feat(jans-fido2): major FIDO2 / Passkeys upgrade ProjectPasskeys #10080
+4,492
−8,590
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152 Co-authored-by: snyk-bot <[email protected]>
Bumps commons-text from 1.9 to 1.10.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-text dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152 - https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3037311
…erabilities (#972) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1009963 - https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1058913 - https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1085989 - https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1303102 Co-authored-by: pujavs <[email protected]>
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGECLIPSEJETTY-2945452 Co-authored-by: pujavs <[email protected]>
Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.5.0 to 42.5.1. - [Release notes](https://github.com/pgjdbc/pgjdbc/releases) - [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md) - [Commits](pgjdbc/pgjdbc@REL42.5.0...REL42.5.1) --- updated-dependencies: - dependency-name: org.postgresql:postgresql dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084 - https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085 Co-authored-by: snyk-bot <[email protected]>
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084 - https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085 Co-authored-by: snyk-bot <[email protected]>
Signed-off-by: shekhar16 <[email protected]>
Signed-off-by: shekhar16 <[email protected]>
…tion and assertion API calls #9248 (#9974) * feat(jans-fido2): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls Signed-off-by: imran-ishaq <[email protected]> * refactor(docs): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248 Signed-off-by: imran-ishaq <[email protected]> * fix(jans-fido2): handle origin if http or https is missing #9248 Signed-off-by: imran-ishaq <[email protected]> --------- Signed-off-by: imran-ishaq <[email protected]>
Signed-off-by: imran-ishaq <[email protected]>
Signed-off-by: Mustafa Baser <[email protected]>
Signed-off-by: shekhar16 <[email protected]>
mo-auto
added
area-documentation
|
DryRun Security SummaryThe provided code changes focus on improving the security, maintainability, and usability of the Janssen FIDO2 implementation, including updates to the FIDO2 configuration, enhancement of the attestation and assertion processes, removal of unused features, and improvement of the documentation. Expand for full summarySummary: The provided code changes cover various updates and improvements to the Janssen FIDO2 (Fast IDentity Online) implementation, which is a crucial component for secure user authentication. The changes span across multiple files and address several aspects of the FIDO2 configuration, implementation, and documentation. The key security-related changes include:
Overall, the changes appear to be focused on improving the security, maintainability, and usability of the Janssen FIDO2 implementation. However, it's essential to thoroughly review the entire codebase and ensure that the FIDO2 functionality is implemented and configured in accordance with best practices for secure authentication and authorization. Files Changed:
Code AnalysisWe ran
Riskiness🟢 Risk threshold not exceeded. |
…y, publicKeyAlgorithm, publicKeyId, transport to the newly created cred object.
#10101 property name changed and not reflected in the template Signed-off-by: Madhumita Subramaniam <[email protected]>
|
|
|
|
|
ossdhaval
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR completely revamps jans-fido2, to enable support for passkeys, and bring the server up to spec.
So far changes:
Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with
docs:to indicate documentation changes or if the below checklist is not selected.Closes #10079,
Prev. PR #9120