Authorization (AZ)

Syntax

java -jar skfsclient.jar AZ <hostport> <did> <wsprotocol> <authtype> [ <accesskey> <secretkey> | <svcusername> <svcpassword> ] <username> <txid> <txpayload> <origin> <authcounter> <crossorigin> <verify>

Values

Value	Explanation
hostport	Host and port to access the FIDO server SOAP & REST format : http://<FQDN>:<non-ssl-portnumber> or https://<FQDN>:<ssl-portnumber> example : https://fidodemo.strongauth.com:8181
did	Unique domain identifier that belongs to SKCE
wsprotocol	Web service protocol; REST \| SOAP
authtype	Authentication type; HMAC \| PASSWORD
accesskey	Access key for use in identifying a secret key
secretkey	Secret key for HMACing a request
svcusername	Username used for PASSWORD-based authorization
svcpassword	Password used for PASSWORD-based authorization
username	Username for registration, authentication, or getting keys info
txid	Unique identifier for the transaction (Base64URLSafe Strong)
txpayload	Transaction payload to be used to generate the challenge for transaction authorization (Base64URLSafe Strong)
origin	Origin to be used by the FIDO Client Simulator
authcounter	Auth counter to be used by the FIDO Client Simulator
crossorigin	Boolean that will determine if client data allows crossorigin or not - to be used for the simulator
verify	Verify the authorization once again once we receive the response (Boolean value)

Output

$ example:~/skfsclient> java -jar skfsclient.jar AZ https://example.strongkey.com:8181 1 REST PASSWORD svcfidouser Abcd1234! johndoe ID1234 AAABBBBABAB https://example.strongkey.com 4 false true

Copyright (c) 2001-2024 StrongAuth, Inc. All rights reserved.


REST Authorization with PASSWORD
*******************************
preauthorizejson = 
{"svcinfo":{"did":1,"protocol":"FIDO2_0","authtype":"PASSWORD","svcusername":"svcfidouser","svcpassword":"Abcd1234!"},"payload":{"username":"johndoe","txid":"123","txpayload":"123","options":{}}}

Calling preauthorize @ https://example.strongkey.com:8181/skfs/rest/preauthorize
 Response : {"Response":{"challenge":"QXKBR1znge51qK5Ia9rJ6hFgx_M1wTwoq5p7Af9MboI","allowCredentials":[{"type":"public-key","id":"iRklifx1dKdJ1TD8nfO_1sJkjBvQ8c-IvF7rWIm_Pn3eomw-6ADlnnQW6SdnywTy-9BQRn4dZ_YG-I2whzQyjlpu1uMCHEipGnq7jIMFl3uag6muQz8R8fOjQQHp7zp_roZV8CcUgqaBhDpBJPJeownmAU89_J_30TtxD9l6vGBYE1QL8Q_NRwHtONs0BHaHVinjS4JigcNCvdC9IyHfd91vAwnrxOy9h0JqmBBZF28NWlQGSKhMVLCIYcFioyx6","alg":-7},{"type":"public-key","id":"vWOzdjkJuhFu882484g4j87WSjzS9yhtGNnumOYQ1lGhsfsPEXUuTWllh-HLT5-wdq-cc6CaDZzaCnJyMotyuO40Q322xqY95IBxFoiPTerl75eRbFmBFbD8xnhIsZaqchVnWtKmcOG-kMIH35HQtDTfS-TwzQx8Ok5GUhc8y17VNb9mK3cWgyJXnRCZ-MMjB-E7EEd0StiMvcuoadtZ1pgnXskbHL6_lZDmLlGmCipLaLz7rc0uevKuvdiJqa9h","alg":-7}],"txid":"123","txpayload":"123","rpId":"strongkey.com"},"responseCode":"FIDO-MSG-0014"}

Pre-Authorize Complete.

Generating Authorization response...

