Desktop Sample Applications

Below are complete Desktop (Java) sample applications demonstrating both client-direct and backend-proxied FIDO2 authentication patterns. These examples are useful for developers building Java desktop applications that integrate with the Arculus FIDO2 Server using PC/SC-compatible NFC readers.

Minimal Examples

These minimal examples show the essential code to register and authenticate a user without any UI scaffolding or error handling.

Minimal Client-Direct Example

import co.arculus.fido.ArculusFido;
import co.arculus.fido.ArculusFidoServer;
import co.arculus.pcsc.PCSC;

// Initialize PC/SC reader
String[] readers = PCSC.listPCSCReaders();
PCSC pcsc = new PCSC(readers[0]);
ArculusFido arculusFido = new ArculusFido(pcsc);

// Registration
ArculusFidoServer fidoServer = new ArculusFidoServer("fido.example.com");
fidoServer.setBeginRegistrationPath("fidoapi/certify/attestation/options", null);
fidoServer.setCompleteRegistrationPath("fidoapi/certify/attestation/result", null);

String result = arculusFido.register(
    fidoServer,
    "123456",                    // pin
    "[email protected]",          // username
    "My Device",                 // displayName
    "example.com",               // relyingParty
    false,                       // resetDevice
    null                         // registrationInfo
);
System.out.println("Registration: " + result);

// Authentication
fidoServer.setBeginAuthorizationPath("fidoapi/certify/assertion/options", null);
fidoServer.setCompleteAuthorizationPath("fidoapi/certify/assertion/result", null);

String authResult = arculusFido.authenticate(
    fidoServer,
    "123456",                    // pin
    "[email protected]",          // username
    "My Device",                 // displayName
    "example.com"                // relyingParty
);
System.out.println("Authentication: " + authResult);

Minimal Backend-Proxied Example

Complete Sample Applications

The following sections provide complete, production-ready sample applications with full error handling, UI components, and backend integration.

Client-Direct Pattern

A simple desktop application demonstrating direct FIDO2 server communication:

A complete desktop application demonstrating the backend-proxied pattern with 3-phase authentication and registration flows. This pattern is recommended for production deployments.

Backend API Client

Helper Function: Create Options Response

Complete Backend-Proxied Sample App

Backend Implementation (Java Servlet)

The backend service receives requests from the Desktop app and proxies them to the FIDO2 Server. The implementation is identical to the iOS/Android backend (see 5.2 iOS Sample Applications - Backend Implementation) since all client applications use the same backend API contract.

Key Points:

  • Same operation-based routing (operation: "register" or operation: "authenticate")

  • Same phase detection (presence of cardResponseData determines begin vs. complete)

  • Same session cookie handling

  • Same FIDO2 Server REST API endpoints

The backend implementation shown in the iOS sample applications page applies to Desktop applications as well.

Last updated