├── .gitignore
├── LICENSE
├── README.md
├── app
    ├── .gitignore
    ├── build.gradle
    ├── keystore.jks
    ├── proguard-rules.pro
    └── src
    │   └── main
    │       ├── AndroidManifest.xml
    │       ├── ic_launcher-web.png
    │       ├── java
    │           └── com
    │           │   └── entersekt
    │           │       └── fido2
    │           │           └── MainActivity.kt
    │       └── res
    │           ├── drawable
    │               └── ic_launcher_foreground.xml
    │           ├── layout
    │               └── activity_main.xml
    │           ├── mipmap-anydpi-v26
    │               ├── ic_launcher.xml
    │               └── ic_launcher_round.xml
    │           ├── mipmap-hdpi
    │               ├── ic_launcher.png
    │               └── ic_launcher_round.png
    │           ├── mipmap-mdpi
    │               ├── ic_launcher.png
    │               └── ic_launcher_round.png
    │           ├── mipmap-xhdpi
    │               ├── ic_launcher.png
    │               └── ic_launcher_round.png
    │           ├── mipmap-xxhdpi
    │               ├── ic_launcher.png
    │               └── ic_launcher_round.png
    │           ├── mipmap-xxxhdpi
    │               ├── ic_launcher.png
    │               └── ic_launcher_round.png
    │           └── values
    │               ├── colors.xml
    │               ├── ic_launcher_background.xml
    │               ├── strings.xml
    │               └── styles.xml
├── build.gradle
├── gradle.properties
├── gradle
    └── wrapper
    │   ├── gradle-wrapper.jar
    │   └── gradle-wrapper.properties
├── gradlew
├── gradlew.bat
├── scripts
    └── get_cert_fingerprint.sh
├── settings.gradle
└── web
    ├── .gitignore
    ├── firebase.json
    └── public
        └── .well-known
            └── assetlinks.json


/.gitignore:
--------------------------------------------------------------------------------
 1 | *.iml
 2 | .gradle
 3 | /local.properties
 4 | /.idea
 5 | .DS_Store
 6 | /build
 7 | /captures
 8 | .externalNativeBuild
 9 | 
10 | .settings
11 | .project
12 | .classpath


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
  1 |                                  Apache License
  2 |                            Version 2.0, January 2004
  3 |                         http://www.apache.org/licenses/
  4 | 
  5 |    TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
  6 | 
  7 |    1. Definitions.
  8 | 
  9 |       "License" shall mean the terms and conditions for use, reproduction,
 10 |       and distribution as defined by Sections 1 through 9 of this document.
 11 | 
 12 |       "Licensor" shall mean the copyright owner or entity authorized by
 13 |       the copyright owner that is granting the License.
 14 | 
 15 |       "Legal Entity" shall mean the union of the acting entity and all
 16 |       other entities that control, are controlled by, or are under common
 17 |       control with that entity. For the purposes of this definition,
 18 |       "control" means (i) the power, direct or indirect, to cause the
 19 |       direction or management of such entity, whether by contract or
 20 |       otherwise, or (ii) ownership of fifty percent (50%) or more of the
 21 |       outstanding shares, or (iii) beneficial ownership of such entity.
 22 | 
 23 |       "You" (or "Your") shall mean an individual or Legal Entity
 24 |       exercising permissions granted by this License.
 25 | 
 26 |       "Source" form shall mean the preferred form for making modifications,
 27 |       including but not limited to software source code, documentation
 28 |       source, and configuration files.
 29 | 
 30 |       "Object" form shall mean any form resulting from mechanical
 31 |       transformation or translation of a Source form, including but
 32 |       not limited to compiled object code, generated documentation,
 33 |       and conversions to other media types.
 34 | 
 35 |       "Work" shall mean the work of authorship, whether in Source or
 36 |       Object form, made available under the License, as indicated by a
 37 |       copyright notice that is included in or attached to the work
 38 |       (an example is provided in the Appendix below).
 39 | 
 40 |       "Derivative Works" shall mean any work, whether in Source or Object
 41 |       form, that is based on (or derived from) the Work and for which the
 42 |       editorial revisions, annotations, elaborations, or other modifications
 43 |       represent, as a whole, an original work of authorship. For the purposes
 44 |       of this License, Derivative Works shall not include works that remain
 45 |       separable from, or merely link (or bind by name) to the interfaces of,
 46 |       the Work and Derivative Works thereof.
 47 | 
 48 |       "Contribution" shall mean any work of authorship, including
 49 |       the original version of the Work and any modifications or additions
 50 |       to that Work or Derivative Works thereof, that is intentionally
 51 |       submitted to Licensor for inclusion in the Work by the copyright owner
 52 |       or by an individual or Legal Entity authorized to submit on behalf of
 53 |       the copyright owner. For the purposes of this definition, "submitted"
 54 |       means any form of electronic, verbal, or written communication sent
 55 |       to the Licensor or its representatives, including but not limited to
 56 |       communication on electronic mailing lists, source code control systems,
 57 |       and issue tracking systems that are managed by, or on behalf of, the
 58 |       Licensor for the purpose of discussing and improving the Work, but
 59 |       excluding communication that is conspicuously marked or otherwise
 60 |       designated in writing by the copyright owner as "Not a Contribution."
 61 | 
 62 |       "Contributor" shall mean Licensor and any individual or Legal Entity
 63 |       on behalf of whom a Contribution has been received by Licensor and
 64 |       subsequently incorporated within the Work.
 65 | 
 66 |    2. Grant of Copyright License. Subject to the terms and conditions of
 67 |       this License, each Contributor hereby grants to You a perpetual,
 68 |       worldwide, non-exclusive, no-charge, royalty-free, irrevocable
 69 |       copyright license to reproduce, prepare Derivative Works of,
 70 |       publicly display, publicly perform, sublicense, and distribute the
 71 |       Work and such Derivative Works in Source or Object form.
 72 | 
 73 |    3. Grant of Patent License. Subject to the terms and conditions of
 74 |       this License, each Contributor hereby grants to You a perpetual,
 75 |       worldwide, non-exclusive, no-charge, royalty-free, irrevocable
 76 |       (except as stated in this section) patent license to make, have made,
 77 |       use, offer to sell, sell, import, and otherwise transfer the Work,
 78 |       where such license applies only to those patent claims licensable
 79 |       by such Contributor that are necessarily infringed by their
 80 |       Contribution(s) alone or by combination of their Contribution(s)
 81 |       with the Work to which such Contribution(s) was submitted. If You
 82 |       institute patent litigation against any entity (including a
 83 |       cross-claim or counterclaim in a lawsuit) alleging that the Work
 84 |       or a Contribution incorporated within the Work constitutes direct
 85 |       or contributory patent infringement, then any patent licenses
 86 |       granted to You under this License for that Work shall terminate
 87 |       as of the date such litigation is filed.
 88 | 
 89 |    4. Redistribution. You may reproduce and distribute copies of the
 90 |       Work or Derivative Works thereof in any medium, with or without
 91 |       modifications, and in Source or Object form, provided that You
 92 |       meet the following conditions:
 93 | 
 94 |       (a) You must give any other recipients of the Work or
 95 |           Derivative Works a copy of this License; and
 96 | 
 97 |       (b) You must cause any modified files to carry prominent notices
 98 |           stating that You changed the files; and
 99 | 
100 |       (c) You must retain, in the Source form of any Derivative Works
101 |           that You distribute, all copyright, patent, trademark, and
102 |           attribution notices from the Source form of the Work,
103 |           excluding those notices that do not pertain to any part of
104 |           the Derivative Works; and
105 | 
106 |       (d) If the Work includes a "NOTICE" text file as part of its
107 |           distribution, then any Derivative Works that You distribute must
108 |           include a readable copy of the attribution notices contained
109 |           within such NOTICE file, excluding those notices that do not
110 |           pertain to any part of the Derivative Works, in at least one
111 |           of the following places: within a NOTICE text file distributed
112 |           as part of the Derivative Works; within the Source form or
113 |           documentation, if provided along with the Derivative Works; or,
114 |           within a display generated by the Derivative Works, if and
115 |           wherever such third-party notices normally appear. The contents
116 |           of the NOTICE file are for informational purposes only and
117 |           do not modify the License. You may add Your own attribution
118 |           notices within Derivative Works that You distribute, alongside
119 |           or as an addendum to the NOTICE text from the Work, provided
120 |           that such additional attribution notices cannot be construed
121 |           as modifying the License.
122 | 
123 |       You may add Your own copyright statement to Your modifications and
124 |       may provide additional or different license terms and conditions
125 |       for use, reproduction, or distribution of Your modifications, or
126 |       for any such Derivative Works as a whole, provided Your use,
127 |       reproduction, and distribution of the Work otherwise complies with
128 |       the conditions stated in this License.
129 | 
130 |    5. Submission of Contributions. Unless You explicitly state otherwise,
131 |       any Contribution intentionally submitted for inclusion in the Work
132 |       by You to the Licensor shall be under the terms and conditions of
133 |       this License, without any additional terms or conditions.
134 |       Notwithstanding the above, nothing herein shall supersede or modify
135 |       the terms of any separate license agreement you may have executed
136 |       with Licensor regarding such Contributions.
137 | 
138 |    6. Trademarks. This License does not grant permission to use the trade
139 |       names, trademarks, service marks, or product names of the Licensor,
140 |       except as required for reasonable and customary use in describing the
141 |       origin of the Work and reproducing the content of the NOTICE file.
142 | 
143 |    7. Disclaimer of Warranty. Unless required by applicable law or
144 |       agreed to in writing, Licensor provides the Work (and each
145 |       Contributor provides its Contributions) on an "AS IS" BASIS,
146 |       WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147 |       implied, including, without limitation, any warranties or conditions
148 |       of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149 |       PARTICULAR PURPOSE. You are solely responsible for determining the
150 |       appropriateness of using or redistributing the Work and assume any
151 |       risks associated with Your exercise of permissions under this License.
152 | 
153 |    8. Limitation of Liability. In no event and under no legal theory,
154 |       whether in tort (including negligence), contract, or otherwise,
155 |       unless required by applicable law (such as deliberate and grossly
156 |       negligent acts) or agreed to in writing, shall any Contributor be
157 |       liable to You for damages, including any direct, indirect, special,
158 |       incidental, or consequential damages of any character arising as a
159 |       result of this License or out of the use or inability to use the
160 |       Work (including but not limited to damages for loss of goodwill,
161 |       work stoppage, computer failure or malfunction, or any and all
162 |       other commercial damages or losses), even if such Contributor
163 |       has been advised of the possibility of such damages.
164 | 
165 |    9. Accepting Warranty or Additional Liability. While redistributing
166 |       the Work or Derivative Works thereof, You may choose to offer,
167 |       and charge a fee for, acceptance of support, warranty, indemnity,
168 |       or other liability obligations and/or rights consistent with this
169 |       License. However, in accepting such obligations, You may act only
170 |       on Your own behalf and on Your sole responsibility, not on behalf
171 |       of any other Contributor, and only if You agree to indemnify,
172 |       defend, and hold each Contributor harmless for any liability
173 |       incurred by, or claims asserted against, such Contributor by reason
174 |       of your accepting any such warranty or additional liability.
175 | 
176 |    END OF TERMS AND CONDITIONS
177 | 
178 |    APPENDIX: How to apply the Apache License to your work.
179 | 
180 |       To apply the Apache License to your work, attach the following
181 |       boilerplate notice, with the fields enclosed by brackets "[]"
182 |       replaced with your own identifying information. (Don't include
183 |       the brackets!)  The text should be enclosed in the appropriate
184 |       comment syntax for the file format. We also recommend that a
185 |       file or class name and description of purpose be included on the
186 |       same "printed page" as the copyright notice for easier
187 |       identification within third-party archives.
188 | 
189 |    Copyright [yyyy] [name of copyright owner]
190 | 
191 |    Licensed under the Apache License, Version 2.0 (the "License");
192 |    you may not use this file except in compliance with the License.
193 |    You may obtain a copy of the License at
194 | 
195 |        http://www.apache.org/licenses/LICENSE-2.0
196 | 
197 |    Unless required by applicable law or agreed to in writing, software
198 |    distributed under the License is distributed on an "AS IS" BASIS,
199 |    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200 |    See the License for the specific language governing permissions and
201 |    limitations under the License.
202 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Android Fido2 Api Demo
 2 | 
 3 | > Google has released [offical docs][8] and a [sample project][9]
 4 | 
 5 | > Google released a [codelab][10]
 6 | 
 7 | This project uses `com.google.android.gms:play-services-fido`'s [Fido2ApiClient][1] to register a credential and also
 8 | sign a challenge.
 9 | 
10 | It demonstrates the Fido2 Api with hardcoded values and is `NOT` a full example that gets requests from a server
11 | 
12 | It also does not validate any of the responses, as that would be done server side
13 | 
14 | Just run the app and tap the `Register Fido2` button. It will display the results on the app and in the logs.
15 | 
16 | Then you can tap the `Sign Fido2` button, and the Fido2 api will be used to sign a challenge with the key that was just
17 | generated
18 | 
19 | As long as you do not change the Relying Party ID (in [PublicKeyCredentialRpEntity][2]), the signing key or the package
20 | name, the app should just work
21 | 
22 | ## Relying Party ID
23 | 
24 | According to the Web Authentication [spec][3] the relying party id is:
25 | 
26 | > A valid domain string that identifies the WebAuthn Relying Party on whose behalf a given registration or
27 | > authentication ceremony is being performed. A public key credential can only be used for authentication with the same
28 | > entity (as identified by RP ID) it was registered with.
29 | 
30 | According to [MakeCredentialOptions.Builder][7], Very hard to find, kind of hidden under `Public Methods` and then `setRp`:
31 | 
32 | > Note: the RpId should be an effective domain (aka, without scheme or port); and it should also be in secure context
33 | > (aka https connection). Apps-facing API needs to check the package signature against Digital Asset Links, whose resource
34 | > is the RP ID with prepended "//". Privileged (browser) API doesn't need the check.
35 | 
36 | So for Android apps you need to host an `assetlinks.json` file on `https://<rp_id>/.well-known/assetlinks.json` to allow
37 | it to use the Fido2 apis for that domain.
38 | 
39 | For this sample app I have set the RP ID to `strategics-fido2.firebaseapp.com` and I am hosting this `assetlinks.json`:
40 | 
41 | ```json
42 | [
43 |   {
44 |     "relation": ["delegate_permission/common.handle_all_urls","delegate_permission/common.get_login_creds"],
45 |     "target": {
46 |       "namespace": "android_app",
47 |       "package_name": "com.entersekt.fido2",
48 |       "sha256_cert_fingerprints": [
49 |         "C5:8B:E3:9B:36:B3:67:12:D7:0C:DA:C5:9D:65:2A:FC:43:9B:AE:1B:76:C9:7D:A1:7E:69:2B:7A:15:AB:27:96"
50 |       ]
51 |     }
52 |   }
53 | ]
54 | ```
55 | 
56 | on <https://strategics-fido2.firebaseapp.com/.well-known/assetlinks.json> where:
57 | 
58 | `package_name` matches the `applicationId` in my `build.gradle` and the `sha256_cert_fingerprints` matches the
59 | fingerprint of my signing key. This can be found by running the [get_cert_fingerprint.sh script included in this project][4]
60 | 
61 | ## Hosting assetlinks.json
62 | 
63 | If you want to host your own assetlinks.json for a test, there is a firebase hosting project included in the [web][5] folder
64 | 
65 | You need to have a firebase project set up that you can deploy this site to first. When that is done, go to the `web` folder and run:
66 | 
67 | ```console
68 | firebase deploy --only hosting
69 | ```
70 | 
71 | You should now have the local [assetlinks.json][6] hosted on `https://<firebase-project-id>.firebaseapp.com/.well-known/assetlinks.json`
72 | and just need to set your RP ID to `<firebase-project-id>.firebaseapp.com`
73 | 
74 | [1]: https://developers.google.com/android/reference/com/google/android/gms/fido/fido2/Fido2ApiClient
75 | [2]: https://developers.google.com/android/reference/com/google/android/gms/fido/fido2/api/common/PublicKeyCredentialRpEntity
76 | [3]: https://www.w3.org/TR/webauthn/#relying-party-identifier
77 | [4]: ./scripts/get_cert_fingerprint.sh
78 | [5]: ./web
79 | [6]: ./web/public/.well-known/assetlinks.json
80 | [7]: https://developers.google.com/android/reference/com/google/android/gms/fido/fido2/api/common/MakeCredentialOptions.Builder
81 | [8]: https://developers.google.com/identity/fido/android/native-apps
82 | [9]: https://github.com/googlesamples/android-fido
83 | [10]: https://codelabs.developers.google.com/codelabs/fido2-for-android/#0
84 | 


