Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ProjectPasskeys: Replace requestedParties with rpId, and origins #9248

Closed
Tracked by #9111
maduvena opened this issue Aug 22, 2024 · 3 comments · Fixed by #10572
Closed
Tracked by #9111

ProjectPasskeys: Replace requestedParties with rpId, and origins #9248

maduvena opened this issue Aug 22, 2024 · 3 comments · Fixed by #10572
Assignees
@shekhar16 @imran-ishaq
Milestone
1.3.0

Comments

@maduvena
Copy link
Contributor

maduvena commented Aug 22, 2024
edited
Loading

RP.ID is set one time, and can not be changed. It must be carefully considered, and is integral part of the access control for the authenticat

For jans, this is how we should be doing it:

RP.ID must always be set
RP.ID must be set separately from ORIGINS
RP.ID must be just the HOST part, or FQDN
RP.ID need to have a clear documentation
Origins are a list of origins (protocol + host + port), that must specified by the user separately

TODOs:

  1. Replace requestedParties with rpId, and origin
  2. Check ClientDataJson (contain origin)
    if origin returned in ClientDataJson is in the list of allowed origins, then pass
    Your origins can be, https://bank.com/ https://auth.bank.com/ https://internal.bank.com/

Origins can be a set, and can change
@maduvena maduvena mentioned this issue Aug 22, 2024
Closed
11 tasks
@maduvena maduvena changed the title Replace requestedParties with rpId, and origins ProjectPasskeys: Replace requestedParties with rpId, and origins Aug 22, 2024
@shekhar16 shekhar16 self-assigned this Sep 2, 2024
@shekhar16
Copy link
Contributor

code has been committed as part of #9111.
Closing this ticket.

@moabu moabu added this to the 1.1.5 milestone Sep 16, 2024
@maduvena maduvena reopened this Sep 18, 2024
@maduvena
Copy link
Contributor Author

TODOs:

  • Write a test case
  • Check a complete flow, Shekhar has done only the backend handling

References : 1. https://passkeys.dev/docs/advanced/related-origins/
2. Notes from Mike - https://developer.chrome.com/blog/passkeys-updates-chrome-129?hl=en

@imran-ishaq imran-ishaq self-assigned this Sep 19, 2024
maduvena added a commit that referenced this issue Sep 25, 2024
@maduvena
fix(jans-fido2): #9248 Renaming domain to origin and application id t…
d8628e8 
…o RpId

Signed-off-by: Madhumita <[email protected]>
@imran-ishaq imran-ishaq mentioned this issue Sep 25, 2024
Merged
6 tasks
maduvena added a commit that referenced this issue Sep 25, 2024
@maduvena
fix(jans-fido2): #9248
db48843
@moabu moabu modified the milestones: 1.1.5, 1.1.6 Oct 8, 2024
imran-ishaq added a commit that referenced this issue Oct 29, 2024
@imran-ishaq
refactor(docs): add origin parameter in Fido2ExternalAuthenticator sc…
860260f 
…ript for attestation and assertion API calls #9248

Signed-off-by: imran-ishaq <[email protected]>
imran-ishaq added a commit that referenced this issue Oct 29, 2024
@imran-ishaq
fix(jans-fido2): handle origin if http or https is missing #9248
c5c2a7a 
Signed-off-by: imran-ishaq <[email protected]>
@imran-ishaq imran-ishaq mentioned this issue Oct 29, 2024
Merged
6 tasks
imran-ishaq added a commit that referenced this issue Oct 30, 2024
@imran-ishaq
refactor(jans-fido2): remove domain validation, now handled in #9248
0fd6cfd 
Signed-off-by: imran-ishaq <[email protected]>
imran-ishaq added a commit that referenced this issue Oct 30, 2024
@imran-ishaq
Add origin parameter in Fido2ExternalAuthenticator script for attesta…
ba381a9 
…tion and assertion API calls #9248 (#9974)

* feat(jans-fido2): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls

Signed-off-by: imran-ishaq <[email protected]>

* refactor(docs): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): handle origin if http or https is missing #9248

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>
imran-ishaq added a commit that referenced this issue Nov 1, 2024
@imran-ishaq
fix(docs): #9248
b33d6bf 
Signed-off-by: imran-ishaq <[email protected]>
@maduvena
Copy link
Contributor Author

maduvena commented Nov 5, 2024

New notes:

RP ID is a domain string only, and does not mention a scheme or port number as an origin does. The RP ID of a PublicKeyCredential sets it scope, i.e. it determines the origins on which it may be exercised as follows:

The RP ID must be equal to the origin's effective domain, or a registrable suffix of the origin's effective domain.

The origin's scheme must be 'https'.

The origin's port number is unrestricted.

This is done in order ...
Image

moabu pushed a commit that referenced this issue Nov 7, 2024
@maduvena @moabu
fix(jans-fido2): #9248 Renaming domain to origin and application id t…
29594a3 
…o RpId

Signed-off-by: Madhumita <[email protected]>
moabu pushed a commit that referenced this issue Nov 7, 2024
@maduvena @moabu
fix(jans-fido2): #9248
aa4f663
moabu pushed a commit that referenced this issue Nov 7, 2024
@imran-ishaq @moabu
Add origin parameter in Fido2ExternalAuthenticator script for attesta…
3cbb92e 
…tion and assertion API calls #9248 (#9974)

* feat(jans-fido2): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls

Signed-off-by: imran-ishaq <[email protected]>

* refactor(docs): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): handle origin if http or https is missing #9248

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>
moabu pushed a commit that referenced this issue Nov 7, 2024
@imran-ishaq @moabu
fix(docs): #9248
6ec2e60 
Signed-off-by: imran-ishaq <[email protected]>
@moabu moabu modified the milestones: 1.1.6, next-release Nov 21, 2024
moabu added a commit that referenced this issue Dec 12, 2024
@moabu @mo-auto
@snyk-bot @dependabot @pujavs @maduvena @yurem @ossdhaval @uprightech @duttarnab @yackermann @shekhar16 @imran-ishaq @jgomer2001 @devrimyatar
feat(jans-fido2): major FIDO2 / Passkeys upgrade ProjectPasskeys (#1…
e823bf7 
…0080)

* chore(main): release jans-orm 1.0.1-SNAPSHOT (#1713)

* chore(main): release jans-fido2 1.0.1-SNAPSHOT (#1712)

* chore(main): release jans-auth-server 1.0.1-SNAPSHOT (#1711)

* chore(main): release jans-core 1.0.1-SNAPSHOT (#1710)

* chore(main): release jans-scim 1.0.1-SNAPSHOT (#1709)

* chore(main): release jans-notify 1.0.1-SNAPSHOT (#1708)

* chore(main): release agama 1.0.1-SNAPSHOT (#1707)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#2466)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2471)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

Co-authored-by: snyk-bot <[email protected]>

* build(deps): bump commons-text from 1.9 to 1.10.0 in /jans-bom (#2679)

Bumps commons-text from 1.9 to 1.10.0.

---
updated-dependencies:
- dependency-name: org.apache.commons:commons-text
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2676)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3037311

* fix: jans-config-api/plugins/sample/helloworld/pom.xml to reduce vulnerabilities (#972)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1009963
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1058913
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1085989
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1303102

Co-authored-by: pujavs <[email protected]>

* fix: jans-config-api/pom.xml to reduce vulnerabilities (#1746)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGECLIPSEJETTY-2945452

Co-authored-by: pujavs <[email protected]>

* docs: update README.md (#2367)

* chore(main): release jans-core 1.0.5-SNAPSHOT (#3143)

* chore(main): release jans-config-api 1.0.5-SNAPSHOT (#3142)

* chore(main): release jans-auth-server 1.0.5-SNAPSHOT (#3141)

* chore(main): release jans-notify 1.0.5-SNAPSHOT (#3140)

* chore(main): release jans-orm 1.0.5-SNAPSHOT (#3139)

* chore(main): release jans-eleven 1.0.5-SNAPSHOT (#3138)

* chore(main): release jans-fido2 1.0.5-SNAPSHOT (#3137)

* chore(main): release jans-bom 1.0.5-SNAPSHOT (#3136)

* chore: add owner to jans-config-api (#3283)

* build(deps): bump postgresql from 42.5.0 to 42.5.1 in /jans-bom (#3068)

Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.5.0 to 42.5.1.
- [Release notes](https://github.com/pgjdbc/pgjdbc/releases)
- [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md)
- [Commits](pgjdbc/pgjdbc@REL42.5.0...REL42.5.1)

---
updated-dependencies:
- dependency-name: org.postgresql:postgresql
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#3315)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <[email protected]>

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#3314)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <[email protected]>

* chore(main): release jans-eleven 1.0.6-SNAPSHOT (#3538)

* chore(main): release jans-bom 1.0.6-SNAPSHOT (#3539)

* chore(main): release jans-notify 1.0.6-SNAPSHOT (#3540)

* chore(main): release jans-config-api 1.0.6-SNAPSHOT (#3541)

* chore(main): release jans-orm 1.0.6-SNAPSHOT (#3542)

* chore(main): release jans-scim 1.0.6-SNAPSHOT (#3543)

* chore(main): release jans-auth-server 1.0.6-SNAPSHOT (#3544)

* chore(main): release jans-fido2 1.0.6-SNAPSHOT (#3545)

* chore(main): release jans-core 1.0.6-SNAPSHOT (#3546)

* fix: cbor data stream lenght calculatro return wrong lengh #3614 (#3615)

* chore(main): release jans-core 1.0.7-SNAPSHOT (#3919)

* chore(main): release jans-scim 1.0.7-SNAPSHOT (#3918)

* chore(main): release jans-notify 1.0.7-SNAPSHOT (#3917)

* chore(main): release jans-auth-server 1.0.7-SNAPSHOT (#3916)

* chore(main): release jans-bom 1.0.7-SNAPSHOT (#3915)

* chore(main): release jans-orm 1.0.7-SNAPSHOT (#3914)

* chore(main): release agama 1.0.7-SNAPSHOT (#3913)

* chore(main): release jans-eleven 1.0.7-SNAPSHOT (#3912)

* chore(main): release jans-config-api 1.0.7-SNAPSHOT (#3911)

* chore(main): release jans-fido2 1.0.7-SNAPSHOT (#3910)

* chore(main): release jans-notify 1.0.8-SNAPSHOT (#4008)

* chore(main): release jans-auth-server 1.0.8-SNAPSHOT (#4007)

* chore(main): release jans-config-api 1.0.8-SNAPSHOT (#4006)

* chore(main): release jans-scim 1.0.8-SNAPSHOT (#4004)

* chore(main): release jans-fido2 1.0.8-SNAPSHOT (#4005)

* chore(main): release jans-bom 1.0.8-SNAPSHOT (#4003)

* chore(main): release jans-core 1.0.8-SNAPSHOT (#4002)

* chore(main): release jans-orm 1.0.8-SNAPSHOT (#4001)

* chore(main): release jans-eleven 1.0.8-SNAPSHOT (#4000)

* chore(main): release agama 1.0.8-SNAPSHOT (#3999)

* chore(main): release jans-auth-server 1.0.9-SNAPSHOT (#4064)

* chore(main): release jans-fido2 1.0.9-SNAPSHOT (#4062)

* chore(main): release jans-auth-server 1.0.10-SNAPSHOT (#4175)

* chore(main): release jans-fido2 1.0.10-SNAPSHOT (#4173)

* chore(main): release jans-eleven 1.0.10-SNAPSHOT (#4172)

* chore(main): release jans-orm 1.0.10-SNAPSHOT (#4171)

* chore(main): release jans-notify 1.0.10-SNAPSHOT (#4170)

* chore(main): release jans-config-api 1.0.10-SNAPSHOT (#4169)

* chore(main): release jans-core 1.0.10-SNAPSHOT (#4168)

* chore(main): release jans-bom 1.0.10-SNAPSHOT (#4167)

* chore(main): release agama 1.0.10-SNAPSHOT (#4166)

* chore(main): release jans-eleven 1.0.11-SNAPSHOT (#4473)

* chore(main): release jans-core 1.0.11-SNAPSHOT (#4472)

* chore(main): release jans-notify 1.0.11-SNAPSHOT (#4471)

* chore(main): release jans-auth-server 1.0.11-SNAPSHOT (#4470)

* chore(main): release jans-fido2 1.0.11-SNAPSHOT (#4469)

* chore(main): release jans-bom 1.0.11-SNAPSHOT (#4467)

* chore(main): release agama 1.0.11-SNAPSHOT (#4466)

* chore(main): release jans-orm 1.0.11-SNAPSHOT (#4465)

* chore(main): release jans-config-api 1.0.11-SNAPSHOT (#4464)

* chore(main): release jans-orm 1.0.12-SNAPSHOT (#4638)

* chore(main): release jans-bom 1.0.12-SNAPSHOT (#4636)

* chore(main): release jans-core 1.0.12-SNAPSHOT (#4637)

* chore(main): release jans-notify 1.0.12-SNAPSHOT (#4634)

* chore(main): release jans-config-api 1.0.12-SNAPSHOT (#4633)

* chore(main): release jans-auth-server 1.0.12-SNAPSHOT (#4632)

* chore(main): release jans-eleven 1.0.12-SNAPSHOT (#4631)

* chore(main): release agama 1.0.12-SNAPSHOT (#4630)

* chore(main): release jans-scim 1.0.12-SNAPSHOT (#4629)

* chore(main): release jans-fido2 1.0.12-SNAPSHOT (#4635)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#4271)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3367610

* chore(deps): bump jettison from 1.5.2 to 1.5.4 in /jans-auth-server (#4275)

