Last active
August 13, 2025 21:30
-
-
Save dzmitry-savitski/b6dabcc3defd54cdde55a3dd7876c466 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # pip install fido2 | |
| import os | |
| from fido2.webauthn import PublicKeyCredentialRequestOptions, UserVerificationRequirement | |
| from fido2.client.windows import WindowsClient | |
| # Try to import the new collector (python-fido2 >= 1.2/2.0) | |
| collector = None | |
| try: | |
| from fido2.client import DefaultClientDataCollector | |
| collector = DefaultClientDataCollector(origin="https://webauthn.io") | |
| except Exception: | |
| collector = None | |
| # Instantiate WindowsClient for both API shapes | |
| if collector is not None: | |
| # New API: pass a ClientDataCollector | |
| client = WindowsClient(client_data_collector=collector) | |
| else: | |
| # Old API: constructor accepted origin directly | |
| client = WindowsClient("https://webauthn.io") | |
| # Build proper WebAuthn options for an assertion (sign-in) | |
| options = PublicKeyCredentialRequestOptions( | |
| challenge=os.urandom(32), | |
| rp_id="webauthn.io", | |
| timeout=15000, # ms | |
| user_verification=UserVerificationRequirement.DISCOURAGED, # we're just probing transport | |
| ) | |
| try: | |
| result = client.get_assertion(options) | |
| # If we got here, transport worked and Windows Security likely popped on the client. | |
| resp = result.get_response(0) # select the first assertion | |
| print("Success. Signature length:", len(resp.signature)) | |
| except Exception as e: | |
| print("GetAssertion failed:", repr(e)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment