autobahn.asyncio.util¶

Attributes¶

__all

Functions¶

`create_transport_details`(...)
`get_serializers`()
`peer2str`(→ str)
`transport_channel_id`(→ bytes)	Application-layer user authentication protocols are vulnerable to generic

Module Contents¶

__all = ('sleep', 'peer2str', 'transport_channel_id', 'create_transport_details')[source]¶

create_transport_details(transport, is_server: bool) → autobahn.wamp.types.TransportDetails[source]¶

get_serializers()[source]¶

peer2str(transport: asyncio.transports.BaseTransport) → str[source]¶

transport_channel_id(transport, is_server: bool, channel_id_type: str | None = None) → bytes[source]¶

Application-layer user authentication protocols are vulnerable to generic credential forwarding attacks, where an authentication credential sent by a client C to a server M may then be used by M to impersonate C at another server S. To prevent such credential forwarding attacks, modern authentication protocols rely on channel bindings. For example, WAMP-cryptosign can use the tls-unique channel identifier provided by the TLS layer to strongly bind authentication credentials to the underlying channel, so that a credential received on one TLS channel cannot be forwarded on another.

Parameters:

transport – The asyncio TLS transport to extract the TLS channel ID from.
is_server – Flag indicating the transport is for a server.
channel_id_type – TLS channel ID type, currently only “tls-unique” is supported.

Returns:

The TLS channel id (32 bytes).