Bumps [jettison](https://github.com/jettison-json/jettison) from 1.5.2 to 1.5.4.
- [Release notes](https://github.com/jettison-json/jettison/releases)
- [Commits](jettison-json/jettison@jettison-1.5.2...jettison-1.5.4)

---
updated-dependencies:
- dependency-name: org.codehaus.jettison:jettison
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(main): release jans-config-api 1.0.13-SNAPSHOT (#4920)

* chore(main): release jans-notify 1.0.13-SNAPSHOT (#4917)

* chore(main): release jans-auth-server 1.0.13-SNAPSHOT (#4918)

* chore(main): release jans-orm 1.0.13-SNAPSHOT (#4916)

* chore(main): release agama 1.0.13-SNAPSHOT (#4915)

* chore(main): release jans-bom 1.0.13-SNAPSHOT (#4913)

* chore(main): release jans-core 1.0.13-SNAPSHOT (#4914)

* chore(main): release jans-scim 1.0.13-SNAPSHOT (#4912)

* chore(main): release jans-eleven 1.0.13-SNAPSHOT (#4911)

* chore(main): release jans-fido2 1.0.13-SNAPSHOT (#4919)

* docs: write topic overview pages for properties, feature flags and endpoint sections (#5147)

* docs(scripts): endpoint section README.md

Signed-off-by: ossdhaval <[email protected]>

* docs(scripts): property section readme

Signed-off-by: ossdhaval <[email protected]>

* docs(scripts): add how to set properties

Signed-off-by: ossdhaval <[email protected]>

* docs(scripts): add details to feature flag readme

Signed-off-by: ossdhaval <[email protected]>

---------

Signed-off-by: ossdhaval <[email protected]>

* chore(main): release jans-bom 1.0.14-SNAPSHOT (#5211)

* chore(main): release jans-config-api 1.0.14-SNAPSHOT (#5209)

* chore(main): release jans-scim 1.0.14-SNAPSHOT (#5208)

* chore(main): release jans-eleven 1.0.14-SNAPSHOT (#5207)

* chore(main): release agama 1.0.14-SNAPSHOT (#5206)

* chore(main): release jans-orm 1.0.14-SNAPSHOT (#5205)

* chore(main): release jans-fido2 1.0.14-SNAPSHOT (#5204)

* chore(main): release jans-core 1.0.14-SNAPSHOT (#5203)

* chore(main): release jans-config-api 1.0.15-SNAPSHOT (#5495)

* chore(main): release jans-bom 1.0.15-SNAPSHOT (#5493)

* chore(main): release agama 1.0.15-SNAPSHOT (#5492)

* chore(main): release jans-scim 1.0.15-SNAPSHOT (#5491)

* chore(main): release jans-orm 1.0.15-SNAPSHOT (#5490)

* chore(main): release jans-fido2 1.0.15-SNAPSHOT (#5489)

* chore(main): release jans-eleven 1.0.15-SNAPSHOT (#5488)

* chore(main): release jans-core 1.0.15-SNAPSHOT (#5494)

* chore(main): release jans-scim 1.0.16-SNAPSHOT (#5733)

* chore(main): release jans-fido2 1.0.16-SNAPSHOT (#5730)

* chore(main): release jans-auth-server 1.0.16-SNAPSHOT (#5729)

* chore(main): release jans-orm 1.0.16-SNAPSHOT (#5728)

* chore(main): release agama 1.0.16-SNAPSHOT (#5727)

* chore(main): release jans-bom 1.0.16-SNAPSHOT (#5725)

* chore(main): release jans-eleven 1.0.16-SNAPSHOT (#5726)

* chore(main): release jans-core 1.0.16-SNAPSHOT (#5732)

* chore(main): release jans-config-api 1.0.16-SNAPSHOT (#5731)

* chore(main): release jans-scim 1.0.17-SNAPSHOT (#6051)

* chore(main): release jans-core 1.0.17-SNAPSHOT (#6049)

* chore(main): release jans-bom 1.0.17-SNAPSHOT (#6048)

* chore(main): release agama 1.0.17-SNAPSHOT (#6047)

* chore(main): release jans-auth-server 1.0.17-SNAPSHOT (#6046)

* chore(main): release jans-fido2 1.0.17-SNAPSHOT (#6045)

* chore(main): release jans-config-api 1.0.17-SNAPSHOT (#6044)

* chore(main): release jans-eleven 1.0.17-SNAPSHOT (#6043)

* chore(main): release jans-orm 1.0.17-SNAPSHOT (#6050)

* chore(main): release jans-orm 1.0.18-SNAPSHOT (#6115)

* chore(main): release jans-bom 1.0.18-SNAPSHOT (#6113)

* chore(main): release jans-config-api 1.0.18-SNAPSHOT (#6112)

* chore(main): release jans-auth-server 1.0.18-SNAPSHOT (#6111)

* chore(main): release jans-core 1.0.18-SNAPSHOT (#6110)

* chore(main): release jans-fido2 1.0.18-SNAPSHOT (#6108)

* chore(main): release agama 1.0.18-SNAPSHOT (#6109)

* chore(main): release jans-eleven 1.0.18-SNAPSHOT (#6107)

* chore(main): release jans-scim 1.0.18-SNAPSHOT (#6114)

* chore(main): release jans-scim 1.0.19-SNAPSHOT (#6245)

* chore(main): release jans-bom 1.0.19-SNAPSHOT (#6241)

* chore(main): release jans-fido2 1.0.19-SNAPSHOT (#6240)

* chore(main): release jans-auth-server 1.0.19-SNAPSHOT (#6239)

* chore(main): release jans-config-api 1.0.19-SNAPSHOT (#6238)

* chore(main): release agama 1.0.19-SNAPSHOT (#6236)

* chore(main): release jans-eleven 1.0.19-SNAPSHOT (#6235)

* chore(main): release jans-orm 1.0.19-SNAPSHOT (#6244)

* chore(main): release jans-scim 1.0.20-SNAPSHOT (#6485)

* chore(main): release jans-core 1.0.20-SNAPSHOT (#6483)

* chore(main): release jans-bom 1.0.20-SNAPSHOT (#6482)

* chore(main): release jans-link 1.0.20-SNAPSHOT (#6481)

* chore(main): release jans-fido2 1.0.20-SNAPSHOT (#6480)

* chore(main): release jans-casa 1.0.20-SNAPSHOT (#6479)

* chore(main): release jans-eleven 1.0.20-SNAPSHOT (#6478)

* chore(main): release jans-config-api 1.0.20-SNAPSHOT (#6477)

* chore(main): release agama 1.0.20-SNAPSHOT (#6476)

* chore(main): release jans-auth-server 1.0.20-SNAPSHOT (#6475)

* chore(main): release jans-orm 1.0.20-SNAPSHOT (#6484)

* chore(main): release jans-orm 1.0.21-SNAPSHOT (#7022)

* chore(main): release jans-scim 1.0.21-SNAPSHOT (#7020)

* chore(main): release jans-auth-server 1.0.21-SNAPSHOT (#7019)

* chore(main): release agama 1.0.21-SNAPSHOT (#7018)

* chore(main): release jans-eleven 1.0.21-SNAPSHOT (#7017)

* chore(main): release jans-fido2 1.0.21-SNAPSHOT (#7016)

* chore(main): release jans-config-api 1.0.21-SNAPSHOT (#7015)

* chore(main): release jans-bom 1.0.21-SNAPSHOT (#7014)

* chore(main): release jans-core 1.0.21-SNAPSHOT (#7013)

* chore(main): release jans-casa 1.0.21-SNAPSHOT (#7012)

* chore(main): release jans-keycloak-link 1.0.21-SNAPSHOT (#7021)

* chore(main): release jans-keycloak-link 1.0.22-SNAPSHOT (#7469)

* chore(main): release jans-scim 1.0.22-SNAPSHOT (#7468)

* chore(main): release jans-orm 1.0.22-SNAPSHOT (#7467)

* chore(main): release jans-lock 1.0.22-SNAPSHOT (#7466)

* chore(main): release jans-link 1.0.22-SNAPSHOT (#7465)

* chore(main): release jans-fido2 1.0.22-SNAPSHOT (#7464)

* chore(main): release jans-eleven 1.0.22-SNAPSHOT (#7463)

* chore(main): release jans-config-api 1.0.22-SNAPSHOT (#7462)

* chore(main): release jans-core 1.0.22-SNAPSHOT (#7461)

* chore(main): release jans-casa 1.0.22-SNAPSHOT (#7460)

* chore(main): release agama 1.0.22-SNAPSHOT (#7459)

* chore(main): release jans-bom 1.0.22-SNAPSHOT (#7458)

* chore(main): release jans-auth-server 1.0.22-SNAPSHOT (#7457)

* fix(jans-keycloak-integration): security bugfixes #8954 (#8962)

* fix(jans-linux-setup): improper scim configuration for jans kc #8210
* updated the keycloak configuration file to reflect the  configuration for the storage-spi

Signed-off-by: Rolain Djeumen <[email protected]>

* chore(jans-keycloak-integration): bump kc version to 24.0.0 #8315

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8954
* bumped nimbus oidc sdk version

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8954
* removed  old metadata parser and entityidhandler from `jans-core-saml`

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8954
* further removed old saml related code

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8654
* removed unused dependencies in jans-core-saml

Signed-off-by: Rolain Djeumen <[email protected]>

---------

Signed-off-by: Rolain Djeumen <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>

* feat: Minimum support ES256, RS1, RS256, ED25519 (#9086)

* feat: Minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <[email protected]>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <[email protected]>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <[email protected]>

* feat: using SHA512 for Ed25519

Signed-off-by: Arnab Dutta <[email protected]>

---------

Signed-off-by: Arnab Dutta <[email protected]>

* feat: refactor Assertion/Attestation to Jackson ObjectMapper (#9023)

* feat: refactor Assertion/Attestation to Jackson ObjectMapper

Signed-off-by: Arnab Dutta <[email protected]>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <[email protected]>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <[email protected]>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <[email protected]>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <[email protected]>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <[email protected]>

---------

Signed-off-by: Arnab Dutta <[email protected]>

* fix(jans-fido2): removing safetynet and android #8901

* fix(jans-fido2): Removing multiple Assertion processors #8902

* feat: add support for BS / BE flags in AuthData #8903 (#8968)

* feat: add support for BS / BE flags in AuthData #8903

Signed-off-by: Arnab Dutta <[email protected]>

* feat: adding comments

Signed-off-by: Arnab Dutta <[email protected]>

* feat: adding comments

Signed-off-by: Arnab Dutta <[email protected]>

---------

Signed-off-by: Arnab Dutta <[email protected]>
Co-authored-by: Ackermann Yuriy <[email protected]>

* fix(jans-fido2): #8906, Basic simplification and refactoring of Attestation and Assertion Response

* Issue 8908 (#9241)

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): #8908 delete unused file

Signed-off-by: shekhar16 <[email protected]>

---------

Signed-off-by: shekhar16 <[email protected]>

* fix(jans-fido2): Attestation #8906

* Issue 9111 (#9276)

* feat(jans-fido): refactor mds3 codebase and server config

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): revert rename from docker file #9111

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): add metadatarefreshinterval #9111

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): changes to refactor metadataservers #9111

Signed-off-by: shekhar16 <[email protected]>

---------

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): changes to refactor requestedParties #9111 (#9329)

Signed-off-by: shekhar16 <[email protected]>

* fix(jans-fido2): resolve failing test case in `FetchMdsProviderServiceTest` (#9299)

fix(jans-fido2): resolve failing test case in FetchMdsProviderServiceTest

Co-authored-by: Mohammad Abudayyeh <[email protected]>

* docs(customization): updates to customization document to align with custom assets feature (#9106)

* docs(customize): add intro and management sections

Signed-off-by: ossdhaval <[email protected]>

* docs(customization): add location details

Signed-off-by: ossdhaval <[email protected]>

* docs(customization): add web customization instructions

Signed-off-by: ossdhaval <[email protected]>

* docs(customization): fix proofreading issues

Signed-off-by: ossdhaval <[email protected]>

---------

Signed-off-by: ossdhaval <[email protected]>

* fix(jans-fido2): removed legacy SuperGluu support #9453 (#9468)

Signed-off-by: Madhumita <[email protected]>

* feat(jans-fido2): add support for isEnterpriseAttestation in local me… (#9521)

* feat(jans-fido2): add support for isEnterpriseAttestation in local metadata retrieval

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): add new unit test for isEnterpriseAttestation

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* Jans fido2 attestation mode 9332 (#9463)

* docs(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestationMode

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestation mode

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): update the full flow unit test with monitor attestation mode

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): adding missing imports

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): #9248 Renaming domain to origin and application id to RpId

Signed-off-by: Madhumita <[email protected]>

* fix(jans-fido2): #9248

* fix(jans-fido2): resolved build failure issues

Signed-off-by: imran-ishaq <[email protected]>

* Jans fido2 replace requested parties 9248 (#9586)

* feat(jans-fido2): changed function type to be accessible and replaced requestParties name and domain with id and origins

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): add test cases for createRpDomain function in AttestationServiceTest Class

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): #9642

* fix(jans-fido2): convert attestationMode from enum to sting

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido): move fidoconfig folder properties to db #9369 (#9611)

* feat(jans-fido): move fidoconfig folder properties to db #9369

Signed-off-by: shekhar16 [email protected]

* feat(jans-fido): added specialized exception #9369

Signed-off-by: shekhar16 [email protected]

---------

Signed-off-by: shekhar16 [email protected]
Co-authored-by: Yuriy Movchan <[email protected]>

* fix(jans-fido2): #9642
Signed-off-by: Madhumita Subramaniam <[email protected]>

* Reflect Authenicator Name with Passkeys (#9716)

* feat(jans-fido2): reflect authenticator name with passkeys

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): handle test cases for authenticator name

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>

* fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagge… (#9624)

fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagger and ConfigurationControllerTest

Signed-off-by: imran-ishaq <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>

* chore(deps): bump org.apache.maven.plugins:maven-site-plugin from 4.0.0-M12 to 4.0.0-M16 in /jans-scim (#9010)

chore(deps): bump org.apache.maven.plugins:maven-site-plugin

Bumps [org.apache.maven.plugins:maven-site-plugin](https://github.com/apache/maven-site-plugin) from 4.0.0-M12 to 4.0.0-M16.
- [Commits](apache/maven-site-plugin@maven-site-plugin-4.0.0-M12...maven-site-plugin-4.0.0-M16)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-site-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jose Gonzalez <[email protected]>

* fix(jans-casa): fix issue caused by refactoring (#9838)

Signed-off-by: shekhar16 <[email protected]>

* fix(jans-fido2): fix document refactoring issue (#9918)

Signed-off-by: shekhar16 <[email protected]>

* Add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248 (#9974)

* feat(jans-fido2): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls

Signed-off-by: imran-ishaq <[email protected]>

* refactor(docs): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): handle origin if http or https is missing #9248

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* fix(docs): #9248

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-linux-setup): move fidoconfig folder properties to db

Signed-off-by: Mustafa Baser <[email protected]>

* fix(jans-fido2): fix issues due unused injects (#10035)

Signed-off-by: shekhar16 <[email protected]>

* fix: fido2 build

* fix(ProjectPasskeys) : #9981 added rawId, authenticatorData, publicKey, publicKeyAlgorithm, publicKeyId, transport to the newly created cred object.

* fix(jans-ido2): #10101 Update dynamic-conf.json

#10101 property name changed and not reflected in the template

Signed-off-by: Madhumita Subramaniam <[email protected]>

* fix(jans-linux-setup): use sqlconnection instead of mysqlconnection

Signed-off-by: Mustafa Baser <[email protected]>

* Jans fido Review Configs #10101 (#10204)

* Make CommonVerifiersTest class test cases functational (#10209)

* fix(jans-fido2): #9642

* fix(jans-fido2): Make AppleAttestationProcessorTest,PackedAttestationProcessorTest,TPMProcessorTest and U2FAttestationProcessorTest test cases functational

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): support for ECC added #10317

* fix(ProjectPasskeys): #9765

---------

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: ossdhaval <[email protected]>
Signed-off-by: Rolain Djeumen <[email protected]>
Signed-off-by: Arnab Dutta <[email protected]>
Signed-off-by: shekhar16 <[email protected]>
Signed-off-by: Madhumita <[email protected]>
Signed-off-by: imran-ishaq <[email protected]>
Signed-off-by: shekhar16 [email protected]
Signed-off-by: Mustafa Baser <[email protected]>
Signed-off-by: Madhumita Subramaniam <[email protected]>
Signed-off-by: Devrim <[email protected]>
Co-authored-by: mo-auto <[email protected]>
Co-authored-by: Snyk bot <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: pujavs <[email protected]>
Co-authored-by: Madhumita Subramaniam <[email protected]>
Co-authored-by: Yuriy Movchan <[email protected]>
Co-authored-by: Dhaval D <[email protected]>
Co-authored-by: Djeumen Rolain Bonaventure <[email protected]>
Co-authored-by: Arnab Dutta <[email protected]>
Co-authored-by: Ackermann Yuriy <[email protected]>
Co-authored-by: shekhar16 <[email protected]>
Co-authored-by: Imran <[email protected]>
Co-authored-by: imran-ishaq <[email protected]>
Co-authored-by: Jose Gonzalez <[email protected]>
Co-authored-by: Mustafa Baser <[email protected]>
Co-authored-by: Devrim <[email protected]>
moabu added a commit that referenced this issue Dec 13, 2024
@imran-ishaq @mo-auto
@snyk-bot @dependabot @pujavs @maduvena @yurem @ossdhaval @uprightech @moabu @duttarnab @yackermann @shekhar16 @jgomer2001 @devrimyatar
Created new WebAuthn configuration controller that returns an origins…
2731099 
… array list (#10339)

* chore(main): release jans-orm 1.0.1-SNAPSHOT (#1713)

* chore(main): release jans-fido2 1.0.1-SNAPSHOT (#1712)

* chore(main): release jans-auth-server 1.0.1-SNAPSHOT (#1711)

* chore(main): release jans-core 1.0.1-SNAPSHOT (#1710)

* chore(main): release jans-scim 1.0.1-SNAPSHOT (#1709)

* chore(main): release jans-notify 1.0.1-SNAPSHOT (#1708)

* chore(main): release agama 1.0.1-SNAPSHOT (#1707)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#2466)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2471)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

Co-authored-by: snyk-bot <[email protected]>

* build(deps): bump commons-text from 1.9 to 1.10.0 in /jans-bom (#2679)

Bumps commons-text from 1.9 to 1.10.0.

---
updated-dependencies:
- dependency-name: org.apache.commons:commons-text
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2676)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3037311

* fix: jans-config-api/plugins/sample/helloworld/pom.xml to reduce vulnerabilities (#972)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1009963
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1058913
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1085989
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1303102

Co-authored-by: pujavs <[email protected]>

* fix: jans-config-api/pom.xml to reduce vulnerabilities (#1746)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGECLIPSEJETTY-2945452

Co-authored-by: pujavs <[email protected]>

* docs: update README.md (#2367)

* chore(main): release jans-core 1.0.5-SNAPSHOT (#3143)

* chore(main): release jans-config-api 1.0.5-SNAPSHOT (#3142)

* chore(main): release jans-auth-server 1.0.5-SNAPSHOT (#3141)

* chore(main): release jans-notify 1.0.5-SNAPSHOT (#3140)

* chore(main): release jans-orm 1.0.5-SNAPSHOT (#3139)

* chore(main): release jans-eleven 1.0.5-SNAPSHOT (#3138)

* chore(main): release jans-fido2 1.0.5-SNAPSHOT (#3137)

* chore(main): release jans-bom 1.0.5-SNAPSHOT (#3136)

* chore: add owner to jans-config-api (#3283)

* build(deps): bump postgresql from 42.5.0 to 42.5.1 in /jans-bom (#3068)

Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.5.0 to 42.5.1.
- [Release notes](https://github.com/pgjdbc/pgjdbc/releases)
- [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md)
- [Commits](pgjdbc/pgjdbc@REL42.5.0...REL42.5.1)

---
updated-dependencies:
- dependency-name: org.postgresql:postgresql
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#3315)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <[email protected]>

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#3314)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <[email protected]>

* chore(main): release jans-eleven 1.0.6-SNAPSHOT (#3538)

* chore(main): release jans-bom 1.0.6-SNAPSHOT (#3539)

* chore(main): release jans-notify 1.0.6-SNAPSHOT (#3540)

* chore(main): release jans-config-api 1.0.6-SNAPSHOT (#3541)

* chore(main): release jans-orm 1.0.6-SNAPSHOT (#3542)

* chore(main): release jans-scim 1.0.6-SNAPSHOT (#3543)

* chore(main): release jans-auth-server 1.0.6-SNAPSHOT (#3544)

* chore(main): release jans-fido2 1.0.6-SNAPSHOT (#3545)

* chore(main): release jans-core 1.0.6-SNAPSHOT (#3546)

* fix: cbor data stream lenght calculatro return wrong lengh #3614 (#3615)

* chore(main): release jans-core 1.0.7-SNAPSHOT (#3919)

* chore(main): release jans-scim 1.0.7-SNAPSHOT (#3918)

* chore(main): release jans-notify 1.0.7-SNAPSHOT (#3917)

* chore(main): release jans-auth-server 1.0.7-SNAPSHOT (#3916)

* chore(main): release jans-bom 1.0.7-SNAPSHOT (#3915)

* chore(main): release jans-orm 1.0.7-SNAPSHOT (#3914)

* chore(main): release agama 1.0.7-SNAPSHOT (#3913)

* chore(main): release jans-eleven 1.0.7-SNAPSHOT (#3912)

* chore(main): release jans-config-api 1.0.7-SNAPSHOT (#3911)

* chore(main): release jans-fido2 1.0.7-SNAPSHOT (#3910)

* chore(main): release jans-notify 1.0.8-SNAPSHOT (#4008)

* chore(main): release jans-auth-server 1.0.8-SNAPSHOT (#4007)

* chore(main): release jans-config-api 1.0.8-SNAPSHOT (#4006)

* chore(main): release jans-scim 1.0.8-SNAPSHOT (#4004)

* chore(main): release jans-fido2 1.0.8-SNAPSHOT (#4005)

* chore(main): release jans-bom 1.0.8-SNAPSHOT (#4003)

* chore(main): release jans-core 1.0.8-SNAPSHOT (#4002)

* chore(main): release jans-orm 1.0.8-SNAPSHOT (#4001)

* chore(main): release jans-eleven 1.0.8-SNAPSHOT (#4000)

* chore(main): release agama 1.0.8-SNAPSHOT (#3999)

* chore(main): release jans-auth-server 1.0.9-SNAPSHOT (#4064)

* chore(main): release jans-fido2 1.0.9-SNAPSHOT (#4062)

* chore(main): release jans-auth-server 1.0.10-SNAPSHOT (#4175)

* chore(main): release jans-fido2 1.0.10-SNAPSHOT (#4173)

* chore(main): release jans-eleven 1.0.10-SNAPSHOT (#4172)

* chore(main): release jans-orm 1.0.10-SNAPSHOT (#4171)

* chore(main): release jans-notify 1.0.10-SNAPSHOT (#4170)

* chore(main): release jans-config-api 1.0.10-SNAPSHOT (#4169)

* chore(main): release jans-core 1.0.10-SNAPSHOT (#4168)

* chore(main): release jans-bom 1.0.10-SNAPSHOT (#4167)

* chore(main): release agama 1.0.10-SNAPSHOT (#4166)

* chore(main): release jans-eleven 1.0.11-SNAPSHOT (#4473)

* chore(main): release jans-core 1.0.11-SNAPSHOT (#4472)

* chore(main): release jans-notify 1.0.11-SNAPSHOT (#4471)

* chore(main): release jans-auth-server 1.0.11-SNAPSHOT (#4470)

* chore(main): release jans-fido2 1.0.11-SNAPSHOT (#4469)

* chore(main): release jans-bom 1.0.11-SNAPSHOT (#4467)

* chore(main): release agama 1.0.11-SNAPSHOT (#4466)

* chore(main): release jans-orm 1.0.11-SNAPSHOT (#4465)

* chore(main): release jans-config-api 1.0.11-SNAPSHOT (#4464)

* chore(main): release jans-orm 1.0.12-SNAPSHOT (#4638)

* chore(main): release jans-bom 1.0.12-SNAPSHOT (#4636)

* chore(main): release jans-core 1.0.12-SNAPSHOT (#4637)

* chore(main): release jans-notify 1.0.12-SNAPSHOT (#4634)

* chore(main): release jans-config-api 1.0.12-SNAPSHOT (#4633)

* chore(main): release jans-auth-server 1.0.12-SNAPSHOT (#4632)

* chore(main): release jans-eleven 1.0.12-SNAPSHOT (#4631)

* chore(main): release agama 1.0.12-SNAPSHOT (#4630)

* chore(main): release jans-scim 1.0.12-SNAPSHOT (#4629)

* chore(main): release jans-fido2 1.0.12-SNAPSHOT (#4635)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#4271)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3367610

* chore(deps): bump jettison from 1.5.2 to 1.5.4 in /jans-auth-server (#4275)

Bumps [jettison](https://github.com/jettison-json/jettison) from 1.5.2 to 1.5.4.
- [Release notes](https://github.com/jettison-json/jettison/releases)
- [Commits](jettison-json/jettison@jettison-1.5.2...jettison-1.5.4)

---
updated-dependencies:
- dependency-name: org.codehaus.jettison:jettison
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(main): release jans-config-api 1.0.13-SNAPSHOT (#4920)

* chore(main): release jans-notify 1.0.13-SNAPSHOT (#4917)

* chore(main): release jans-auth-server 1.0.13-SNAPSHOT (#4918)

* chore(main): release jans-orm 1.0.13-SNAPSHOT (#4916)

* chore(main): release agama 1.0.13-SNAPSHOT (#4915)

* chore(main): release jans-bom 1.0.13-SNAPSHOT (#4913)

* chore(main): release jans-core 1.0.13-SNAPSHOT (#4914)

* chore(main): release jans-scim 1.0.13-SNAPSHOT (#4912)

* chore(main): release jans-eleven 1.0.13-SNAPSHOT (#4911)

* chore(main): release jans-fido2 1.0.13-SNAPSHOT (#4919)

* docs: write topic overview pages for properties, feature flags and endpoint sections (#5147)

* docs(scripts): endpoint section README.md

Signed-off-by: ossdhaval <[email protected]>

* docs(scripts): property section readme

Signed-off-by: ossdhaval <[email protected]>

* docs(scripts): add how to set properties

Signed-off-by: ossdhaval <[email protected]>

* docs(scripts): add details to feature flag readme

Signed-off-by: ossdhaval <[email protected]>

---------

Signed-off-by: ossdhaval <[email protected]>

* chore(main): release jans-bom 1.0.14-SNAPSHOT (#5211)

* chore(main): release jans-config-api 1.0.14-SNAPSHOT (#5209)

* chore(main): release jans-scim 1.0.14-SNAPSHOT (#5208)

* chore(main): release jans-eleven 1.0.14-SNAPSHOT (#5207)

* chore(main): release agama 1.0.14-SNAPSHOT (#5206)

* chore(main): release jans-orm 1.0.14-SNAPSHOT (#5205)

* chore(main): release jans-fido2 1.0.14-SNAPSHOT (#5204)

* chore(main): release jans-core 1.0.14-SNAPSHOT (#5203)

* chore(main): release jans-config-api 1.0.15-SNAPSHOT (#5495)

* chore(main): release jans-bom 1.0.15-SNAPSHOT (#5493)

* chore(main): release agama 1.0.15-SNAPSHOT (#5492)

* chore(main): release jans-scim 1.0.15-SNAPSHOT (#5491)

* chore(main): release jans-orm 1.0.15-SNAPSHOT (#5490)

* chore(main): release jans-fido2 1.0.15-SNAPSHOT (#5489)

* chore(main): release jans-eleven 1.0.15-SNAPSHOT (#5488)

* chore(main): release jans-core 1.0.15-SNAPSHOT (#5494)

* chore(main): release jans-scim 1.0.16-SNAPSHOT (#5733)

* chore(main): release jans-fido2 1.0.16-SNAPSHOT (#5730)

* chore(main): release jans-auth-server 1.0.16-SNAPSHOT (#5729)

* chore(main): release jans-orm 1.0.16-SNAPSHOT (#5728)

* chore(main): release agama 1.0.16-SNAPSHOT (#5727)

* chore(main): release jans-bom 1.0.16-SNAPSHOT (#5725)

* chore(main): release jans-eleven 1.0.16-SNAPSHOT (#5726)

* chore(main): release jans-core 1.0.16-SNAPSHOT (#5732)

* chore(main): release jans-config-api 1.0.16-SNAPSHOT (#5731)

* chore(main): release jans-scim 1.0.17-SNAPSHOT (#6051)

* chore(main): release jans-core 1.0.17-SNAPSHOT (#6049)

* chore(main): release jans-bom 1.0.17-SNAPSHOT (#6048)

* chore(main): release agama 1.0.17-SNAPSHOT (#6047)

* chore(main): release jans-auth-server 1.0.17-SNAPSHOT (#6046)

* chore(main): release jans-fido2 1.0.17-SNAPSHOT (#6045)

* chore(main): release jans-config-api 1.0.17-SNAPSHOT (#6044)

* chore(main): release jans-eleven 1.0.17-SNAPSHOT (#6043)

* chore(main): release jans-orm 1.0.17-SNAPSHOT (#6050)

* chore(main): release jans-orm 1.0.18-SNAPSHOT (#6115)

* chore(main): release jans-bom 1.0.18-SNAPSHOT (#6113)

* chore(main): release jans-config-api 1.0.18-SNAPSHOT (#6112)

* chore(main): release jans-auth-server 1.0.18-SNAPSHOT (#6111)

* chore(main): release jans-core 1.0.18-SNAPSHOT (#6110)

* chore(main): release jans-fido2 1.0.18-SNAPSHOT (#6108)

* chore(main): release agama 1.0.18-SNAPSHOT (#6109)

* chore(main): release jans-eleven 1.0.18-SNAPSHOT (#6107)

* chore(main): release jans-scim 1.0.18-SNAPSHOT (#6114)

* chore(main): release jans-scim 1.0.19-SNAPSHOT (#6245)

* chore(main): release jans-bom 1.0.19-SNAPSHOT (#6241)

* chore(main): release jans-fido2 1.0.19-SNAPSHOT (#6240)

* chore(main): release jans-auth-server 1.0.19-SNAPSHOT (#6239)

* chore(main): release jans-config-api 1.0.19-SNAPSHOT (#6238)

* chore(main): release agama 1.0.19-SNAPSHOT (#6236)

* chore(main): release jans-eleven 1.0.19-SNAPSHOT (#6235)

* chore(main): release jans-orm 1.0.19-SNAPSHOT (#6244)

* chore(main): release jans-scim 1.0.20-SNAPSHOT (#6485)

* chore(main): release jans-core 1.0.20-SNAPSHOT (#6483)

* chore(main): release jans-bom 1.0.20-SNAPSHOT (#6482)

* chore(main): release jans-link 1.0.20-SNAPSHOT (#6481)

* chore(main): release jans-fido2 1.0.20-SNAPSHOT (#6480)

* chore(main): release jans-casa 1.0.20-SNAPSHOT (#6479)

* chore(main): release jans-eleven 1.0.20-SNAPSHOT (#6478)

* chore(main): release jans-config-api 1.0.20-SNAPSHOT (#6477)

* chore(main): release agama 1.0.20-SNAPSHOT (#6476)

* chore(main): release jans-auth-server 1.0.20-SNAPSHOT (#6475)

* chore(main): release jans-orm 1.0.20-SNAPSHOT (#6484)

* chore(main): release jans-orm 1.0.21-SNAPSHOT (#7022)

* chore(main): release jans-scim 1.0.21-SNAPSHOT (#7020)

* chore(main): release jans-auth-server 1.0.21-SNAPSHOT (#7019)

* chore(main): release agama 1.0.21-SNAPSHOT (#7018)

* chore(main): release jans-eleven 1.0.21-SNAPSHOT (#7017)

* chore(main): release jans-fido2 1.0.21-SNAPSHOT (#7016)

* chore(main): release jans-config-api 1.0.21-SNAPSHOT (#7015)

* chore(main): release jans-bom 1.0.21-SNAPSHOT (#7014)

* chore(main): release jans-core 1.0.21-SNAPSHOT (#7013)

* chore(main): release jans-casa 1.0.21-SNAPSHOT (#7012)

* chore(main): release jans-keycloak-link 1.0.21-SNAPSHOT (#7021)

* chore(main): release jans-keycloak-link 1.0.22-SNAPSHOT (#7469)

* chore(main): release jans-scim 1.0.22-SNAPSHOT (#7468)

* chore(main): release jans-orm 1.0.22-SNAPSHOT (#7467)

* chore(main): release jans-lock 1.0.22-SNAPSHOT (#7466)

* chore(main): release jans-link 1.0.22-SNAPSHOT (#7465)

* chore(main): release jans-fido2 1.0.22-SNAPSHOT (#7464)

* chore(main): release jans-eleven 1.0.22-SNAPSHOT (#7463)

* chore(main): release jans-config-api 1.0.22-SNAPSHOT (#7462)

* chore(main): release jans-core 1.0.22-SNAPSHOT (#7461)

* chore(main): release jans-casa 1.0.22-SNAPSHOT (#7460)

* chore(main): release agama 1.0.22-SNAPSHOT (#7459)

* chore(main): release jans-bom 1.0.22-SNAPSHOT (#7458)

* chore(main): release jans-auth-server 1.0.22-SNAPSHOT (#7457)

* fix(jans-keycloak-integration): security bugfixes #8954 (#8962)

* fix(jans-linux-setup): improper scim configuration for jans kc #8210
* updated the keycloak configuration file to reflect the  configuration for the storage-spi

Signed-off-by: Rolain Djeumen <[email protected]>

* chore(jans-keycloak-integration): bump kc version to 24.0.0 #8315

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8954
* bumped nimbus oidc sdk version

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8954
* removed  old metadata parser and entityidhandler from `jans-core-saml`

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8954
* further removed old saml related code

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8654
* removed unused dependencies in jans-core-saml

Signed-off-by: Rolain Djeumen <[email protected]>

---------

Signed-off-by: Rolain Djeumen <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>

* feat: Minimum support ES256, RS1, RS256, ED25519 (#9086)

* feat: Minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <[email protected]>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <[email protected]>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <[email protected]>

* feat: using SHA512 for Ed25519

Signed-off-by: Arnab Dutta <[email protected]>

---------

Signed-off-by: Arnab Dutta <[email protected]>

* feat: refactor Assertion/Attestation to Jackson ObjectMapper (#9023)

* feat: refactor Assertion/Attestation to Jackson ObjectMapper

Signed-off-by: Arnab Dutta <[email protected]>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <[email protected]>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <[email protected]>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <[email protected]>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <[email protected]>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <[email protected]>

---------

Signed-off-by: Arnab Dutta <[email protected]>

* fix(jans-fido2): removing safetynet and android #8901

* fix(jans-fido2): Removing multiple Assertion processors #8902

* feat: add support for BS / BE flags in AuthData #8903 (#8968)

* feat: add support for BS / BE flags in AuthData #8903

Signed-off-by: Arnab Dutta <[email protected]>

* feat: adding comments

Signed-off-by: Arnab Dutta <[email protected]>

* feat: adding comments

Signed-off-by: Arnab Dutta <[email protected]>

---------

Signed-off-by: Arnab Dutta <[email protected]>
Co-authored-by: Ackermann Yuriy <[email protected]>

* fix(jans-fido2): #8906, Basic simplification and refactoring of Attestation and Assertion Response

* Issue 8908 (#9241)

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): #8908 delete unused file

Signed-off-by: shekhar16 <[email protected]>

---------

Signed-off-by: shekhar16 <[email protected]>

* fix(jans-fido2): Attestation #8906

* Issue 9111 (#9276)

* feat(jans-fido): refactor mds3 codebase and server config

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): revert rename from docker file #9111

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): add metadatarefreshinterval #9111

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): changes to refactor metadataservers #9111

Signed-off-by: shekhar16 <[email protected]>

---------

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): changes to refactor requestedParties #9111 (#9329)

Signed-off-by: shekhar16 <[email protected]>

* fix(jans-fido2): resolve failing test case in `FetchMdsProviderServiceTest` (#9299)

fix(jans-fido2): resolve failing test case in FetchMdsProviderServiceTest

Co-authored-by: Mohammad Abudayyeh <[email protected]>

* docs(customization): updates to customization document to align with custom assets feature (#9106)

* docs(customize): add intro and management sections

Signed-off-by: ossdhaval <[email protected]>

* docs(customization): add location details

Signed-off-by: ossdhaval <[email protected]>

* docs(customization): add web customization instructions

Signed-off-by: ossdhaval <[email protected]>

* docs(customization): fix proofreading issues

Signed-off-by: ossdhaval <[email protected]>

---------

Signed-off-by: ossdhaval <[email protected]>

* fix(jans-fido2): removed legacy SuperGluu support #9453 (#9468)

Signed-off-by: Madhumita <[email protected]>

* feat(jans-fido2): add support for isEnterpriseAttestation in local me… (#9521)

* feat(jans-fido2): add support for isEnterpriseAttestation in local metadata retrieval

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): add new unit test for isEnterpriseAttestation

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* Jans fido2 attestation mode 9332 (#9463)

* docs(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestationMode

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestation mode

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): update the full flow unit test with monitor attestation mode

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): adding missing imports

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): #9248 Renaming domain to origin and application id to RpId

Signed-off-by: Madhumita <[email protected]>

* fix(jans-fido2): #9248

* fix(jans-fido2): resolved build failure issues

Signed-off-by: imran-ishaq <[email protected]>

* Jans fido2 replace requested parties 9248 (#9586)

* feat(jans-fido2): changed function type to be accessible and replaced requestParties name and domain with id and origins

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): add test cases for createRpDomain function in AttestationServiceTest Class

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): #9642

* fix(jans-fido2): convert attestationMode from enum to sting

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido): move fidoconfig folder properties to db #9369 (#9611)

* feat(jans-fido): move fidoconfig folder properties to db #9369

Signed-off-by: shekhar16 [email protected]

* feat(jans-fido): added specialized exception #9369

Signed-off-by: shekhar16 [email protected]

---------

Signed-off-by: shekhar16 [email protected]
Co-authored-by: Yuriy Movchan <[email protected]>

* fix(jans-fido2): #9642
Signed-off-by: Madhumita Subramaniam <[email protected]>

* Reflect Authenicator Name with Passkeys (#9716)

* feat(jans-fido2): reflect authenticator name with passkeys

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): handle test cases for authenticator name

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>

* fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagge… (#9624)

fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagger and ConfigurationControllerTest

Signed-off-by: imran-ishaq <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>

* chore(deps): bump org.apache.maven.plugins:maven-site-plugin from 4.0.0-M12 to 4.0.0-M16 in /jans-scim (#9010)

chore(deps): bump org.apache.maven.plugins:maven-site-plugin

Bumps [org.apache.maven.plugins:maven-site-plugin](https://github.com/apache/maven-site-plugin) from 4.0.0-M12 to 4.0.0-M16.
- [Commits](apache/maven-site-plugin@maven-site-plugin-4.0.0-M12...maven-site-plugin-4.0.0-M16)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-site-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jose Gonzalez <[email protected]>

* fix(jans-casa): fix issue caused by refactoring (#9838)

Signed-off-by: shekhar16 <[email protected]>

* fix(jans-fido2): fix document refactoring issue (#9918)

Signed-off-by: shekhar16 <[email protected]>

* Add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248 (#9974)

* feat(jans-fido2): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls

Signed-off-by: imran-ishaq <[email protected]>

* refactor(docs): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): handle origin if http or https is missing #9248

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* fix(docs): #9248

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-linux-setup): move fidoconfig folder properties to db

Signed-off-by: Mustafa Baser <[email protected]>

* fix(jans-fido2): fix issues due unused injects (#10035)

Signed-off-by: shekhar16 <[email protected]>

* fix: fido2 build

* fix(ProjectPasskeys) : #9981 added rawId, authenticatorData, publicKey, publicKeyAlgorithm, publicKeyId, transport to the newly created cred object.

* fix(jans-ido2): #10101 Update dynamic-conf.json

#10101 property name changed and not reflected in the template

Signed-off-by: Madhumita Subramaniam <[email protected]>

* fix(jans-linux-setup): use sqlconnection instead of mysqlconnection

Signed-off-by: Mustafa Baser <[email protected]>

* Jans fido Review Configs #10101 (#10204)

* Make CommonVerifiersTest class test cases functational (#10209)

* fix(jans-fido2): #9642

* fix(jans-fido2): Make AppleAttestationProcessorTest,PackedAttestationProcessorTest,TPMProcessorTest and U2FAttestationProcessorTest test cases functational

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): support for ECC added #10317

* feat(jans-fido2): create new WebAuthn configuration controller that returns an origins array list #10245

* feat(jans-linux-setup): apache proxy pass for .well-known/webauthn

Signed-off-by: Mustafa Baser <[email protected]>

* fix(ProjectPasskeys): #9765

* fix(docs): update jans fido docs #10245

---------

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: ossdhaval <[email protected]>
Signed-off-by: Rolain Djeumen <[email protected]>
Signed-off-by: Arnab Dutta <[email protected]>
Signed-off-by: shekhar16 <[email protected]>
Signed-off-by: Madhumita <[email protected]>
Signed-off-by: imran-ishaq <[email protected]>
Signed-off-by: shekhar16 [email protected]
Signed-off-by: Mustafa Baser <[email protected]>
Signed-off-by: Madhumita Subramaniam <[email protected]>
Signed-off-by: Devrim <[email protected]>
Signed-off-by: Imran <[email protected]>
Co-authored-by: mo-auto <[email protected]>
Co-authored-by: Snyk bot <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: pujavs <[email protected]>
Co-authored-by: Madhumita Subramaniam <[email protected]>
Co-authored-by: Yuriy Movchan <[email protected]>
Co-authored-by: Dhaval D <[email protected]>
Co-authored-by: Djeumen Rolain Bonaventure <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>
Co-authored-by: Arnab Dutta <[email protected]>
Co-authored-by: Ackermann Yuriy <[email protected]>
Co-authored-by: shekhar16 <[email protected]>
Co-authored-by: Jose Gonzalez <[email protected]>
Co-authored-by: Mustafa Baser <[email protected]>
Co-authored-by: Devrim <[email protected]>
@moabu moabu removed this from the 1.2.0 milestone Dec 24, 2024
@moabu moabu added this to the next release milestone Dec 24, 2024
moabu pushed a commit that referenced this issue Dec 26, 2024
@imran-ishaq
refactor(jans-fido2): remove domain validation, now handled in #9248
02ef82d 
Signed-off-by: imran-ishaq <[email protected]>
moabu pushed a commit that referenced this issue Dec 27, 2024
@imran-ishaq
refactor(jans-fido2): remove domain validation, now handled in #9248
5cbd705 
Signed-off-by: imran-ishaq <[email protected]>
ossdhaval added a commit that referenced this issue Dec 27, 2024
@moabu @mo-auto
@snyk-bot @dependabot @pujavs @maduvena @yurem @ossdhaval @uprightech @duttarnab @yackermann @shekhar16 @imran-ishaq @jgomer2001 @devrimyatar
feat(jans-fido2): major FIDO2 / Passkeys upgrade ProjectPasskeys (#1…
0a77e22 
…0080)

* chore(main): release jans-orm 1.0.1-SNAPSHOT (#1713)

* chore(main): release jans-fido2 1.0.1-SNAPSHOT (#1712)

* chore(main): release jans-auth-server 1.0.1-SNAPSHOT (#1711)

* chore(main): release jans-core 1.0.1-SNAPSHOT (#1710)

* chore(main): release jans-scim 1.0.1-SNAPSHOT (#1709)

* chore(main): release jans-notify 1.0.1-SNAPSHOT (#1708)

* chore(main): release agama 1.0.1-SNAPSHOT (#1707)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#2466)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2471)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

Co-authored-by: snyk-bot <[email protected]>

* build(deps): bump commons-text from 1.9 to 1.10.0 in /jans-bom (#2679)

Bumps commons-text from 1.9 to 1.10.0.

---
updated-dependencies:
- dependency-name: org.apache.commons:commons-text
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2676)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3037311

* fix: jans-config-api/plugins/sample/helloworld/pom.xml to reduce vulnerabilities (#972)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1009963
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1058913
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1085989
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1303102

Co-authored-by: pujavs <[email protected]>

* fix: jans-config-api/pom.xml to reduce vulnerabilities (#1746)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGECLIPSEJETTY-2945452

Co-authored-by: pujavs <[email protected]>

* docs: update README.md (#2367)

* chore(main): release jans-core 1.0.5-SNAPSHOT (#3143)

* chore(main): release jans-config-api 1.0.5-SNAPSHOT (#3142)

* chore(main): release jans-auth-server 1.0.5-SNAPSHOT (#3141)

* chore(main): release jans-notify 1.0.5-SNAPSHOT (#3140)

* chore(main): release jans-orm 1.0.5-SNAPSHOT (#3139)

* chore(main): release jans-eleven 1.0.5-SNAPSHOT (#3138)

* chore(main): release jans-fido2 1.0.5-SNAPSHOT (#3137)

* chore(main): release jans-bom 1.0.5-SNAPSHOT (#3136)

* chore: add owner to jans-config-api (#3283)

* build(deps): bump postgresql from 42.5.0 to 42.5.1 in /jans-bom (#3068)

Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.5.0 to 42.5.1.
- [Release notes](https://github.com/pgjdbc/pgjdbc/releases)
- [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md)
- [Commits](pgjdbc/pgjdbc@REL42.5.0...REL42.5.1)

---
updated-dependencies:
- dependency-name: org.postgresql:postgresql
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#3315)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <[email protected]>

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#3314)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <[email protected]>

* chore(main): release jans-eleven 1.0.6-SNAPSHOT (#3538)

* chore(main): release jans-bom 1.0.6-SNAPSHOT (#3539)

* chore(main): release jans-notify 1.0.6-SNAPSHOT (#3540)

* chore(main): release jans-config-api 1.0.6-SNAPSHOT (#3541)

* chore(main): release jans-orm 1.0.6-SNAPSHOT (#3542)

* chore(main): release jans-scim 1.0.6-SNAPSHOT (#3543)

* chore(main): release jans-auth-server 1.0.6-SNAPSHOT (#3544)

* chore(main): release jans-fido2 1.0.6-SNAPSHOT (#3545)

* chore(main): release jans-core 1.0.6-SNAPSHOT (#3546)

* fix: cbor data stream lenght calculatro return wrong lengh #3614 (#3615)

* chore(main): release jans-core 1.0.7-SNAPSHOT (#3919)

* chore(main): release jans-scim 1.0.7-SNAPSHOT (#3918)

* chore(main): release jans-notify 1.0.7-SNAPSHOT (#3917)

* chore(main): release jans-auth-server 1.0.7-SNAPSHOT (#3916)

* chore(main): release jans-bom 1.0.7-SNAPSHOT (#3915)

* chore(main): release jans-orm 1.0.7-SNAPSHOT (#3914)

* chore(main): release agama 1.0.7-SNAPSHOT (#3913)

* chore(main): release jans-eleven 1.0.7-SNAPSHOT (#3912)

* chore(main): release jans-config-api 1.0.7-SNAPSHOT (#3911)

* chore(main): release jans-fido2 1.0.7-SNAPSHOT (#3910)

* chore(main): release jans-notify 1.0.8-SNAPSHOT (#4008)

* chore(main): release jans-auth-server 1.0.8-SNAPSHOT (#4007)

* chore(main): release jans-config-api 1.0.8-SNAPSHOT (#4006)

* chore(main): release jans-scim 1.0.8-SNAPSHOT (#4004)

* chore(main): release jans-fido2 1.0.8-SNAPSHOT (#4005)

* chore(main): release jans-bom 1.0.8-SNAPSHOT (#4003)

* chore(main): release jans-core 1.0.8-SNAPSHOT (#4002)

* chore(main): release jans-orm 1.0.8-SNAPSHOT (#4001)

* chore(main): release jans-eleven 1.0.8-SNAPSHOT (#4000)

* chore(main): release agama 1.0.8-SNAPSHOT (#3999)

* chore(main): release jans-auth-server 1.0.9-SNAPSHOT (#4064)

* chore(main): release jans-fido2 1.0.9-SNAPSHOT (#4062)

* chore(main): release jans-auth-server 1.0.10-SNAPSHOT (#4175)

* chore(main): release jans-fido2 1.0.10-SNAPSHOT (#4173)

* chore(main): release jans-eleven 1.0.10-SNAPSHOT (#4172)

* chore(main): release jans-orm 1.0.10-SNAPSHOT (#4171)

* chore(main): release jans-notify 1.0.10-SNAPSHOT (#4170)

* chore(main): release jans-config-api 1.0.10-SNAPSHOT (#4169)

* chore(main): release jans-core 1.0.10-SNAPSHOT (#4168)

* chore(main): release jans-bom 1.0.10-SNAPSHOT (#4167)

* chore(main): release agama 1.0.10-SNAPSHOT (#4166)

* chore(main): release jans-eleven 1.0.11-SNAPSHOT (#4473)

* chore(main): release jans-core 1.0.11-SNAPSHOT (#4472)

* chore(main): release jans-notify 1.0.11-SNAPSHOT (#4471)

* chore(main): release jans-auth-server 1.0.11-SNAPSHOT (#4470)

* chore(main): release jans-fido2 1.0.11-SNAPSHOT (#4469)

* chore(main): release jans-bom 1.0.11-SNAPSHOT (#4467)

* chore(main): release agama 1.0.11-SNAPSHOT (#4466)

* chore(main): release jans-orm 1.0.11-SNAPSHOT (#4465)

* chore(main): release jans-config-api 1.0.11-SNAPSHOT (#4464)

* chore(main): release jans-orm 1.0.12-SNAPSHOT (#4638)

* chore(main): release jans-bom 1.0.12-SNAPSHOT (#4636)

* chore(main): release jans-core 1.0.12-SNAPSHOT (#4637)

* chore(main): release jans-notify 1.0.12-SNAPSHOT (#4634)

* chore(main): release jans-config-api 1.0.12-SNAPSHOT (#4633)

* chore(main): release jans-auth-server 1.0.12-SNAPSHOT (#4632)

* chore(main): release jans-eleven 1.0.12-SNAPSHOT (#4631)

* chore(main): release agama 1.0.12-SNAPSHOT (#4630)

* chore(main): release jans-scim 1.0.12-SNAPSHOT (#4629)

* chore(main): release jans-fido2 1.0.12-SNAPSHOT (#4635)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#4271)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3367610

* chore(deps): bump jettison from 1.5.2 to 1.5.4 in /jans-auth-server (#4275)

Bumps [jettison](https://github.com/jettison-json/jettison) from 1.5.2 to 1.5.4.
- [Release notes](https://github.com/jettison-json/jettison/releases)
- [Commits](jettison-json/jettison@jettison-1.5.2...jettison-1.5.4)

---
updated-dependencies:
- dependency-name: org.codehaus.jettison:jettison
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(main): release jans-config-api 1.0.13-SNAPSHOT (#4920)

* chore(main): release jans-notify 1.0.13-SNAPSHOT (#4917)

* chore(main): release jans-auth-server 1.0.13-SNAPSHOT (#4918)

* chore(main): release jans-orm 1.0.13-SNAPSHOT (#4916)

* chore(main): release agama 1.0.13-SNAPSHOT (#4915)

* chore(main): release jans-bom 1.0.13-SNAPSHOT (#4913)

* chore(main): release jans-core 1.0.13-SNAPSHOT (#4914)

* chore(main): release jans-scim 1.0.13-SNAPSHOT (#4912)

* chore(main): release jans-eleven 1.0.13-SNAPSHOT (#4911)

* chore(main): release jans-fido2 1.0.13-SNAPSHOT (#4919)

* docs: write topic overview pages for properties, feature flags and endpoint sections (#5147)

* docs(scripts): endpoint section README.md

Signed-off-by: ossdhaval <[email protected]>

* docs(scripts): property section readme

Signed-off-by: ossdhaval <[email protected]>

* docs(scripts): add how to set properties

Signed-off-by: ossdhaval <[email protected]>

* docs(scripts): add details to feature flag readme

Signed-off-by: ossdhaval <[email protected]>

---------

Signed-off-by: ossdhaval <[email protected]>

* chore(main): release jans-bom 1.0.14-SNAPSHOT (#5211)

* chore(main): release jans-config-api 1.0.14-SNAPSHOT (#5209)

* chore(main): release jans-scim 1.0.14-SNAPSHOT (#5208)

* chore(main): release jans-eleven 1.0.14-SNAPSHOT (#5207)

* chore(main): release agama 1.0.14-SNAPSHOT (#5206)

* chore(main): release jans-orm 1.0.14-SNAPSHOT (#5205)

* chore(main): release jans-fido2 1.0.14-SNAPSHOT (#5204)

* chore(main): release jans-core 1.0.14-SNAPSHOT (#5203)

* chore(main): release jans-config-api 1.0.15-SNAPSHOT (#5495)

* chore(main): release jans-bom 1.0.15-SNAPSHOT (#5493)

* chore(main): release agama 1.0.15-SNAPSHOT (#5492)

* chore(main): release jans-scim 1.0.15-SNAPSHOT (#5491)

* chore(main): release jans-orm 1.0.15-SNAPSHOT (#5490)

* chore(main): release jans-fido2 1.0.15-SNAPSHOT (#5489)

* chore(main): release jans-eleven 1.0.15-SNAPSHOT (#5488)

* chore(main): release jans-core 1.0.15-SNAPSHOT (#5494)

* chore(main): release jans-scim 1.0.16-SNAPSHOT (#5733)

* chore(main): release jans-fido2 1.0.16-SNAPSHOT (#5730)

* chore(main): release jans-auth-server 1.0.16-SNAPSHOT (#5729)

* chore(main): release jans-orm 1.0.16-SNAPSHOT (#5728)

* chore(main): release agama 1.0.16-SNAPSHOT (#5727)

* chore(main): release jans-bom 1.0.16-SNAPSHOT (#5725)

