From c301fbb258a12d5d07103a673f84e96501dc8860 Mon Sep 17 00:00:00 2001 From: Yuriy Movchan Date: Tue, 2 Jul 2024 18:30:13 +0300 Subject: [PATCH] fix(fido2): update attribute names in search filters Signed-off-by: Yuriy Movchan --- .../fido2/service/app/ConfigurationFactory.java | 2 +- .../persist/AuthenticationPersistenceService.java | 8 ++++---- .../persist/RegistrationPersistenceService.java | 14 +++++++------- .../service/persist/UserSessionIdService.java | 2 +- .../service/persist/DeviceRegistrationService.java | 4 ++-- .../fido2/service/KeySignatureVerifierTest.java | 6 ------ .../service/mds/FetchMdsProviderServiceTest.java | 2 +- .../gluu/fido2/service/sg/FullFlowAndroidTest.java | 6 ------ .../gluu/fido2/service/sg/FullFlowAppleTest.java | 6 ------ .../rs/controller/ConfigurationControllerTest.java | 6 +++--- .../junit/extension/FileParameterExtension.java | 6 ------ .../test/java/org/gluu/junit/extension/Name.java | 6 ------ 12 files changed, 19 insertions(+), 49 deletions(-) diff --git a/server/src/main/java/org/gluu/fido2/service/app/ConfigurationFactory.java b/server/src/main/java/org/gluu/fido2/service/app/ConfigurationFactory.java index 3cf0db2..85dbe8f 100644 --- a/server/src/main/java/org/gluu/fido2/service/app/ConfigurationFactory.java +++ b/server/src/main/java/org/gluu/fido2/service/app/ConfigurationFactory.java @@ -210,7 +210,7 @@ private void reloadConfiguration() { } private boolean isRevisionIncreased() { - final Conf conf = loadConfigurationFromLdap("jansRevision"); + final Conf conf = loadConfigurationFromLdap("oxRevision"); if (conf == null) { return false; } diff --git a/server/src/main/java/org/gluu/fido2/service/persist/AuthenticationPersistenceService.java b/server/src/main/java/org/gluu/fido2/service/persist/AuthenticationPersistenceService.java index 6c0281b..382ec68 100644 --- a/server/src/main/java/org/gluu/fido2/service/persist/AuthenticationPersistenceService.java +++ b/server/src/main/java/org/gluu/fido2/service/persist/AuthenticationPersistenceService.java @@ -146,8 +146,8 @@ public void prepareBranch(final String userInum) { public List findByChallenge(String challenge, boolean oneStep) { String baseDn = oneStep ? getDnForAuthenticationEntry(null, null) : getBaseDnForFido2AuthenticationEntries(null); - Filter codeChallengFilter = Filter.createEqualityFilter("jansCodeChallenge", challenge); - Filter codeChallengHashCodeFilter = Filter.createEqualityFilter("jansCodeChallengeHash", challengeGenerator.getChallengeHashCode(challenge)); + Filter codeChallengFilter = Filter.createEqualityFilter("oxCodeChallenge", challenge); + Filter codeChallengHashCodeFilter = Filter.createEqualityFilter("oxCodeChallengeHash", challengeGenerator.getChallengeHashCode(challenge)); Filter filter = Filter.createANDFilter(codeChallengFilter, codeChallengHashCodeFilter); List fido2AuthenticationEntries = persistenceEntryManager.findEntries(baseDn, Fido2AuthenticationEntry.class, filter); @@ -167,11 +167,11 @@ public String getDnForAuthenticationEntry(String userInum, String jsId) { if (StringHelper.isEmpty(jsId)) { return baseDn; } - return String.format("jansId=%s,%s", jsId, baseDn); + return String.format("oxId=%s,%s", jsId, baseDn); } public String getBaseDnForFido2AuthenticationEntries(String userInum) { - final String userBaseDn = getDnForUser(userInum); // "ou=fido2_auth,inum=1234,ou=people,o=jans" + final String userBaseDn = getDnForUser(userInum); // "ou=fido2_auth,inum=1234,ou=people,o=gluu" if (StringHelper.isEmpty(userInum)) { return userBaseDn; } diff --git a/server/src/main/java/org/gluu/fido2/service/persist/RegistrationPersistenceService.java b/server/src/main/java/org/gluu/fido2/service/persist/RegistrationPersistenceService.java