--------------------------------------------------------------------------------
/app/.gitignore:
--------------------------------------------------------------------------------
1 | /build
2 | 


--------------------------------------------------------------------------------
/app/build.gradle:
--------------------------------------------------------------------------------
 1 | apply plugin: 'com.android.application'
 2 | apply plugin: 'kotlin-android'
 3 | apply plugin: 'kotlin-android-extensions'
 4 | 
 5 | android {
 6 |     compileSdkVersion 28
 7 |     defaultConfig {
 8 |         applicationId "com.entersekt.fido2"
 9 |         minSdkVersion 21
10 |         targetSdkVersion 28
11 |         versionCode 1
12 |         versionName "1.0"
13 |     }
14 |     signingConfigs {
15 |         release {
16 |             storeFile file("keystore.jks")
17 |             storePassword "fido2password"
18 |             keyAlias "fido2"
19 |             keyPassword "fido2password"
20 |         }
21 |     }
22 |     buildTypes {
23 |         release {
24 |             shrinkResources true
25 |             minifyEnabled true
26 |             proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
27 |             signingConfig signingConfigs.release
28 |         }
29 |         debug {
30 |             signingConfig signingConfigs.release
31 |         }
32 |     }
33 |     compileOptions {
34 |         encoding "UTF-8"
35 |         sourceCompatibility JavaVersion.VERSION_1_8
36 |         targetCompatibility JavaVersion.VERSION_1_8
37 |     }
38 | }
39 | 
40 | dependencies {
41 |     implementation"org.jetbrains.kotlin:kotlin-stdlib-jdk7:$kotlin_version"
42 | 
43 |     implementation 'androidx.appcompat:appcompat:1.0.2'
44 |     implementation 'androidx.core:core-ktx:1.0.1'
45 |     implementation 'androidx.constraintlayout:constraintlayout:1.1.3'
46 | 
47 |     implementation 'com.google.android.gms:play-services-fido:17.0.0'
48 | }
49 | 


--------------------------------------------------------------------------------
/app/keystore.jks:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jedrivisser/fido2-android-api-demo/01f7aa0cd5ef5bf2ced3101f1762becba98016d4/app/keystore.jks


--------------------------------------------------------------------------------
/app/proguard-rules.pro:
--------------------------------------------------------------------------------
 1 | # Add project specific ProGuard rules here.
 2 | # You can control the set of applied configuration files using the
 3 | # proguardFiles setting in build.gradle.
 4 | #
 5 | # For more details, see
 6 | #   http://developer.android.com/guide/developing/tools/proguard.html
 7 | 
 8 | # If your project uses WebView with JS, uncomment the following
 9 | # and specify the fully qualified class name to the JavaScript interface
10 | # class:
11 | #-keepclassmembers class fqcn.of.javascript.interface.for.webview {
12 | #   public *;
13 | #}
14 | 
15 | # Uncomment this to preserve the line number information for
16 | # debugging stack traces.
17 | #-keepattributes SourceFile,LineNumberTable
18 | 
19 | # If you keep the line number information, uncomment this to
20 | # hide the original source file name.
21 | #-renamesourcefileattribute SourceFile
22 | 


--------------------------------------------------------------------------------
/app/src/main/AndroidManifest.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <manifest xmlns:android="http://schemas.android.com/apk/res/android"
 3 |           xmlns:tools="http://schemas.android.com/tools" package="com.entersekt.fido2">
 4 |     <application
 5 |             android:allowBackup="true"
 6 |             android:icon="@mipmap/ic_launcher"
 7 |             android:label="@string/app_name"
 8 |             android:roundIcon="@mipmap/ic_launcher_round"
 9 |             android:supportsRtl="true"
10 |             android:theme="@style/AppTheme" tools:ignore="AllowBackup,GoogleAppIndexingWarning">
11 |         <activity android:name=".MainActivity">
12 |             <intent-filter>
13 |                 <action android:name="android.intent.action.MAIN"/>
14 |                 <category android:name="android.intent.category.LAUNCHER"/>
15 |             </intent-filter>
16 |         </activity>
17 |     </application>
18 | </manifest>


--------------------------------------------------------------------------------
/app/src/main/ic_launcher-web.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jedrivisser/fido2-android-api-demo/01f7aa0cd5ef5bf2ced3101f1762becba98016d4/app/src/main/ic_launcher-web.png