* chore(main): release jans-eleven 1.0.16-SNAPSHOT (#5726)

* chore(main): release jans-core 1.0.16-SNAPSHOT (#5732)

* chore(main): release jans-config-api 1.0.16-SNAPSHOT (#5731)

* chore(main): release jans-scim 1.0.17-SNAPSHOT (#6051)

* chore(main): release jans-core 1.0.17-SNAPSHOT (#6049)

* chore(main): release jans-bom 1.0.17-SNAPSHOT (#6048)

* chore(main): release agama 1.0.17-SNAPSHOT (#6047)

* chore(main): release jans-auth-server 1.0.17-SNAPSHOT (#6046)

* chore(main): release jans-fido2 1.0.17-SNAPSHOT (#6045)

* chore(main): release jans-config-api 1.0.17-SNAPSHOT (#6044)

* chore(main): release jans-eleven 1.0.17-SNAPSHOT (#6043)

* chore(main): release jans-orm 1.0.17-SNAPSHOT (#6050)

* chore(main): release jans-orm 1.0.18-SNAPSHOT (#6115)

* chore(main): release jans-bom 1.0.18-SNAPSHOT (#6113)

* chore(main): release jans-config-api 1.0.18-SNAPSHOT (#6112)

* chore(main): release jans-auth-server 1.0.18-SNAPSHOT (#6111)

* chore(main): release jans-core 1.0.18-SNAPSHOT (#6110)

* chore(main): release jans-fido2 1.0.18-SNAPSHOT (#6108)

* chore(main): release agama 1.0.18-SNAPSHOT (#6109)

* chore(main): release jans-eleven 1.0.18-SNAPSHOT (#6107)

* chore(main): release jans-scim 1.0.18-SNAPSHOT (#6114)

* chore(main): release jans-scim 1.0.19-SNAPSHOT (#6245)

* chore(main): release jans-bom 1.0.19-SNAPSHOT (#6241)

* chore(main): release jans-fido2 1.0.19-SNAPSHOT (#6240)

* chore(main): release jans-auth-server 1.0.19-SNAPSHOT (#6239)

* chore(main): release jans-config-api 1.0.19-SNAPSHOT (#6238)

* chore(main): release agama 1.0.19-SNAPSHOT (#6236)

* chore(main): release jans-eleven 1.0.19-SNAPSHOT (#6235)

* chore(main): release jans-orm 1.0.19-SNAPSHOT (#6244)

* chore(main): release jans-scim 1.0.20-SNAPSHOT (#6485)

* chore(main): release jans-core 1.0.20-SNAPSHOT (#6483)

* chore(main): release jans-bom 1.0.20-SNAPSHOT (#6482)

* chore(main): release jans-link 1.0.20-SNAPSHOT (#6481)

* chore(main): release jans-fido2 1.0.20-SNAPSHOT (#6480)

* chore(main): release jans-casa 1.0.20-SNAPSHOT (#6479)

* chore(main): release jans-eleven 1.0.20-SNAPSHOT (#6478)

* chore(main): release jans-config-api 1.0.20-SNAPSHOT (#6477)

* chore(main): release agama 1.0.20-SNAPSHOT (#6476)

* chore(main): release jans-auth-server 1.0.20-SNAPSHOT (#6475)

* chore(main): release jans-orm 1.0.20-SNAPSHOT (#6484)

* chore(main): release jans-orm 1.0.21-SNAPSHOT (#7022)

* chore(main): release jans-scim 1.0.21-SNAPSHOT (#7020)

* chore(main): release jans-auth-server 1.0.21-SNAPSHOT (#7019)

* chore(main): release agama 1.0.21-SNAPSHOT (#7018)

* chore(main): release jans-eleven 1.0.21-SNAPSHOT (#7017)

* chore(main): release jans-fido2 1.0.21-SNAPSHOT (#7016)

* chore(main): release jans-config-api 1.0.21-SNAPSHOT (#7015)

* chore(main): release jans-bom 1.0.21-SNAPSHOT (#7014)

* chore(main): release jans-core 1.0.21-SNAPSHOT (#7013)

* chore(main): release jans-casa 1.0.21-SNAPSHOT (#7012)

* chore(main): release jans-keycloak-link 1.0.21-SNAPSHOT (#7021)

* chore(main): release jans-keycloak-link 1.0.22-SNAPSHOT (#7469)

* chore(main): release jans-scim 1.0.22-SNAPSHOT (#7468)

* chore(main): release jans-orm 1.0.22-SNAPSHOT (#7467)

* chore(main): release jans-lock 1.0.22-SNAPSHOT (#7466)

* chore(main): release jans-link 1.0.22-SNAPSHOT (#7465)

* chore(main): release jans-fido2 1.0.22-SNAPSHOT (#7464)

* chore(main): release jans-eleven 1.0.22-SNAPSHOT (#7463)

* chore(main): release jans-config-api 1.0.22-SNAPSHOT (#7462)

* chore(main): release jans-core 1.0.22-SNAPSHOT (#7461)

* chore(main): release jans-casa 1.0.22-SNAPSHOT (#7460)

* chore(main): release agama 1.0.22-SNAPSHOT (#7459)

* chore(main): release jans-bom 1.0.22-SNAPSHOT (#7458)

* chore(main): release jans-auth-server 1.0.22-SNAPSHOT (#7457)

* fix(jans-keycloak-integration): security bugfixes #8954 (#8962)

* fix(jans-linux-setup): improper scim configuration for jans kc #8210
* updated the keycloak configuration file to reflect the  configuration for the storage-spi

Signed-off-by: Rolain Djeumen <[email protected]>

* chore(jans-keycloak-integration): bump kc version to 24.0.0 #8315

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8954
* bumped nimbus oidc sdk version

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8954
* removed  old metadata parser and entityidhandler from `jans-core-saml`

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8954
* further removed old saml related code

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8654
* removed unused dependencies in jans-core-saml

Signed-off-by: Rolain Djeumen <[email protected]>

---------

Signed-off-by: Rolain Djeumen <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>

* feat: Minimum support ES256, RS1, RS256, ED25519 (#9086)

* feat: Minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <[email protected]>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <[email protected]>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <[email protected]>

* feat: using SHA512 for Ed25519

Signed-off-by: Arnab Dutta <[email protected]>

---------

Signed-off-by: Arnab Dutta <[email protected]>

* feat: refactor Assertion/Attestation to Jackson ObjectMapper (#9023)

* feat: refactor Assertion/Attestation to Jackson ObjectMapper

Signed-off-by: Arnab Dutta <[email protected]>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <[email protected]>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <[email protected]>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <[email protected]>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <[email protected]>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <[email protected]>

---------

Signed-off-by: Arnab Dutta <[email protected]>

* fix(jans-fido2): removing safetynet and android #8901

* fix(jans-fido2): Removing multiple Assertion processors #8902

* feat: add support for BS / BE flags in AuthData #8903 (#8968)

* feat: add support for BS / BE flags in AuthData #8903

Signed-off-by: Arnab Dutta <[email protected]>

* feat: adding comments

Signed-off-by: Arnab Dutta <[email protected]>

* feat: adding comments

Signed-off-by: Arnab Dutta <[email protected]>

---------

Signed-off-by: Arnab Dutta <[email protected]>
Co-authored-by: Ackermann Yuriy <[email protected]>

* fix(jans-fido2): #8906, Basic simplification and refactoring of Attestation and Assertion Response

* Issue 8908 (#9241)

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): #8908 delete unused file

Signed-off-by: shekhar16 <[email protected]>

---------

Signed-off-by: shekhar16 <[email protected]>

* fix(jans-fido2): Attestation #8906

* Issue 9111 (#9276)

* feat(jans-fido): refactor mds3 codebase and server config

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): revert rename from docker file #9111

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): add metadatarefreshinterval #9111

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): changes to refactor metadataservers #9111

Signed-off-by: shekhar16 <[email protected]>

---------

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): changes to refactor requestedParties #9111 (#9329)

Signed-off-by: shekhar16 <[email protected]>

* fix(jans-fido2): resolve failing test case in `FetchMdsProviderServiceTest` (#9299)

fix(jans-fido2): resolve failing test case in FetchMdsProviderServiceTest

Co-authored-by: Mohammad Abudayyeh <[email protected]>

* docs(customization): updates to customization document to align with custom assets feature (#9106)

* docs(customize): add intro and management sections

Signed-off-by: ossdhaval <[email protected]>

* docs(customization): add location details

Signed-off-by: ossdhaval <[email protected]>

* docs(customization): add web customization instructions

Signed-off-by: ossdhaval <[email protected]>

* docs(customization): fix proofreading issues

Signed-off-by: ossdhaval <[email protected]>

---------

Signed-off-by: ossdhaval <[email protected]>

* fix(jans-fido2): removed legacy SuperGluu support #9453 (#9468)

Signed-off-by: Madhumita <[email protected]>

* feat(jans-fido2): add support for isEnterpriseAttestation in local me… (#9521)

* feat(jans-fido2): add support for isEnterpriseAttestation in local metadata retrieval

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): add new unit test for isEnterpriseAttestation

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* Jans fido2 attestation mode 9332 (#9463)

* docs(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestationMode

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestation mode

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): update the full flow unit test with monitor attestation mode

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): adding missing imports

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): #9248 Renaming domain to origin and application id to RpId

Signed-off-by: Madhumita <[email protected]>

* fix(jans-fido2): #9248

* fix(jans-fido2): resolved build failure issues

Signed-off-by: imran-ishaq <[email protected]>

* Jans fido2 replace requested parties 9248 (#9586)

* feat(jans-fido2): changed function type to be accessible and replaced requestParties name and domain with id and origins

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): add test cases for createRpDomain function in AttestationServiceTest Class

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): #9642

* fix(jans-fido2): convert attestationMode from enum to sting

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido): move fidoconfig folder properties to db #9369 (#9611)

* feat(jans-fido): move fidoconfig folder properties to db #9369

Signed-off-by: shekhar16 [email protected]

* feat(jans-fido): added specialized exception #9369

Signed-off-by: shekhar16 [email protected]

---------

Signed-off-by: shekhar16 [email protected]
Co-authored-by: Yuriy Movchan <[email protected]>

* fix(jans-fido2): #9642
Signed-off-by: Madhumita Subramaniam <[email protected]>

* Reflect Authenicator Name with Passkeys (#9716)

* feat(jans-fido2): reflect authenticator name with passkeys

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): handle test cases for authenticator name

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>

* fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagge… (#9624)

fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagger and ConfigurationControllerTest

Signed-off-by: imran-ishaq <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>

* chore(deps): bump org.apache.maven.plugins:maven-site-plugin from 4.0.0-M12 to 4.0.0-M16 in /jans-scim (#9010)

chore(deps): bump org.apache.maven.plugins:maven-site-plugin

Bumps [org.apache.maven.plugins:maven-site-plugin](https://github.com/apache/maven-site-plugin) from 4.0.0-M12 to 4.0.0-M16.
- [Commits](apache/maven-site-plugin@maven-site-plugin-4.0.0-M12...maven-site-plugin-4.0.0-M16)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-site-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jose Gonzalez <[email protected]>

* fix(jans-casa): fix issue caused by refactoring (#9838)

Signed-off-by: shekhar16 <[email protected]>

* fix(jans-fido2): fix document refactoring issue (#9918)

Signed-off-by: shekhar16 <[email protected]>

* Add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248 (#9974)

* feat(jans-fido2): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls

Signed-off-by: imran-ishaq <[email protected]>

* refactor(docs): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): handle origin if http or https is missing #9248

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* fix(docs): #9248

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-linux-setup): move fidoconfig folder properties to db

Signed-off-by: Mustafa Baser <[email protected]>

* fix(jans-fido2): fix issues due unused injects (#10035)

Signed-off-by: shekhar16 <[email protected]>

* fix: fido2 build

* fix(ProjectPasskeys) : #9981 added rawId, authenticatorData, publicKey, publicKeyAlgorithm, publicKeyId, transport to the newly created cred object.

* fix(jans-ido2): #10101 Update dynamic-conf.json

#10101 property name changed and not reflected in the template

Signed-off-by: Madhumita Subramaniam <[email protected]>

* fix(jans-linux-setup): use sqlconnection instead of mysqlconnection

Signed-off-by: Mustafa Baser <[email protected]>

* Jans fido Review Configs #10101 (#10204)

* Make CommonVerifiersTest class test cases functational (#10209)

* fix(jans-fido2): #9642

* fix(jans-fido2): Make AppleAttestationProcessorTest,PackedAttestationProcessorTest,TPMProcessorTest and U2FAttestationProcessorTest test cases functational

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): support for ECC added #10317

* fix(ProjectPasskeys): #9765

---------

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: ossdhaval <[email protected]>
Signed-off-by: Rolain Djeumen <[email protected]>
Signed-off-by: Arnab Dutta <[email protected]>
Signed-off-by: shekhar16 <[email protected]>
Signed-off-by: Madhumita <[email protected]>
Signed-off-by: imran-ishaq <[email protected]>
Signed-off-by: shekhar16 [email protected]
Signed-off-by: Mustafa Baser <[email protected]>
Signed-off-by: Madhumita Subramaniam <[email protected]>
Signed-off-by: Devrim <[email protected]>
Co-authored-by: mo-auto <[email protected]>
Co-authored-by: Snyk bot <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: pujavs <[email protected]>
Co-authored-by: Madhumita Subramaniam <[email protected]>
Co-authored-by: Yuriy Movchan <[email protected]>
Co-authored-by: Dhaval D <[email protected]>
Co-authored-by: Djeumen Rolain Bonaventure <[email protected]>
Co-authored-by: Arnab Dutta <[email protected]>
Co-authored-by: Ackermann Yuriy <[email protected]>
Co-authored-by: shekhar16 <[email protected]>
Co-authored-by: Imran <[email protected]>
Co-authored-by: imran-ishaq <[email protected]>
Co-authored-by: Jose Gonzalez <[email protected]>
Co-authored-by: Mustafa Baser <[email protected]>
Co-authored-by: Devrim <[email protected]>
ossdhaval added a commit that referenced this issue Dec 27, 2024
@imran-ishaq @mo-auto
@snyk-bot @dependabot @pujavs @maduvena @yurem @ossdhaval @uprightech @moabu @duttarnab @yackermann @shekhar16 @jgomer2001 @devrimyatar
Created new WebAuthn configuration controller that returns an origins…
f47d6ae 
… array list (#10339)

* chore(main): release jans-orm 1.0.1-SNAPSHOT (#1713)

* chore(main): release jans-fido2 1.0.1-SNAPSHOT (#1712)

* chore(main): release jans-auth-server 1.0.1-SNAPSHOT (#1711)

* chore(main): release jans-core 1.0.1-SNAPSHOT (#1710)

* chore(main): release jans-scim 1.0.1-SNAPSHOT (#1709)

* chore(main): release jans-notify 1.0.1-SNAPSHOT (#1708)

* chore(main): release agama 1.0.1-SNAPSHOT (#1707)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#2466)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2471)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

Co-authored-by: snyk-bot <[email protected]>

* build(deps): bump commons-text from 1.9 to 1.10.0 in /jans-bom (#2679)

Bumps commons-text from 1.9 to 1.10.0.

