1#!/usr/bin/env python
2# Copyright 2016 Google Inc. All Rights Reserved.
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8#    http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15
16"""Interface to handle end to end flow of U2F signing."""
17import sys
18
19
20class BaseAuthenticator(object):
21  """Interface to handle end to end flow of U2F signing."""
22
23  def Authenticate(self, app_id, challenge_data,
24                   print_callback=sys.stderr.write):
25    """Authenticates app_id with a security key.
26
27    Executes the U2F authentication/signature flow with a security key.
28
29    Args:
30      app_id: The app_id to register the security key against.
31      challenge_data: List of dictionaries containing a RegisteredKey ('key')
32        and the raw challenge data ('challenge') for this key.
33      print_callback: Callback to print a message to the user. The callback
34        function takes one argument--the message to display.
35
36    Returns:
37      A dictionary with the following fields:
38        'clientData': url-safe base64 encoded ClientData JSON signed by the key.
39        'signatureData': url-safe base64 encoded signature.
40        'applicationId': application id.
41        'keyHandle': url-safe base64 encoded handle of the key used to sign.
42
43    Raises:
44      U2FError: There was some kind of problem with registration (e.g.
45        the device was already registered or there was a timeout waiting
46        for the test of user presence).
47    """
48    raise NotImplementedError
49
50  def IsAvailable(self):
51    """Indicates whether the authenticator implementation is available to sign.
52
53    The caller should not call Authenticate() if IsAvailable() returns False
54
55    Returns:
56      True if the authenticator is available to sign and False otherwise.
57
58    """
59    raise NotImplementedError
60