• Stars
    star
    508
  • Rank 86,941 (Top 2 %)
  • Language
    Java
  • License
    Apache License 2.0
  • Created over 3 years ago
  • Updated 5 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

FIDO2(WebAuthn) server officially certified by FIDO Alliance and Relying Party examples.

LINE FIDO2 SERVER

Stars Repo Size License Apache-2.0 Top Language Spring Boot Java version Data base Last Commit

FIDO2(WebAuthn) Server officially certified by FIDO Alliance

Overview

FIDO (Fast IDentity Online) is an open standard for online authentication. It is designed to solve the password problems stemming from a lot of security problems as we are suffering today.

Rather than relying on symmetric credentials (like passwords or PINs, typically which is a knowledge-based factor), FIDO is based on a public-key cryptography algorithm that is based on asymmetric credentials.

Simply, the device generates the key pair and stores the private key within the secure area, and sends the corresponding public key (as the name implies it is okay to be public) to the server.

Then, if the authentication is needed, the server sends challenges to the device and the device generates the digital signature with the private key and sends it to the server.

Finally, the server can validate the signature with the registered public key.

What is FIDO2

FIDO2 is an improved standard for use on the web and other platforms as well as mobile. Various web browsers and OS platforms currently support the FIDO2 standard API.

Basically, FIDO2 has the following operations - Registration, Authentication.

Registration

  • The user is prompted to choose an available FIDO authenticator that matches the online service’s acceptance policy.
  • User unlocks the FIDO authenticator using a fingerprint reader, a button on a second–factor device, securely–entered PIN, or other methods.
  • The user’s device creates a new public/private key pair unique for the local device, online service, and user’s account.
  • The public key is sent to the online service and associated with the user’s account. The private key and any information about the local authentication method (such as biometric measurements or templates) never leave the local device.

Authentication

  • Online service challenges the user to log in with a previously registered device that matches the service’s acceptance policy.
  • User unlocks the FIDO authenticator using the same method as at Registration time.
  • The device uses the user’s account identifier provided by the service to select the correct key and sign the service’s challenge.
  • The client device sends the signed challenge back to the service, which verifies it with the stored public key and lets the user log in.

Screenshots

Chrome on Mac with TouchId

registration_flow

Chrome on Mac with Secret Key (2FA)

registration_flow

Chrome on Android with Fingerprint (Reg)

registration_flow

Chrome on Android with Fingerprint (Auth)

registration_flow

Modules

  • server: The FIDO2 server implementation conforming to the FIDO2 standard
  • common: FIDO2 related common models
  • rp-server: The sample application with a FIDO2 RP implementation
  • spring-boot-stater: The spring-boot-starter version of the LINE FIDO2 server application that can be easily integrated into a Spring Boot environment

Features

  • Supported attestation types
    • Basic
    • Self
    • Attestation CA (a.k.a Privacy CA)
    • None
    • Anonymization CA
  • Supported attestation formats
    • Packed (FIDO2)
    • Tpm (Windows10 devices)
    • Android key attestation
    • Android SafetyNet (Any Android devices running 7+)
    • FIDO U2F (Legacy U2F authenticators)
    • Apple Anonymous
    • None
  • Metadata service integration
    • FIDO MDSv2

How to run

You need to run the FIDO2 server and RP Server first.

If you want to integrate your own RP Server, please implement APIs by referring to the sample codes. Regarding client sides, you may implement the web app for communicating with the RP server.

We also provide our server in the form of a spring boot starter. Check out the spring-boot-starter directory.

Manual

# Start RP Server
cd rpserver
./gradlew bootRun

# Start FIDO2 Server or Line-fido2-spring-boot Demo
cd server
./gradlew bootRun

cd spring-boot-starter/line-fido2-spring-boot-demo
./gradlew bootRun

Docker for demo

If the Docker environment is configured, You can easily run applications with docker-compose.

# Start both RP Server and FIDO2 Server
docker-compose up

After running the applications, you can open the test page at the link below.

http://localhost:8080/

Local DB

FIDO2 Server running on local environments uses h2 as an embedded DB. This needs to be replaced with commercial standalone DB for other environments such as staging, beta or real.

In the case of the local environment, you can use the h2 console. Add the following path /h2-console to the fido server URL to access the h2 web console.

e.g., http://localhost:8081/h2-console

If the below error occurs while logging in to h2-console,

No suitable driver found for 08001/0

try to remove or comment out logbook-spring-boot-starter from build.gradle.

implementation('org.zalando:logbook-spring-boot-starter:1.8.1')

Lombok

This project utilizes Lombok to reduce implementing getter/setter/constructors. You need the Lombok plugin to build with IntelliJ and Eclipse. See the following web pages to get information.

https://projectlombok.org/

Issues

  • If data.sql doesn't work well in an IntelliJ environment, try commenting on this part in build.gradle.
jar {
  processResources {
    exclude("**/*.sql")
  }
}
  • If Fido2StarterDemoApplication doesn't work well, try commenting on this part in build.gradle.
task dockerBuild() {
  jar.enabled = false
  dependsOn(bootJar)
}

API Guides

After running the applications, you can view API guide documents at the link below.

Spring REST Docs

Swagger UI

References

LINE Engineering Blogs

LINE DevDay Videos

Internal

External

More Repositories

1

armeria

Your go-to microservice framework for any situation, from the creator of Netty et al. You can build any type of microservice leveraging your favorite technologies, including gRPC, Thrift, Kotlin, Retrofit, Reactive Streams, Spring Boot and Dropwizard.
Java
4,765
star
2

line-bot-sdk-python

LINE Messaging API SDK for Python
Python
1,888
star
3

promgen

Promgen is a configuration file generator for Prometheus
JavaScript
1,047
star
4

line-bot-sdk-nodejs

LINE Messaging API SDK for Node.js
TypeScript
949
star
5

line-bot-sdk-go

LINE Messaging API SDK for Go
Go
885
star
6

line-sdk-ios-swift

Provides a modern way of implementing LINE APIs.
Swift
845
star
7

line-bot-sdk-php

LINE Messaging API SDK for PHP
PHP
704
star
8

kotlin-jdsl

Kotlin library that makes it easy to build and execute queries without generated metamodel
Kotlin
702
star
9

line-bot-sdk-java

LINE Messaging API SDK for Java
Java
605
star
10

centraldogma

Highly-available version-controlled service configuration repository based on Git, ZooKeeper and HTTP/2
Java
594
star
11

line-bot-sdk-ruby

LINE Messaging API SDK for Ruby
Ruby
479
star
12

stellite

Stellite project is a client library and server application that offers an easy way to develop, build, and implement client/server running primarily over the QUIC protocol developed by Google as part of the Chromium project.
C++
474
star
13

garr

Collection of high performance, thread-safe, lock-free go data structures
Go
370
star
14

line-liff-v2-starter

This is a small web application that demonstrates the basic functionality of the LINE Front-end Framework (LIFF).
JavaScript
334
star
15

decaton

High throughput asynchronous task processing on Apache Kafka
Java
325
star
16

ts-remove-unused

Remove unused code from your TypeScript project
TypeScript
264
star
17

headver

SemVer compatible version specification that has {head}.{yearweek}.{build} system.
252
star
18

abc-user-feedback

ABC User Feedback is a standalone web application that manages Voice of Customer (VoC) data. It allows you to gather and sort feedback from your customers.
TypeScript
230
star
19

apng-drawable

A lightweight and fast Animated Portable Network Graphics (APNG) image decoder for Android
Kotlin
223
star
20

flutter_line_sdk

A Flutter plugin that lets developers access LINE's native SDKs in Flutter apps with Dart.
Dart
213
star
21

rules_apple_line

LINE's Apple rules for Bazel
Starlark
207
star
22

lich

A library collection that enhances the development of Android apps.
Kotlin
191
star
23

line-login-starter

LINE Login starter application
Java
138
star
24

line-liff-starter

This is a small web application that demonstrates the basic functionality of the LINE Front-end Framework (LIFF).
JavaScript
138
star
25

armeria-examples

Armeria examples
Java
137
star
26

line-openapi

OpenAPI spec of the LINE's Public APIs
JavaScript
136
star
27

line-sdk-android

LINE SDK for Android lets you integrate LINE into your Android app to create a more engaging experience for your users.
Java
133
star
28

conflr

Post R Markdown documents to Confluence
R
130
star
29

clay

Clay is an Android library project that provides image trimming which is originally an UI component of LINE Creators Studio
Kotlin
121
star
30

line-sdk-unity

Provides a modern way of implementing LINE APIs in Unity games, for iOS and Android.
C#
118
star
31

line-simple-beacon

JavaScript
109
star
32

LibriTTS-P

LibriTTS-P: A Corpus with Speaking Style and Speaker Identity Prompts for Text-to-Speech and Style Captioning
104
star
33

jnotebook_reader

🃏 An awesome viewer to browse and render Jupyter Notebooks from local, Amazon S3, Google Cloud Storage or MinIO
JavaScript
103
star
34

feature-flag-android

A Gradle plugin to achieve feature flag based development for Android applications.
Kotlin
100
star
35

webpack.kr

Korean translation of webpack document
MDX
91
star
36

line-things-starter

The sample codes for LINE Things Developer Trial
C++
90
star
37

liff-playground

An example app to show the usage of LIFF's API functions
TypeScript
90
star
38

grow-loader

A webpack loader to split class methods by decorators
JavaScript
88
star
39

abc-kmm-location

Location Service Manager for Kotlin Multiplatform Mobile iOS and Android
Kotlin
85
star
40

gradle-scripts

Sensible multi-project defaults for Gradle
81
star
41

vue-pivot-table-plus

An enhanced pivot table component for Vue.js
Vue
77
star
42

abc-virtual-background-maker

A standalone React application designed for creating and downloading virtual background images enriched with customizable text elements.
TypeScript
76
star
43

line-platform-feedback

LINE Platform feedback
76
star
44

gradle-multi-project-support

A collection of Gradle plugins to maintain the multi-project or multi-application in the mono-repo.
Kotlin
75
star
45

line-bot-sdk-perl

LINE Messaging API SDK for Perl
Perl
72
star
46

create-liff-app

Start developing LIFF application with a simple CLI command.
TypeScript
63
star
47

ostracon

Ostracon, a consensus algorithm, is forked from Tendermint Core. We have added VRF to Tendermint BFT. It adds randomness to PoS Validator elections and improves security.
Go
60
star
48

conditional

A super lightweight library that helps you to compose multiple conditional expressions and make them asynchronous easily.
Java
59
star
49

open-universe

Open implementation of UNIVERSE and UNIVERSE++ diffusion-based speech enhancement models.
Python
58
star
50

abc-kmm-notifications

Remote Notification Manager for Kotlin Multiplatform Mobile iOS and Android
Kotlin
57
star
51

lbm-sdk

A framework for building blockchains based LINE Blockchain Mainnet that is forked from cosmos-sdk
Go
53
star
52

liff-inspector

The universal DevTools for LIFF (WebView) browser
TypeScript
51
star
53

centraldogma-go

Go client library for Central Dogma
Go
50
star
54

line-sdk-starter-ios

A starter app demonstrating usage of the LINE iOS SDK.
Objective-C
50
star
55

centraldogma-rs

Official Rust client for Central Dogma
Rust
46
star
56

lighthouse

A user-friendly library for reproducible video moment retrieval and highlight detection.
Python
46
star
57

zipkin-lens

An alternative UI for Zipkin (Distributed Tracing), this repo is no longer used as it's already merged into upstream, please go to https://github.com/openzipkin/zipkin/tree/master/zipkin-lens
JavaScript
45
star
58

LINE-DistilBERT-Japanese

DistilBERT model pre-trained on 131 GB of Japanese web text. The teacher model is BERT-base that built in-house at LINE.
44
star
59

Flagship4j

Feature toggle system API-Client SDK follow OpenFeature specification.
Java
43
star
60

line-api-use-case-messaging-api

LINE Messaging API demo application provided by LINE API Use Case
Python
37
star
61

line-sdk-starter-android-v2

A starter application that demonstrates how to use LINE SDK V2 for Android.
Java
35
star
62

liff-mock

LIFF Mock is a LIFF Plugin that make testing your LIFF app easy.
TypeScript
35
star
63

clova-cek-sdk-nodejs

SDK of the Clova CEK for Node.js
TypeScript
34
star
64

line-sdk-starter-android

A starter app demonstrating usage of the LINE Android SDK.
Java
33
star
65

kubectl-kustomize

Docker image with kubectl and kustomize
Dockerfile
33
star
66

aes-gcm-siv

AES-GCM-SIV (RFC 8452) implementation for C, Android and Java, with hardware acceleration support.
C
33
star
67

recruiting-resources-jp

Go
33
star
68

lfb

LINE Financial Blockchain forked from gaia(https://github.com/cosmos/gaia)
Go
32
star
69

demo-rich-menu-bot

Demo bot for using rich menus with the Messaging API
PHP
31
star
70

figma-translator-vue-plugin-sample

The sample of Figma translation plugin with Vue
Vue
31
star
71

line-things-dev-board

LINE Things development board - Sample codes and schematics
HTML
29
star
72

abc-kmm-shared-storage

A local storage management library for Kotlin Multiplatform Mobile iOS and Android
Kotlin
27
star
73

line-sdk-starter-ios-v2

A starter application that demonstrates how to use LINE SDK for iOS.
Objective-C
27
star
74

gradle-multi-project-support-sample

This is a sample of build-recipe-plugin in gradle-multi-project-support
Kotlin
27
star
75

line-api-use-case-reservation-hairsalon

Hair salon reservation demo application provided by LINE API Use Case
Python
27
star
76

line-blockchain-developers-sdk-js

Javascript library for line blockchain developers
TypeScript
25
star
77

Human-Interaction-Generation

Official implementation of ICCV 2023 Oral Paper "Role-Aware Interaction Generation from Textual Description"
Python
25
star
78

networking-sr

OpenStack Neutron plugin/drivers for Segment Routing IPv6
Python
24
star
79

blockchain-sample-link-cinema

A sample service of LINE Blockchain, demonstrating how to utilize LINE Blockchain Developers and LINE BITMAX Wallet.
Go
21
star
80

abc-kmm-analytics-tools

Analytics Tools for Kotlin Multiplatform Mobile iOS and Android
Kotlin
20
star
81

clova-cek-sdk-swift

SDK of the Clova CEK for Swift
Swift
20
star
82

clova-cek-sdk-python

SDK of the Clova CEK for Python
Python
19
star
83

Meta-AI-Video-Similarity-Challenge-3rd-Place-Solution

The 3rd Place Solution of the Meta AI Video Similarity Challenge : Descriptor Track and Matching Track.
Python
18
star
84

line-bot-sample-ms

C#
17
star
85

centraldogma-python

Python client library for Central Dogma
Python
17
star
86

line-api-use-case-reservation-Restaurant

Restaurant reservation demo application provided by LINE API Use Case
Python
16
star
87

BC-node-server-sample

BusinessConnect sample server with NodeJS
JavaScript
16
star
88

japanese-large-lm-instruction-sft

16
star
89

cosmwasm

Fast and reusable WebAssembly smart contract runtime(and library) for lbm-sdk.
Rust
15
star
90

gorocksdb

A `rocksdb` wrapper for golang applications. This is forked from https://github.com/tecbot/gorocksdb.
Go
15
star
91

line-api-use-case-table-order

Table order demo application provided by LINE API Use Case
Python
15
star
92

iavl

Merkleized IAVL+ Tree implementation in Go forked from cosmos/iavl(https://github.com/cosmos/iavl)
Go
14
star
93

blockchain-sample-mage-duel

A sample service implementing a card game using the blockchain, which can serve as a guide on tokenizing game money and items.
C#
14
star
94

clova-cek-sdk-java

SDK of the Clova CEK for Java
Java
13
star
95

wasmvm

Go bindings to the CosmWasm smart contract framework. In particular, it allows you to easily compile, initialize, and execute these contracts from Go.
Go
13
star
96

tm-db

Common database interface for various database backends for Ostracon and LBM SDK. This is forked from Tendermint tm-db(https://github.com/tendermint/tm-db)
Go
13
star
97

clova-cek-sdk-elixir

SDK of the Clova CEK for Elixir
Elixir
13
star
98

line-api-use-case-liff

LINE LIFF demo application provided by LINE API Use Case
CSS
12
star
99

line-bot-pyconkr2019

LINE Chatbot for PyCon KR 2019
Python
12
star
100

line-blockchain-developers-sdk-kt

Kotlin library for line blockchain developers
Kotlin
11
star