---
updated-dependencies:
- dependency-name: org.apache.commons:commons-text
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2676)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3037311

* fix: jans-config-api/plugins/sample/helloworld/pom.xml to reduce vulnerabilities (#972)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1009963
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1058913
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1085989
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1303102

Co-authored-by: pujavs <[email protected]>

* fix: jans-config-api/pom.xml to reduce vulnerabilities (#1746)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGECLIPSEJETTY-2945452

Co-authored-by: pujavs <[email protected]>

* docs: update README.md (#2367)

* chore(main): release jans-core 1.0.5-SNAPSHOT (#3143)

* chore(main): release jans-config-api 1.0.5-SNAPSHOT (#3142)

* chore(main): release jans-auth-server 1.0.5-SNAPSHOT (#3141)

* chore(main): release jans-notify 1.0.5-SNAPSHOT (#3140)

* chore(main): release jans-orm 1.0.5-SNAPSHOT (#3139)

* chore(main): release jans-eleven 1.0.5-SNAPSHOT (#3138)

* chore(main): release jans-fido2 1.0.5-SNAPSHOT (#3137)

* chore(main): release jans-bom 1.0.5-SNAPSHOT (#3136)

* chore: add owner to jans-config-api (#3283)

* build(deps): bump postgresql from 42.5.0 to 42.5.1 in /jans-bom (#3068)

Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.5.0 to 42.5.1.
- [Release notes](https://github.com/pgjdbc/pgjdbc/releases)
- [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md)
- [Commits](pgjdbc/pgjdbc@REL42.5.0...REL42.5.1)

---
updated-dependencies:
- dependency-name: org.postgresql:postgresql
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#3315)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <[email protected]>

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#3314)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <[email protected]>

* chore(main): release jans-eleven 1.0.6-SNAPSHOT (#3538)

* chore(main): release jans-bom 1.0.6-SNAPSHOT (#3539)

* chore(main): release jans-notify 1.0.6-SNAPSHOT (#3540)

* chore(main): release jans-config-api 1.0.6-SNAPSHOT (#3541)

* chore(main): release jans-orm 1.0.6-SNAPSHOT (#3542)

* chore(main): release jans-scim 1.0.6-SNAPSHOT (#3543)

* chore(main): release jans-auth-server 1.0.6-SNAPSHOT (#3544)

* chore(main): release jans-fido2 1.0.6-SNAPSHOT (#3545)

* chore(main): release jans-core 1.0.6-SNAPSHOT (#3546)

* fix: cbor data stream lenght calculatro return wrong lengh #3614 (#3615)

* chore(main): release jans-core 1.0.7-SNAPSHOT (#3919)

* chore(main): release jans-scim 1.0.7-SNAPSHOT (#3918)

* chore(main): release jans-notify 1.0.7-SNAPSHOT (#3917)

* chore(main): release jans-auth-server 1.0.7-SNAPSHOT (#3916)

* chore(main): release jans-bom 1.0.7-SNAPSHOT (#3915)

* chore(main): release jans-orm 1.0.7-SNAPSHOT (#3914)

* chore(main): release agama 1.0.7-SNAPSHOT (#3913)

* chore(main): release jans-eleven 1.0.7-SNAPSHOT (#3912)

* chore(main): release jans-config-api 1.0.7-SNAPSHOT (#3911)

* chore(main): release jans-fido2 1.0.7-SNAPSHOT (#3910)

* chore(main): release jans-notify 1.0.8-SNAPSHOT (#4008)

* chore(main): release jans-auth-server 1.0.8-SNAPSHOT (#4007)

* chore(main): release jans-config-api 1.0.8-SNAPSHOT (#4006)

* chore(main): release jans-scim 1.0.8-SNAPSHOT (#4004)

* chore(main): release jans-fido2 1.0.8-SNAPSHOT (#4005)

* chore(main): release jans-bom 1.0.8-SNAPSHOT (#4003)

* chore(main): release jans-core 1.0.8-SNAPSHOT (#4002)

* chore(main): release jans-orm 1.0.8-SNAPSHOT (#4001)

* chore(main): release jans-eleven 1.0.8-SNAPSHOT (#4000)

* chore(main): release agama 1.0.8-SNAPSHOT (#3999)

* chore(main): release jans-auth-server 1.0.9-SNAPSHOT (#4064)

* chore(main): release jans-fido2 1.0.9-SNAPSHOT (#4062)

* chore(main): release jans-auth-server 1.0.10-SNAPSHOT (#4175)

* chore(main): release jans-fido2 1.0.10-SNAPSHOT (#4173)

* chore(main): release jans-eleven 1.0.10-SNAPSHOT (#4172)

* chore(main): release jans-orm 1.0.10-SNAPSHOT (#4171)

* chore(main): release jans-notify 1.0.10-SNAPSHOT (#4170)

* chore(main): release jans-config-api 1.0.10-SNAPSHOT (#4169)

* chore(main): release jans-core 1.0.10-SNAPSHOT (#4168)

* chore(main): release jans-bom 1.0.10-SNAPSHOT (#4167)

* chore(main): release agama 1.0.10-SNAPSHOT (#4166)

* chore(main): release jans-eleven 1.0.11-SNAPSHOT (#4473)

* chore(main): release jans-core 1.0.11-SNAPSHOT (#4472)

* chore(main): release jans-notify 1.0.11-SNAPSHOT (#4471)

* chore(main): release jans-auth-server 1.0.11-SNAPSHOT (#4470)

* chore(main): release jans-fido2 1.0.11-SNAPSHOT (#4469)

* chore(main): release jans-bom 1.0.11-SNAPSHOT (#4467)

* chore(main): release agama 1.0.11-SNAPSHOT (#4466)

* chore(main): release jans-orm 1.0.11-SNAPSHOT (#4465)

* chore(main): release jans-config-api 1.0.11-SNAPSHOT (#4464)

* chore(main): release jans-orm 1.0.12-SNAPSHOT (#4638)

* chore(main): release jans-bom 1.0.12-SNAPSHOT (#4636)

* chore(main): release jans-core 1.0.12-SNAPSHOT (#4637)

* chore(main): release jans-notify 1.0.12-SNAPSHOT (#4634)

* chore(main): release jans-config-api 1.0.12-SNAPSHOT (#4633)

* chore(main): release jans-auth-server 1.0.12-SNAPSHOT (#4632)

* chore(main): release jans-eleven 1.0.12-SNAPSHOT (#4631)

* chore(main): release agama 1.0.12-SNAPSHOT (#4630)

* chore(main): release jans-scim 1.0.12-SNAPSHOT (#4629)

* chore(main): release jans-fido2 1.0.12-SNAPSHOT (#4635)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#4271)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3367610

* chore(deps): bump jettison from 1.5.2 to 1.5.4 in /jans-auth-server (#4275)

Bumps [jettison](https://github.com/jettison-json/jettison) from 1.5.2 to 1.5.4.
- [Release notes](https://github.com/jettison-json/jettison/releases)
- [Commits](jettison-json/jettison@jettison-1.5.2...jettison-1.5.4)

---
updated-dependencies:
- dependency-name: org.codehaus.jettison:jettison
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(main): release jans-config-api 1.0.13-SNAPSHOT (#4920)

* chore(main): release jans-notify 1.0.13-SNAPSHOT (#4917)

* chore(main): release jans-auth-server 1.0.13-SNAPSHOT (#4918)

* chore(main): release jans-orm 1.0.13-SNAPSHOT (#4916)

* chore(main): release agama 1.0.13-SNAPSHOT (#4915)

* chore(main): release jans-bom 1.0.13-SNAPSHOT (#4913)

* chore(main): release jans-core 1.0.13-SNAPSHOT (#4914)

* chore(main): release jans-scim 1.0.13-SNAPSHOT (#4912)

* chore(main): release jans-eleven 1.0.13-SNAPSHOT (#4911)

* chore(main): release jans-fido2 1.0.13-SNAPSHOT (#4919)

* docs: write topic overview pages for properties, feature flags and endpoint sections (#5147)

* docs(scripts): endpoint section README.md

Signed-off-by: ossdhaval <[email protected]>

* docs(scripts): property section readme

Signed-off-by: ossdhaval <[email protected]>

* docs(scripts): add how to set properties

Signed-off-by: ossdhaval <[email protected]>

* docs(scripts): add details to feature flag readme

Signed-off-by: ossdhaval <[email protected]>

---------

Signed-off-by: ossdhaval <[email protected]>

* chore(main): release jans-bom 1.0.14-SNAPSHOT (#5211)

* chore(main): release jans-config-api 1.0.14-SNAPSHOT (#5209)

* chore(main): release jans-scim 1.0.14-SNAPSHOT (#5208)

* chore(main): release jans-eleven 1.0.14-SNAPSHOT (#5207)

* chore(main): release agama 1.0.14-SNAPSHOT (#5206)

* chore(main): release jans-orm 1.0.14-SNAPSHOT (#5205)

* chore(main): release jans-fido2 1.0.14-SNAPSHOT (#5204)

* chore(main): release jans-core 1.0.14-SNAPSHOT (#5203)

* chore(main): release jans-config-api 1.0.15-SNAPSHOT (#5495)

* chore(main): release jans-bom 1.0.15-SNAPSHOT (#5493)

* chore(main): release agama 1.0.15-SNAPSHOT (#5492)

* chore(main): release jans-scim 1.0.15-SNAPSHOT (#5491)

* chore(main): release jans-orm 1.0.15-SNAPSHOT (#5490)

* chore(main): release jans-fido2 1.0.15-SNAPSHOT (#5489)

* chore(main): release jans-eleven 1.0.15-SNAPSHOT (#5488)

* chore(main): release jans-core 1.0.15-SNAPSHOT (#5494)

* chore(main): release jans-scim 1.0.16-SNAPSHOT (#5733)

* chore(main): release jans-fido2 1.0.16-SNAPSHOT (#5730)

* chore(main): release jans-auth-server 1.0.16-SNAPSHOT (#5729)

* chore(main): release jans-orm 1.0.16-SNAPSHOT (#5728)

* chore(main): release agama 1.0.16-SNAPSHOT (#5727)

* chore(main): release jans-bom 1.0.16-SNAPSHOT (#5725)

* chore(main): release jans-eleven 1.0.16-SNAPSHOT (#5726)

* chore(main): release jans-core 1.0.16-SNAPSHOT (#5732)

* chore(main): release jans-config-api 1.0.16-SNAPSHOT (#5731)

* chore(main): release jans-scim 1.0.17-SNAPSHOT (#6051)

* chore(main): release jans-core 1.0.17-SNAPSHOT (#6049)

* chore(main): release jans-bom 1.0.17-SNAPSHOT (#6048)

* chore(main): release agama 1.0.17-SNAPSHOT (#6047)

* chore(main): release jans-auth-server 1.0.17-SNAPSHOT (#6046)

* chore(main): release jans-fido2 1.0.17-SNAPSHOT (#6045)

* chore(main): release jans-config-api 1.0.17-SNAPSHOT (#6044)

* chore(main): release jans-eleven 1.0.17-SNAPSHOT (#6043)

* chore(main): release jans-orm 1.0.17-SNAPSHOT (#6050)

* chore(main): release jans-orm 1.0.18-SNAPSHOT (#6115)

* chore(main): release jans-bom 1.0.18-SNAPSHOT (#6113)

* chore(main): release jans-config-api 1.0.18-SNAPSHOT (#6112)

* chore(main): release jans-auth-server 1.0.18-SNAPSHOT (#6111)

* chore(main): release jans-core 1.0.18-SNAPSHOT (#6110)

* chore(main): release jans-fido2 1.0.18-SNAPSHOT (#6108)

* chore(main): release agama 1.0.18-SNAPSHOT (#6109)

* chore(main): release jans-eleven 1.0.18-SNAPSHOT (#6107)

* chore(main): release jans-scim 1.0.18-SNAPSHOT (#6114)

* chore(main): release jans-scim 1.0.19-SNAPSHOT (#6245)

* chore(main): release jans-bom 1.0.19-SNAPSHOT (#6241)

* chore(main): release jans-fido2 1.0.19-SNAPSHOT (#6240)

* chore(main): release jans-auth-server 1.0.19-SNAPSHOT (#6239)

