Allow WebAuthn in 2F manager API (#1411)
This commit is contained in:
parent
0f565afb4d
commit
73046867e6
|
@ -1269,7 +1269,7 @@
|
|||
"type" : {
|
||||
"type" : "string",
|
||||
"description" : "The type of token in use",
|
||||
"example" : "TOTP, U2F, UBK (Yubikey)"
|
||||
"example" : "TOTP, U2F, UBK (Yubikey), WebAuthn"
|
||||
},
|
||||
"name" : {
|
||||
"type" : "string",
|
||||
|
|
|
@ -1417,7 +1417,7 @@ components:
|
|||
type:
|
||||
type: string
|
||||
description: "The type of token in use"
|
||||
example: "TOTP, U2F, UBK (Yubikey)"
|
||||
example: "TOTP, U2F, UBK (Yubikey), WebAuthn"
|
||||
name:
|
||||
type: string
|
||||
description: "A user-set description of the token"
|
||||
|
|
|
@ -159,7 +159,7 @@ sub _get2F {
|
|||
type => $device->{type},
|
||||
name => $device->{name}
|
||||
}
|
||||
unless ( ( defined $type and $type ne $device->{type} )
|
||||
unless ( ( defined $type and uc($type) ne uc( $device->{type} ) )
|
||||
or ( defined $id and $id ne genId2F($device) ) );
|
||||
}
|
||||
}
|
||||
|
@ -224,8 +224,12 @@ sub _delete2FFromSessions {
|
|||
my $element = shift @$devices;
|
||||
if (
|
||||
( defined $type or defined $id )
|
||||
and ( ( defined $type and $type ne $element->{type} )
|
||||
or ( defined $id and $id ne genId2F($element) ) )
|
||||
and ( (
|
||||
defined $type
|
||||
and uc($type) ne uc( $element->{type} )
|
||||
)
|
||||
or ( defined $id and $id ne genId2F($element) )
|
||||
)
|
||||
)
|
||||
{
|
||||
push @keep, $element;
|
||||
|
@ -334,9 +338,9 @@ sub _checkType {
|
|||
res => "ko",
|
||||
code => 400,
|
||||
msg =>
|
||||
"Invalid input: Type \"$type\" does not exist. Allowed values for type are: \"U2F\", \"TOTP\" or \"UBK\""
|
||||
"Invalid input: Type \"$type\" does not exist. Allowed values for type are: \"U2F\", \"TOTP\", \"WebAuthn\" or \"UBK\""
|
||||
}
|
||||
unless ( $type =~ /\b(?:U2F|TOTP|UBK)\b/ );
|
||||
unless ( $type =~ /\b(?:U2F|TOTP|UBK|WebAuthn)\b/i );
|
||||
|
||||
return { res => "ok" };
|
||||
}
|
||||
|
|
|
@ -241,7 +241,15 @@ $sfaDevices = [ {
|
|||
"type" => "UBK",
|
||||
"_secret" => "123456",
|
||||
"epoch" => time
|
||||
}
|
||||
},
|
||||
{
|
||||
"_credentialId" => "abc",
|
||||
"_credentialPublicKey" => "abc",
|
||||
"_signCount" => "65",
|
||||
"epoch" => "1643201784",
|
||||
"name" => "MyFidoKey",
|
||||
"type" => "WebAuthn"
|
||||
},
|
||||
];
|
||||
newSession( 'dwho', '127.10.0.1', 'SSO', $sfaDevices );
|
||||
newSession( 'dwho', '127.10.0.1', 'Persistent', $sfaDevices );
|
||||
|
@ -304,12 +312,15 @@ newSession( 'tof', '127.10.0.1', 'Persistent', $sfaDevices );
|
|||
checkGetList( 1, 'dwho', 'U2F' );
|
||||
checkGetList( 1, 'dwho', 'TOTP' );
|
||||
checkGetList( 1, 'dwho', 'UBK' );
|
||||
checkGetList( 1, 'dwho', 'WebAuthn' );
|
||||
checkGetBadType( 'dwho', 'UBKIKI' );
|
||||
$ret = checkGetList( 3, 'dwho' );
|
||||
$ret = checkGetList( 4, 'dwho' );
|
||||
checkGetOnIds( 'dwho', $ret );
|
||||
checkDelete( 'dwho', @$ret[0]->{id} );
|
||||
checkDelete404( 'dwho', @$ret[0]->{id} );
|
||||
checkGetList( 2, 'dwho' );
|
||||
checkGetList( 3, 'dwho' );
|
||||
checkDeleteList( 1, 'dwho', 'WebAuthn' );
|
||||
checkGetList( 0, 'dwho', 'WebAuthn' );
|
||||
checkDeleteList( 2, 'dwho' );
|
||||
checkGetList( 0, 'dwho' );
|
||||
checkDeleteList( 0, 'dwho' );
|
||||
|
|
Loading…
Reference in New Issue