4309 100644 --- a/app/dashboard/views/fido_cancel.py +++ b/app/dashboard/views/fido_cancel.py @@ -34,4 +34,6 @@ def fido_cancel(): else: flash("Incorrect password", "warning") - return render_template("dashboard/fido_cancel.html", password_check_form=password_check_form) + return render_template( + "dashboard/fido_cancel.html", password_check_form=password_check_form + ) diff --git a/app/dashboard/views/fido_setup.py b/app/dashboard/views/fido_setup.py index 0628eb67..0bd90bbe 100644 --- a/app/dashboard/views/fido_setup.py +++ b/app/dashboard/views/fido_setup.py @@ -33,25 +33,26 @@ def fido_setup(): try: sk_assertion = json.loads(fido_token_form.sk_assertion.data) except Exception as e: - flash('Key registration failed. Error: Invalid Payload', "warning") + flash("Key registration failed. Error: Invalid Payload", "warning") return redirect(url_for("dashboard.index")) - - fido_uuid = session['fido_uuid'] - challenge = session['fido_challenge'] + + fido_uuid = session["fido_uuid"] + challenge = session["fido_challenge"] fido_reg_response = webauthn.WebAuthnRegistrationResponse( RP_ID, SITE_URL, sk_assertion, challenge, - trusted_attestation_cert_required = False, - none_attestation_permitted = True) + trusted_attestation_cert_required=False, + none_attestation_permitted=True, + ) try: fido_credential = fido_reg_response.verify() except Exception as e: - LOG.error(f'An error occurred in WebAuthn registration process: {e}') - flash('Key registration failed.', "warning") + LOG.error(f"An error occurred in WebAuthn registration process: {e}") + flash("Key registration failed.", "warning") return redirect(url_for("dashboard.index")) current_user.fido_pk = str(fido_credential.public_key, "utf-8") @@ -63,24 +64,32 @@ def fido_setup(): flash("Security key has been activated", "success") return redirect(url_for("dashboard.index")) - + # Prepare information for key registration process fido_uuid = str(uuid.uuid4()) challenge = secrets.token_urlsafe(32) credential_create_options = webauthn.WebAuthnMakeCredentialOptions( - challenge, 'SimpleLogin', RP_ID, fido_uuid, - current_user.email, current_user.name, False, attestation='none') + challenge, + "SimpleLogin", + RP_ID, + fido_uuid, + current_user.email, + current_user.name, + False, + attestation="none", + ) # Don't think this one should be used, but it's not configurable by arguments # https://www.w3.org/TR/webauthn/#sctn-location-extension registration_dict = credential_create_options.registration_dict - del registration_dict['extensions']['webauthn.loc'] + del registration_dict["extensions"]["webauthn.loc"] - session['fido_uuid'] = fido_uuid - session['fido_challenge'] = challenge.rstrip('=') + session["fido_uuid"] = fido_uuid + session["fido_challenge"] = challenge.rstrip("=") return render_template( - "dashboard/fido_setup.html", fido_token_form=fido_token_form, - credential_create_options=registration_dict + "dashboard/fido_setup.html", + fido_token_form=fido_token_form, + credential_create_options=registration_dict, )