Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Minimum support ES256, RS1, RS256, ED25519 #9086

Merged
merged 4 commits into from
Aug 5, 2024
Merged

feat: Minimum support ES256, RS1, RS256, ED25519 #9086

merged 4 commits into from
Aug 5, 2024

Conversation

duttarnab
Copy link
Contributor

closes #9025

@duttarnab
feat: Minimum support ES256, RS1, RS256, ED25519
fe042b5 
Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Aug 2, 2024
edited
Loading

DryRun Security Summary

The code changes in this pull request are focused on enhancing the security and functionality of the FIDO2 implementation in the Janssen FIDO2 server application, including the addition of support for the Ed25519 cryptographic algorithm, improved handling of requested credential types, refactored credential type handling, and signature verification enhancements.

Expand for full summary

Summary:

The code changes in this pull request are focused on enhancing the security and functionality of the FIDO2 (Fast Identity Online) implementation in the Janssen FIDO2 server application. The key changes include:

  1. Support for Ed25519 Cryptographic Algorithm: The code now includes support for the Ed25519 elliptic curve-based digital signature algorithm, which is considered more secure than the previously supported RSA and EC algorithms. This change improves the overall security of the FIDO2 authentication process.

  2. Improved Handling of Requested Credential Types: The code has been updated to handle cases where the requested credential types are not specified or are empty, ensuring that the server can still function correctly by adding default credential types.

  3. Refactored Credential Type Handling: The code has been refactored to handle the different credential types (RSA, EC, and EdDSA) in a more organized manner, using separate loops to add the appropriate credential parameters.

  4. Signature Verification Enhancements: The SignatureVerifier class has been updated to support a wider range of signature algorithms, including ECDSA, Ed25519, and RSA-PSS. This improves the application's ability to handle various types of FIDO2 authentication signatures.

From an application security perspective, these changes are positive and contribute to the overall security and reliability of the Janssen FIDO2 server application. The addition of support for the Ed25519 algorithm and the improved handling of credential types are particularly noteworthy, as they help to ensure the integrity and validity of the FIDO2 authentication process.

Files Changed:

  1. jans-fido2/server/src/main/java/io/jans/fido2/service/external/context/ExternalFido2Context.java: This file has been updated to extend the ExternalScriptContext class and add new functionality, such as the addToContext method and the paremeters field. These changes do not appear to introduce any obvious security vulnerabilities, but the overall usage and implementation of the class should be reviewed to ensure there are no potential security risks.

  2. jans-fido2/model/src/main/java/io/jans/fido2/ctap/CoseEdDSAAlgorithm.java: This new class has been added to represent the COSE EdDSA algorithm, specifically the Ed25519 algorithm. The implementation and use of this class should be reviewed to ensure the correct and secure handling of cryptographic algorithms.

  3. jans-fido2/server/src/main/java/io/jans/fido2/service/mds/TocService.java: The changes in this file focus on enhancing the handling and parsing of FIDO Metadata Service (MDS) TOC (Trusted Authenticator List) files, including support for the Ed25519 signature algorithm and improved verification of TOC entries.

  4. jans-fido2/server/src/main/java/io/jans/fido2/service/operation/AttestationService.java: The changes in this file add support for the Ed25519 algorithm in the preparePublicKeyCredentialSelection() method and improve the handling of requested credential types.

  5. jans-fido2/server/src/main/java/io/jans/fido2/service/verifier/SignatureVerifier.java: The changes in this file enhance the signature verification functionality by introducing support for various signature algorithms, including ECDSA, Ed25519, and RSA-PSS.

Overall, the code changes in this pull request appear to be focused on improving the security and functionality of the FIDO2 implementation in the Janssen FIDO2 server application. The changes are positive from an application security perspective and should contribute to the overall robustness and reliability of the application.

Code Analysis

We ran 9 analyzers against 5 files and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer Findings
Authn/Authz Analyzer 5 findings

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@mo-auto mo-auto added comp-jans-fido2 Component affected by issue or PR kind-feature Issue or PR is a new feature request labels Aug 2, 2024
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Aug 2, 2024

Quality Gate Passed Quality Gate passed for 'jans-cli'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Aug 2, 2024

Quality Gate Passed Quality Gate passed for 'jans-linux-setup'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Aug 2, 2024

Quality Gate Passed Quality Gate passed for 'jans-core'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@duttarnab
feat: minimum support ES256, RS1, RS256, ED25519
c4a63dd 
Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>
@duttarnab
feat: minimum support ES256, RS1, RS256, ED25519
ed750a9 
Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>
@duttarnab duttarnab changed the base branch from main to passkeys-project August 2, 2024 07:46
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Aug 2, 2024

Quality Gate Passed Quality Gate passed for 'Fido2 API'

Issues
4 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
4.1% Duplication on New Code

See analysis details on SonarCloud

@duttarnab
feat: using SHA512 for Ed25519
f28fdb9 
Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>
yackermann
yackermann approved these changes Aug 5, 2024
View reviewed changes
Copy link
Contributor

@yackermann yackermann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTML

@duttarnab duttarnab merged commit e7f31f7 into passkeys-project Aug 5, 2024
11 checks passed
@duttarnab duttarnab deleted the jans-fido2-issue-9025 branch August 5, 2024 08:03
@yackermann yackermann mentioned this pull request Aug 5, 2024
Closed
moabu pushed a commit that referenced this pull request Nov 7, 2024
@duttarnab @moabu
feat: Minimum support ES256, RS1, RS256, ED25519 (#9086)
9328858 
* feat: Minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: using SHA512 for Ed25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

---------

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>
This was referenced Nov 7, 2024
Closed
Merged
moabu added a commit that referenced this pull request Dec 12, 2024
@moabu @mo-auto
@snyk-bot @dependabot @pujavs @maduvena @yurem @ossdhaval @uprightech @duttarnab @yackermann @shekhar16 @imran-ishaq @jgomer2001 @devrimyatar
feat(jans-fido2): major FIDO2 / Passkeys upgrade ProjectPasskeys (#1…
e823bf7 
…0080)

* chore(main): release jans-orm 1.0.1-SNAPSHOT (#1713)

* chore(main): release jans-fido2 1.0.1-SNAPSHOT (#1712)

* chore(main): release jans-auth-server 1.0.1-SNAPSHOT (#1711)

* chore(main): release jans-core 1.0.1-SNAPSHOT (#1710)

* chore(main): release jans-scim 1.0.1-SNAPSHOT (#1709)

* chore(main): release jans-notify 1.0.1-SNAPSHOT (#1708)

* chore(main): release agama 1.0.1-SNAPSHOT (#1707)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#2466)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2471)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* build(deps): bump commons-text from 1.9 to 1.10.0 in /jans-bom (#2679)

Bumps commons-text from 1.9 to 1.10.0.

---
updated-dependencies:
- dependency-name: org.apache.commons:commons-text
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2676)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3037311

* fix: jans-config-api/plugins/sample/helloworld/pom.xml to reduce vulnerabilities (#972)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1009963
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1058913
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1085989
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1303102

Co-authored-by: pujavs <43700552+pujavs@users.noreply.github.com>

* fix: jans-config-api/pom.xml to reduce vulnerabilities (#1746)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGECLIPSEJETTY-2945452

Co-authored-by: pujavs <43700552+pujavs@users.noreply.github.com>

* docs: update README.md (#2367)

* chore(main): release jans-core 1.0.5-SNAPSHOT (#3143)

* chore(main): release jans-config-api 1.0.5-SNAPSHOT (#3142)

* chore(main): release jans-auth-server 1.0.5-SNAPSHOT (#3141)

* chore(main): release jans-notify 1.0.5-SNAPSHOT (#3140)

* chore(main): release jans-orm 1.0.5-SNAPSHOT (#3139)

* chore(main): release jans-eleven 1.0.5-SNAPSHOT (#3138)

* chore(main): release jans-fido2 1.0.5-SNAPSHOT (#3137)

* chore(main): release jans-bom 1.0.5-SNAPSHOT (#3136)

* chore: add owner to jans-config-api (#3283)

* build(deps): bump postgresql from 42.5.0 to 42.5.1 in /jans-bom (#3068)

Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.5.0 to 42.5.1.
- [Release notes](https://github.com/pgjdbc/pgjdbc/releases)
- [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md)
- [Commits](pgjdbc/pgjdbc@REL42.5.0...REL42.5.1)

