Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(api/v2): implement U2F session check #6339

Merged
merged 17 commits into from
Aug 11, 2023
Merged

feat(api/v2): implement U2F session check #6339

merged 17 commits into from
Aug 11, 2023

Conversation

muhlemmer
Copy link
Collaborator

@muhlemmer muhlemmer commented Aug 8, 2023
edited
Loading

This change adds U2F support to the new (v2alpha) Session API. As the WebAuthN mechanism is the same as passkeys, the API is refactored to accommodate both U2F and Passkey use-cases with the same API Request message format.

The requested challenges are now message type, instead of a repeated enum. RequestChallenges can be used to obtain a WebAuthN challenge, with the needed parameters such as domain and user_verification_requirement.

  • domain was moved out of the CreateSessionRequest as it is only needed for WebAuthN
  • user_verification_requirement controls if the WebAuthN is a passkey or U2F level verification.

Updates #5477

Definition of Ready

  • I am happy with the code
  • Short description of the feature/issue is added in the pr description
  • PR is linked to the corresponding user story
  • Acceptance criteria are met
  • All open todos and follow ups are defined in a new ticket and justified
  • Deviations from the acceptance criteria and design are agreed with the PO and documented.
  • No debug or dead code
  • My code has no repetitions
  • Critical parts are tested automatically
  • Where possible E2E tests are implemented
  • Documentation/examples are up-to-date
  • All non-functional requirements are met
  • Functionality of the acceptance criteria is checked manually on the dev system.

@vercel
Copy link

vercel bot commented Aug 8, 2023
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
docs ✅ Ready (Inspect) Visit Preview 💬 Add feedback Aug 11, 2023 3:24pm

@codecov
Copy link

codecov bot commented Aug 8, 2023
edited
Loading

Codecov Report

Merging #6339 (fde32f8) into main (cd5e176) will increase coverage by 0.18%.
Report is 51 commits behind head on main.
The diff coverage is 55.29%.

@@            Coverage Diff             @@
##             main    #6339      +/-   ##
==========================================
+ Coverage   49.95%   50.13%   +0.18%     
==========================================
  Files        1232     1238       +6     
  Lines      110330   111727    +1397     
==========================================
+ Hits        55110    56015     +905     
- Misses      52556    53001     +445     
- Partials     2664     2711      +47
Flag Coverage Δ
core-integration-tests-postgres 24.03% <39.53%> (+0.41%) ⬆️
core-unit-tests 45.67% <41.14%> (+0.14%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Changed Coverage Δ
cmd/setup/03.go 0.00% <ø> (ø)
internal/api/grpc/admin/custom_text.go 0.00% <0.00%> (ø)
internal/api/grpc/admin/custom_text_converter.go 0.00% <0.00%> (ø)
internal/api/grpc/admin/export.go 0.00% <0.00%> (ø)
internal/api/grpc/admin/iam_settings_converter.go 0.00% <0.00%> (ø)
internal/api/grpc/admin/import.go 0.00% <0.00%> (ø)
internal/api/grpc/admin/org.go 0.00% <0.00%> (ø)
internal/api/grpc/auth/multi_factor.go 0.00% <0.00%> (ø)
internal/api/grpc/management/custom_text.go 0.00% <0.00%> (ø)
...ernal/api/grpc/management/custom_text_converter.go 0.00% <0.00%> (ø)
... and 95 more

... and 40 files with indirect coverage changes

@muhlemmer
Revert "feat(api/v2): implement U2F session check"
2d35344 
This reverts commit 5859d78.
@muhlemmer
make rquested challenges a message type with config
3b8021a 
such as:
- domain (RPID)
- user_interacion

Rename `passkey` to `web_auth_n` so that it can be reused for U2F.
Implementation for the latter is WIP.
@muhlemmer
proto: ignore_unstable_packages: true
d4e947b
@muhlemmer muhlemmer changed the base branch from feat-session-mfa/proto to main August 9, 2023 13:00
@muhlemmer muhlemmer requested a review from livio-a August 9, 2023 17:20
@muhlemmer

This comment was marked as outdated.

Sign in to view
@muhlemmer muhlemmer requested a review from stebenz August 10, 2023 08:11
@muhlemmer muhlemmer marked this pull request as ready for review August 10, 2023 08:11
@muhlemmer muhlemmer marked this pull request as draft August 10, 2023 13:01
@muhlemmer muhlemmer removed the request for review from livio-a August 10, 2023 15:20
@muhlemmer muhlemmer marked this pull request as ready for review August 10, 2023 15:24
stebenz
stebenz requested changes Aug 11, 2023
View reviewed changes
stebenz
stebenz previously approved these changes Aug 11, 2023
View reviewed changes
@muhlemmer muhlemmer enabled auto-merge (squash) August 11, 2023 14:55
@muhlemmer muhlemmer merged commit 86af67d into main Aug 11, 2023
@muhlemmer muhlemmer deleted the feat-session-mfa/u2f branch August 11, 2023 15:36
@muhlemmer muhlemmer mentioned this pull request Aug 15, 2023
Merged
13 tasks
@github-actions
Copy link

🎉 This PR is included in version 2.33.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stebenz stebenz stebenz approved these changes

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@muhlemmer @stebenz