zolfa
/
pyjod
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Implementazione open-source del protocollo di Strong Customer Authentication di Poste Italiane, (https://posteid.poste.it), lato client.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
657 KiB
Tree: 2954e0856c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2954e0856c'
${ noResults }
pyjod/README.md

77 lines
2.8 KiB
Raw Normal View History

populate README.md
2 years ago
 
  1. 

  2. 

  3. <!-- ABOUT THE PROJECT -->
  4. # pyjod

  5. 

  6. Open-source implementation of the Strong Customer Authentication client agent used by the italian provider Poste Italiane S.p.A.
  7. 

  8. ### DISCLAIMER:

  9. * The main purpose of this project is research and understanding of the techniques and protocols used.
  10. * This project is under development and unstable, using it could cause revocation or ban of your user account.
  11. * Using this software would very likely compromise most of the security of having a 2-factor authentication scheme. Also, this software is not security-audited at all and is storing all your private keys and secret UNENCRYPTED on your computer!
  12. 

  13. In conclusion: USE IT ONLY AT YOUR RISKS, UNDER YOUR RESPONSABILITY, AND IF YOU KNOW VERY WELL WHAT YOU ARE DOING!
  14. 

  15. 

  16. ## Installation

  17. 

  18. All the following instruction assumes that you are using a BASH shell under Linux,
  19. you will have to adapt them if you use a different Operating System or a different shell.
  20. 

  21. 1. Ensure you have a proper and recent Python (> 3.9) installed. 
  22. 2. (Strongly suggested) create a dedicated Python virtual environment
  23.    ```sh
  24.    mkdir -p ~/.venvs
  25.    python3 -m venv ~/.venvs/pyjod
  26.    ```
  27. 3. Activate the virtual environment
  28.    ```sh
  29.    source ~/.venvs/pyjod/bin/activate
  30.    ```
  31. 4. Install `pyjod` and the optional dependencies you want
  32.    ```sh
  33.    # For a basic installation
  34.    pip install "git+https://projects.lilik.it/zolfa/pyjod"
  35.    # To include QR generator for OTP Authenticator apps
  36.    pip install "git+https://projects.lilik.it/zolfa/pyjod#egg=pyjod[qr]"
  37.    # To include also the QR screen scanner for instant authentication
  38.    pip install "git+https://projects.lilik.it/zolfa/pyjod#egg=pyjod[qr,scanqr]"
  39.    ```
  40. 5. Create a symbolic link from a directory available in your `$PATH`
  41.    ```sh
  42.    ln -s ~/.venvs/pyjod/bin/posteid ~/.local/bin/posteid
  43.    ```
  44. 

  45. ## Basic usage

  46. 

  47. 1. Execute `posteid` in a terminal, you will be guided into logging in and
  48.    configuring the application and enroling the device to your account.
  49.    ```sh
  50.    posteid
  51.    ```
  52. 2. After the first execution, you can call `posteid` again to check the status of
  53.    your device-account enrolment.
  54. 2. Generate an OTP-code to authenticate using the "Generate a single-use code" option.
  55.    ```sh
  56.    posteid otp
  57.    ```
  58. 3. List all the pending authentication request, and authorize one of them.
  59.    You will only see the requests generated using the "Send a notification to my device"
  60.    option.
  61.    ```sh
  62.    posteid authorize
  63.    ```
  64. 4. Export the QR generation seed to a compatible app using a standard provisioning QR-code
  65.    _You will need the extra requirements [qr]_
  66.    ```sh
  67.    posteid qr
  68.    ```
  69. 5. Detect a rapid-authentication qr in your screen and authorize the access using it.
  70.    _You will need the extra requirements [scanqr]_
  71.    ```sh
  72.    posteid scanqr
  73.    ```
  74. 6. Revoke your device enrolment, disabling private keys and OTP generator.
  75.    ```sh
  76.    posteid revoke
  77.    ```