index d622472..6533385 100644 --- a/server/src/main/java/org/gluu/fido2/service/persist/RegistrationPersistenceService.java +++ b/server/src/main/java/org/gluu/fido2/service/persist/RegistrationPersistenceService.java @@ -110,10 +110,10 @@ public Optional findByPublicKeyId(String userName, Strin } Filter filter; - Filter publicKeyIdFilter = Filter.createEqualityFilter("jansPublicKeyId", publicKeyId); - Filter publicKeyIdHashFilter = Filter.createEqualityFilter("jansPublicKeyIdHash", getPublicKeyIdHash(publicKeyId)); + Filter publicKeyIdFilter = Filter.createEqualityFilter("oxPublicKeyId", publicKeyId); + Filter publicKeyIdHashFilter = Filter.createEqualityFilter("oxPublicKeyIdHash", getPublicKeyIdHash(publicKeyId)); if (StringHelper.isNotEmpty(rpId)) { - Filter appIdFilter = Filter.createEqualityFilter("jansApp", rpId); + Filter appIdFilter = Filter.createEqualityFilter("oxApplication", rpId); filter = Filter.createANDFilter(publicKeyIdFilter, publicKeyIdHashFilter, appIdFilter); } else { filter = Filter.createANDFilter(publicKeyIdFilter, publicKeyIdHashFilter); @@ -165,7 +165,7 @@ public List findAllRegisteredByUsername(String username) } Filter userInumFilter = Filter.createEqualityFilter("personInum", userInum); - Filter registeredFilter = Filter.createEqualityFilter("jansStatus", Fido2RegistrationStatus.registered.getValue()); + Filter registeredFilter = Filter.createEqualityFilter("oxStatus", Fido2RegistrationStatus.registered.getValue()); Filter filter = Filter.createANDFilter(userInumFilter, registeredFilter); List fido2RegistrationnEntries = persistenceEntryManager.findEntries(baseDn, Fido2RegistrationEntry.class, filter); @@ -176,8 +176,8 @@ public List findAllRegisteredByUsername(String username) public List findByChallenge(String challenge, boolean oneStep) { String baseDn = oneStep ? getDnForRegistrationEntry(null, null) : getBaseDnForFido2RegistrationEntries(null); - Filter codeChallengFilter = Filter.createEqualityFilter("jansCodeChallenge", challenge); - Filter codeChallengHashCodeFilter = Filter.createEqualityFilter("jansCodeChallengeHash", getChallengeHashCode(challenge)); + Filter codeChallengFilter = Filter.createEqualityFilter("oxCodeChallenge", challenge); + Filter codeChallengHashCodeFilter = Filter.createEqualityFilter("oxCodeChallengeHash", getChallengeHashCode(challenge)); Filter filter = Filter.createANDFilter(codeChallengFilter, codeChallengHashCodeFilter); List fido2RegistrationnEntries = persistenceEntryManager.findEntries(baseDn, Fido2RegistrationEntry.class, filter); @@ -226,7 +226,7 @@ public String getDnForRegistrationEntry(String userInum, String jsId) { if (StringHelper.isEmpty(jsId)) { return baseDn; } - return String.format("jansId=%s,%s", jsId, baseDn); + return String.format("oxId=%s,%s", jsId, baseDn); } public String getUserInum(String userName) diff --git a/server/src/main/java/org/gluu/fido2/service/persist/UserSessionIdService.java b/server/src/main/java/org/gluu/fido2/service/persist/UserSessionIdService.java index 2421488..ae83ef2 100644 --- a/server/src/main/java/org/gluu/fido2/service/persist/UserSessionIdService.java +++ b/server/src/main/java/org/gluu/fido2/service/persist/UserSessionIdService.java @@ -172,7 +172,7 @@ private SessionId getSessionId(String sessionId) { } private String buildDn(String sessionId) { - return String.format("jansId=%s,%s", sessionId, staticConfiguration.getBaseDn().getSessions()); + return String.format("oxId=%s,%s", sessionId, staticConfiguration.getBaseDn().getSessions()); } } diff --git a/server/src/main/java/org/gluu/u2f/service/persist/DeviceRegistrationService.java b/server/src/main/java/org/gluu/u2f/service/persist/DeviceRegistrationService.java index