Virtual Authenticator
Web applications can enable a public key-based authentication mechanism known as Web Authentication to authenticate users in a passwordless manner. Web Authentication defines APIs that allows a user to create a public-key credential and register it with an authenticator. An authenticator can be a hardware device or a software entity that stores user’s public-key credentials and retrieves them on request.
As the name suggests, Virtual Authenticator emulates such authenticators for testing.
Virtual Authenticator Options
A Virtual Authenticatior has a set of properties. These properties are mapped as VirtualAuthenticatorOptions in the Selenium bindings.
VirtualAuthenticatorOptions options = new VirtualAuthenticatorOptions()
.setIsUserVerified(true)
.setHasUserVerification(true)
.setIsUserConsenting(true)
.setTransport(VirtualAuthenticatorOptions.Transport.USB)
.setProtocol(VirtualAuthenticatorOptions.Protocol.U2F)
.setHasResidentKey(false);
// Create virtual authenticator options
VirtualAuthenticatorOptions options = new VirtualAuthenticatorOptions()
.SetIsUserVerified(true)
.SetHasUserVerification(true)
.SetIsUserConsenting(true)
.SetTransport(VirtualAuthenticatorOptions.Transport.USB)
.SetProtocol(VirtualAuthenticatorOptions.Protocol.U2F)
.SetHasResidentKey(false);
options = VirtualAuthenticatorOptions()
options.is_user_verified = True
options.has_user_verification = True
options.is_user_consenting = True
options.transport = VirtualAuthenticatorOptions.Transport.USB
options.protocol = VirtualAuthenticatorOptions.Protocol.U2F
options.has_resident_key = False
options = new VirtualAuthenticatorOptions();
options.setIsUserVerified(true);
options.setHasUserVerification(true);
options.setIsUserConsenting(true);
options.setTransport(Transport['USB']);
options.setProtocol(Protocol['U2F']);
options.setHasResidentKey(false);
Add Virtual Authenticator
It creates a new virtual authenticator with the provided properties.
VirtualAuthenticatorOptions options = new VirtualAuthenticatorOptions()
.setProtocol(VirtualAuthenticatorOptions.Protocol.U2F)
.setHasResidentKey(false);
VirtualAuthenticator authenticator =
((HasVirtualAuthenticator) driver).addVirtualAuthenticator(options);
// Create virtual authenticator options
VirtualAuthenticatorOptions options = new VirtualAuthenticatorOptions()
.SetProtocol(VirtualAuthenticatorOptions.Protocol.U2F)
.SetHasResidentKey(false);
// Register a virtual authenticator
((WebDriver)driver).AddVirtualAuthenticator(options);
List<Credential> credentialList = ((WebDriver)driver).GetCredentials();
options = VirtualAuthenticatorOptions()
options.protocol = VirtualAuthenticatorOptions.Protocol.U2F
options.has_resident_key = False
# Register a virtual authenticator
driver.add_virtual_authenticator(options)
options.setProtocol(Protocol['U2F']);
options.setHasResidentKey(false);
// Register a virtual authenticator
await driver.addVirtualAuthenticator(options);
Remove Virtual Authenticator
Removes the previously added virtual authenticator.
((HasVirtualAuthenticator) driver).removeVirtualAuthenticator(authenticator);
VirtualAuthenticatorOptions options = new VirtualAuthenticatorOptions()
.SetProtocol(VirtualAuthenticatorOptions.Protocol.U2F)
.SetHasResidentKey(false);
String virtualAuthenticatorId = ((WebDriver)driver).AddVirtualAuthenticator(options);
((WebDriver)driver).RemoveVirtualAuthenticator(virtualAuthenticatorId);
options = VirtualAuthenticatorOptions()
# Register a virtual authenticator
driver.add_virtual_authenticator(options)
# Remove virtual authenticator
driver.remove_virtual_authenticator()
await driver.addVirtualAuthenticator(options);
await driver.removeVirtualAuthenticator();
Create Resident Credential
Creates a resident (stateful) credential with the given required credential parameters.