{}
ChallengeNonce: QXKBR1znge51qK5Ia9rJ6hFgx_M1wTwoq5p7Af9MboI
Simulator Response : 
 id = iRklifx1dKdJ1TD8nfO_1sJkjBvQ8c-IvF7rWIm_Pn3eomw-6ADlnnQW6SdnywTy-9BQRn4dZ_YG-I2whzQyjlpu1uMCHEipGnq7jIMFl3uag6muQz8R8fOjQQHp7zp_roZV8CcUgqaBhDpBJPJeownmAU89_J_30TtxD9l6vGBYE1QL8Q_NRwHtONs0BHaHVinjS4JigcNCvdC9IyHfd91vAwnrxOy9h0JqmBBZF28NWlQGSKhMVLCIYcFioyx6
 rawId = iRklifx1dKdJ1TD8nfO_1sJkjBvQ8c-IvF7rWIm_Pn3eomw-6ADlnnQW6SdnywTy-9BQRn4dZ_YG-I2whzQyjlpu1uMCHEipGnq7jIMFl3uag6muQz8R8fOjQQHp7zp_roZV8CcUgqaBhDpBJPJeownmAU89_J_30TtxD9l6vGBYE1QL8Q_NRwHtONs0BHaHVinjS4JigcNCvdC9IyHfd91vAwnrxOy9h0JqmBBZF28NWlQGSKhMVLCIYcFioyx6
 response = authenticatorData = WnTBrV2dI2nYtpWAzOrzVHMkwfEC46dxHD4U1RP9KKMEAAAABA
 signature = MEQCIAtzmDpYC-LsKCIU0z5nk0ryPmhD1_pQmgu5_MmBukdPAiA6lB21VXhrTdRktWagg27vGVIrImFeX_w0jc1sdYi8Mg
 userHandle = 
 clientDataJSON = eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiUVhLQlIxem5nZTUxcUs1SWE5cko2aEZneF9NMXdUd29xNXA3QWY5TWJvSSIsIm9yaWdpbiI6Imh0dHBzOi8vdGVzdC5zdHJvbmdrZXkuY29tIiwiY3Jvc3NPcmlnaW4iOmZhbHNlfQ
 type = public-key

Finished Generating Authorization Response.

Authorizinging ...
authjson = 
{"svcinfo":{"did":1,"protocol":"FIDO2_0","authtype":"PASSWORD","svcusername":"svcfidouser","svcpassword":"Abcd1234!"},"payload":{"txid":"123","txpayload":"123","publicKeyCredential":{"id":"iRklifx1dKdJ1TD8nfO_1sJkjBvQ8c-IvF7rWIm_Pn3eomw-6ADlnnQW6SdnywTy-9BQRn4dZ_YG-I2whzQyjlpu1uMCHEipGnq7jIMFl3uag6muQz8R8fOjQQHp7zp_roZV8CcUgqaBhDpBJPJeownmAU89_J_30TtxD9l6vGBYE1QL8Q_NRwHtONs0BHaHVinjS4JigcNCvdC9IyHfd91vAwnrxOy9h0JqmBBZF28NWlQGSKhMVLCIYcFioyx6","rawId":"iRklifx1dKdJ1TD8nfO_1sJkjBvQ8c-IvF7rWIm_Pn3eomw-6ADlnnQW6SdnywTy-9BQRn4dZ_YG-I2whzQyjlpu1uMCHEipGnq7jIMFl3uag6muQz8R8fOjQQHp7zp_roZV8CcUgqaBhDpBJPJeownmAU89_J_30TtxD9l6vGBYE1QL8Q_NRwHtONs0BHaHVinjS4JigcNCvdC9IyHfd91vAwnrxOy9h0JqmBBZF28NWlQGSKhMVLCIYcFioyx6","response":{"authenticatorData":"WnTBrV2dI2nYtpWAzOrzVHMkwfEC46dxHD4U1RP9KKMEAAAABA","signature":"MEQCIAtzmDpYC-LsKCIU0z5nk0ryPmhD1_pQmgu5_MmBukdPAiA6lB21VXhrTdRktWagg27vGVIrImFeX_w0jc1sdYi8Mg","userHandle":"","clientDataJSON":"eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiUVhLQlIxem5nZTUxcUs1SWE5cko2aEZneF9NMXdUd29xNXA3QWY5TWJvSSIsIm9yaWdpbiI6Imh0dHBzOi8vdGVzdC5zdHJvbmdrZXkuY29tIiwiY3Jvc3NPcmlnaW4iOmZhbHNlfQ"},"type":"public-key"},"strongkeyMetadata":{"version":"1.0","last_used_location":"Sunnyvale, CA","username":"johndoe","origin":"https://test.strongkey.com"}}}