---
updated-dependencies:
- dependency-name: org.postgresql:postgresql
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#3315)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#3314)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* chore(main): release jans-eleven 1.0.6-SNAPSHOT (#3538)

* chore(main): release jans-bom 1.0.6-SNAPSHOT (#3539)

* chore(main): release jans-notify 1.0.6-SNAPSHOT (#3540)

* chore(main): release jans-config-api 1.0.6-SNAPSHOT (#3541)

* chore(main): release jans-orm 1.0.6-SNAPSHOT (#3542)

* chore(main): release jans-scim 1.0.6-SNAPSHOT (#3543)

* chore(main): release jans-auth-server 1.0.6-SNAPSHOT (#3544)

* chore(main): release jans-fido2 1.0.6-SNAPSHOT (#3545)

* chore(main): release jans-core 1.0.6-SNAPSHOT (#3546)

* fix: cbor data stream lenght calculatro return wrong lengh #3614 (#3615)

* chore(main): release jans-core 1.0.7-SNAPSHOT (#3919)

* chore(main): release jans-scim 1.0.7-SNAPSHOT (#3918)

* chore(main): release jans-notify 1.0.7-SNAPSHOT (#3917)

* chore(main): release jans-auth-server 1.0.7-SNAPSHOT (#3916)

* chore(main): release jans-bom 1.0.7-SNAPSHOT (#3915)

* chore(main): release jans-orm 1.0.7-SNAPSHOT (#3914)

* chore(main): release agama 1.0.7-SNAPSHOT (#3913)

* chore(main): release jans-eleven 1.0.7-SNAPSHOT (#3912)

* chore(main): release jans-config-api 1.0.7-SNAPSHOT (#3911)

* chore(main): release jans-fido2 1.0.7-SNAPSHOT (#3910)

* chore(main): release jans-notify 1.0.8-SNAPSHOT (#4008)

* chore(main): release jans-auth-server 1.0.8-SNAPSHOT (#4007)

* chore(main): release jans-config-api 1.0.8-SNAPSHOT (#4006)

* chore(main): release jans-scim 1.0.8-SNAPSHOT (#4004)

* chore(main): release jans-fido2 1.0.8-SNAPSHOT (#4005)

* chore(main): release jans-bom 1.0.8-SNAPSHOT (#4003)

* chore(main): release jans-core 1.0.8-SNAPSHOT (#4002)

* chore(main): release jans-orm 1.0.8-SNAPSHOT (#4001)

* chore(main): release jans-eleven 1.0.8-SNAPSHOT (#4000)

* chore(main): release agama 1.0.8-SNAPSHOT (#3999)

* chore(main): release jans-auth-server 1.0.9-SNAPSHOT (#4064)

* chore(main): release jans-fido2 1.0.9-SNAPSHOT (#4062)

* chore(main): release jans-auth-server 1.0.10-SNAPSHOT (#4175)

* chore(main): release jans-fido2 1.0.10-SNAPSHOT (#4173)

* chore(main): release jans-eleven 1.0.10-SNAPSHOT (#4172)

* chore(main): release jans-orm 1.0.10-SNAPSHOT (#4171)

* chore(main): release jans-notify 1.0.10-SNAPSHOT (#4170)

* chore(main): release jans-config-api 1.0.10-SNAPSHOT (#4169)

* chore(main): release jans-core 1.0.10-SNAPSHOT (#4168)

* chore(main): release jans-bom 1.0.10-SNAPSHOT (#4167)

* chore(main): release agama 1.0.10-SNAPSHOT (#4166)

* chore(main): release jans-eleven 1.0.11-SNAPSHOT (#4473)

* chore(main): release jans-core 1.0.11-SNAPSHOT (#4472)

* chore(main): release jans-notify 1.0.11-SNAPSHOT (#4471)

* chore(main): release jans-auth-server 1.0.11-SNAPSHOT (#4470)

* chore(main): release jans-fido2 1.0.11-SNAPSHOT (#4469)

* chore(main): release jans-bom 1.0.11-SNAPSHOT (#4467)

* chore(main): release agama 1.0.11-SNAPSHOT (#4466)

* chore(main): release jans-orm 1.0.11-SNAPSHOT (#4465)

* chore(main): release jans-config-api 1.0.11-SNAPSHOT (#4464)

