Skip to content

Commit

Permalink
feat(fido2): add fido2 conf error
Browse files Browse the repository at this point in the history
Signed-off-by: Yuriy Movchan <[email protected]>
  • Loading branch information
yurem committed Jul 2, 2024
1 parent 1f90112 commit f1cfcb2
Show file tree
Hide file tree
Showing 5 changed files with 126 additions and 1 deletion.
13 changes: 13 additions & 0 deletions schema/gluu_schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -4567,6 +4567,18 @@
"syntax": "1.3.6.1.4.1.1466.115.121.1.15",
"x_origin": "Gluu created attribute"
},
{
"desc": "Gluu Errors Configuration",
"equality": "caseIgnoreMatch",
"names": [
"gluuConfErrors"
],
"json": true,
"oid": "oxAttribute",
"substr": "caseIgnoreSubstringsMatch",
"syntax": "1.3.6.1.4.1.1466.115.121.1.15",
"x_origin": "Gluu created attribute"
},
{
"desc": "Authentication request id",
"equality": "caseIgnoreMatch",
Expand Down Expand Up @@ -6035,6 +6047,7 @@
"ou",
"gluuConfDynamic",
"gluuConfStatic",
"gluuConfErrors",
"oxRevision"
],
"must": [
Expand Down
3 changes: 3 additions & 0 deletions setup_app/installers/fido.py
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ def __init__(self):
self.output_folder = os.path.join(Config.outputFolder, 'fido2')
self.template_folder = os.path.join(Config.templateFolder, 'fido2')
self.fido2_dynamic_conf_json = os.path.join(self.output_folder, 'dynamic-conf.json')
self.fido2_error_json = os.path.join(self.output_folder, 'fido2-errors.json')
self.fido2_static_conf_json = os.path.join(self.output_folder, 'static-conf.json')
self.ldif_fido2 = os.path.join(self.output_folder, 'fido2.ldif')

Expand All @@ -42,9 +43,11 @@ def install(self):
def render_import_templates(self, do_import=True):
Config.templateRenderingDict['fido2ConfigFolder'] = self.fido2ConfigFolder
self.renderTemplateInOut(self.fido2_dynamic_conf_json, self.template_folder, self.output_folder)
self.renderTemplateInOut(self.fido2_error_json, self.template_folder, self.output_folder)
self.renderTemplateInOut(self.fido2_static_conf_json, self.template_folder, self.output_folder)

Config.templateRenderingDict['fido2_dynamic_conf_base64'] = self.generate_base64_file(self.fido2_dynamic_conf_json, 1)
Config.templateRenderingDict['fido2_error_base64'] = self.generate_base64_file(self.fido2_error_json, 1)
Config.templateRenderingDict['fido2_static_conf_base64'] = self.generate_base64_file(self.fido2_static_conf_json, 1)

self.renderTemplateInOut(self.ldif_fido2, self.template_folder, self.output_folder)
Expand Down
2 changes: 1 addition & 1 deletion templates/apache/https_gluu.conf
Original file line number Diff line number Diff line change
Expand Up @@ -129,7 +129,7 @@
ProxyPass /.well-known/webfinger http://localhost:8081/oxauth/.well-known/webfinger
ProxyPass /.well-known/uma2-configuration http://localhost:8081/oxauth/restv1/uma2-configuration
ProxyPass /.well-known/fido-configuration http://localhost:8081/oxauth/restv1/fido-configuration
ProxyPass /.well-known/fido2-configuration http://localhost:8073/fido2/restv1/fido2/configuration
ProxyPass /.well-known/fido2-configuration http://localhost:8073/fido2/restv1/configuration
ProxyPass /.well-known/fido-u2f-configuration http://localhost:8081/oxauth/restv1/fido-configuration
ProxyPass /.well-known/scim-configuration http://localhost:8087/scim/restv1/scim/scim-configuration
ProxyPass /firebase-messaging-sw.js http://localhost:8081/oxauth/firebase-messaging-sw.js
Expand Down
108 changes: 108 additions & 0 deletions templates/fido2/fido2-errors.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
{
"common": [
{
"id": "invalid_request",
"description": "The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed",
"uri": null
},
{
"id": "invalid_domain",
"description": "The request contains invalid domain or doesn't match",
"uri": null
},
{
"id": "unknown_error",
"description": "Unknown or not found error",
"uri": null
}
],
"assertion": [
{
"id": "invalid_session_id",
"description": "The request contains invalid session_id",
"uri": null
},
{
"id": "invalid_username_or_key_handle",
"description": "The request contains invalid username or key handle",
"uri": null
},
{
"id": "unsupported_authentication_type",
"description": "The request contains an unsupported authentication type",
"uri": null
},
{
"id": "conflict_with_super_gluu",
"description": "The request contains conflicts with Super Gluu parameters",
"uri": null
},
{
"id": "keys_not_found",
"description": "Can't find associated key(s)",
"uri": null
}
],
"attestation": [
{
"id": "invalid_session_id",
"description": "The request contains invalid session_id",
"uri": null
},
{
"id": "invalid_challenge",
"description": "The request contains a challenge with error",
"uri": null
},
{
"id": "unsupported_attestation_format",
"description": "The request contains unsupported attestation format (fmt)",
"uri": null
},
{
"id": "unsupported_register_type",
"description": "The request contains an unsupported register type",
"uri": null
},
{
"id": "user_auto_enrollment_is_disabled",
"description": "User auto enrollment is disabled",
"uri": null
},
{
"id": "invalid_certificate",
"description": "Certificate validation error",
"uri": null
},
{
"id": "packed_error",
"description": "Packed validation error",
"uri": null
},
{
"id": "tpm_error",
"description": "Tpm validation error",
"uri": null
},
{
"id": "android_key_error",
"description": "Android key validation error",
"uri": null
},
{
"id": "android_safetynet_error",
"description": "Android safetynet validation error",
"uri": null
},
{
"id": "apple_error",
"description": "Apple validation error",
"uri": null
},
{
"id": "fido_u2f_error",
"description": "Fido U2F validation error",
"uri": null
}
]
}
1 change: 1 addition & 0 deletions templates/fido2/fido2.ldif
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,5 @@ objectClass: top
ou: fido2
gluuConfDynamic::%(fido2_dynamic_conf_base64)s
gluuConfStatic::%(fido2_static_conf_base64)s
gluuConfErrors::%(fido2_error_base64)s
oxRevision: 1

0 comments on commit f1cfcb2

Please sign in to comment.