Calling authorize @ https://example.strongkey.com:8181/skfs/rest/authorize
 Response : {"Response":"Successfully processed authorization response","responseCode":"FIDO-MSG-0016","txdetail":{"txid":"123","txpayload":"123","nonce":"yY0yLSlM5XO57FoxfHjJwA","txtime":1695848723412,"challenge":"QXKBR1znge51qK5Ia9rJ6hFgx_M1wTwoq5p7Af9MboI"},"FIDOAuthenticatorReferences":[{"protocol":"FIDO2_0","id":"iRklifx1dKdJ1TD8nfO_1sJkjBvQ8c-IvF7rWIm_Pn3eomw-6ADlnnQW6SdnywTy-9BQRn4dZ_YG-I2whzQyjlpu1uMCHEipGnq7jIMFl3uag6muQz8R8fOjQQHp7zp_roZV8CcUgqaBhDpBJPJeownmAU89_J_30TtxD9l6vGBYE1QL8Q_NRwHtONs0BHaHVinjS4JigcNCvdC9IyHfd91vAwnrxOy9h0JqmBBZF28NWlQGSKhMVLCIYcFioyx6","rawId":"iRklifx1dKdJ1TD8nfO_1sJkjBvQ8c-IvF7rWIm_Pn3eomw-6ADlnnQW6SdnywTy-9BQRn4dZ_YG-I2whzQyjlpu1uMCHEipGnq7jIMFl3uag6muQz8R8fOjQQHp7zp_roZV8CcUgqaBhDpBJPJeownmAU89_J_30TtxD9l6vGBYE1QL8Q_NRwHtONs0BHaHVinjS4JigcNCvdC9IyHfd91vAwnrxOy9h0JqmBBZF28NWlQGSKhMVLCIYcFioyx6","userHandle":"","rpId":"strongkey.com","authenticatorData":"WnTBrV2dI2nYtpWAzOrzVHMkwfEC46dxHD4U1RP9KKMEAAAABA","clientDataJSON":"eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiUVhLQlIxem5nZTUxcUs1SWE5cko2aEZneF9NMXdUd29xNXA3QWY5TWJvSSIsIm9yaWdpbiI6Imh0dHBzOi8vdGVzdC5zdHJvbmdrZXkuY29tIiwiY3Jvc3NPcmlnaW4iOmZhbHNlfQ","aaguid":"33623161-6462-3939-2d30-6466652d3436","authorizationTime":1695848725037,"uv":true,"up":false,"signerPublicKey":"MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEA_____wAAAAEAAAAAAAAAAAAAAAD_______________8wRAQg_____wAAAAEAAAAAAAAAAAAAAAD_______________wEIFrGNdiqOpPns-u9VXaYhrxlHQawzFOw9jvOPD4n0mBLBEEEaxfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpZP40Li_hp_m47n60p8D54WK84zV2sxXs7LtkBoN79R9QIhAP____8AAAAA__________-85vqtpxeehPO5ysL8YyVRAgEBA0IABIZ4oyr_mWSQdUzD2QPOh38l6VpuGTfFVwKtfBourkCktJoVBaag1Zewq7ZqMwa96bLEfKE7RQzBrb4beJ1sYgg","signature":"MEQCIAtzmDpYC-LsKCIU0z5nk0ryPmhD1_pQmgu5_MmBukdPAiA6lB21VXhrTdRktWagg27vGVIrImFeX_w0jc1sdYi8Mg","usedForThisTransaction":true,"signingKeyType":"ECDSA","signingKeyAlgorithm":"SHA256withECDSA"}]}

Authorization Complete.
*******************************

Done with Authorize!