Implement Device Finger Print
We have to implement device fingerprint with challenge to be sent to server.
Activity
@gospodin.bodurov I played around with this library. https://github.com/Valve/fingerprintjs2 Seems to be good solution, it collects 28 different parameters to build device fingerprint and produces hash from them. Also we can include user's public keys to improve entropy.
There is a list of parameters (I already included public key string here) which producing hash
061c99b4ab264dd272efe2cb34c29aef. We can exclude some of them from resulting hash if we want.
Edited by Igor Markinmentioned in merge request !8 (merged)
added awaiting feedback label
Related ticket - https://code.vereign.com/code/dashboard/issues/138. Please review.
removed awaiting feedback label
-
List of details can be retrieved from different clients.
Mac OS
ua: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" browser: {"name":"Chrome","version":"70.0.3538.110","major":"70"} engine: {"name":"WebKit","version":"537.36"} os: {"name":"Mac OS","version":"10.14.1"} device: {} cpu: {}Windows
ua: "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 YaBrowser/18.10.2.163 Yowser/2.5 Safari/537.36" browser: {"name":"Yandex","version":"18.10.2.163","major":"18"} engine: {"name":"WebKit","version":"537.36"} os: {"name":"Windows","version":"7"} device: {} cpu: {"architecture":"amd64"}Ubuntu
ua: "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0" browser: {"name":"Firefox","version":"63.0","major":"63"} engine: {"name":"Gecko","version":"63.0"} os: {"name":"Ubuntu"} device: {} cpu: {"architecture":"amd64"}iPhone
ua: "Mozilla/5.0 (iPhone; CPU iPhone OS 12_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1" browser: {"name":"Mobile Safari","version":"12.0","major":"12"} engine: {"name":"WebKit","version":"605.1.15"} os: {"name":"iOS","version":"12.1"} device: {"vendor":"Apple","model":"iPhone","type":"mobile"} cpu: {}Android
"Mozilla/5.0 (Linux; Android 8.0.0; SM-A320F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.80 Mobile Safari/537.36" browser: {"name":"Chrome","version":"70.0.3538.80","major":"70"} engine: {"name":"WebKit","version":"537.36"} os: {"name":"Android","version":"8.0.0"} device: {"vendor":"Samsung","model":"SM-A320F","type":"mobile"} cpu: {}Edited by Igor Markin -
Ok, please implement an utility function getting this info and synchronize with @damyan.mitev in order to store it somewhere on the backend. After that you have to implement challenge.
-
@damyan.mitev please take a look at the meta data above. Let's decide if we need all this info. According to latest @gilesvincent comments in https://code.vereign.com/code/dashboard/issues/138 we only need detect Device Type, Device ID, and Browser. We have browser details and since desktop systems doesn't provide device details, Device Type will be defined as OS for them (Mac OS 10.14.1, Windows 7, Ubuntu). And finally device ID may be represented as hash string taken from concatenated identity public key + user agent string.
All this can be done via library, so in the end backend will deal with the object containing device id, device type and browser.
Please let me know what do you think.
Edited by Igor Markin 
I will implement new Audit Log Agent, which will store this metadata. The most interesting parts for now seem to be User Agent and OS. I agree on the generating hash strategy.
Edited by Damyan Mitev-
@damyan.mitev okay, so to be clear, you will need only User Agent, OS, and Device ID, right? I can cut out rest properties for now (browser, engine, device, cpu)?
-
@damyan.mitev example of request headers:
Accept: "application/json, text/plain, */*" Content-Type: "application/json;charset=utf-8" deviceHash: "W29iamVjdCBBcnJheUJ1ZmZlcl0=" publicKey: "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0NCk1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBei9wWmNqam51VXR4MWhuN2JoM0MNCjRQUWZrY3dLZ3IzQXpGeEl6V2Y4YVhJeWtsTU1WQ2RldkZteWUvODdsYXMxcHZ1NEpIMlp2Z0Y3cGRhQTNoaFUNCkwyM25ESkhmeDhMT2dFOGUxa09XY2R0aFhQODFDK0ZJRngrOTNhY3FFWlJOMGVTUSsrUEFLT3hheVRUYjhFR3ENClRnWWs2REJ0VnQwOWlDK3B2MVVaUHpSODhHeXYvY01zbUtIYzIxcjdqMk5NK2dUZVRPR2ZhYm5YSUdLbGxtV28NCjMrMzJabjRQY0tuaWYvcWhheHY2RVoxMGlFalVqeWFVbHJueEJuQ2RlYXVFUExhY1kxRkNDSk1xSWJQWXljZUINCk5IQ0F4bitNb0pDV0VyY0FJTjNkRGphWXRiajR5cXVRRGV5QnQyYUNMemlmeUhQZCs5Q0grMDJFQ0t3UnlNSVYNCi93SURBUUFCDQotLS0tLUVORCBQVUJMSUMgS0VZLS0tLS0NCg==" token: "M_LudRUusJwZZa4DVpvWQP465mH1BMRZ_Ji9EC17kh2tuVKxWehbsmtRTQE5vSmCcDxxpK7Em4vPlf_SK_zGIiuLgoklUNRcuaqFNEpsl7o7-r-jiG9Nf5Dk0gO-DsaoJ-f-kdwjBuwuaXMcrIol4UyJRyPVYZcLpuJaJTBcKR8qlJbRS3gjeVFcEWAelTt1r14IYF0s_IrZzr1tOib3Tz7ph6dAqFLyQEL0jm5ug2ZPG8Rt-R6eEZtDJAWv9xj3eaf1P-u4kcbzXP5olkp5Apirsg89UVu4QtRLLSObB4moW-MzHDB4noIWqH0j6wNbCmlsZQZRuJRMUcDkl5ntiA==" userAgent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" uuid: "de996a17-704a-4b7f-a821-81db231bdcfb" closed via merge request !8 (merged)
mentioned in commit 56cf8855