Skip to content

Commit

Permalink
feat(jans-fido2): major FIDO2 / Passkeys upgrade ProjectPasskeys (#1…
Browse files Browse the repository at this point in the history
…0080)

* chore(main): release jans-orm 1.0.1-SNAPSHOT (#1713)

* chore(main): release jans-fido2 1.0.1-SNAPSHOT (#1712)

* chore(main): release jans-auth-server 1.0.1-SNAPSHOT (#1711)

* chore(main): release jans-core 1.0.1-SNAPSHOT (#1710)

* chore(main): release jans-scim 1.0.1-SNAPSHOT (#1709)

* chore(main): release jans-notify 1.0.1-SNAPSHOT (#1708)

* chore(main): release agama 1.0.1-SNAPSHOT (#1707)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#2466)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2471)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

Co-authored-by: snyk-bot <[email protected]>

* build(deps): bump commons-text from 1.9 to 1.10.0 in /jans-bom (#2679)

Bumps commons-text from 1.9 to 1.10.0.

---
updated-dependencies:
- dependency-name: org.apache.commons:commons-text
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2676)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3037311

* fix: jans-config-api/plugins/sample/helloworld/pom.xml to reduce vulnerabilities (#972)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1009963
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1058913
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1085989
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1303102

Co-authored-by: pujavs <[email protected]>

* fix: jans-config-api/pom.xml to reduce vulnerabilities (#1746)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGECLIPSEJETTY-2945452

Co-authored-by: pujavs <[email protected]>

* docs: update README.md (#2367)

* chore(main): release jans-core 1.0.5-SNAPSHOT (#3143)

* chore(main): release jans-config-api 1.0.5-SNAPSHOT (#3142)

* chore(main): release jans-auth-server 1.0.5-SNAPSHOT (#3141)

* chore(main): release jans-notify 1.0.5-SNAPSHOT (#3140)

* chore(main): release jans-orm 1.0.5-SNAPSHOT (#3139)

* chore(main): release jans-eleven 1.0.5-SNAPSHOT (#3138)

* chore(main): release jans-fido2 1.0.5-SNAPSHOT (#3137)

* chore(main): release jans-bom 1.0.5-SNAPSHOT (#3136)

* chore: add owner to jans-config-api (#3283)

* build(deps): bump postgresql from 42.5.0 to 42.5.1 in /jans-bom (#3068)

Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.5.0 to 42.5.1.
- [Release notes](https://github.com/pgjdbc/pgjdbc/releases)
- [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md)
- [Commits](pgjdbc/pgjdbc@REL42.5.0...REL42.5.1)

---
updated-dependencies:
- dependency-name: org.postgresql:postgresql
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#3315)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <[email protected]>

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#3314)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <[email protected]>

* chore(main): release jans-eleven 1.0.6-SNAPSHOT (#3538)

* chore(main): release jans-bom 1.0.6-SNAPSHOT (#3539)

* chore(main): release jans-notify 1.0.6-SNAPSHOT (#3540)

* chore(main): release jans-config-api 1.0.6-SNAPSHOT (#3541)

* chore(main): release jans-orm 1.0.6-SNAPSHOT (#3542)

* chore(main): release jans-scim 1.0.6-SNAPSHOT (#3543)

* chore(main): release jans-auth-server 1.0.6-SNAPSHOT (#3544)

* chore(main): release jans-fido2 1.0.6-SNAPSHOT (#3545)

* chore(main): release jans-core 1.0.6-SNAPSHOT (#3546)

* fix: cbor data stream lenght calculatro return wrong lengh #3614 (#3615)

* chore(main): release jans-core 1.0.7-SNAPSHOT (#3919)

* chore(main): release jans-scim 1.0.7-SNAPSHOT (#3918)

* chore(main): release jans-notify 1.0.7-SNAPSHOT (#3917)

* chore(main): release jans-auth-server 1.0.7-SNAPSHOT (#3916)

* chore(main): release jans-bom 1.0.7-SNAPSHOT (#3915)

* chore(main): release jans-orm 1.0.7-SNAPSHOT (#3914)

* chore(main): release agama 1.0.7-SNAPSHOT (#3913)

* chore(main): release jans-eleven 1.0.7-SNAPSHOT (#3912)

* chore(main): release jans-config-api 1.0.7-SNAPSHOT (#3911)

* chore(main): release jans-fido2 1.0.7-SNAPSHOT (#3910)

* chore(main): release jans-notify 1.0.8-SNAPSHOT (#4008)

* chore(main): release jans-auth-server 1.0.8-SNAPSHOT (#4007)

* chore(main): release jans-config-api 1.0.8-SNAPSHOT (#4006)

* chore(main): release jans-scim 1.0.8-SNAPSHOT (#4004)

* chore(main): release jans-fido2 1.0.8-SNAPSHOT (#4005)

* chore(main): release jans-bom 1.0.8-SNAPSHOT (#4003)

* chore(main): release jans-core 1.0.8-SNAPSHOT (#4002)

* chore(main): release jans-orm 1.0.8-SNAPSHOT (#4001)

* chore(main): release jans-eleven 1.0.8-SNAPSHOT (#4000)

* chore(main): release agama 1.0.8-SNAPSHOT (#3999)

* chore(main): release jans-auth-server 1.0.9-SNAPSHOT (#4064)

* chore(main): release jans-fido2 1.0.9-SNAPSHOT (#4062)

* chore(main): release jans-auth-server 1.0.10-SNAPSHOT (#4175)

* chore(main): release jans-fido2 1.0.10-SNAPSHOT (#4173)

* chore(main): release jans-eleven 1.0.10-SNAPSHOT (#4172)

* chore(main): release jans-orm 1.0.10-SNAPSHOT (#4171)

* chore(main): release jans-notify 1.0.10-SNAPSHOT (#4170)

* chore(main): release jans-config-api 1.0.10-SNAPSHOT (#4169)

* chore(main): release jans-core 1.0.10-SNAPSHOT (#4168)

* chore(main): release jans-bom 1.0.10-SNAPSHOT (#4167)

* chore(main): release agama 1.0.10-SNAPSHOT (#4166)

* chore(main): release jans-eleven 1.0.11-SNAPSHOT (#4473)

* chore(main): release jans-core 1.0.11-SNAPSHOT (#4472)

* chore(main): release jans-notify 1.0.11-SNAPSHOT (#4471)

* chore(main): release jans-auth-server 1.0.11-SNAPSHOT (#4470)

* chore(main): release jans-fido2 1.0.11-SNAPSHOT (#4469)

* chore(main): release jans-bom 1.0.11-SNAPSHOT (#4467)

* chore(main): release agama 1.0.11-SNAPSHOT (#4466)

* chore(main): release jans-orm 1.0.11-SNAPSHOT (#4465)

* chore(main): release jans-config-api 1.0.11-SNAPSHOT (#4464)

* chore(main): release jans-orm 1.0.12-SNAPSHOT (#4638)

* chore(main): release jans-bom 1.0.12-SNAPSHOT (#4636)

* chore(main): release jans-core 1.0.12-SNAPSHOT (#4637)

* chore(main): release jans-notify 1.0.12-SNAPSHOT (#4634)

* chore(main): release jans-config-api 1.0.12-SNAPSHOT (#4633)

* chore(main): release jans-auth-server 1.0.12-SNAPSHOT (#4632)

* chore(main): release jans-eleven 1.0.12-SNAPSHOT (#4631)

* chore(main): release agama 1.0.12-SNAPSHOT (#4630)

* chore(main): release jans-scim 1.0.12-SNAPSHOT (#4629)

* chore(main): release jans-fido2 1.0.12-SNAPSHOT (#4635)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#4271)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3367610

* chore(deps): bump jettison from 1.5.2 to 1.5.4 in /jans-auth-server (#4275)

Bumps [jettison](https://github.com/jettison-json/jettison) from 1.5.2 to 1.5.4.
- [Release notes](https://github.com/jettison-json/jettison/releases)
- [Commits](jettison-json/jettison@jettison-1.5.2...jettison-1.5.4)

---
updated-dependencies:
- dependency-name: org.codehaus.jettison:jettison
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(main): release jans-config-api 1.0.13-SNAPSHOT (#4920)

* chore(main): release jans-notify 1.0.13-SNAPSHOT (#4917)

* chore(main): release jans-auth-server 1.0.13-SNAPSHOT (#4918)

* chore(main): release jans-orm 1.0.13-SNAPSHOT (#4916)

* chore(main): release agama 1.0.13-SNAPSHOT (#4915)

