jans icon indicating copy to clipboard operation
jans copied to clipboard
verified publisher icon JanssenProject

feat(jans-core): add new Person claim `jansAuthenticator`

Open SafinWasi opened this issue 2 years ago • 3 comments

Description

We want a JSON attribute, jansAuthenticator, to be used in conjunction with jansExtUid for storing credential details.

jansExtUid: [otp: xyz1, cert: xyz2, duo: xyz3]
jansAuthenticator: {
   "xyz1": {"id": "xyz1", "type": "otp", ...}, 
   "xyz2": {"id": "xyz2", "type": "cert", ...},
   "xyz3": {"id": "xyz3", "type": "duo", ...},
    ...
}

Prepare

  • [ ] Read contribution guidelines
  • [ ] Read license information

Identified code changes

TODO

Test cases and code coverage

  • [ ] Write unit test to cover added/changed code
  • [ ] Update integration tests to cover added/changed code

Document the changes

  • [ ] task for updating user guides if needed
  • [ ] task for updating installation and configuration guides if needed
  • [ ] task for updating developer documentation if needed
  • [ ] task for updating technical documentation if needed

SafinWasi avatar Mar 27 '24 17:03 SafinWasi

Working data from OTP script:

dn: inum=1234,ou=people,o=jans
objectClass: jansPerson
objectClass: top
inum: 1234
jansExtUid: hotp: S9dO_qKQoOcpPk9GuStlNO9seoA=
jansExtUid: totp: Nv7Dg7aP0wRPJd6NHjx1ai9bN9Y=
jansOTPCache: 255996
jansStatus: active
uid: test
updatedAt: 20240402140234.637Z
jansAuthenticator:
{
  "S9dO_qKQoOcpPk9GuStlNO9seoA=": {
    "id": "S9dO_qKQoOcpPk9GuStlNO9seoA=",
    "type": "hotp",
    "custom": {
      "movingFactor": 3
    }
  },
  "Nv7Dg7aP0wRPJd6NHjx1ai9bN9Y=": {
    "id": "Nv7Dg7aP0wRPJd6NHjx1ai9bN9Y=",
    "type": "totp"
  }
}

yurem avatar Apr 02 '24 14:04 yurem

Models and custom JSON serialization/deserialization are in jans-core in UserAuthenticatorList and UserAuthenticator

New API to work with UserAuthenticator are in jans-core UserAuthenticatorService service:

	public UserAuthenticatorList getUserAuthenticatorList(SimpleUser user);

	public List<UserAuthenticator> getUserAuthenticatorsByType(SimpleUser user, String type);

	public UserAuthenticator getUserAuthenticatorById(SimpleUser user, String id);

	public void addUserAuthenticator(SimpleUser user, UserAuthenticator userAuthenticator);

	public void removeUserAuthenticator(SimpleUser user, UserAuthenticator userAuthenticator);

	public void removeUserAuthenticator(SimpleUser user, String type);

	public UserAuthenticator createUserAuthenticator(String id, String type);

	public UserAuthenticator createUserAuthenticator(String id, String type, Map<String, Object> custom);

	public String formatExternalUid(String id, String type);

	public boolean checkAndMigrateToAuthenticatorList(SimpleUser user);

yurem avatar Apr 02 '24 14:04 yurem

Hi @yurem, will this have any updates to be made to user documentation?

ossdhaval avatar Apr 04 '24 07:04 ossdhaval

@ossdhaval I added Pr with documentation https://github.com/JanssenProject/jans/pull/8273

yurem avatar Apr 10 '24 11:04 yurem

@SafinWasi I think we can close this issue

yurem avatar Apr 10 '24 11:04 yurem