* chore(main): release jans-orm 1.0.12-SNAPSHOT (#4638)

* chore(main): release jans-bom 1.0.12-SNAPSHOT (#4636)

* chore(main): release jans-core 1.0.12-SNAPSHOT (#4637)

* chore(main): release jans-notify 1.0.12-SNAPSHOT (#4634)

* chore(main): release jans-config-api 1.0.12-SNAPSHOT (#4633)

* chore(main): release jans-auth-server 1.0.12-SNAPSHOT (#4632)

* chore(main): release jans-eleven 1.0.12-SNAPSHOT (#4631)

* chore(main): release agama 1.0.12-SNAPSHOT (#4630)

* chore(main): release jans-scim 1.0.12-SNAPSHOT (#4629)

* chore(main): release jans-fido2 1.0.12-SNAPSHOT (#4635)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#4271)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3367610

* chore(deps): bump jettison from 1.5.2 to 1.5.4 in /jans-auth-server (#4275)

Bumps [jettison](https://github.com/jettison-json/jettison) from 1.5.2 to 1.5.4.
- [Release notes](https://github.com/jettison-json/jettison/releases)
- [Commits](jettison-json/jettison@jettison-1.5.2...jettison-1.5.4)

---
updated-dependencies:
- dependency-name: org.codehaus.jettison:jettison
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(main): release jans-config-api 1.0.13-SNAPSHOT (#4920)

* chore(main): release jans-notify 1.0.13-SNAPSHOT (#4917)

* chore(main): release jans-auth-server 1.0.13-SNAPSHOT (#4918)

* chore(main): release jans-orm 1.0.13-SNAPSHOT (#4916)

* chore(main): release agama 1.0.13-SNAPSHOT (#4915)

* chore(main): release jans-bom 1.0.13-SNAPSHOT (#4913)

* chore(main): release jans-core 1.0.13-SNAPSHOT (#4914)

* chore(main): release jans-scim 1.0.13-SNAPSHOT (#4912)

* chore(main): release jans-eleven 1.0.13-SNAPSHOT (#4911)

* chore(main): release jans-fido2 1.0.13-SNAPSHOT (#4919)

* docs: write topic overview pages for properties, feature flags and endpoint sections (#5147)

* docs(scripts): endpoint section README.md

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(scripts): property section readme

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(scripts): add how to set properties

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(scripts): add details to feature flag readme

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

---------

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* chore(main): release jans-bom 1.0.14-SNAPSHOT (#5211)

* chore(main): release jans-config-api 1.0.14-SNAPSHOT (#5209)

* chore(main): release jans-scim 1.0.14-SNAPSHOT (#5208)

* chore(main): release jans-eleven 1.0.14-SNAPSHOT (#5207)

* chore(main): release agama 1.0.14-SNAPSHOT (#5206)

* chore(main): release jans-orm 1.0.14-SNAPSHOT (#5205)

* chore(main): release jans-fido2 1.0.14-SNAPSHOT (#5204)

* chore(main): release jans-core 1.0.14-SNAPSHOT (#5203)

* chore(main): release jans-config-api 1.0.15-SNAPSHOT (#5495)

* chore(main): release jans-bom 1.0.15-SNAPSHOT (#5493)

* chore(main): release agama 1.0.15-SNAPSHOT (#5492)

* chore(main): release jans-scim 1.0.15-SNAPSHOT (#5491)

* chore(main): release jans-orm 1.0.15-SNAPSHOT (#5490)

* chore(main): release jans-fido2 1.0.15-SNAPSHOT (#5489)

* chore(main): release jans-eleven 1.0.15-SNAPSHOT (#5488)

* chore(main): release jans-core 1.0.15-SNAPSHOT (#5494)

* chore(main): release jans-scim 1.0.16-SNAPSHOT (#5733)

* chore(main): release jans-fido2 1.0.16-SNAPSHOT (#5730)

* chore(main): release jans-auth-server 1.0.16-SNAPSHOT (#5729)

* chore(main): release jans-orm 1.0.16-SNAPSHOT (#5728)

* chore(main): release agama 1.0.16-SNAPSHOT (#5727)

* chore(main): release jans-bom 1.0.16-SNAPSHOT (#5725)

* chore(main): release jans-eleven 1.0.16-SNAPSHOT (#5726)