* chore(main): release jans-bom 1.0.13-SNAPSHOT (#4913)

* chore(main): release jans-core 1.0.13-SNAPSHOT (#4914)

* chore(main): release jans-scim 1.0.13-SNAPSHOT (#4912)

* chore(main): release jans-eleven 1.0.13-SNAPSHOT (#4911)

* chore(main): release jans-fido2 1.0.13-SNAPSHOT (#4919)

* docs: write topic overview pages for properties, feature flags and endpoint sections (#5147)

* docs(scripts): endpoint section README.md

Signed-off-by: ossdhaval <[email protected]>

* docs(scripts): property section readme

Signed-off-by: ossdhaval <[email protected]>

* docs(scripts): add how to set properties

Signed-off-by: ossdhaval <[email protected]>

* docs(scripts): add details to feature flag readme

Signed-off-by: ossdhaval <[email protected]>

---------

Signed-off-by: ossdhaval <[email protected]>

* chore(main): release jans-bom 1.0.14-SNAPSHOT (#5211)

* chore(main): release jans-config-api 1.0.14-SNAPSHOT (#5209)

* chore(main): release jans-scim 1.0.14-SNAPSHOT (#5208)

* chore(main): release jans-eleven 1.0.14-SNAPSHOT (#5207)

* chore(main): release agama 1.0.14-SNAPSHOT (#5206)

* chore(main): release jans-orm 1.0.14-SNAPSHOT (#5205)

* chore(main): release jans-fido2 1.0.14-SNAPSHOT (#5204)

* chore(main): release jans-core 1.0.14-SNAPSHOT (#5203)

* chore(main): release jans-config-api 1.0.15-SNAPSHOT (#5495)

* chore(main): release jans-bom 1.0.15-SNAPSHOT (#5493)

* chore(main): release agama 1.0.15-SNAPSHOT (#5492)

* chore(main): release jans-scim 1.0.15-SNAPSHOT (#5491)

* chore(main): release jans-orm 1.0.15-SNAPSHOT (#5490)

* chore(main): release jans-fido2 1.0.15-SNAPSHOT (#5489)

* chore(main): release jans-eleven 1.0.15-SNAPSHOT (#5488)

* chore(main): release jans-core 1.0.15-SNAPSHOT (#5494)

* chore(main): release jans-scim 1.0.16-SNAPSHOT (#5733)

* chore(main): release jans-fido2 1.0.16-SNAPSHOT (#5730)

* chore(main): release jans-auth-server 1.0.16-SNAPSHOT (#5729)

* chore(main): release jans-orm 1.0.16-SNAPSHOT (#5728)

* chore(main): release agama 1.0.16-SNAPSHOT (#5727)

* chore(main): release jans-bom 1.0.16-SNAPSHOT (#5725)

* chore(main): release jans-eleven 1.0.16-SNAPSHOT (#5726)

* chore(main): release jans-core 1.0.16-SNAPSHOT (#5732)

* chore(main): release jans-config-api 1.0.16-SNAPSHOT (#5731)

* chore(main): release jans-scim 1.0.17-SNAPSHOT (#6051)

* chore(main): release jans-core 1.0.17-SNAPSHOT (#6049)

* chore(main): release jans-bom 1.0.17-SNAPSHOT (#6048)

* chore(main): release agama 1.0.17-SNAPSHOT (#6047)

* chore(main): release jans-auth-server 1.0.17-SNAPSHOT (#6046)

* chore(main): release jans-fido2 1.0.17-SNAPSHOT (#6045)

* chore(main): release jans-config-api 1.0.17-SNAPSHOT (#6044)

* chore(main): release jans-eleven 1.0.17-SNAPSHOT (#6043)

* chore(main): release jans-orm 1.0.17-SNAPSHOT (#6050)

* chore(main): release jans-orm 1.0.18-SNAPSHOT (#6115)

* chore(main): release jans-bom 1.0.18-SNAPSHOT (#6113)

* chore(main): release jans-config-api 1.0.18-SNAPSHOT (#6112)

* chore(main): release jans-auth-server 1.0.18-SNAPSHOT (#6111)

* chore(main): release jans-core 1.0.18-SNAPSHOT (#6110)

* chore(main): release jans-fido2 1.0.18-SNAPSHOT (#6108)

* chore(main): release agama 1.0.18-SNAPSHOT (#6109)