e492844..861f4cf 100644 --- a/server/src/main/java/org/gluu/u2f/service/persist/DeviceRegistrationService.java +++ b/server/src/main/java/org/gluu/u2f/service/persist/DeviceRegistrationService.java @@ -91,7 +91,7 @@ public List findAllRegisteredByUsername(String username, Str } } - Filter resultFilter = Filter.createEqualityFilter("jansStatus", DeviceRegistrationStatus.ACTIVE.getValue()); + Filter resultFilter = Filter.createEqualityFilter("oxStatus", DeviceRegistrationStatus.ACTIVE.getValue()); List fidoRegistrations = persistenceEntryManager.findEntries(baseDn, DeviceRegistration.class, resultFilter, returnAttributes); @@ -186,7 +186,7 @@ public String getDnForU2fDevice(String userInum, String jsId) { if (StringHelper.isEmpty(jsId)) { return baseDnForU2fDevices; } - return String.format("jansId=%s,%s", jsId, baseDnForU2fDevices); + return String.format("oxId=%s,%s", jsId, baseDnForU2fDevices); } public String getBaseDnForU2fUserDevices(String userInum) { diff --git a/server/src/test/java/org/gluu/fido2/service/KeySignatureVerifierTest.java b/server/src/test/java/org/gluu/fido2/service/KeySignatureVerifierTest.java index 4648d3a..8b1aeec 100644 --- a/server/src/test/java/org/gluu/fido2/service/KeySignatureVerifierTest.java +++ b/server/src/test/java/org/gluu/fido2/service/KeySignatureVerifierTest.java @@ -1,9 +1,3 @@ -/* - * Janssen Project software is available under the Apache License (2004). See http://www.apache.org/licenses/ for full text. - * - * Copyright (c) 2023, Janssen Project - */ - package org.gluu.fido2.service; import static org.junit.jupiter.api.Assertions.assertTrue; diff --git a/server/src/test/java/org/gluu/fido2/service/mds/FetchMdsProviderServiceTest.java b/server/src/test/java/org/gluu/fido2/service/mds/FetchMdsProviderServiceTest.java index be8ff46..9cce5d7 100644 --- a/server/src/test/java/org/gluu/fido2/service/mds/FetchMdsProviderServiceTest.java +++ b/server/src/test/java/org/gluu/fido2/service/mds/FetchMdsProviderServiceTest.java @@ -106,7 +106,7 @@ void fetchMdsV3Endpoints_withEmptyEndpoint_mdsClientException() throws JsonProce void fetchMetadataBlob_withValidMdsUrl_valid() throws ParseException { MdsGetEndpointResponse responseGetEndpoint = ResteasyClientBuilder.newBuilder().build() .target("https://mds3.fido.tools/getEndpoints").request() - .post(Entity.entity(Collections.singletonMap("endpoint", "https://jans.fido.org"), MediaType.APPLICATION_JSON_TYPE)) + .post(Entity.entity(Collections.singletonMap("endpoint", "https://gluu.fido.org"), MediaType.APPLICATION_JSON_TYPE)) .readEntity(MdsGetEndpointResponse.class); assertNotNull(responseGetEndpoint); assertFalse(responseGetEndpoint.getResult().isEmpty()); diff --git a/server/src/test/java/org/gluu/fido2/service/sg/FullFlowAndroidTest.java b/server/src/test/java/org/gluu/fido2/service/sg/FullFlowAndroidTest.java index 2dfff96..2d00c30 100644 --- a/server/src/test/java/org/gluu/fido2/service/sg/FullFlowAndroidTest.java +++ b/server/src/test/java/org/gluu/fido2/service/sg/FullFlowAndroidTest.java @@ -1,9 +1,3 @@ -/* - * Janssen Project software is available under the Apache License (2004). See http://www.apache.org/licenses/ for full text. - * - * Copyright (c) 2023, Janssen Project - */ - package org.gluu.fido2.service.sg; import static org.junit.jupiter.api.Assertions.assertEquals; diff --git a/server/src/test/java/org/gluu/fido2/service/sg/FullFlowAppleTest.java b/server/src/test/java/org/gluu/fido2/service/sg/FullFlowAppleTest.java index cb74420..b973d31 100644 --- a/server/src/test/java/org/gluu/fido2/service/sg/FullFlowAppleTest.java +++ b/server/src/test/java/org/gluu/fido2/service/sg/FullFlowAppleTest.java @@ -1,9 +1,3 @@ -/* - * Janssen Project software is available