- 2017.10.02 - Updated Android RP app to utilize Android 6.0 secure storage
- 2016.10.14 - Added endpoints for whitelisting AAID, and Facet Ids
- 2016.05.20 - Added wiki page for Maven build and Tomcat setup/run (using CLI only)
- 2016.03.28 - Started wiki pages
- 2016.02.23
- 2016.01.16
The main goal is the passwordless authentication experience
- Simple to authenticate using biometrics readings, such as fingerprint
- More secure authentication using the cryptography
- Standardize the messages, and the message exchange sequence
- Standardize the way how biometric authenticators are receiving requests and giving out responses
- Define how cryptography can be used to secure messages that are exchanged
- Identifying all required data that needs to be part of the protocol messages
- Correct implementation of message exchange sequence
- Correct implementation of cryptography sign/verify operations
- Correct implementation of encoding/decoding of the messages
- Number of successful application of the protocol is high
- Number of protocol adaptations in comparing with password authentication is higher
- Number of security bugs equal to zero
The code presented here is divided into three groups:
- fido-uaf-core - UAF protocol implementation
- fidouaf - UAF server, a Jersey service application for demoing UAF protocol implementation use
- RP Client App - Android relying party client app for demoing UAF server
Create .env file with next variables
DB_HOST=localhost
DB_PORT=5432
DB_NAME=fido
DB_USER=fido-user
DB_PASSWORD=p@s$w0rd
Run Docker container
docker run -p 8080:8080
--name fidouaf
--env-file .env
edenlabllc/fidouaf:latest
Build container from root directory with specified version:
docker build --tag fidouaf:{VERSION} \
--file Dockerfile \
.
Create tag
docker tag fidouaf:${VERSION} edenlabllc/fidouaf:${VERSION}
docker tag fidouaf:${VERSION} edenlabllc/fidouaf:latest
Push to Docker hub
docker push edenlabllc/fidouaf
- Build and run the UAF server as described in the Wiki page of the project (https://github.com/eBay/UAF/wiki/BuildingAndRunningUAFServer).
- Build and run the client (fidouafclient).
- Obtain the facetID of the client.
3.1. If the client program is run on an android device, pressing the button labelled "facetID" will display the string representing the facetID of the client program on the screen.
3.2. If the client program is run on an emulator, pressing the button labelled "facetID" will cause the string representing the facetID of the client program to be printed on the IDE console (Logcat). The string can be located by searching for the term "facetID:".
- In the file UAF/fidouaf/src/main/java/org/ebayopensource/fidouaf/res/config.properties, replace the example string representing the facetID of the client program with the value obtained in step 3.
- Set the Server Endpoint on the client by clicking on the settings menu on the upper right corner of the client application, filling in an appropriate IP address and port for the server (e.g., http://192.168.1.34:8080), then clicking on the checkmark to save the settings.
- The client and the server are now ready to be tested.