From 2cdf9537cc6a27de40ae47000e1e83cd959a9987 Mon Sep 17 00:00:00 2001 From: imran-ishaq Date: Wed, 20 Nov 2024 14:04:06 +0500 Subject: [PATCH 1/3] docs(jans-fido2):remove superGluu, oldU2fMigrationEnabled #10101 Signed-off-by: imran-ishaq --- .../janssen-fido2-configuration.md | 2 -- docs/janssen-server/fido/config.md | 2 -- .../json/properties/fido2-properties.md | 18 ------------------ 3 files changed, 22 deletions(-) diff --git a/docs/janssen-server/config-guide/fido2-config/janssen-fido2-configuration.md b/docs/janssen-server/config-guide/fido2-config/janssen-fido2-configuration.md index ad37a537f9b..cc28c629fee 100644 --- a/docs/janssen-server/config-guide/fido2-config/janssen-fido2-configuration.md +++ b/docs/janssen-server/config-guide/fido2-config/janssen-fido2-configuration.md @@ -82,9 +82,7 @@ It will return the result as below: "jansCustomPerson", "jansPerson" ], - "superGluuEnabled": false, "sessionIdPersistInCache": false, - "oldU2fMigrationEnabled": true, "errorReasonEnabled": false, "fido2Configuration": { "authenticatorCertsFolder": "/etc/jans/conf/fido2/authenticator_cert", diff --git a/docs/janssen-server/fido/config.md b/docs/janssen-server/fido/config.md index 638d4f63fca..6488b807058 100644 --- a/docs/janssen-server/fido/config.md +++ b/docs/janssen-server/fido/config.md @@ -66,9 +66,7 @@ Response: "jansCustomPerson", "jansPerson" ], - "superGluuEnabled": true, "sessionIdPersistInCache": false, - "oldU2fMigrationEnabled": true, "fido2Configuration": { "authenticatorCertsFolder": "/etc/jans/conf/fido2/authenticator_cert", "mdsCertsFolder": "/etc/jans/conf/fido2/mds/cert", diff --git a/docs/janssen-server/reference/json/properties/fido2-properties.md b/docs/janssen-server/reference/json/properties/fido2-properties.md index f0e7ddb21f9..195c2f916c3 100644 --- a/docs/janssen-server/reference/json/properties/fido2-properties.md +++ b/docs/janssen-server/reference/json/properties/fido2-properties.md @@ -28,13 +28,11 @@ tags: | metricReporterEnabled | Boolean value specifying whether metric reporter is enabled | [Details](#metricreporterenabled) | | metricReporterInterval | The interval for metric reporter in seconds | [Details](#metricreporterinterval) | | metricReporterKeepDataDays | The days to keep report data | [Details](#metricreporterkeepdatadays) | -| oldU2fMigrationEnabled | Boolean value to enable disable old oxAuth U2F enrollments migration | [Details](#oldu2fmigrationenabled) | | personCustomObjectClassList | Custom object class list for dynamic person enrolment | [Details](#personcustomobjectclasslist) | | enabledFidoAlgorithms | List of Requested Credential Types | [Details](#enabledFidoAlgorithms) | | rp | Requested Parties Authenticators metadata in json format | [Details](#rp) | | serverMetadataFolder | Authenticators metadata in json format | [Details](#servermetadatafolder) | | sessionIdPersistInCache | Boolean value specifying whether to persist session_id in cache | [Details](#sessionidpersistincache) | -| superGluuEnabled | Boolean value to enable disable Super Gluu extension | [Details](#supergluuenabled) | | unfinishedRequestExpiration | Expiration time in seconds for pending enrollment/authentication requests | [Details](#unfinishedrequestexpiration) | | useLocalCache | Boolean value to indicate if Local Cache is to be used | [Details](#uselocalcache) | | debugUserAutoEnrollment | Allow to enroll users on enrollment/authentication requests | [Details](#userautoenrollment) | @@ -202,15 +200,6 @@ tags: - Default value: None -### oldU2fMigrationEnabled - -- Description: Boolean value to enable disable old oxAuth U2F enrollments migration - -- Required: No - -- Default value: None - - ### personCustomObjectClassList - Description: Custom object class list for dynamic person enrolment @@ -247,13 +236,6 @@ tags: - Default value: None -### superGluuEnabled - -- Description: Boolean value to enable disable Super Gluu extension - -- Required: No - -- Default value: None ### sessionIdPersistInCache From 4acddf3285cb7946bd07ca4926758a85d80b1404 Mon Sep 17 00:00:00 2001 From: imran-ishaq Date: Wed, 20 Nov 2024 14:05:37 +0500 Subject: [PATCH 2/3] fix(jans-fido2):remove superGluu, oldU2fMigrationEnabled from test class #10101 