* chore(main): release jans-eleven 1.0.18-SNAPSHOT (#6107)

* chore(main): release jans-scim 1.0.18-SNAPSHOT (#6114)

* chore(main): release jans-scim 1.0.19-SNAPSHOT (#6245)

* chore(main): release jans-bom 1.0.19-SNAPSHOT (#6241)

* chore(main): release jans-fido2 1.0.19-SNAPSHOT (#6240)

* chore(main): release jans-auth-server 1.0.19-SNAPSHOT (#6239)

* chore(main): release jans-config-api 1.0.19-SNAPSHOT (#6238)

* chore(main): release agama 1.0.19-SNAPSHOT (#6236)

* chore(main): release jans-eleven 1.0.19-SNAPSHOT (#6235)

* chore(main): release jans-orm 1.0.19-SNAPSHOT (#6244)

* chore(main): release jans-scim 1.0.20-SNAPSHOT (#6485)

* chore(main): release jans-core 1.0.20-SNAPSHOT (#6483)

* chore(main): release jans-bom 1.0.20-SNAPSHOT (#6482)

* chore(main): release jans-link 1.0.20-SNAPSHOT (#6481)

* chore(main): release jans-fido2 1.0.20-SNAPSHOT (#6480)

* chore(main): release jans-casa 1.0.20-SNAPSHOT (#6479)

* chore(main): release jans-eleven 1.0.20-SNAPSHOT (#6478)

* chore(main): release jans-config-api 1.0.20-SNAPSHOT (#6477)

* chore(main): release agama 1.0.20-SNAPSHOT (#6476)

* chore(main): release jans-auth-server 1.0.20-SNAPSHOT (#6475)

* chore(main): release jans-orm 1.0.20-SNAPSHOT (#6484)

* chore(main): release jans-orm 1.0.21-SNAPSHOT (#7022)

* chore(main): release jans-scim 1.0.21-SNAPSHOT (#7020)

* chore(main): release jans-auth-server 1.0.21-SNAPSHOT (#7019)

* chore(main): release agama 1.0.21-SNAPSHOT (#7018)

* chore(main): release jans-eleven 1.0.21-SNAPSHOT (#7017)

* chore(main): release jans-fido2 1.0.21-SNAPSHOT (#7016)

* chore(main): release jans-config-api 1.0.21-SNAPSHOT (#7015)

* chore(main): release jans-bom 1.0.21-SNAPSHOT (#7014)

* chore(main): release jans-core 1.0.21-SNAPSHOT (#7013)

* chore(main): release jans-casa 1.0.21-SNAPSHOT (#7012)

* chore(main): release jans-keycloak-link 1.0.21-SNAPSHOT (#7021)

* chore(main): release jans-keycloak-link 1.0.22-SNAPSHOT (#7469)

* chore(main): release jans-scim 1.0.22-SNAPSHOT (#7468)

* chore(main): release jans-orm 1.0.22-SNAPSHOT (#7467)

* chore(main): release jans-lock 1.0.22-SNAPSHOT (#7466)

* chore(main): release jans-link 1.0.22-SNAPSHOT (#7465)

* chore(main): release jans-fido2 1.0.22-SNAPSHOT (#7464)

* chore(main): release jans-eleven 1.0.22-SNAPSHOT (#7463)

* chore(main): release jans-config-api 1.0.22-SNAPSHOT (#7462)

* chore(main): release jans-core 1.0.22-SNAPSHOT (#7461)

* chore(main): release jans-casa 1.0.22-SNAPSHOT (#7460)

* chore(main): release agama 1.0.22-SNAPSHOT (#7459)

* chore(main): release jans-bom 1.0.22-SNAPSHOT (#7458)

* chore(main): release jans-auth-server 1.0.22-SNAPSHOT (#7457)

* fix(jans-keycloak-integration): security bugfixes #8954 (#8962)

* fix(jans-linux-setup): improper scim configuration for jans kc #8210
* updated the keycloak configuration file to reflect the  configuration for the storage-spi

Signed-off-by: Rolain Djeumen <[email protected]>

* chore(jans-keycloak-integration): bump kc version to 24.0.0 #8315

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8954
* bumped nimbus oidc sdk version

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8954
* removed  old metadata parser and entityidhandler from `jans-core-saml`

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8954
* further removed old saml related code

