virtual-u2f
Advanced tools
A virtual U2F token for automated testing of U2F enabled applications.
Based on mplatt/virtual-u2f, updated to comply with the U2F Javascript Spec.
Check it out on npm
var VirtualToken = require('virtual-u2f');
// Generate Registration request
...
// Handle registration request
token.HandleRegisterRequest(request)
.then(function(response) {
// Finalise registration
...
}, function(error) {
// Handle error
...
});
var VirtualToken = require('virtual-u2f');
// Generate Signing request
...
// Handle registration request
token.HandleSignatureRequest(request)
.then(function(response) {
// Finalise Signing
...
}, function(error) {
// Handle error
...
});
For a worked example running against ryankurte/node-u2f (my fork of ashtuchkin/u2f), check out test.js.
There is also a simple command line application that accepts registration and signing challenges and outputs responses (both in JSON), in case you need to test non-javascript based applications.
If you have any questions, comments, or suggestions, feel free to open an issue or a pull request.
FAQs
Virtual U2F token for automated testing of U2F/Fido APIs
The npm package virtual-u2f receives a total of 10,458 weekly downloads. As such, virtual-u2f popularity was classified as popular.
We found that virtual-u2f demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI confirms no security flaws were exploited in the Ultralytics supply chain attack and highlights improvements for safer package publishing.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.