under the Apache License (2004). See http://www.apache.org/licenses/ for full text. - * - * Copyright (c) 2023, Janssen Project - */ - package org.gluu.fido2.service.sg; import static org.junit.jupiter.api.Assertions.assertEquals; diff --git a/server/src/test/java/org/gluu/fido2/ws/rs/controller/ConfigurationControllerTest.java b/server/src/test/java/org/gluu/fido2/ws/rs/controller/ConfigurationControllerTest.java index b6e1961..4726d0b 100644 --- a/server/src/test/java/org/gluu/fido2/ws/rs/controller/ConfigurationControllerTest.java +++ b/server/src/test/java/org/gluu/fido2/ws/rs/controller/ConfigurationControllerTest.java @@ -68,7 +68,7 @@ void getConfiguration_ifEnableAssertionOptionsGenerateEndpointIsTrue_success() t when(appConfiguration.getFido2Configuration()).thenReturn(fido2Configuration); when(fido2Configuration.isAssertionOptionsGenerateEndpointEnabled()).thenReturn(true); when(dataMapperService.createObjectNode()).thenReturn(mapper.createObjectNode(), mapper.createObjectNode(), mapper.createObjectNode()); - String issuer = "https://jans-test.org"; + String issuer = "https://gluu-test.org"; String baseEndpoint = issuer + "/fido"; when(appConfiguration.getIssuer()).thenReturn(issuer); when(appConfiguration.getBaseEndpoint()).thenReturn(baseEndpoint); @@ -93,7 +93,7 @@ void getConfiguration_ifSuperGluuEnabledIsTrue_success() throws JsonProcessingEx when(fido2Configuration.isAssertionOptionsGenerateEndpointEnabled()).thenReturn(true); when(appConfiguration.isSuperGluuEnabled()).thenReturn(true); when(dataMapperService.createObjectNode()).thenReturn(mapper.createObjectNode(), mapper.createObjectNode(), mapper.createObjectNode()); - String issuer = "https://jans-test.org"; + String issuer = "https://gluu-test.org"; String baseEndpoint = issuer + "/fido"; when(appConfiguration.getIssuer()).thenReturn(issuer); when(appConfiguration.getBaseEndpoint()).thenReturn(baseEndpoint); @@ -119,7 +119,7 @@ void getConfiguration_happyPath_success() throws JsonProcessingException { when(fido2Configuration.isAssertionOptionsGenerateEndpointEnabled()).thenReturn(false); when(appConfiguration.isSuperGluuEnabled()).thenReturn(false); when(dataMapperService.createObjectNode()).thenReturn(mapper.createObjectNode(), mapper.createObjectNode(), mapper.createObjectNode()); - String issuer = "https://jans-test.org"; + String issuer = "https://gluu-test.org"; String baseEndpoint = issuer + "/fido"; when(appConfiguration.getIssuer()).thenReturn(issuer); when(appConfiguration.getBaseEndpoint()).thenReturn(baseEndpoint); diff --git a/server/src/test/java/org/gluu/junit/extension/FileParameterExtension.java b/server/src/test/java/org/gluu/junit/extension/FileParameterExtension.java index 16bf533..3e38d78 100644 --- a/server/src/test/java/org/gluu/junit/extension/FileParameterExtension.java +++ b/server/src/test/java/org/gluu/junit/extension/FileParameterExtension.java @@ -1,9 +1,3 @@ -/* - * Janssen Project software is available under the Apache License (2004). See http://www.apache.org/licenses/ for full text. - * - * Copyright (c) 2023, Janssen Project - */ - package org.gluu.junit.extension; import java.io.FileInputStream; diff --git a/server/src/test/java/org/gluu/junit/extension/Name.java b/server/src/test/java/org/gluu/junit/extension/Name.java index 8118149..ada26f6 100644 --- a/server/src/test/java/org/gluu/junit/extension/Name.java +++ b/server/src/test/java/org/gluu/junit/extension/Name.java @@ -1,9 +1,3 @@ -/* - * Janssen Project software is available under the Apache License (2004). See http://www.apache.org/licenses/ for full text. - * - * Copyright (c) 2023, Janssen Project - */ - package org.gluu.junit.extension; import java.lang.annotation.ElementType;