* chore(main): release jans-config-api 1.0.19-SNAPSHOT (#6238)

* chore(main): release agama 1.0.19-SNAPSHOT (#6236)

* chore(main): release jans-eleven 1.0.19-SNAPSHOT (#6235)

* chore(main): release jans-orm 1.0.19-SNAPSHOT (#6244)

* chore(main): release jans-scim 1.0.20-SNAPSHOT (#6485)

* chore(main): release jans-core 1.0.20-SNAPSHOT (#6483)

* chore(main): release jans-bom 1.0.20-SNAPSHOT (#6482)

* chore(main): release jans-link 1.0.20-SNAPSHOT (#6481)

* chore(main): release jans-fido2 1.0.20-SNAPSHOT (#6480)

* chore(main): release jans-casa 1.0.20-SNAPSHOT (#6479)

* chore(main): release jans-eleven 1.0.20-SNAPSHOT (#6478)

* chore(main): release jans-config-api 1.0.20-SNAPSHOT (#6477)

* chore(main): release agama 1.0.20-SNAPSHOT (#6476)

* chore(main): release jans-auth-server 1.0.20-SNAPSHOT (#6475)

* chore(main): release jans-orm 1.0.20-SNAPSHOT (#6484)

* chore(main): release jans-orm 1.0.21-SNAPSHOT (#7022)

* chore(main): release jans-scim 1.0.21-SNAPSHOT (#7020)

* chore(main): release jans-auth-server 1.0.21-SNAPSHOT (#7019)

* chore(main): release agama 1.0.21-SNAPSHOT (#7018)

* chore(main): release jans-eleven 1.0.21-SNAPSHOT (#7017)

* chore(main): release jans-fido2 1.0.21-SNAPSHOT (#7016)

* chore(main): release jans-config-api 1.0.21-SNAPSHOT (#7015)

* chore(main): release jans-bom 1.0.21-SNAPSHOT (#7014)

* chore(main): release jans-core 1.0.21-SNAPSHOT (#7013)

* chore(main): release jans-casa 1.0.21-SNAPSHOT (#7012)

* chore(main): release jans-keycloak-link 1.0.21-SNAPSHOT (#7021)

* chore(main): release jans-keycloak-link 1.0.22-SNAPSHOT (#7469)

* chore(main): release jans-scim 1.0.22-SNAPSHOT (#7468)

* chore(main): release jans-orm 1.0.22-SNAPSHOT (#7467)

* chore(main): release jans-lock 1.0.22-SNAPSHOT (#7466)

* chore(main): release jans-link 1.0.22-SNAPSHOT (#7465)

* chore(main): release jans-fido2 1.0.22-SNAPSHOT (#7464)

* chore(main): release jans-eleven 1.0.22-SNAPSHOT (#7463)

* chore(main): release jans-config-api 1.0.22-SNAPSHOT (#7462)

* chore(main): release jans-core 1.0.22-SNAPSHOT (#7461)

* chore(main): release jans-casa 1.0.22-SNAPSHOT (#7460)

* chore(main): release agama 1.0.22-SNAPSHOT (#7459)

* chore(main): release jans-bom 1.0.22-SNAPSHOT (#7458)

* chore(main): release jans-auth-server 1.0.22-SNAPSHOT (#7457)

* fix(jans-keycloak-integration): security bugfixes #8954 (#8962)

* fix(jans-linux-setup): improper scim configuration for jans kc #8210
* updated the keycloak configuration file to reflect the  configuration for the storage-spi

Signed-off-by: Rolain Djeumen <[email protected]>

* chore(jans-keycloak-integration): bump kc version to 24.0.0 #8315

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8954
* bumped nimbus oidc sdk version

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8954
* removed  old metadata parser and entityidhandler from `jans-core-saml`

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8954
* further removed old saml related code

Signed-off-by: Rolain Djeumen <[email protected]>

* fix(jans-keycloak-integration): security bugfixes #8654
* removed unused dependencies in jans-core-saml

Signed-off-by: Rolain Djeumen <[email protected]>

---------

Signed-off-by: Rolain Djeumen <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>

* feat: Minimum support ES256, RS1, RS256, ED25519 (#9086)

* feat: Minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <[email protected]>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <[email protected]>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <[email protected]>

* feat: using SHA512 for Ed25519

Signed-off-by: Arnab Dutta <[email protected]>

---------

Signed-off-by: Arnab Dutta <[email protected]>

* feat: refactor Assertion/Attestation to Jackson ObjectMapper (#9023)

* feat: refactor Assertion/Attestation to Jackson ObjectMapper

Signed-off-by: Arnab Dutta <[email protected]>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <[email protected]>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <[email protected]>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <[email protected]>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <[email protected]>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <[email protected]>

---------

Signed-off-by: Arnab Dutta <[email protected]>

* fix(jans-fido2): removing safetynet and android #8901

* fix(jans-fido2): Removing multiple Assertion processors #8902

* feat: add support for BS / BE flags in AuthData #8903 (#8968)

* feat: add support for BS / BE flags in AuthData #8903

Signed-off-by: Arnab Dutta <[email protected]>

* feat: adding comments

Signed-off-by: Arnab Dutta <[email protected]>

* feat: adding comments

Signed-off-by: Arnab Dutta <[email protected]>

---------

Signed-off-by: Arnab Dutta <[email protected]>
Co-authored-by: Ackermann Yuriy <[email protected]>

* fix(jans-fido2): #8906, Basic simplification and refactoring of Attestation and Assertion Response

* Issue 8908 (#9241)

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): #8908 delete unused file

Signed-off-by: shekhar16 <[email protected]>

---------

Signed-off-by: shekhar16 <[email protected]>

* fix(jans-fido2): Attestation #8906

* Issue 9111 (#9276)

* feat(jans-fido): refactor mds3 codebase and server config

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): revert rename from docker file #9111

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): add metadatarefreshinterval #9111

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): changes to refactor metadataservers #9111

Signed-off-by: shekhar16 <[email protected]>

---------

Signed-off-by: shekhar16 <[email protected]>

* feat(jans-fido): changes to refactor requestedParties #9111 (#9329)

Signed-off-by: shekhar16 <[email protected]>

* fix(jans-fido2): resolve failing test case in `FetchMdsProviderServiceTest` (#9299)

fix(jans-fido2): resolve failing test case in FetchMdsProviderServiceTest

Co-authored-by: Mohammad Abudayyeh <[email protected]>

* docs(customization): updates to customization document to align with custom assets feature (#9106)

* docs(customize): add intro and management sections

Signed-off-by: ossdhaval <[email protected]>

* docs(customization): add location details

Signed-off-by: ossdhaval <[email protected]>

* docs(customization): add web customization instructions

Signed-off-by: ossdhaval <[email protected]>

* docs(customization): fix proofreading issues

Signed-off-by: ossdhaval <[email protected]>

---------

Signed-off-by: ossdhaval <[email protected]>

* fix(jans-fido2): removed legacy SuperGluu support #9453 (#9468)

Signed-off-by: Madhumita <[email protected]>

* feat(jans-fido2): add support for isEnterpriseAttestation in local me… (#9521)

* feat(jans-fido2): add support for isEnterpriseAttestation in local metadata retrieval

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): add new unit test for isEnterpriseAttestation

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* Jans fido2 attestation mode 9332 (#9463)

* docs(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestationMode

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestation mode

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): update the full flow unit test with monitor attestation mode

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): adding missing imports

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): #9248 Renaming domain to origin and application id to RpId

Signed-off-by: Madhumita <[email protected]>

* fix(jans-fido2): #9248

* fix(jans-fido2): resolved build failure issues

Signed-off-by: imran-ishaq <[email protected]>

* Jans fido2 replace requested parties 9248 (#9586)

* feat(jans-fido2): changed function type to be accessible and replaced requestParties name and domain with id and origins

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido2): add test cases for createRpDomain function in AttestationServiceTest Class

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): #9642

* fix(jans-fido2): convert attestationMode from enum to sting

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-fido): move fidoconfig folder properties to db #9369 (#9611)

* feat(jans-fido): move fidoconfig folder properties to db #9369

Signed-off-by: shekhar16 [email protected]

* feat(jans-fido): added specialized exception #9369

Signed-off-by: shekhar16 [email protected]

---------

Signed-off-by: shekhar16 [email protected]
Co-authored-by: Yuriy Movchan <[email protected]>

* fix(jans-fido2): #9642
Signed-off-by: Madhumita Subramaniam <[email protected]>

* Reflect Authenicator Name with Passkeys (#9716)

* feat(jans-fido2): reflect authenticator name with passkeys

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): handle test cases for authenticator name

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>

* fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagge… (#9624)

fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagger and ConfigurationControllerTest

Signed-off-by: imran-ishaq <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>

* chore(deps): bump org.apache.maven.plugins:maven-site-plugin from 4.0.0-M12 to 4.0.0-M16 in /jans-scim (#9010)

chore(deps): bump org.apache.maven.plugins:maven-site-plugin

Bumps [org.apache.maven.plugins:maven-site-plugin](https://github.com/apache/maven-site-plugin) from 4.0.0-M12 to 4.0.0-M16.
- [Commits](apache/maven-site-plugin@maven-site-plugin-4.0.0-M12...maven-site-plugin-4.0.0-M16)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-site-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jose Gonzalez <[email protected]>

* fix(jans-casa): fix issue caused by refactoring (#9838)

Signed-off-by: shekhar16 <[email protected]>

* fix(jans-fido2): fix document refactoring issue (#9918)

Signed-off-by: shekhar16 <[email protected]>

* Add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248 (#9974)

* feat(jans-fido2): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls

Signed-off-by: imran-ishaq <[email protected]>

* refactor(docs): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): handle origin if http or https is missing #9248

Signed-off-by: imran-ishaq <[email protected]>

---------

Signed-off-by: imran-ishaq <[email protected]>

* fix(docs): #9248

Signed-off-by: imran-ishaq <[email protected]>

* feat(jans-linux-setup): move fidoconfig folder properties to db

Signed-off-by: Mustafa Baser <[email protected]>

* fix(jans-fido2): fix issues due unused injects (#10035)

Signed-off-by: shekhar16 <[email protected]>

* fix: fido2 build

* fix(ProjectPasskeys) : #9981 added rawId, authenticatorData, publicKey, publicKeyAlgorithm, publicKeyId, transport to the newly created cred object.

* fix(jans-ido2): #10101 Update dynamic-conf.json

#10101 property name changed and not reflected in the template

Signed-off-by: Madhumita Subramaniam <[email protected]>

* fix(jans-linux-setup): use sqlconnection instead of mysqlconnection

Signed-off-by: Mustafa Baser <[email protected]>

* Jans fido Review Configs #10101 (#10204)

* Make CommonVerifiersTest class test cases functational (#10209)

* fix(jans-fido2): #9642

* fix(jans-fido2): Make AppleAttestationProcessorTest,PackedAttestationProcessorTest,TPMProcessorTest and U2FAttestationProcessorTest test cases functational

Signed-off-by: imran-ishaq <[email protected]>

* fix(jans-fido2): support for ECC added #10317

* feat(jans-fido2): create new WebAuthn configuration controller that returns an origins array list #10245

* feat(jans-linux-setup): apache proxy pass for .well-known/webauthn

Signed-off-by: Mustafa Baser <[email protected]>

* fix(ProjectPasskeys): #9765

* fix(docs): update jans fido docs #10245

---------

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: ossdhaval <[email protected]>
Signed-off-by: Rolain Djeumen <[email protected]>
Signed-off-by: Arnab Dutta <[email protected]>
Signed-off-by: shekhar16 <[email protected]>
Signed-off-by: Madhumita <[email protected]>
Signed-off-by: imran-ishaq <[email protected]>
Signed-off-by: shekhar16 [email protected]
Signed-off-by: Mustafa Baser <[email protected]>
Signed-off-by: Madhumita Subramaniam <[email protected]>
Signed-off-by: Devrim <[email protected]>
Signed-off-by: Imran <[email protected]>
Co-authored-by: mo-auto <[email protected]>
Co-authored-by: Snyk bot <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: pujavs <[email protected]>
Co-authored-by: Madhumita Subramaniam <[email protected]>
Co-authored-by: Yuriy Movchan <[email protected]>
Co-authored-by: Dhaval D <[email protected]>
Co-authored-by: Djeumen Rolain Bonaventure <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>
Co-authored-by: Arnab Dutta <[email protected]>
Co-authored-by: Ackermann Yuriy <[email protected]>
Co-authored-by: shekhar16 <[email protected]>
Co-authored-by: Jose Gonzalez <[email protected]>
Co-authored-by: Mustafa Baser <[email protected]>
Co-authored-by: Devrim <[email protected]>
@imran-ishaq imran-ishaq mentioned this issue Jan 8, 2025
Closed
6 tasks
imran-ishaq added a commit that referenced this issue Jan 8, 2025
@imran-ishaq
feat(jans-fido2): Add test cases for RP domain origin validation and …
9c6c6b0 
…handle multiple origins #9248

Signed-off-by: Imran Ishaq <[email protected]>
@imran-ishaq imran-ishaq mentioned this issue Jan 8, 2025
Merged
6 tasks
yurem pushed a commit that referenced this issue Jan 14, 2025
@imran-ishaq
feat(jans-fido2): Add test cases for RP domain origin. (#10572)
22f0cbe 
feat(jans-fido2): Add test cases for RP domain origin validation and handle multiple origins #9248

Signed-off-by: Imran Ishaq <[email protected]>
@mo-auto mo-auto mentioned this issue Jan 20, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@shekhar16 shekhar16

@imran-ishaq imran-ishaq

Labels
None yet
Projects
None yet
Milestone
1.3.0
4 participants
@maduvena @shekhar16 @moabu @imran-ishaq