Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
# Verify that the User Present bit of the flags in authData
# is set.
# Authenticator data flags.
# https://www.w3.org/TR/webauthn/#authenticator-data
flags = struct.unpack('!B', auth_data[32:33])[0]
if (flags & const.USER_PRESENT) != 0x01:
raise RegistrationRejectedException(
'Malformed request received.')
# Step 11.
#
# If user verification is required for this registration, verify
# that the User Verified bit of the flags in authData is set.
if (self.uv_required and (flags & const.USER_VERIFIED) != 0x04):
raise RegistrationRejectedException(
'Malformed request received.')
# Step 12.
#
# Verify that the values of the client extension outputs in
# clientExtensionResults and the authenticator extension outputs
# in the extensions in authData are as expected, considering the
# client extension input values that were given as the extensions
# option in the create() call. In particular, any extension
# identifier values in the clientExtensionResults and the extensions
# in authData MUST be also be present as extension identifier values
# in the extensions member of options, i.e., no extensions are
# present that were not requested. In the general case, the meaning
# of "are as expected" is specific to the Relying Party and which
# extensions are in use.
auth_data_rp_id_hash = _get_auth_data_rp_id_hash(decoded_a_data)
if not _verify_rp_id_hash(auth_data_rp_id_hash,
self.webauthn_user.rp_id):
raise AuthenticationRejectedException(
'Unable to verify RP ID hash.')
# Step 12.
#
# Verify that the User Present bit of the flags in authData
# is set.
# Authenticator data flags.
# https://www.w3.org/TR/webauthn/#authenticator-data
flags = struct.unpack('!B', decoded_a_data[32:33])[0]
if (flags & const.USER_PRESENT) != 0x01:
raise AuthenticationRejectedException(
'Malformed request received.')
# Step 13.
#
# If user verification is required for this assertion, verify that
# the User Verified bit of the flags in authData is set.
if (self.uv_required and (flags & const.USER_VERIFIED) != 0x04):
raise RegistrationRejectedException(
'Malformed request received.')
# Step 14.
#
# Verify that the values of the client extension outputs in
# clientExtensionResults and the authenticator extension outputs
# in the extensions in authData are as expected, considering the