A FIDO2 native framework for Android.
FIDO2/WebAuthn heavily depends on browsers' implementation. A native lib is significantly usable in providing stable and customizable user experiences.
Support Android 6(API 23)+
- a Modern project
- Modern Kotlin runBlocking/async mechanism rather than embedded callbacks.
- Support the latest FIDO spec
-
Use OS native lib as many as possible
-
Keep the external APIs as simple as possible and speak the programers' language
-
Keep source code structure as simple as possible
-
fido2-node (https://github.com/dqj1998/fido2-node.git)
-
LINE FIDO2 server (https://github.com/line/line-fido2-server.git).
** Does not support real non-resident credentials ** Requires cookies managemant of client side to manage sessions
One domain can support multiple RPs by set rp.id. has to work with fido2-node server.
Support aaguid checking for enterprise attestation.
- Register enterpise rpids and aaguids in env file of fido2-node server by ENTERPRISE_RPs and ENTERPRISE_AAGUIDs
- Call setPlatformAuthenticatorAAGUID and addEnterpriseRPIds on SDK side
Cannot auth with a unique device binded key from a different device(another installation of SDK). Usually, this feature is to force disable key synchronization among devices to gain a more robust security level. This feature has to work with fido2-node server.