--------------------------------------------------------------------------------
/app/src/main/java/com/entersekt/fido2/MainActivity.kt:
--------------------------------------------------------------------------------
  1 | package com.entersekt.fido2
  2 | 
  3 | import android.content.Intent
  4 | import android.content.IntentSender
  5 | import android.os.Bundle
  6 | import android.preference.PreferenceManager
  7 | import android.util.Base64
  8 | import android.util.Log
  9 | import androidx.appcompat.app.AppCompatActivity
 10 | import androidx.core.content.edit
 11 | import com.google.android.gms.fido.Fido
 12 | import com.google.android.gms.fido.fido2.api.common.*
 13 | import kotlinx.android.synthetic.main.activity_main.*
 14 | import java.security.SecureRandom
 15 | 
 16 | 
 17 | class MainActivity : AppCompatActivity() {
 18 |     companion object {
 19 |         private const val LOG_TAG = "Fido2Demo"
 20 |         private const val REQUEST_CODE_REGISTER = 1
 21 |         private const val REQUEST_CODE_SIGN = 2
 22 |         private const val KEY_HANDLE_PREF = "key_handle"
 23 |     }
 24 | 
 25 |     override fun onCreate(savedInstanceState: Bundle?) {
 26 |         super.onCreate(savedInstanceState)
 27 |         setContentView(R.layout.activity_main)
 28 | 
 29 |         registerFido2Button.setOnClickListener { registerFido2() }
 30 |         signFido2Button.setOnClickListener { signFido2() }
 31 |         signFido2Button.isEnabled = loadKeyHandle() != null
 32 |     }
 33 | 
 34 |     override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
 35 |         super.onActivityResult(requestCode, resultCode, data)
 36 |         Log.d(LOG_TAG, "onActivityResult - requestCode: $requestCode, resultCode: $resultCode")
 37 | 
 38 |         when (resultCode) {
 39 |             RESULT_OK -> {
 40 |                 data?.let {
 41 |                     if (it.hasExtra(Fido.FIDO2_KEY_ERROR_EXTRA)) {
 42 |                         handleErrorResponse(data.getByteArrayExtra(Fido.FIDO2_KEY_ERROR_EXTRA))
 43 |                     } else if (it.hasExtra(Fido.FIDO2_KEY_RESPONSE_EXTRA)) {
 44 |                         val fido2Response = data.getByteArrayExtra(Fido.FIDO2_KEY_RESPONSE_EXTRA)
 45 |                         when (requestCode) {
 46 |                             REQUEST_CODE_REGISTER -> handleRegisterResponse(fido2Response)
 47 |                             REQUEST_CODE_SIGN -> handleSignResponse(fido2Response)
 48 |                         }
 49 |                     }
 50 |                 }
 51 |             }
 52 |             RESULT_CANCELED -> {
 53 |                 val result = "Operation is cancelled"
 54 |                 resultText.text = result
 55 |                 Log.d(LOG_TAG, result)
 56 |             }
 57 |             else -> {
 58 |                 val result = "Operation failed, with resultCode: $resultCode"
 59 |                 resultText.text = result
 60 |                 Log.e(LOG_TAG, result)
 61 |             }
 62 |         }
 63 |     }
 64 | 
 65 |     private fun registerFido2() {
 66 |         // All the option parameters should come from the Relying Party / server
 67 |         val options = PublicKeyCredentialCreationOptions.Builder()
 68 |             .setRp(PublicKeyCredentialRpEntity("strategics-fido2.firebaseapp.com", "Fido2Demo", null))
 69 |             .setUser(
 70 |                 PublicKeyCredentialUserEntity(
 71 |                     "demo@example.com".toByteArray(),
 72 |                     "demo@example.com",
 73 |                     null,
 74 |                     "Demo User"
 75 |                 )
 76 |             )
 77 |             .setChallenge(challenge())
 78 |             .setParameters(
 79 |                 listOf(
 80 |                     PublicKeyCredentialParameters(
 81 |                         PublicKeyCredentialType.PUBLIC_KEY.toString(),
 82 |                         EC2Algorithm.ES256.algoValue
 83 |                     )
 84 |                 )
 85 |             )
 86 |             .build()
 87 | 
 88 |         val fido2ApiClient = Fido.getFido2ApiClient(applicationContext)
 89 |         val fido2PendingIntentTask = fido2ApiClient.getRegisterIntent(options)
 90 |         fido2PendingIntentTask.addOnSuccessListener { fido2PendingIntent ->
 91 |             if (fido2PendingIntent.hasPendingIntent()) {
 92 |                 try {
 93 |                     Log.d(LOG_TAG, "launching Fido2 Pending Intent")
 94 |                     fido2PendingIntent.launchPendingIntent(this@MainActivity, REQUEST_CODE_REGISTER)
 95 |                 } catch (e: IntentSender.SendIntentException) {
 96 |                     e.printStackTrace()
 97 |                 }
 98 |             }
 99 |         }
100 |     }
101 | 
102 |     private fun signFido2() {
103 |         // All the option parameters should come from the Relying Party / server
104 |         val options = PublicKeyCredentialRequestOptions.Builder()
105 |             .setRpId("strategics-fido2.firebaseapp.com")
106 |             .setAllowList(
107 |                 listOf(
108 |                     PublicKeyCredentialDescriptor(
109 |                         PublicKeyCredentialType.PUBLIC_KEY.toString(),
110 |                         loadKeyHandle(),
111 |                         null
112 |                     )
113 |                 )
114 |             )
115 |             .setChallenge(challenge())
116 |             .build()
117 | 
118 |         val fido2ApiClient = Fido.getFido2ApiClient(applicationContext)
119 |         val fido2PendingIntentTask = fido2ApiClient.getSignIntent(options)
120 |         fido2PendingIntentTask.addOnSuccessListener { fido2PendingIntent ->
121 |             if (fido2PendingIntent.hasPendingIntent()) {
122 |                 try {
123 |                     Log.d(LOG_TAG, "launching Fido2 Pending Intent")
124 |                     fido2PendingIntent.launchPendingIntent(this@MainActivity, REQUEST_CODE_SIGN)
125 |                 } catch (e: IntentSender.SendIntentException) {
126 |                     e.printStackTrace()
127 |                 }
128 |             }
129 |         }
130 |     }
131 | 
132 |     private fun handleErrorResponse(errorBytes: ByteArray) {
133 |         val authenticatorErrorResponse = AuthenticatorErrorResponse.deserializeFromBytes(errorBytes)
134 |         val errorName = authenticatorErrorResponse.errorCode.name
135 |         val errorMessage = authenticatorErrorResponse.errorMessage
136 | 
137 |         Log.e(LOG_TAG, "errorCode.name: $errorName")
138 |         Log.e(LOG_TAG, "errorMessage: $errorMessage")
139 | 
140 |         val registerFidoResult = "An Error Ocurred\n\nError Name:\n$errorName\n\nError Message:\n$errorMessage"
141 |         resultText.text = registerFidoResult
142 |     }
143 | 
144 |     /**
145 |      * The response should be sent to the Relying Party / server to validate and store
146 |      */
147 |     private fun handleRegisterResponse(fido2Response: ByteArray) {
148 |         val response = AuthenticatorAttestationResponse.deserializeFromBytes(fido2Response)
149 |         val keyHandleBase64 = Base64.encodeToString(response.keyHandle, Base64.DEFAULT)
150 |         val clientDataJson = String(response.clientDataJSON, Charsets.UTF_8)
151 |         val attestationObjectBase64 = Base64.encodeToString(response.attestationObject, Base64.DEFAULT)
152 | 
153 |         storeKeyHandle(response.keyHandle)
154 |         signFido2Button.isEnabled = true
155 | 
156 |         Log.d(LOG_TAG, "keyHandleBase64: $keyHandleBase64")
157 |         Log.d(LOG_TAG, "clientDataJSON: $clientDataJson")
158 |         Log.d(LOG_TAG, "attestationObjectBase64: $attestationObjectBase64")
159 | 
160 |         val registerFido2Result = "Authenticator Attestation Response\n\n" +
161 |                 "keyHandleBase64:\n" +
162 |                 "$keyHandleBase64\n\n" +
163 |                 "clientDataJSON:\n" +
164 |                 "$clientDataJson\n\n" +
165 |                 "attestationObjectBase64:\n" +
166 |                 "$attestationObjectBase64\n"
167 | 
168 |         resultText.text = registerFido2Result
169 |     }
170 | 
171 |     /**
172 |      * The response should be sent to the Relying Party / server to validate
173 |      */
174 |     private fun handleSignResponse(fido2Response: ByteArray) {
175 |         val response = AuthenticatorAssertionResponse.deserializeFromBytes(fido2Response)
176 |         val keyHandleBase64 = Base64.encodeToString(response.keyHandle, Base64.DEFAULT)
177 |         val clientDataJson = String(response.clientDataJSON, Charsets.UTF_8)
178 |         val authenticatorDataBase64 = Base64.encodeToString(response.authenticatorData, Base64.DEFAULT)
179 |         val signatureBase64 = Base64.encodeToString(response.signature, Base64.DEFAULT)
180 | 
181 |         Log.d(LOG_TAG, "keyHandleBase64: $keyHandleBase64")
182 |         Log.d(LOG_TAG, "clientDataJSON: $clientDataJson")
183 |         Log.d(LOG_TAG, "authenticatorDataBase64: $authenticatorDataBase64")
184 |         Log.d(LOG_TAG, "signatureBase64: $signatureBase64")
185 | 
186 |         val signFido2Result = "Authenticator Assertion Response\n\n" +
187 |                 "keyHandleBase64:\n" +
188 |                 "$keyHandleBase64\n\n" +
189 |                 "clientDataJSON:\n" +
190 |                 "$clientDataJson\n\n" +
191 |                 "authenticatorDataBase64:\n" +
192 |                 "$authenticatorDataBase64\n\n" +
193 |                 "signatureBase64:\n" +
194 |                 "$signatureBase64\n"
195 | 
196 |         resultText.text = signFido2Result
197 |     }
198 | 
199 |     /**
200 |      * https://www.w3.org/TR/webauthn/#cryptographic-challenges
201 |      */
202 |     private fun challenge(): ByteArray {
203 |         val secureRandom = SecureRandom()
204 |         val challenge = ByteArray(16)
205 |         secureRandom.nextBytes(challenge)
206 |         return challenge
207 |     }
208 | 
209 |     private fun storeKeyHandle(keyHandle: ByteArray) {
210 |         PreferenceManager.getDefaultSharedPreferences(this).edit {
211 |             putString(KEY_HANDLE_PREF, Base64.encodeToString(keyHandle, Base64.DEFAULT))
212 |         }
213 |     }
214 | 
215 |     private fun loadKeyHandle(): ByteArray? {
216 |         val keyHandleBase64 = PreferenceManager.getDefaultSharedPreferences(this).getString(KEY_HANDLE_PREF, null)
217 |             ?: return null
218 |         return Base64.decode(keyHandleBase64, Base64.DEFAULT)
219 |     }
220 | }
221 | 