Signed-off-by: imran-ishaq --- terraform-provider-jans/jans/fido2_config_test.go | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/terraform-provider-jans/jans/fido2_config_test.go b/terraform-provider-jans/jans/fido2_config_test.go index 056542b1ef8..944a92cbc1e 100644 --- a/terraform-provider-jans/jans/fido2_config_test.go +++ b/terraform-provider-jans/jans/fido2_config_test.go @@ -28,16 +28,8 @@ func TestFido2Config(t *testing.T) { origBasepoint := cfg.BaseEndpoint cfg.BaseEndpoint = "newbasepoint" - origSuperGluuEnabled := cfg.SuperGluuEnabled - cfg.SuperGluuEnabled = true - - origOldU2fMigrationEnabled := cfg.OldU2fMigrationEnabled - cfg.OldU2fMigrationEnabled = true - ret := &JansFido2DynConfiguration{ BaseEndpoint: "newbasepoint", - SuperGluuEnabled: true, - OldU2fMigrationEnabled: true, } updatedConfig, err := client.UpdateFido2Configuration(ctx, ret) if err != nil { @@ -46,8 +38,6 @@ func TestFido2Config(t *testing.T) { t.Cleanup(func() { ret.BaseEndpoint = origBasepoint - ret.SuperGluuEnabled = origSuperGluuEnabled - ret.OldU2fMigrationEnabled = origOldU2fMigrationEnabled _, _ = client.UpdateFido2Configuration(ctx, ret) }) From 0d580f5044587073a0edbfdf444b9b59a3a76344 Mon Sep 17 00:00:00 2001 From: imran-ishaq Date: Wed, 20 Nov 2024 14:08:32 +0500 Subject: [PATCH 3/3] fix(jans-fido2):removed superGluu, oldU2fMigrationEnabled && add metadataServers in dynamic-conf.json and review all other config fields #10101 Signed-off-by: imran-ishaq --- docker-jans-fido2/scripts/upgrade.py | 1 - jans-cli-tui/cli_tui/plugins/020_fido/main.py | 1 - .../plugins/docs/fido2-plugin-swagger.yaml | 2 -- .../io/jans/fido2/model/conf/AppConfiguration.java | 11 ----------- .../io/jans/fido2/model/conf/Fido2Configuration.java | 4 ++-- .../jans_setup/templates/jans-fido2/dynamic-conf.json | 3 +-- terraform-provider-jans/jans/fido2_config.go | 2 -- .../provider/resource_fido2_configuration_test.go | 3 +-- 8 files changed, 4 insertions(+), 23 deletions(-) diff --git a/docker-jans-fido2/scripts/upgrade.py b/docker-jans-fido2/scripts/upgrade.py index 915486341f6..fa20c110be4 100644 --- a/docker-jans-fido2/scripts/upgrade.py +++ b/docker-jans-fido2/scripts/upgrade.py @@ -24,7 +24,6 @@ def _transform_fido2_dynamic_config(conf): # add missing config (if not exist) for k, v in [ ("superGluuEnabled", False), - ("oldU2fMigrationEnabled", True), ("metadataUrlsProvider", ""), ("errorReasonEnabled", False), ("skipDownloadMdsEnabled", False), diff --git a/jans-cli-tui/cli_tui/plugins/020_fido/main.py b/jans-cli-tui/cli_tui/plugins/020_fido/main.py index 61f97837384..d3aee616731 100755 --- a/jans-cli-tui/cli_tui/plugins/020_fido/main.py +++ b/jans-cli-tui/cli_tui/plugins/020_fido/main.py @@ -127,7 +127,6 @@ def create_widgets(self): style='class:outh-scope-text' ,widget_style=cli_style.black_bg_widget ), - self.app.getTitledCheckBox(_("Enable Super Gluu"), name='superGluuEnabled', checked=self.data.get('superGluuEnabled'), jans_help=self.app.get_help_from_schema(self.schema, 'superGluuEnabled'), style=cli_style.check_box, widget_style=cli_style.black_bg_widget), Window(height=1), VSplit([Window(), HSplit([Button(_("Save"), handler=self.save_config)]), diff --git a/jans-config-api/plugins/docs/fido2-plugin-swagger.yaml b/jans-config-api/plugins/docs/fido2-plugin-swagger.yaml index 2105346d8e7..d5b5360939b 100644 --- a/jans-config-api/plugins/docs/fido2-plugin-swagger.yaml +++ b/jans-config-api/plugins/docs/fido2-plugin-swagger.yaml @@ -564,8 +564,6 @@ components: type: boolean sessionIdPersistInCache: type: boolean - oldU2fMigrationEnabled: - type: boolean errorReasonEnabled: type: boolean fido2Configuration: diff --git a/jans-fido2/model/src/main/java/io/jans/fido2/model/conf/AppConfiguration.java b/jans-fido2/model/src/main/java/io/jans/fido2/model/conf/AppConfiguration.java index 1908469b886..6aafa9fa9b7 100644 --- a/jans-fido2/model/src/main/java/io/jans/fido2/model/conf/AppConfiguration.java +++ b/jans-fido2/model/src/main/java/io/jans/fido2/model/conf/AppConfiguration.java @@ -75,9 +75,6 @@ public class AppConfiguration implements Configuration, Serializable { @DocProperty(description = "Boolean value specifying whether to persist session_id in cache", defaultValue = "false") private Boolean sessionIdPersistInCache = false; - @DocProperty(description = "Boolean value to enable disable old oxAuth U2F enrollments migration") - private boolean oldU2fMigrationEnabled; - @DocProperty(description = "Boolean value specifying whether to return detailed reason of the error from Fido2. Default value is false", defaultValue = "false") private Boolean errorReasonEnabled = false; @@ -205,14 +202,6 @@ public void setSessionIdPersistInCache(Boolean sessionIdPersistInCache) { this.sessionIdPersistInCache = sessionIdPersistInCache; } - public boolean isOldU2fMigrationEnabled() { - return oldU2fMigrationEnabled; - } - - public void setOldU2fMigrationEnabled(boolean oldU2fMigrationEnabled) { - this.oldU2fMigrationEnabled = oldU2fMigrationEnabled; - } - public Boolean getErrorReasonEnabled() { return errorReasonEnabled; } diff --git a/jans-fido2/model/src/main/java/io/jans/fido2/model/conf/Fido2Configuration.java b/jans-fido2/model/src/main/java/io/jans/fido2/model/conf/Fido2Configuration.java index 451ba6994c0..66f8e872ab8 100644 --- a/jans-fido2/model/src/main/java/io/jans/fido2/model/conf/Fido2Configuration.java +++ b/jans-fido2/model/src/main/java/io/jans/fido2/model/conf/Fido2Configuration.java @@ -53,8 +53,8 @@ public class Fido2Configuration { private List hints = new ArrayList(); @DocProperty(description = "If authenticators have been enabled for use in a specific protected envt (enterprise authenticators)") private boolean enterpriseAttestation = false; - @DocProperty(description = "Enum value indicating whether MDS validation should be omitted during attestation") - private String attestationMode; + @DocProperty(description = "String value indicating whether MDS validation should be omitted during attestation") + private String attestationMode = "monitor"; public String getAuthenticatorCertsFolder() { return authenticatorCertsFolder; diff --git a/jans-linux-setup/jans_setup/templates/jans-fido2/dynamic-conf.json b/jans-linux-setup/jans_setup/templates/jans-fido2/dynamic-conf.json index 73d4ec1f7e5..680a1d0cdc4 100644 --- a/jans-linux-setup/jans_setup/templates/jans-fido2/dynamic-conf.json +++ b/jans-linux-setup/jans_setup/templates/jans-fido2/dynamic-conf.json @@ -15,9 +15,7 @@ "jansCustomPerson", "jansPerson" ], - "superGluuEnabled": false, "sessionIdPersistInCache": false, - "oldU2fMigrationEnabled": true, "errorReasonEnabled": false, "fido2Configuration":{ "authenticatorCertsFolder":"%(fido2ConfigFolder)s/authenticator_cert", @@ -36,6 +34,7 @@ ] } ], + "metadataServers":[{"url": "https://mds.fidoalliance.org/" }], "userAutoEnrollment":false, "unfinishedRequestExpiration":180, "authenticationHistoryExpiration":1296000, diff --git a/terraform-provider-jans/jans/fido2_config.go b/terraform-provider-jans/jans/fido2_config.go index b65f4ab4297..11cd51c0132 100644 --- a/terraform-provider-jans/jans/fido2_config.go +++ b/terraform-provider-jans/jans/fido2_config.go @@ -40,8 +40,6 @@ type JansFido2DynConfiguration struct { MetricReporterKeepDataDays int `schema:"metric_reporter_keep_data_days" json:"metricReporterKeepDataDays,omitempty"` PersonCustomObjectClassList []string `schema:"person_custom_object_class_list" json:"personCustomObjectClassList,omitempty"` Fido2Configuration Fido2Configuration `schema:"fido2_configuration" json:"fido2Configuration,omitempty"` - OldU2fMigrationEnabled bool `schema:"old_u2f_migration_enabled" json:"oldU2fMigrationEnabled,omitempty"` - SuperGluuEnabled bool `schema:"super_gluu_enabled" json:"superGluuEnabled,omitempty"` } // GetFido2Configuration returns the current Fido2 configuration. diff --git a/terraform-provider-jans/provider/resource_fido2_configuration_test.go b/terraform-provider-jans/provider/resource_fido2_configuration_test.go index a0a4d83310f..d92bdd506d0 100644 --- a/terraform-provider-jans/provider/resource_fido2_configuration_test.go +++ b/terraform-provider-jans/provider/resource_fido2_configuration_test.go @@ -47,8 +47,7 @@ func TestResourceFido2Config_Mapping(t *testing.T) { AuthenticationHistoryExpiration: 1296000, enabledFidoAlgorithms: []string{"RS256", "ES256"}, }, - SuperGluuEnabled: true, - OldU2fMigrationEnabled: true, + } if err := toSchemaResource(data, cfg); err != nil {