byte[] credentialId = {1, 2, 3, 4};
byte[] userHandle = {1};
Credential residentCredential = Credential.createResidentCredential(
credentialId, "localhost", rsaPrivateKey, userHandle, /*signCount=*/0);
byte[] credentialId = { 1, 2, 3, 4 };
byte[] userHandle = { 1 };
Credential residentCredential = Credential.CreateResidentCredential(
credentialId, "localhost", base64EncodedPK, userHandle, 0);
options = VirtualAuthenticatorOptions()
options.protocol = VirtualAuthenticatorOptions.Protocol.CTAP2
options.has_resident_key = True
options.has_user_verification = True
options.is_user_verified = True
# Register a virtual authenticator
driver.add_virtual_authenticator(options)
# parameters for Resident Credential
credential_id = bytearray({1, 2, 3, 4})
rp_id = "localhost"
user_handle = bytearray({1})
privatekey = urlsafe_b64decode(BASE64__ENCODED_PK)
sign_count = 0
# create a resident credential using above parameters
resident_credential = Credential.create_resident_credential(credential_id, rp_id, user_handle, privatekey, sign_count)
options.setProtocol(Protocol['CTAP2']);
options.setHasResidentKey(true);
options.setHasUserVerification(true);
options.setIsUserVerified(true);
await driver.addVirtualAuthenticator(options);
let residentCredential = new Credential().createResidentCredential(
new Uint8Array([1, 2, 3, 4]),
'localhost',
new Uint8Array([1]),
Buffer.from(BASE64_ENCODED_PK, 'base64').toString('binary'),
0);
await driver.addCredential(residentCredential);
Create Non-Resident Credential
Creates a resident (stateless) credential with the given required credential parameters.
byte[] credentialId = {1, 2, 3, 4};
Credential nonResidentCredential = Credential.createNonResidentCredential(
credentialId, "localhost", ec256PrivateKey, /*signCount=*/0);
byte[] credentialId = { 1, 2, 3, 4 };
Credential nonResidentCredential = Credential.CreateNonResidentCredential(
credentialId, "localhost", base64EncodedEC256PK, 0);
let nonResidentCredential = new Credential().createNonResidentCredential(
new Uint8Array([1, 2, 3, 4]),
'localhost',
Buffer.from(base64EncodedPK, 'base64').toString('binary'),
0);
Add Credential
Registers the credential with the authenticator.
VirtualAuthenticatorOptions options = new VirtualAuthenticatorOptions()
.setProtocol(VirtualAuthenticatorOptions.Protocol.U2F)
.setHasResidentKey(false);
VirtualAuthenticator authenticator = ((HasVirtualAuthenticator) driver).addVirtualAuthenticator(options);
byte[] credentialId = {1, 2, 3, 4};
Credential nonResidentCredential = Credential.createNonResidentCredential(
credentialId, "localhost", ec256PrivateKey, /*signCount=*/0);
authenticator.addCredential(nonResidentCredential);
VirtualAuthenticatorOptions options = new VirtualAuthenticatorOptions()
.SetProtocol(VirtualAuthenticatorOptions.Protocol.U2F)
.SetHasResidentKey(false);
((WebDriver)driver).AddVirtualAuthenticator(options);
byte[] credentialId = { 1, 2, 3, 4 };
Credential nonResidentCredential = Credential.CreateNonResidentCredential(
credentialId, "localhost", base64EncodedEC256PK, 0);
((WebDriver)driver).AddCredential(nonResidentCredential);
options.setProtocol(Protocol['U2F']);
options.setHasResidentKey(false);
await driver.addVirtualAuthenticator(options);
let nonResidentCredential = new Credential().createNonResidentCredential(
new Uint8Array([1, 2, 3, 4]),
'localhost',
Buffer.from(base64EncodedPK, 'base64').toString('binary'),
0);
await driver.addCredential(nonResidentCredential);
Get Credential
Returns the list of credentials owned by the authenticator.