--------------------------------------------------------------------------------
/app/src/main/res/drawable/ic_launcher_foreground.xml:
--------------------------------------------------------------------------------
 1 | <vector xmlns:android="http://schemas.android.com/apk/res/android"
 2 |     android:width="108dp"
 3 |     android:height="108dp"
 4 |     android:viewportWidth="111.04803"
 5 |     android:viewportHeight="111.04803">
 6 |   <group android:translateX="24.985807"
 7 |       android:translateY="43.037083">
 8 |     <path
 9 |         android:pathData="M19.9734,1.0688A2.7622,2.7622 45,1 0,22.7356 3.8337,2.7622 2.7622,45 0,0 19.9734,1.0688Z"
10 |         android:fillColor="#febd3e"/>
11 |     <path
12 |         android:pathData="M12.5756,8.8052l0,3.2438l0,0.3651l4.9583,0l0,12.1973l1.7912,0l0,-6.9321l1.2965,0l0,6.9321l1.8071,0l0,-15.8062l-3.0374,0z"
13 |         android:fillColor="#febd3e"/>
14 |     <path
15 |         android:pathData="m35.9384,10.1678l-0.0556,0c-0.7302,-1.0583 -2.1934,-1.7859 -4.1698,-1.7859 -3.7888,0 -7.1173,3.1141 -7.0908,8.4455 0,4.9265 3.0057,8.1465 6.768,8.1465 2.0294,0 3.9687,-0.9181 4.9239,-2.6458l0.299,2.2728l4.2466,0l0,-23.1801l-4.9212,0zM35.9384,17.5576a8.2021,8.2021 0,0 1,-0.082 1.1377,2.9342 2.9342,0 0,1 -2.9104,2.3548c-2.0294,0 -3.3549,-1.6775 -3.3549,-4.3841 0,-2.4897 1.1351,-4.4979 3.3814,-4.4979 1.5425,0 2.6009,1.1112 2.8972,2.4104a5.1117,5.1117 0,0 1,0.0556 0.8943z"
16 |         android:fillColor="#febd3e"/>
17 |     <path
18 |         android:pathData="m12.2211,4.5718 l1.2091,-4.0719a7.8264,7.8264 0,0 0,-1.0266 -0.2646,9.5673 9.5673,0 0,0 -4.7995,0.1508l0,0a5.2731,5.2731 0,0 0,-0.9393 0.3757l0,0a6.6146,6.6146 0,0 0,-1.6854 1.2091c-1.2726,1.2462 -1.9182,2.9395 -1.9182,5.0271l0,1.8018L0,8.7999l0,3.6089L3.0506,12.4088l0,12.1973l4.8895,0l0,-12.1973L10.9908,12.4088L10.9908,8.8052L7.9401,8.8052l0,-1.9076a2.6061,2.6061 0,0 1,0.5821 -1.8097,1.8521 1.8521,0 0,1 0.164,-0.1587l0,0c0,0 1.053,-1.0425 3.5348,-0.3572z"
19 |         android:fillColor="#231f20"/>
20 |     <path
21 |         android:pathData="m51.6758,8.3845c-5.1144,0 -8.4667,3.2729 -8.4667,8.4164 0,5.1435 3.5454,8.173 8.1756,8.173 4.2333,0 8.337,-2.6458 8.337,-8.4667 -0.0053,-4.7678 -3.2253,-8.1227 -8.046,-8.1227zM51.5144,21.4284c-2.1167,0 -3.2464,-2.0294 -3.2464,-4.7625 0,-2.3283 0.9181,-4.736 3.2464,-4.736 2.2172,0 3.1406,2.3812 3.1406,4.7096 0,2.8945 -1.2277,4.789 -3.1406,4.789z"
22 |         android:fillColor="#231f20"/>
23 |     <path
24 |         android:pathData="M57.2426,6.789l0.59,0l0,1.5002l0.3572,0l0,-1.5002l0.5874,0l0,-0.299l-1.5346,0z"
25 |         android:fillColor="#231f20"/>
26 |     <path
27 |         android:pathData="M61.0764,8.2892l0,-1.7992l-0.5106,0l-0.463,1.2859l-0.4604,-1.2859l-0.5159,0l0,1.7992l0.3307,0l0,-1.4526l0.5027,1.4526l0.2884,0l0.4974,-1.4526l0,1.4526z"
28 |         android:fillColor="#231f20"/>
29 |   </group>
30 | </vector>
31 | 


