What does HackerNews think of python-fido2?

Provides library functionality for FIDO 2.0, including communication with a device over USB.

Language: Python

you can also use it natively in non-browser applications.

just the other day i've used it in a CLI application (which authenticated against web, but without real browser): https://github.com/Yubico/python-fido2

It uses a standard protocol (CTAP2 - https://fidoalliance.org/specs/fido-v2.0-rd-20170927/fido-cl...) that's part of the standards for FIDO2. IIRC as long as your OS lets your application speak to the YubiKey over USB, you should be able to use this in the application. In the browser, you can just use WebAuthn.

If you want to see how a native app can talk to the YubiKey, you can play with Yubico's own implementation: https://github.com/Yubico/python-fido2/

For browser based code, you can use WebAuthn and leave the device communication to the browser and OS: https://developer.mozilla.org/en-US/docs/Web/API/Web_Authent...

Just wondering, is there any reason why the Yubico FIDO2 Python API[0] talks to a USB device by using custom code to handle the USB protocol instead of using a module like PyUSB[1]?

[0] https://github.com/Yubico/python-fido2

[1] https://pyusb.github.io/pyusb/

We have C, Python and Java libraries released right now, all of which are beta WIP as we don't yet have any users who can inform the API designs from real world use cases.

https://github.com/Yubico/libfido2

https://github.com/Yubico/python-fido2/

https://github.com/Yubico/java-webauthn-server