* chore(main): release jans-core 1.0.16-SNAPSHOT (#5732)

* chore(main): release jans-config-api 1.0.16-SNAPSHOT (#5731)

* chore(main): release jans-scim 1.0.17-SNAPSHOT (#6051)

* chore(main): release jans-core 1.0.17-SNAPSHOT (#6049)

* chore(main): release jans-bom 1.0.17-SNAPSHOT (#6048)

* chore(main): release agama 1.0.17-SNAPSHOT (#6047)

* chore(main): release jans-auth-server 1.0.17-SNAPSHOT (#6046)

* chore(main): release jans-fido2 1.0.17-SNAPSHOT (#6045)

* chore(main): release jans-config-api 1.0.17-SNAPSHOT (#6044)

* chore(main): release jans-eleven 1.0.17-SNAPSHOT (#6043)

* chore(main): release jans-orm 1.0.17-SNAPSHOT (#6050)

* chore(main): release jans-orm 1.0.18-SNAPSHOT (#6115)

* chore(main): release jans-bom 1.0.18-SNAPSHOT (#6113)

* chore(main): release jans-config-api 1.0.18-SNAPSHOT (#6112)

* chore(main): release jans-auth-server 1.0.18-SNAPSHOT (#6111)

* chore(main): release jans-core 1.0.18-SNAPSHOT (#6110)

* chore(main): release jans-fido2 1.0.18-SNAPSHOT (#6108)

* chore(main): release agama 1.0.18-SNAPSHOT (#6109)

* chore(main): release jans-eleven 1.0.18-SNAPSHOT (#6107)

* chore(main): release jans-scim 1.0.18-SNAPSHOT (#6114)

* chore(main): release jans-scim 1.0.19-SNAPSHOT (#6245)

* chore(main): release jans-bom 1.0.19-SNAPSHOT (#6241)

* chore(main): release jans-fido2 1.0.19-SNAPSHOT (#6240)

* chore(main): release jans-auth-server 1.0.19-SNAPSHOT (#6239)

* chore(main): release jans-config-api 1.0.19-SNAPSHOT (#6238)

* chore(main): release agama 1.0.19-SNAPSHOT (#6236)

* chore(main): release jans-eleven 1.0.19-SNAPSHOT (#6235)

* chore(main): release jans-orm 1.0.19-SNAPSHOT (#6244)

* chore(main): release jans-scim 1.0.20-SNAPSHOT (#6485)

* chore(main): release jans-core 1.0.20-SNAPSHOT (#6483)

* chore(main): release jans-bom 1.0.20-SNAPSHOT (#6482)

* chore(main): release jans-link 1.0.20-SNAPSHOT (#6481)

* chore(main): release jans-fido2 1.0.20-SNAPSHOT (#6480)

* chore(main): release jans-casa 1.0.20-SNAPSHOT (#6479)

* chore(main): release jans-eleven 1.0.20-SNAPSHOT (#6478)

* chore(main): release jans-config-api 1.0.20-SNAPSHOT (#6477)

* chore(main): release agama 1.0.20-SNAPSHOT (#6476)

* chore(main): release jans-auth-server 1.0.20-SNAPSHOT (#6475)

* chore(main): release jans-orm 1.0.20-SNAPSHOT (#6484)

* chore(main): release jans-orm 1.0.21-SNAPSHOT (#7022)

* chore(main): release jans-scim 1.0.21-SNAPSHOT (#7020)

* chore(main): release jans-auth-server 1.0.21-SNAPSHOT (#7019)

* chore(main): release agama 1.0.21-SNAPSHOT (#7018)

* chore(main): release jans-eleven 1.0.21-SNAPSHOT (#7017)

* chore(main): release jans-fido2 1.0.21-SNAPSHOT (#7016)

* chore(main): release jans-config-api 1.0.21-SNAPSHOT (#7015)

* chore(main): release jans-bom 1.0.21-SNAPSHOT (#7014)

* chore(main): release jans-core 1.0.21-SNAPSHOT (#7013)

* chore(main): release jans-casa 1.0.21-SNAPSHOT (#7012)

* chore(main): release jans-keycloak-link 1.0.21-SNAPSHOT (#7021)