--------------------------------------------------------------------------------
/app/src/main/res/layout/activity_main.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <androidx.constraintlayout.widget.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android"
 3 |     xmlns:app="http://schemas.android.com/apk/res-auto"
 4 |     xmlns:tools="http://schemas.android.com/tools"
 5 |     android:layout_width="match_parent"
 6 |     android:layout_height="match_parent"
 7 |     tools:context=".MainActivity">
 8 | 
 9 |     <Button
10 |         style="@style/Widget.AppCompat.Button.Colored"
11 |         android:id="@+id/registerFido2Button"
12 |         android:layout_width="0dp"
13 |         android:layout_height="wrap_content"
14 |         android:layout_margin="8dp"
15 |         android:text="@string/register_fido2"
16 |         app:layout_constraintEnd_toStartOf="@id/signFido2Button"
17 |         app:layout_constraintStart_toStartOf="parent"
18 |         app:layout_constraintTop_toTopOf="parent" />
19 | 
20 |     <Button
21 |         style="@style/Widget.AppCompat.Button.Colored"
22 |         android:id="@+id/signFido2Button"
23 |         android:layout_width="0dp"
24 |         android:layout_height="wrap_content"
25 |         android:layout_margin="8dp"
26 |         android:text="@string/login_fido2"
27 |         android:enabled="false"
28 |         app:layout_constraintEnd_toEndOf="parent"
29 |         app:layout_constraintStart_toEndOf="@id/registerFido2Button"
30 |         app:layout_constraintTop_toTopOf="parent" />
31 | 
32 |     <ScrollView
33 |         android:id="@+id/scrollView2"
34 |         android:layout_width="0dp"
35 |         android:layout_height="0dp"
36 |         app:layout_constraintBottom_toBottomOf="parent"
37 |         app:layout_constraintEnd_toEndOf="parent"
38 |         app:layout_constraintStart_toStartOf="parent"
39 |         app:layout_constraintTop_toBottomOf="@+id/signFido2Button">
40 | 
41 |         <TextView
42 |             android:id="@+id/resultText"
43 |             android:layout_width="match_parent"
44 |             android:layout_height="wrap_content"
45 |             android:padding="8dp"
46 |             android:freezesText="true"
47 |             android:textAlignment="center"
48 |             tools:text="An Error Ocurred\n\nError Name:\nFake Error Name\n\nError Message:\nFake Error Message" />
49 | 
50 |     </ScrollView>
51 | 
52 | </androidx.constraintlayout.widget.ConstraintLayout>


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-anydpi-v26/ic_launcher.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
3 |     <background android:drawable="@color/ic_launcher_background"/>
4 |     <foreground android:drawable="@drawable/ic_launcher_foreground"/>
5 | </adaptive-icon>


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-anydpi-v26/ic_launcher_round.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
3 |     <background android:drawable="@color/ic_launcher_background"/>
4 |     <foreground android:drawable="@drawable/ic_launcher_foreground"/>
5 | </adaptive-icon>


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-hdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jedrivisser/fido2-android-api-demo/01f7aa0cd5ef5bf2ced3101f1762becba98016d4/app/src/main/res/mipmap-hdpi/ic_launcher.png


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-hdpi/ic_launcher_round.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jedrivisser/fido2-android-api-demo/01f7aa0cd5ef5bf2ced3101f1762becba98016d4/app/src/main/res/mipmap-hdpi/ic_launcher_round.png


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-mdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jedrivisser/fido2-android-api-demo/01f7aa0cd5ef5bf2ced3101f1762becba98016d4/app/src/main/res/mipmap-mdpi/ic_launcher.png


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-mdpi/ic_launcher_round.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jedrivisser/fido2-android-api-demo/01f7aa0cd5ef5bf2ced3101f1762becba98016d4/app/src/main/res/mipmap-mdpi/ic_launcher_round.png


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xhdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jedrivisser/fido2-android-api-demo/01f7aa0cd5ef5bf2ced3101f1762becba98016d4/app/src/main/res/mipmap-xhdpi/ic_launcher.png


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xhdpi/ic_launcher_round.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jedrivisser/fido2-android-api-demo/01f7aa0cd5ef5bf2ced3101f1762becba98016d4/app/src/main/res/mipmap-xhdpi/ic_launcher_round.png


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxhdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jedrivisser/fido2-android-api-demo/01f7aa0cd5ef5bf2ced3101f1762becba98016d4/app/src/main/res/mipmap-xxhdpi/ic_launcher.png


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jedrivisser/fido2-android-api-demo/01f7aa0cd5ef5bf2ced3101f1762becba98016d4/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.png


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jedrivisser/fido2-android-api-demo/01f7aa0cd5ef5bf2ced3101f1762becba98016d4/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jedrivisser/fido2-android-api-demo/01f7aa0cd5ef5bf2ced3101f1762becba98016d4/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.png


--------------------------------------------------------------------------------
/app/src/main/res/values/colors.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <resources>
3 |     <!-- From https://fidoalliance.org/overview/legal/logo-usage/-->
4 |     <color name="colorPrimary">#004B4E</color>
5 |     <color name="colorPrimaryDark">#172F30</color>
6 |     <color name="colorAccent">#FFBF3B</color>
7 | </resources>
8 | 


--------------------------------------------------------------------------------
/app/src/main/res/values/ic_launcher_background.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <resources>
3 |     <color name="ic_launcher_background">#FFFFFF</color>
4 | </resources>


--------------------------------------------------------------------------------
/app/src/main/res/values/strings.xml:
--------------------------------------------------------------------------------
1 | <resources>
2 |     <string name="app_name">Fido2 Api Demo</string>
3 |     <string name="register_fido2">Register FIDO2</string>
4 |     <string name="login_fido2">Sign FIDO2</string>
5 | </resources>
6 | 


--------------------------------------------------------------------------------
/app/src/main/res/values/styles.xml:
--------------------------------------------------------------------------------
 1 | <resources>
 2 | 
 3 |     <!-- Base application theme. -->
 4 |     <style name="AppTheme" parent="Theme.AppCompat.Light.DarkActionBar">
 5 |         <!-- Customize your theme here. -->
 6 |         <item name="colorPrimary">@color/colorPrimary</item>
 7 |         <item name="colorPrimaryDark">@color/colorPrimaryDark</item>
 8 |         <item name="colorAccent">@color/colorAccent</item>
 9 |     </style>
10 | 
11 | </resources>
12 | 


--------------------------------------------------------------------------------
/build.gradle:
--------------------------------------------------------------------------------
 1 | // Top-level build file where you can add configuration options common to all sub-projects/modules.
 2 | 
 3 | buildscript {
 4 |     ext.kotlin_version = '1.3.21'
 5 |     repositories {
 6 |         google()
 7 |         jcenter()
 8 |     }
 9 |     dependencies {
10 |         classpath 'com.android.tools.build:gradle:3.3.1'
11 |         classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"
12 |         classpath 'com.github.ben-manes:gradle-versions-plugin:0.20.0'
13 |     }
14 | }
15 | 
16 | allprojects {
17 |     repositories {
18 |         google()
19 |         jcenter()
20 |     }
21 | }
22 | 
23 | task clean(type: Delete) {
24 |     delete rootProject.buildDir
25 | }
26 | 
27 | apply plugin: 'com.github.ben-manes.versions'