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8654
* removed unused dependencies in jans-core-saml

Signed-off-by: Rolain Djeumen <[email protected]>

---------

Signed-off-by: Rolain Djeumen <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>

* feat: Minimum support ES256, RS1, RS256, ED25519 (#9086)

* feat: Minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <[email protected]>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <[email protected]>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <[email protected]>

* feat: using SHA512 for Ed25519

Signed-off-by: Arnab Dutta <[email protected]>

---------

Signed-off-by: Arnab Dutta <[email protected]>

* feat: refactor Assertion/Attestation to Jackson ObjectMapper (#9023)

* feat: refactor Assertion/Attestation to Jackson ObjectMapper

Signed-off-by: Arnab Dutta <[email protected]>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <[email protected]>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <[email protected]>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <[email protected]>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <[email protected]>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <[email protected]>

---------

Signed-off-by: Arnab Dutta <[email protected]>

* fix(jans-fido2): removing safetynet and android #8901

* fix(jans-fido2): Removing multiple Assertion processors #8902

* feat: add support for BS / BE flags in AuthData #8903 (#8968)

* feat: add support for BS / BE flags in AuthData #8903

Signed-off-by: Arnab Dutta <[email protected]>

* feat: adding comments

Signed-off-by: Arnab Dutta <[email protected]>

* feat: adding comments

Signed-off-by: Arnab Dutta <[email protected]>

---------

Signed-off-by: Arnab Dutta <[email protected]>
Co-authored-by: Ackermann Yuriy <[email protected]>

* fix(jans-fido2): #8906, Basic simplification and refactoring of Attestation and Assertion Response

* Issue 8908 (#9241)

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): #8908 delete unused file

Signed-off-by: shekhar16 <[email protected]>

---------

Signed-off-by: shekhar16 <[email protected]>

* fix(jans-fido2): Attestation #8906

* Issue 9111 (#9276)

* feat(jans-fido): refactor mds3 codebase and server config

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): revert rename from docker file #9111

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): add metadatarefreshinterval #9111

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): changes to refactor metadataservers #9111

Signed-off-by: shekhar16 <[email protected]>

---------

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): changes to refactor requestedParties #9111 (#9329)

Signed-off-by: shekhar16 <[email protected]>

* fix(jans-fido2): resolve failing test case in `FetchMdsProviderServiceTest` (#9299)

fix(jans-fido2): resolve failing test case in FetchMdsProviderServiceTest

Co-authored-by: Mohammad Abudayyeh <[email protected]>

* docs(customization): updates to customization document to align with custom assets feature (#9106)

* docs(customize): add intro and management sections

Signed-off-by: ossdhaval <[email protected]>

* docs(customization): add location details

Signed-off-by: ossdhaval <[email protected]>

* docs(customization): add web customization instructions

Signed-off-by: ossdhaval <[email protected]>

* docs(customization): fix proofreading issues

Signed-off-by: ossdhaval <[email protected]>

---------

Signed-off-by: ossdhaval <[email protected]>

* fix(jans-fido2): removed legacy SuperGluu support #9453 (#9468)

Signed-off-by: Madhumita <[email protected]>

* feat(jans-fido2): add support for isEnterpriseAttestation in local me… (#9521)

* feat(jans-fido2): add support for isEnterpriseAttestation in local metadata retrieval

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): add new unit test for isEnterpriseAttestation

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* Jans fido2 attestation mode 9332 (#9463)

* docs(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestationMode

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestation mode

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): update the full flow unit test with monitor attestation mode

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): adding missing imports

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): #9248 Renaming domain to origin and application id to RpId

Signed-off-by: Madhumita <[email protected]>

* fix(jans-fido2): #9248

* fix(jans-fido2): resolved build failure issues

Signed-off-by: imran-ishaq <[email protected]>

* Jans fido2 replace requested parties 9248 (#9586)

* feat(jans-fido2): changed function type to be accessible and replaced requestParties name and domain with id and origins

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): add test cases for createRpDomain function in AttestationServiceTest Class

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): #9642

* fix(jans-fido2): convert attestationMode from enum to sting

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido): move fidoconfig folder properties to db #9369 (#9611)

* feat(jans-fido): move fidoconfig folder properties to db #9369

Signed-off-by: shekhar16 [email protected]