* chore(main): release jans-keycloak-link 1.0.22-SNAPSHOT (#7469)

* chore(main): release jans-scim 1.0.22-SNAPSHOT (#7468)

* chore(main): release jans-orm 1.0.22-SNAPSHOT (#7467)

* chore(main): release jans-lock 1.0.22-SNAPSHOT (#7466)

* chore(main): release jans-link 1.0.22-SNAPSHOT (#7465)

* chore(main): release jans-fido2 1.0.22-SNAPSHOT (#7464)

* chore(main): release jans-eleven 1.0.22-SNAPSHOT (#7463)

* chore(main): release jans-config-api 1.0.22-SNAPSHOT (#7462)

* chore(main): release jans-core 1.0.22-SNAPSHOT (#7461)

* chore(main): release jans-casa 1.0.22-SNAPSHOT (#7460)

* chore(main): release agama 1.0.22-SNAPSHOT (#7459)

* chore(main): release jans-bom 1.0.22-SNAPSHOT (#7458)

* chore(main): release jans-auth-server 1.0.22-SNAPSHOT (#7457)

* fix(jans-keycloak-integration): security bugfixes #8954 (#8962)

* fix(jans-linux-setup): improper scim configuration for jans kc #8210
* updated the keycloak configuration file to reflect the  configuration for the storage-spi

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(jans-keycloak-integration): bump kc version to 24.0.0 #8315

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* fix(jans-keycloak-integration): security bugfixes #8954
* bumped nimbus oidc sdk version

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* fix(jans-keycloak-integration): security bugfixes #8954
* removed  old metadata parser and entityidhandler from `jans-core-saml`

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* fix(jans-keycloak-integration): security bugfixes #8954
* further removed old saml related code

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* fix(jans-keycloak-integration): security bugfixes #8654
* removed unused dependencies in jans-core-saml

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

---------

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>

* feat: Minimum support ES256, RS1, RS256, ED25519 (#9086)

* feat: Minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: using SHA512 for Ed25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

---------

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: refactor Assertion/Attestation to Jackson ObjectMapper (#9023)

* feat: refactor Assertion/Attestation to Jackson ObjectMapper

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

---------

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* fix(jans-fido2): removing safetynet and android #8901

* fix(jans-fido2): Removing multiple Assertion processors #8902

* feat: add support for BS / BE flags in AuthData #8903 (#8968)

* feat: add support for BS / BE flags in AuthData #8903

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: adding comments

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: adding comments

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

---------

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>
Co-authored-by: Ackermann Yuriy <1636116+yackermann@users.noreply.github.com>

* fix(jans-fido2): #8906, Basic simplification and refactoring of Attestation and Assertion Response

* Issue 8908 (#9241)

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): #8908 delete unused file

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

---------

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* fix(jans-fido2): Attestation #8906

* Issue 9111 (#9276)

* feat(jans-fido): refactor mds3 codebase and server config

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): revert rename from docker file #9111

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): add metadatarefreshinterval #9111

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): changes to refactor metadataservers #9111

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

---------

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): changes to refactor requestedParties #9111 (#9329)

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* fix(jans-fido2): resolve failing test case in `FetchMdsProviderServiceTest` (#9299)

fix(jans-fido2): resolve failing test case in FetchMdsProviderServiceTest

Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>

* docs(customization): updates to customization document to align with custom assets feature (#9106)

* docs(customize): add intro and management sections

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(customization): add location details

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(customization): add web customization instructions

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(customization): fix proofreading issues

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

---------

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* fix(jans-fido2): removed legacy SuperGluu support #9453 (#9468)

Signed-off-by: Madhumita <madhu@gluu.org>

* feat(jans-fido2): add support for isEnterpriseAttestation in local me… (#9521)

* feat(jans-fido2): add support for isEnterpriseAttestation in local metadata retrieval

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): add new unit test for isEnterpriseAttestation

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* Jans fido2 attestation mode 9332 (#9463)

* docs(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestationMode

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestation mode

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): update the full flow unit test with monitor attestation mode

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): adding missing imports

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): #9248 Renaming domain to origin and application id to RpId

Signed-off-by: Madhumita <madhu@gluu.org>

* fix(jans-fido2): #9248

* fix(jans-fido2): resolved build failure issues

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* Jans fido2 replace requested parties 9248 (#9586)

