I have registered a yubikey user in my sample application by using a browser, using navigator.create for fido2 with yubikey. Now I want to authenticate with Python fido2 without using browser.
I am trying with python-fido2. Given the public key, rp details and challenge from server, how do I authenticate in yubikey?
Depending on your WebAuthn server's implementation, there are typically two authentication endpoints e.g. 1) startAuthentication and 2) finishAuthentication.
The startAuthentication endpoint typically returns the parameters to pass into the authenticator's getAssertion method e.g. rpId, challenge, allow list, etc...)
The result of the getAssertion method is then passed to the finishAuthentication endpoint.
Line 106 in the credential.py demonstrates how to get an assertion:
assertions, client_data = client.get_assertion(rp["id"], challenge, allow_list, pin=pin)
The get_assertion() method returns the assertion and client data. Your application will have to pass this data along to your finishAuthentication endpoint in whatever format the WebAuthn server requires.