dzmitry-savitski

Computer Configuration → Administrative Templates → Windows Components → Remote Desktop Services → Remote Desktop Session Host → Device and Resource Redirection → Do not allow WebAuthn redirection


HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\fDisableWebAuthn

dzmitry-savitski

# pip install fido2
import os
from fido2.webauthn import PublicKeyCredentialRequestOptions, UserVerificationRequirement
from fido2.client.windows import WindowsClient

# Try to import the new collector (python-fido2 >= 1.2/2.0)
collector = None
try:
    from fido2.client import DefaultClientDataCollector
    collector = DefaultClientDataCollector(origin="https://webauthn.io")

dzmitry-savitski

import java.time.Instant
import java.time.format.DateTimeFormatter
import java.util.UUID
import javax.crypto.Mac
import javax.crypto.spec.SecretKeySpec
import org.forgerock.util.encode.Base64

def SECRET = "my-super-secret-key" // 🔐 Replace with real shared secret

String computeSignature(String method, String path, String timestamp, String nonce, String body, String secret) {

dzmitry-savitski

FROM node:18-slim

WORKDIR /app
COPY server.js .

EXPOSE 8080

CMD ["node", "server.js"]

dzmitry-savitski

import { jwtDecrypt } from 'jose';

// Your base64-encoded 256-bit key (should decode to 32 bytes)
const base64Key = 'yourBase64EncodedKeyHere'; // example: "3q2+7w==..."

// Decode base64 to a Uint8Array
const key = Uint8Array.from(Buffer.from(base64Key, 'base64'));

// Your JWE compact token
const token = 'eyJalgIjoiZGlyIiwiZW5jIjoiQTI1NkdDTSJ9..<IV>.<ciphertext>.<tag>';

dzmitry-savitski

import javax.security.auth.login.LoginContext
import javax.security.auth.login.Configuration
import javax.security.auth.callback.*
import com.sun.security.auth.callback.TextCallbackHandler

class PasswordCallbackHandler implements CallbackHandler {
    private String username
    private String password

    PasswordCallbackHandler(String username, String password) {

dzmitry-savitski

import javax.net.ssl.*
import java.security.KeyStore
import java.io.*
import java.net.URL

// --- Configuration ---
def apiUrl = "https://<pvwa-url>/AIMWebService/api/Accounts"
def appId = "MyAppID"
def safe = "MySafe"
def objectName = "MyAccount"

dzmitry-savitski

    const browser = await puppeteer.launch({ headless: false });
    const page = await browser.newPage();

    let openedAt = null;
    let redirectedAt = null;
    let endedAt = null;

    // Promise to track when a redirect happens
    let redirectPromise = new Promise(resolve => {
        page.on('response', response => {

dzmitry-savitski

import requests
import hashlib
import base64
import time
import urllib.parse

# Configuration
CLIENT_ID = 'your_client_id'
AUTHORIZATION_SERVER = 'https://authorization-server.com'
DEVICE_CODE_URL = f'{AUTHORIZATION_SERVER}/oauth/device/code'

dzmitry-savitski

https://github.com/ymartin59/java-kerberos-sfudemo/blob/df1f7dfd4801b06f1debc923e1cce4416ec02a7c/src/main/java/sfudemo/KerberosDemo.java#L154