VirtualAuthenticatorOptions options = new VirtualAuthenticatorOptions()
.setProtocol(VirtualAuthenticatorOptions.Protocol.CTAP2)
.setHasResidentKey(true)
.setHasUserVerification(true)
.setIsUserVerified(true);
VirtualAuthenticator authenticator = ((HasVirtualAuthenticator) driver).addVirtualAuthenticator(options);
byte[] credentialId = {1, 2, 3, 4};
byte[] userHandle = {1};
Credential residentCredential = Credential.createResidentCredential(
credentialId, "localhost", rsaPrivateKey, userHandle, /*signCount=*/0);
authenticator.addCredential(residentCredential);
List<Credential> credentialList = authenticator.getCredentials();
VirtualAuthenticatorOptions options = new VirtualAuthenticatorOptions()
.SetProtocol(Protocol.CTAP2)
.SetHasResidentKey(true)
.SetHasUserVerification(true)
.SetIsUserVerified(true);
((WebDriver)driver).AddVirtualAuthenticator(options);
byte[] credentialId = { 1, 2, 3, 4 };
byte[] userHandle = { 1 };
Credential residentCredential = Credential.CreateResidentCredential(
credentialId, "localhost", base64EncodedPK, userHandle, 0);
((WebDriver)driver).AddCredential(residentCredential);
List<Credential> credentialList = ((WebDriver)driver).GetCredentials();
options.setProtocol(Protocol['CTAP2']);
options.setHasResidentKey(true);
options.setHasUserVerification(true);
options.setIsUserVerified(true);
await driver.addVirtualAuthenticator(options);
let residentCredential = new Credential().createResidentCredential(
new Uint8Array([1, 2, 3, 4]),
'localhost',
new Uint8Array([1]),
Buffer.from(BASE64_ENCODED_PK, 'base64').toString('binary'),
0);
await driver.addCredential(residentCredential);
let credentialList = await driver.getCredentials();
Remove Credential
Removes a credential from the authenticator based on the passed credential id.
VirtualAuthenticator authenticator =
((HasVirtualAuthenticator) driver).addVirtualAuthenticator(new VirtualAuthenticatorOptions());
byte[] credentialId = {1, 2, 3, 4};
Credential credential = Credential.createNonResidentCredential(
credentialId, "localhost", rsaPrivateKey, 0);
authenticator.addCredential(credential);
authenticator.removeCredential(credentialId);
((WebDriver)driver).AddVirtualAuthenticator(new VirtualAuthenticatorOptions());
byte[] credentialId = { 1, 2, 3, 4 };
Credential nonResidentCredential = Credential.CreateNonResidentCredential(
credentialId, "localhost", base64EncodedEC256PK, 0);
((WebDriver)driver).AddCredential(nonResidentCredential);
((WebDriver)driver).RemoveCredential(credentialId);
Remove All Credentials
Removes all the credentials from the authenticator.
VirtualAuthenticator authenticator =
((HasVirtualAuthenticator) driver).addVirtualAuthenticator(new VirtualAuthenticatorOptions());
byte[] credentialId = {1, 2, 3, 4};
Credential residentCredential = Credential.createNonResidentCredential(
credentialId, "localhost", rsaPrivateKey, /*signCount=*/0);
authenticator.addCredential(residentCredential);
authenticator.removeAllCredentials();
((WebDriver)driver).AddVirtualAuthenticator(new VirtualAuthenticatorOptions());
byte[] credentialId = { 1, 2, 3, 4 };
Credential nonResidentCredential = Credential.CreateNonResidentCredential(
credentialId, "localhost", base64EncodedEC256PK, 0);
((WebDriver)driver).AddCredential(nonResidentCredential);
((WebDriver)driver).RemoveAllCredentials();
await driver.addVirtualAuthenticator(options);
let nonResidentCredential = new Credential().createNonResidentCredential(
new Uint8Array([1, 2, 3, 4]),
'localhost',
Buffer.from(BASE64_ENCODED_PK, 'base64').toString('binary'),
0);
await driver.addCredential(nonResidentCredential);
driver.removeAllCredentials();
Set User Verified
Sets whether the authenticator will simulate success or fail on user verification.
VirtualAuthenticatorOptions options = new VirtualAuthenticatorOptions()
.setIsUserVerified(true);
VirtualAuthenticatorOptions options = new VirtualAuthenticatorOptions()
.SetIsUserVerified(true);
options.setIsUserVerified(true);