Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Explain that first factor is up to you as to how you want to implement it.

 

Sequence Diagram 

 

 

Code Block
languagejs
titlepre_sign
dictionary ObtainU2fRequest {
  DOMString type;
  DOMString username; // TODO(mirko): need to get this another way.
};

type of type DOMString

The type of U2F Request to obtain is either "pre_sign" or "pre_enroll".

username of type DOMString

The username to obtain a Request for. This needs to be authenticated instead.

The response is a U2F Request dictionary. (see fido-u2f-javascript-api; 3.1.1 Dictionary Request Members) Below is the code related to processing a FIDO U2F sign operation.


Code Block
languagejava
titleSurePassIdU2fSign
linenumberstrue
import com.surepassid.fido.u2f.FidoClientListener;
import com.surepassid.fido.u2f.SurePassIdU2f;

public class DemoSignInActivity extends Activity implements FidoClientListener {
  public static final String SERVER_URL = "https://fidocert.surepassid.com/server.aspx";

  private SurePassIdU2f mU2f;
  private String mSessionToken;

  @Override
  protected void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    initUi();
    mU2f = new SurePassIdU2f(this, this);
  }

  void afterSignInSuccess(String username) {
    // After the user has successfully signed in start the U2F Sign process.
    mU2f.sign(SERVER_URL, sessionToken);
  }

  @Override
  public void onActivityResult(int requestCode, int resultCode, Intent intent) {
    switch (requestCode) {
      case U2fClientIntent.REQUEST_CODE_SIGN:
        // Forward the result to SurePassIdU2f.onActivityResult
        mU2f.onActivityResult(requestCode, resultCode, intent);
        break;
    }
  }

  /**
   * Called if there not any errors processing the FIDO request. The
   * result indicates thte status of the request.
   */
  @Override
  public void fidoClientResult(Result result){
    switch (result) {
      case SUCCESS:
        gotoTargetActivity();
        break;

      case CANCELED:
        fidoClientCanceled();
        break;

      case ALTERNATE_VERIFICATION:
        gotoAlternateVerificationActivity();
        break;
    }
  }

  /**
   * Called if there was an error during the U2F Sign Operation.
   *
   * @param errorMessage The error that occurred.
   */
  @Override
  public void fidoClientError(CharSequence errorMessage) {
    // Handle the error message.
    displayMessage(errorMessage);
  }

  /**
   * Method used to go to the app's target activity after U2F Sign succeeds.
   */
  public void gotoTargetActivity() {
    Intent intent = new Intent(this, DemoAppActivity.class);
    intent.putExtra(EXTRA_USERNAME, mUsername);
    intent.putExtra(EXTRA_SESSION_TOKEN, mSessionToken);
    startActivity(intent);
  }

  /**
   * Method used to go to an activity that provides the user the ability
   * to use a different second factor method if they are unable to use
   * a U2F Authenticator.
   */
  public void gotoAlternateVerificationActivity() {
    Intent intent = new Intent(this, DemoEnterOtpActivity.class);
    startActivity(intent);
  }

  /**
   * Called if the U2F Sign operation was canceled by the user.
   */
  public void fidoClientCanceled() {
    resetFormValues();
    enableForm();
    displayMessage("Sign In canceled.");
  }

}

Upon successfully authenticating the user it should call

protected void u2fSign(String username)

That method will perform all the necessary U2F operations.