* feat(jans-fido): added specialized exception #9369

Signed-off-by: shekhar16 [email protected]

---------

Signed-off-by: shekhar16 [email protected]
Co-authored-by: Yuriy Movchan <[email protected]>

* fix(jans-fido2): #9642
Signed-off-by: Madhumita Subramaniam <[email protected]>

* Reflect Authenicator Name with Passkeys (#9716)

* feat(jans-fido2): reflect authenticator name with passkeys

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): handle test cases for authenticator name

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>

* fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagge… (#9624)

fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagger and ConfigurationControllerTest

Signed-off-by: imran-ishaq <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>

* chore(deps): bump org.apache.maven.plugins:maven-site-plugin from 4.0.0-M12 to 4.0.0-M16 in /jans-scim (#9010)

chore(deps): bump org.apache.maven.plugins:maven-site-plugin

Bumps [org.apache.maven.plugins:maven-site-plugin](https://github.com/apache/maven-site-plugin) from 4.0.0-M12 to 4.0.0-M16.
- [Commits](apache/maven-site-plugin@maven-site-plugin-4.0.0-M12...maven-site-plugin-4.0.0-M16)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-site-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jose Gonzalez <[email protected]>

* fix(jans-casa): fix issue caused by refactoring (#9838)

Signed-off-by: shekhar16 <[email protected]>

* fix(jans-fido2): fix document refactoring issue (#9918)

Signed-off-by: shekhar16 <[email protected]>

* Add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248 (#9974)

* feat(jans-fido2): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls

Signed-off-by: imran-ishaq <[email protected]>

* refactor(docs): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): handle origin if http or https is missing #9248

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* fix(docs): #9248

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-linux-setup): move fidoconfig folder properties to db

Signed-off-by: Mustafa Baser <[email protected]>

* fix(jans-fido2): fix issues due unused injects (#10035)

Signed-off-by: shekhar16 <[email protected]>

* fix: fido2 build

* fix(ProjectPasskeys) : #9981 added rawId, authenticatorData, publicKey, publicKeyAlgorithm, publicKeyId, transport to the newly created cred object.

* fix(jans-ido2): #10101 Update dynamic-conf.json

#10101 property name changed and not reflected in the template

Signed-off-by: Madhumita Subramaniam <[email protected]>

* fix(jans-linux-setup): use sqlconnection instead of mysqlconnection

Signed-off-by: Mustafa Baser <[email protected]>

* Jans fido Review Configs #10101 (#10204)

* Make CommonVerifiersTest class test cases functational (#10209)

* fix(jans-fido2): #9642

* fix(jans-fido2): Make AppleAttestationProcessorTest,PackedAttestationProcessorTest,TPMProcessorTest and U2FAttestationProcessorTest test cases functational

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): support for ECC added #10317