--------------------------------------------------------------------------------
/gradle.properties:
--------------------------------------------------------------------------------
 1 | # Project-wide Gradle settings.
 2 | # IDE (e.g. Android Studio) users:
 3 | # Gradle settings configured through the IDE *will override*
 4 | # any settings specified in this file.
 5 | # For more details on how to configure your build environment visit
 6 | # http://www.gradle.org/docs/current/userguide/build_environment.html
 7 | # Specifies the JVM arguments used for the daemon process.
 8 | # The setting is particularly useful for tweaking memory settings.
 9 | org.gradle.jvmargs=-Xmx1536m
10 | # When configured, Gradle will run in incubating parallel mode.
11 | # This option should only be used with decoupled projects. More details, visit
12 | # http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects
13 | # org.gradle.parallel=true
14 | # AndroidX package structure to make it clearer which packages are bundled with the
15 | # Android operating system, and which are packaged with your app's APK
16 | # https://developer.android.com/topic/libraries/support-library/androidx-rn
17 | android.useAndroidX=true
18 | # Automatically convert third-party libraries to use AndroidX
19 | android.enableJetifier=true
20 | # Kotlin code style for this project: "official" or "obsolete":
21 | kotlin.code.style=official
22 | 


--------------------------------------------------------------------------------
/gradle/wrapper/gradle-wrapper.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jedrivisser/fido2-android-api-demo/01f7aa0cd5ef5bf2ced3101f1762becba98016d4/gradle/wrapper/gradle-wrapper.jar


--------------------------------------------------------------------------------
/gradle/wrapper/gradle-wrapper.properties:
--------------------------------------------------------------------------------
1 | #Tue Feb 12 14:47:51 CAT 2019
2 | distributionBase=GRADLE_USER_HOME
3 | distributionPath=wrapper/dists
4 | zipStoreBase=GRADLE_USER_HOME
5 | zipStorePath=wrapper/dists
6 | distributionUrl=https\://services.gradle.org/distributions/gradle-5.2.1-all.zip
7 | 


--------------------------------------------------------------------------------
/gradlew:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/env sh
  2 | 
  3 | ##############################################################################
  4 | ##
  5 | ##  Gradle start up script for UN*X
  6 | ##
  7 | ##############################################################################
  8 | 
  9 | # Attempt to set APP_HOME
 10 | # Resolve links: $0 may be a link
 11 | PRG="$0"
 12 | # Need this for relative symlinks.
 13 | while [ -h "$PRG" ] ; do
 14 |     ls=`ls -ld "$PRG"`
 15 |     link=`expr "$ls" : '.*-> \(.*\)$'`
 16 |     if expr "$link" : '/.*' > /dev/null; then
 17 |         PRG="$link"
 18 |     else
 19 |         PRG=`dirname "$PRG"`"/$link"
 20 |     fi
 21 | done
 22 | SAVED="`pwd`"
 23 | cd "`dirname \"$PRG\"`/" >/dev/null
 24 | APP_HOME="`pwd -P`"
 25 | cd "$SAVED" >/dev/null
 26 | 
 27 | APP_NAME="Gradle"
 28 | APP_BASE_NAME=`basename "$0"`
 29 | 
 30 | # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
 31 | DEFAULT_JVM_OPTS=""
 32 | 
 33 | # Use the maximum available, or set MAX_FD != -1 to use that value.
 34 | MAX_FD="maximum"
 35 | 
 36 | warn () {
 37 |     echo "$*"
 38 | }
 39 | 
 40 | die () {
 41 |     echo
 42 |     echo "$*"
 43 |     echo
 44 |     exit 1
 45 | }
 46 | 
 47 | # OS specific support (must be 'true' or 'false').
 48 | cygwin=false
 49 | msys=false
 50 | darwin=false
 51 | nonstop=false
 52 | case "`uname`" in
 53 |   CYGWIN* )
 54 |     cygwin=true
 55 |     ;;
 56 |   Darwin* )
 57 |     darwin=true
 58 |     ;;
 59 |   MINGW* )
 60 |     msys=true
 61 |     ;;
 62 |   NONSTOP* )
 63 |     nonstop=true
 64 |     ;;
 65 | esac
 66 | 
 67 | CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
 68 | 
 69 | # Determine the Java command to use to start the JVM.
 70 | if [ -n "$JAVA_HOME" ] ; then
 71 |     if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
 72 |         # IBM's JDK on AIX uses strange locations for the executables
 73 |         JAVACMD="$JAVA_HOME/jre/sh/java"
 74 |     else
 75 |         JAVACMD="$JAVA_HOME/bin/java"
 76 |     fi
 77 |     if [ ! -x "$JAVACMD" ] ; then
 78 |         die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
 79 | 
 80 | Please set the JAVA_HOME variable in your environment to match the
 81 | location of your Java installation."
 82 |     fi
 83 | else
 84 |     JAVACMD="java"
 85 |     which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
 86 | 
 87 | Please set the JAVA_HOME variable in your environment to match the
 88 | location of your Java installation."
 89 | fi
 90 | 
 91 | # Increase the maximum file descriptors if we can.
 92 | if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
 93 |     MAX_FD_LIMIT=`ulimit -H -n`
 94 |     if [ $? -eq 0 ] ; then
 95 |         if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
 96 |             MAX_FD="$MAX_FD_LIMIT"
 97 |         fi
 98 |         ulimit -n $MAX_FD
 99 |         if [ $? -ne 0 ] ; then
100 |             warn "Could not set maximum file descriptor limit: $MAX_FD"
101 |         fi
102 |     else
103 |         warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
104 |     fi
105 | fi
106 | 
107 | # For Darwin, add options to specify how the application appears in the dock
108 | if $darwin; then
109 |     GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
110 | fi
111 | 
112 | # For Cygwin, switch paths to Windows format before running java
113 | if $cygwin ; then
114 |     APP_HOME=`cygpath --path --mixed "$APP_HOME"`
115 |     CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
116 |     JAVACMD=`cygpath --unix "$JAVACMD"`
117 | 
118 |     # We build the pattern for arguments to be converted via cygpath
119 |     ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
120 |     SEP=""
121 |     for dir in $ROOTDIRSRAW ; do
122 |         ROOTDIRS="$ROOTDIRS$SEP$dir"
123 |         SEP="|"
124 |     done
125 |     OURCYGPATTERN="(^($ROOTDIRS))"
126 |     # Add a user-defined pattern to the cygpath arguments
127 |     if [ "$GRADLE_CYGPATTERN" != "" ] ; then
128 |         OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
129 |     fi
130 |     # Now convert the arguments - kludge to limit ourselves to /bin/sh
131 |     i=0
132 |     for arg in "$@" ; do
133 |         CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
134 |         CHECK2=`echo "$arg"|egrep -c "^-"`                                 ### Determine if an option
135 | 
136 |         if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then                    ### Added a condition
137 |             eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
138 |         else
139 |             eval `echo args$i`="\"$arg\""
140 |         fi
141 |         i=$((i+1))
142 |     done
143 |     case $i in
144 |         (0) set -- ;;
145 |         (1) set -- "$args0" ;;
146 |         (2) set -- "$args0" "$args1" ;;
147 |         (3) set -- "$args0" "$args1" "$args2" ;;
148 |         (4) set -- "$args0" "$args1" "$args2" "$args3" ;;
149 |         (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
150 |         (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
151 |         (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
152 |         (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
153 |         (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
154 |     esac
155 | fi
156 | 
157 | # Escape application args
158 | save () {
159 |     for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
160 |     echo " "
161 | }
162 | APP_ARGS=$(save "$@")
163 | 
164 | # Collect all arguments for the java command, following the shell quoting and substitution rules
165 | eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
166 | 
167 | # by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong
168 | if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then
169 |   cd "$(dirname "$0")"
170 | fi
171 | 
172 | exec "$JAVACMD" "$@"
173 | 


