@@ -20,7 +20,7 @@ implementation. A physical U2F device will generate similar statements.
2020
2121## A sample web app that uses U2F
2222
23- This is a sample application built on the Google Appengine web platform which
23+ This is a sample application built on the Google App Engine web platform which
2424demonstrates a possible UX for user interaction with U2F in a web page. The
2525sample application is deployed and available live at
2626https://crxjs-dot-u2fdemo.appspot.com/ . The underlying U2F capability is provided by the
@@ -57,3 +57,55 @@ in ``com.google.u2f.tools.httpserver.UtfHttpServer.java`` and runs on port
57578080 . Run this class as a regular Java application (right click, select * Run
5858As* and * Java Application* ). Note that you need to have the U2F extension
5959installed in Chrome in order for the demo app to talk to your U2F token.
60+
61+ ### U2F-GAE-Demo
62+
63+ The u2f-gae-demo project is a sample application built on the Google App Engine
64+ web platform which demonstrates a possible UX for user interaction with U2F in a
65+ web page.
66+
67+ As above, after importing the project into Eclipse you might have to adjust JDK
68+ versions, App Engine SDK version, etc. Once everything compiles, you can run the
69+ App Engine server locally and point Google Chrome at http://localhost:8888/ . The
70+ built-in support for U2F in Google Chrome only works on HTTPS sites. To test
71+ the app on ` http://localhost:8888 ` , which uses HTTP, you need to do one of the
72+ following:
73+
74+ #### Option 1: Use the extension from the webstore
75+ * Install the u2f extension [ available from the Chrome store] [ webstore ] .
76+ * Navigate to ` chrome://extensions ` and enable ` Developer Mode ` by clicking a
77+ checkbox in the top right corner.
78+ * Find the ` FIDO U2F (Universal 2nd Factor) ` extension.
79+ * Click on "background page". This will open a Developer Tools window, including
80+ a Console.
81+ * In the console, type:
82+
83+ `HTTP_ORIGINS_ALLOWED = true;`
84+ * Now, configure the appspot server to call the U2F extension by setting the
85+ extension id in
86+ [ u2f-api.js] ( https://github.com/google/u2f-ref-code/blob/master/u2f-gae-demo/war/js/u2f-api.js )
87+ to ``` kmendfapggjehodndflmmgagdbamhnfd ``` :
88+ ```
89+ u2f.EXTENSION_ID = 'kmendfapggjehodndflmmgagdbamhnfd';
90+ ```
91+ Remember to reset this value before deploying.
92+ * Then, point your browser at ` http://localhost:8888/ ` .
93+
94+ #### Option 2: Use the built-in chrome support
95+ * Quit all instances of Google Chrome.
96+ * Restart Google Chrome with the ` --show-component-extension-options `
97+ command-line flag.
98+ * Navigate to ` chrome://extensions ` and enable ` Developer Mode ` by clicking a
99+ checkbox in the top right corner.
100+ * Find the ` CryptoTokenExtension ` extension.
101+ * Click on "background page". This will open a Developer Tools window, including
102+ a Console.
103+
104+ * In the console, type:
105+
106+ `HTTP_ORIGINS_ALLOWED = true;`
107+ * Then, point your browser at http://localhost:8888/
108+
109+ You can deploy this App Engine app to your own domain by changing the application
110+ name in ` u2f-gae-demo/war/WEB-INF/appengine-web.xml ` .
111+
0 commit comments