* fix(ProjectPasskeys): #9765

---------

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: ossdhaval <[email protected]>
Signed-off-by: Rolain Djeumen <[email protected]>
Signed-off-by: Arnab Dutta <[email protected]>
Signed-off-by: shekhar16 <[email protected]>
Signed-off-by: Madhumita <[email protected]>
Signed-off-by: imran-ishaq <[email protected]>
Signed-off-by: shekhar16 [email protected]
Signed-off-by: Mustafa Baser <[email protected]>
Signed-off-by: Madhumita Subramaniam <[email protected]>
Signed-off-by: Devrim <[email protected]>
Co-authored-by: mo-auto <[email protected]>
Co-authored-by: Snyk bot <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: pujavs <[email protected]>
Co-authored-by: Madhumita Subramaniam <[email protected]>
Co-authored-by: Yuriy Movchan <[email protected]>
Co-authored-by: Dhaval D <[email protected]>
Co-authored-by: Djeumen Rolain Bonaventure <[email protected]>
Co-authored-by: Arnab Dutta <[email protected]>
Co-authored-by: Ackermann Yuriy <[email protected]>
Co-authored-by: shekhar16 <[email protected]>
Co-authored-by: Imran <[email protected]>
Co-authored-by: imran-ishaq <[email protected]>
Co-authored-by: Jose Gonzalez <[email protected]>
Co-authored-by: Mustafa Baser <[email protected]>
Co-authored-by: Devrim <[email protected]>
  • Loading branch information
17 people authored Dec 12, 2024
1 parent e4bd53d commit e823bf7
Show file tree
Hide file tree
Showing 134 changed files with 5,469 additions and 9,447 deletions.
3 changes: 1 addition & 2 deletions docker-jans-fido2/scripts/upgrade.py
Original file line number Diff line number Diff line change
Expand Up @@ -24,11 +24,10 @@ def _transform_fido2_dynamic_config(conf):
# add missing config (if not exist)
for k, v in [
("superGluuEnabled", False),
("oldU2fMigrationEnabled", True),
("metadataUrlsProvider", ""),
("errorReasonEnabled", False),
("skipDownloadMdsEnabled", False),
("skipValidateMdsInAttestationEnabled", False),
("attestationMode", "monitor"),
("sessionIdPersistInCache", False),
("assertionOptionsGenerateEndpointEnabled", True),
]:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -82,33 +82,31 @@ It will return the result as below:
"jansCustomPerson",
"jansPerson"
],
"superGluuEnabled": false,
"sessionIdPersistInCache": false,
"oldU2fMigrationEnabled": true,
"errorReasonEnabled": false,
"fido2Configuration": {
"authenticatorCertsFolder": "/etc/jans/conf/fido2/authenticator_cert",
"mdsCertsFolder": "/etc/jans/conf/fido2/mds/cert",
"mdsTocsFolder": "/etc/jans/conf/fido2/mds/toc",
"checkU2fAttestations": false,
"userAutoEnrollment": false,
"debugUserAutoEnrollment": false,
"unfinishedRequestExpiration": 180,
"authenticationHistoryExpiration": 1296000,
"serverMetadataFolder": "/etc/jans/conf/fido2/server_metadata",
"requestedCredentialTypes": [
"enabledFidoAlgorithms": [
"RS256",
"ES256"
],
"requestedParties": [
"rp": [
{
"name": "https://jans-project.lxd",
"domains": [
"id": "https://jans-project.lxd",
"origins": [
"jans-project.lxd"
]
}
],
"skipDownloadMdsEnabled": false,
"skipValidateMdsInAttestationEnabled": false,
"disableMetadataService": false,
"attestationMode": "monitor",
"assertionOptionsGenerateEndpointEnabled": true
}
}
Expand Down
46 changes: 22 additions & 24 deletions docs/janssen-server/fido/config.md
Original file line number Diff line number Diff line change
Expand Up @@ -25,21 +25,21 @@ tags:

#### Fido2Configuration structure

| Field named | Example | Description |
|-----------------------------------------|----------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------|
| authenticatorCertsFolder | /etc/jans/conf/fido2/authenticator_cert | Authenticators certificates fodler. |
| mdsCertsFolder | /etc/jans/conf/fido2/mds/cert | MDS TOC root certificates folder. |
| mdsTocsFolder | /etc/jans/conf/fido2/mds/toc | MDS TOC files folder. |
| serverMetadataFolder | /etc/jans/conf/fido2/server_metadata | Authenticators metadata in json format. Example: virtual devices. |
| metadataUrlsProvider | https://mds3.fido.tools | String value to provide source of URLs with external metadata. |
| requestedCredentialTypes | ["RS256","ES256"] | |
| requestedParties | [{"name":"https://my-jans-server.jans.io","domains":["my-jans-server.jans.io"]}] | Requested party name. |
| userAutoEnrollment | false | Allow to enroll users on enrollment/authentication requests. (Useful while running tests) |
| unfinishedRequestExpiration | 180 | Expiration time in seconds for pending enrollment/authentication requests |
| authenticationHistoryExpiration | 1296000 | Expiration time in seconds for approved authentication requests. |
| skipDownloadMdsEnabled | false | Boolean value indicating whether the MDS download should be omitted |
| skipValidateMdsInAttestationEnabled | false | Boolean value indicating whether MDS validation should be omitted during attestation |
| assertionOptionsGenerateEndpointEnabled | false | Boolean value indicating whether the assertion custom endpoint (used especially in passkey) is enabled. |
| Field named | Example | Description |
|-----------------------------------------|--------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------|
| authenticatorCertsFolder | /etc/jans/conf/fido2/authenticator_cert | Authenticators certificates fodler. |
| mdsCertsFolder | /etc/jans/conf/fido2/mds/cert | MDS TOC root certificates folder. |
| mdsTocsFolder | /etc/jans/conf/fido2/mds/toc | MDS TOC files folder. |
| serverMetadataFolder | /etc/jans/conf/fido2/server_metadata | Authenticators metadata in json format. Example: virtual devices. |
| metadataUrlsProvider | https://mds3.fido.tools | String value to provide source of URLs with external metadata. |
| enabledFidoAlgorithms | ["RS256","ES256"] | |
| rp | [{"id":"https://my-jans-server.jans.io","origins":["my-jans-server.jans.io"]}] | Requested party id. |
| debugUserAutoEnrollment | false | Allow to enroll users on enrollment/authentication requests. (Useful while running tests) |
| unfinishedRequestExpiration | 180 | Expiration time in seconds for pending enrollment/authentication requests |
| authenticationHistoryExpiration | 1296000 | Expiration time in seconds for approved authentication requests. |
| disableMetadataService | false | Boolean value indicating whether the MDS download should be omitted |
| attestationMode | "monitor" | Enum value indicating whether MDS validation should be omitted during attestation |
| assertionOptionsGenerateEndpointEnabled | false | Boolean value indicating whether the assertion custom endpoint (used especially in passkey) is enabled. |