--------------------------------------------------------------------------------
/gradlew.bat:
--------------------------------------------------------------------------------
 1 | @if "%DEBUG%" == "" @echo off
 2 | @rem ##########################################################################
 3 | @rem
 4 | @rem  Gradle startup script for Windows
 5 | @rem
 6 | @rem ##########################################################################
 7 | 
 8 | @rem Set local scope for the variables with windows NT shell
 9 | if "%OS%"=="Windows_NT" setlocal
10 | 
11 | set DIRNAME=%~dp0
12 | if "%DIRNAME%" == "" set DIRNAME=.
13 | set APP_BASE_NAME=%~n0
14 | set APP_HOME=%DIRNAME%
15 | 
16 | @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
17 | set DEFAULT_JVM_OPTS=
18 | 
19 | @rem Find java.exe
20 | if defined JAVA_HOME goto findJavaFromJavaHome
21 | 
22 | set JAVA_EXE=java.exe
23 | %JAVA_EXE% -version >NUL 2>&1
24 | if "%ERRORLEVEL%" == "0" goto init
25 | 
26 | echo.
27 | echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
28 | echo.
29 | echo Please set the JAVA_HOME variable in your environment to match the
30 | echo location of your Java installation.
31 | 
32 | goto fail
33 | 
34 | :findJavaFromJavaHome
35 | set JAVA_HOME=%JAVA_HOME:"=%
36 | set JAVA_EXE=%JAVA_HOME%/bin/java.exe
37 | 
38 | if exist "%JAVA_EXE%" goto init
39 | 
40 | echo.
41 | echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
42 | echo.
43 | echo Please set the JAVA_HOME variable in your environment to match the
44 | echo location of your Java installation.
45 | 
46 | goto fail
47 | 
48 | :init
49 | @rem Get command-line arguments, handling Windows variants
50 | 
51 | if not "%OS%" == "Windows_NT" goto win9xME_args
52 | 
53 | :win9xME_args
54 | @rem Slurp the command line arguments.
55 | set CMD_LINE_ARGS=
56 | set _SKIP=2
57 | 
58 | :win9xME_args_slurp
59 | if "x%~1" == "x" goto execute
60 | 
61 | set CMD_LINE_ARGS=%*
62 | 
63 | :execute
64 | @rem Setup the command line
65 | 
66 | set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
67 | 
68 | @rem Execute Gradle
69 | "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
70 | 
71 | :end
72 | @rem End local scope for the variables with windows NT shell
73 | if "%ERRORLEVEL%"=="0" goto mainEnd
74 | 
75 | :fail
76 | rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
77 | rem the _cmd.exe /c_ return code!
78 | if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
79 | exit /b 1
80 | 
81 | :mainEnd
82 | if "%OS%"=="Windows_NT" endlocal
83 | 
84 | :omega
85 | 


--------------------------------------------------------------------------------
/scripts/get_cert_fingerprint.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | echo Android Certificate fingerprint
3 | 
4 | keytool -list -v -alias fido2 -storepass fido2password -keystore ../app/keystore.jks 2> /dev/null | grep SHA256:


--------------------------------------------------------------------------------
/settings.gradle:
--------------------------------------------------------------------------------
1 | include ':app'
2 | 


--------------------------------------------------------------------------------
/web/.gitignore:
--------------------------------------------------------------------------------
 1 | # Logs
 2 | logs
 3 | *.log
 4 | npm-debug.log*
 5 | yarn-debug.log*
 6 | yarn-error.log*
 7 | firebase-debug.log*
 8 | 
 9 | # Firebase cache
10 | .firebase/
11 | 
12 | # Firebase config
13 | 
14 | # Uncomment this if you'd like others to create their own Firebase project.
15 | # For a team working on the same Firebase project(s), it is recommended to leave
16 | # it commented so all members can deploy to the same project(s) in .firebaserc.
17 | # .firebaserc
18 | 
19 | # Runtime data
20 | pids
21 | *.pid
22 | *.seed
23 | *.pid.lock
24 | 
25 | # Directory for instrumented libs generated by jscoverage/JSCover
26 | lib-cov
27 | 
28 | # Coverage directory used by tools like istanbul
29 | coverage
30 | 
31 | # nyc test coverage
32 | .nyc_output
33 | 
34 | # Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
35 | .grunt
36 | 
37 | # Bower dependency directory (https://bower.io/)
38 | bower_components
39 | 
40 | # node-waf configuration
41 | .lock-wscript
42 | 
43 | # Compiled binary addons (http://nodejs.org/api/addons.html)
44 | build/Release
45 | 
46 | # Dependency directories
47 | node_modules/
48 | 
49 | # Optional npm cache directory
50 | .npm
51 | 
52 | # Optional eslint cache
53 | .eslintcache
54 | 
55 | # Optional REPL history
56 | .node_repl_history
57 | 
58 | # Output of 'npm pack'
59 | *.tgz
60 | 
61 | # Yarn Integrity file
62 | .yarn-integrity
63 | 
64 | # dotenv environment variables file
65 | .env
66 | 
67 | .firebaserc


--------------------------------------------------------------------------------
/web/firebase.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "hosting": {
 3 |     "public": "public",
 4 |     "ignore": [
 5 |       "firebase.json",
 6 |       "**/.*",
 7 |       "**/node_modules/**"
 8 |     ],
 9 |     "rewrites": [
10 |       {
11 |         "source": "**",
12 |         "destination": "/index.html"
13 |       }
14 |     ]
15 |   }
16 | }
17 | 


--------------------------------------------------------------------------------
/web/public/.well-known/assetlinks.json:
--------------------------------------------------------------------------------
 1 | [
 2 |   {
 3 |     "relation": ["delegate_permission/common.handle_all_urls","delegate_permission/common.get_login_creds"],
 4 |     "target": {
 5 |       "namespace": "android_app",
 6 |       "package_name": "com.entersekt.fido2",
 7 |       "sha256_cert_fingerprints": [
 8 |         "C5:8B:E3:9B:36:B3:67:12:D7:0C:DA:C5:9D:65:2A:FC:43:9B:AE:1B:76:C9:7D:A1:7E:69:2B:7A:15:AB:27:96"
 9 |       ]
10 |     }
11 |   }
12 | ]
13 | 


--------------------------------------------------------------------------------