SpanKey - SpanKey.FIDO

SpanKey - SpanKey.FIDO_Challenge

Table of contents

The SpanKey.FIDO_Challenge method is used to get a U2F registration challenge.

The required parameters are the username of the LDAP user for which the registration challenge is generated, the domain of the user and the random, generated with the method WebADM - Get_Random_Bytes.
The only optional parameter is the appid that corresponds to the FIDO Origin defined in OpenOTP.

This method returns a JSON-encoded FIDO registration challenge on success and false on error.


import requests
import json

# Define the method and parameters
method = 'SpanKey.FIDO_Challenge'
params = {
    'username': 'Jane Doe',
    'domain': 'RCDEVSDOCS',
    'random': 'k8VrncVJzXfAEVfopj4AcpTp3is=',
    'appid': 'rcdevsdocs.com'
}

# Create the request payload
request_payload = {
    'jsonrpc': "2.0",
    'method': method,
    'params': params,
    'id': 0
}

# Convert payload to JSON
json_payload = json.dumps(request_payload)

# Define the URL and credentials
url = "https://webadm1.rcdevsdocs.com/manag/"
auth = ("RCDEVSDOCS\\administrator", "password")

# Define the headers
headers = {
    "Content-Type": "application/json",
    "Connection": "close"
}

# Make the POST request
response = requests.post(url, data=json_payload, headers=headers, auth=auth, verify=False)

# Print the HTTP response code and response content
print(f"HTTP response code: {response.status_code}")
print(response.json())


<?php
$method = 'SpanKey.FIDO_Challenge';
$params = array(
    'username' => 'Jane Doe',
    'domain' => 'RCDEVSDOCS',
    'random' => 'k8VrncVJzXfAEVfopj4AcpTp3is=',
    'appid' => 'rcdevsdocs.com'
);

$request = array(
    'jsonrpc' => "2.0",
    'method' => $method,
    'params' => $params,
    'id' => 0
);
$json = json_encode($request);

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://webadm1.rcdevsdocs.com/manag/");
curl_setopt($ch, CURLOPT_USERPWD, "RCDEVSDOCS\\administrator:password");
curl_setopt($ch, CURLOPT_HTTPHEADER, array("connection: close"));
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $json);
$out = curl_exec($ch);
curl_close($ch);

print_r(json_decode($out));
?>


# Define the method and parameters
$method = 'SpanKey.FIDO_Challenge'
$params = @{
    username = 'Jane Doe'
    domain = 'RCDEVDOCS'
    random = 'k8VrncVJzXfAEVfopj4AcpTp3is='
    appid = 'rcdevsdocs.com'
}

# Create the request payload
$requestPayload = @{
    'jsonrpc' = '2.0'
    'method' = $method
    'params' = $params
    'id' = 0
}

# Convert the request payload to JSON
$jsonPayload = $requestPayload | ConvertTo-Json

# Define the URL and credentials
$url = "https://webadm1.rcdevsdocs.com/manag/"
$auth = "RCDEVSDOCS\administrator:password"

# Make the POST request
$response = Invoke-RestMethod -Uri $url -Method Post -Body $jsonPayload -Headers @{ "Content-Type" = "application/json" } -Credential (New-Object System.Management.Automation.PSCredential($auth, (ConvertTo-SecureString "password" -AsPlainText -Force))) -SkipCertificateCheck

# Output the response
Write-Host "HTTP Response Code: $($response.status_code)"
Write-Host $response | ConvertTo-Json