### Configuring the FIDO2 server:
#### 1. Read Configuration parameters:
Expand All @@ -66,30 +66,28 @@ Response:
"jansCustomPerson",
"jansPerson"
],
"superGluuEnabled": true,
"sessionIdPersistInCache": false,
"oldU2fMigrationEnabled": true,
"fido2Configuration": {
"authenticatorCertsFolder": "/etc/jans/conf/fido2/authenticator_cert",
"mdsCertsFolder": "/etc/jans/conf/fido2/mds/cert",
"mdsTocsFolder": "/etc/jans/conf/fido2/mds/toc",
"checkU2fAttestations": false,
"userAutoEnrollment": false,
"debugUserAutoEnrollment": false,
"unfinishedRequestExpiration": 180,
"authenticationHistoryExpiration": 1296000,
"serverMetadataFolder": "/etc/jans/conf/fido2/server_metadata",
"metadataUrlsProvider": "",
"skipDownloadMdsEnabled": false,
"skipValidateMdsInAttestationEnabled": false,
"disableMetadataService": false,
"attestationMode": "monitor",
"assertionOptionsGenerateEndpointEnabled":true,
"requestedCredentialTypes": [
"enabledFidoAlgorithms": [
"RS256",
"ES256"
],
"requestedParties": [
"rp": [
{
"name": "https://my.jans.server",
"domains": [
"id": "https://my.jans.server",
"origins": [
"my.jans.server"
]
}
Expand Down
10 changes: 5 additions & 5 deletions docs/janssen-server/fido/logs.md
Original file line number Diff line number Diff line change
Expand Up @@ -41,19 +41,19 @@ Response:
"mdsCertsFolder":"/etc/jans/conf/fido2/mds/cert",
"mdsTocsFolder":"/etc/jans/conf/fido2/mds/toc",
"serverMetadataFolder":"/etc/jans/conf/fido2/server_metadata",
"requestedCredentialTypes":[
"enabledFidoAlgorithms":[
"RS256",
"ES256"
],
"requestedParties":[
"rp":[
{
"name":"https://my-jans-server.jans.io",
"domains":[
"id":"https://my-jans-server.jans.io",
"origins":[
"my-jans-server.jans.io"
]
}
],
"userAutoEnrollment":false,
"debugUserAutoEnrollment":false,
"unfinishedRequestExpiration":180,
"authenticationHistoryExpiration":1296000
}
Expand Down
6 changes: 3 additions & 3 deletions docs/janssen-server/fido/vendor-metadata.md
Original file line number Diff line number Diff line change
Expand Up @@ -231,15 +231,15 @@ Janssen's FIDO2 server -
### 3. Skip metadata validation

Metadata validation is recommended but not mandatory as per FIDO2 specifications.
In FIDO2 we can disable this validation by setting the `skipValidateMdsInAttestationEnabled` parameter (default is
false).
In FIDO2 we can disable this validation by setting the `attestionMode` parameter (default is
monitor).

It should look something like this:

```
"fido2Configuration": {
...,
"skipValidateMdsInAttestationEnabled": true,
"attestationMode": "disabled",
...
}
```
Expand Down
Loading

0 comments on commit e823bf7

Please sign in to comment.