* feat(jans-fido2): changed function type to be accessible and replaced requestParties name and domain with id and origins

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): add test cases for createRpDomain function in AttestationServiceTest Class

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): #9642

* fix(jans-fido2): convert attestationMode from enum to sting

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido): move fidoconfig folder properties to db #9369 (#9611)

* feat(jans-fido): move fidoconfig folder properties to db #9369

Signed-off-by: shekhar16 shekharlaad1609@gmail.com

* feat(jans-fido): added specialized exception #9369

Signed-off-by: shekhar16 shekharlaad1609@gmail.com

---------

Signed-off-by: shekhar16 shekharlaad1609@gmail.com
Co-authored-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

* fix(jans-fido2): #9642
Signed-off-by: Madhumita Subramaniam <madhu@gluu.org>

* Reflect Authenicator Name with Passkeys (#9716)

* feat(jans-fido2): reflect authenticator name with passkeys

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): handle test cases for authenticator name

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>
Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>

* fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagge… (#9624)

fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagger and ConfigurationControllerTest

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>
Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>

* chore(deps): bump org.apache.maven.plugins:maven-site-plugin from 4.0.0-M12 to 4.0.0-M16 in /jans-scim (#9010)

chore(deps): bump org.apache.maven.plugins:maven-site-plugin

Bumps [org.apache.maven.plugins:maven-site-plugin](https://github.com/apache/maven-site-plugin) from 4.0.0-M12 to 4.0.0-M16.
- [Commits](apache/maven-site-plugin@maven-site-plugin-4.0.0-M12...maven-site-plugin-4.0.0-M16)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-site-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jose Gonzalez <bonustrack310@gmail.com>

* fix(jans-casa): fix issue caused by refactoring (#9838)

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* fix(jans-fido2): fix document refactoring issue (#9918)

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* Add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248 (#9974)

* feat(jans-fido2): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* refactor(docs): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): handle origin if http or https is missing #9248

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(docs): #9248

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-linux-setup): move fidoconfig folder properties to db

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* fix(jans-fido2): fix issues due unused injects (#10035)

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* fix: fido2 build

* fix(ProjectPasskeys) : #9981 added rawId, authenticatorData, publicKey, publicKeyAlgorithm, publicKeyId, transport to the newly created cred object.

* fix(jans-ido2): #10101 Update dynamic-conf.json

#10101 property name changed and not reflected in the template

Signed-off-by: Madhumita Subramaniam <madhu@gluu.org>

* fix(jans-linux-setup): use sqlconnection instead of mysqlconnection

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* Jans fido Review Configs #10101 (#10204)

* Make CommonVerifiersTest class test cases functational (#10209)

* fix(jans-fido2): #9642

* fix(jans-fido2): Make AppleAttestationProcessorTest,PackedAttestationProcessorTest,TPMProcessorTest and U2FAttestationProcessorTest test cases functational

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): support for ECC added #10317

* fix(ProjectPasskeys): #9765

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>
Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>
Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>
Signed-off-by: Madhumita <madhu@gluu.org>
Signed-off-by: imran-ishaq <imranishaq024@gmail.com>
Signed-off-by: shekhar16 shekharlaad1609@gmail.com
Signed-off-by: Mustafa Baser <mbaser@mail.com>
Signed-off-by: Madhumita Subramaniam <madhu@gluu.org>
Signed-off-by: Devrim <devrimyatar@gluu.org>
Co-authored-by: mo-auto <54212639+mo-auto@users.noreply.github.com>
Co-authored-by: Snyk bot <snyk-bot@snyk.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: pujavs <43700552+pujavs@users.noreply.github.com>
Co-authored-by: Madhumita Subramaniam <madhu@gluu.org>
Co-authored-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
Co-authored-by: Dhaval D <343411+ossdhaval@users.noreply.github.com>
Co-authored-by: Djeumen Rolain Bonaventure <uprightech@gmail.com>
Co-authored-by: Arnab Dutta <arnab.bdutta@gmail.com>
Co-authored-by: Ackermann Yuriy <1636116+yackermann@users.noreply.github.com>
Co-authored-by: shekhar16 <shekhar16@users.noreply.github.com>
Co-authored-by: Imran <78725662+imran-ishaq@users.noreply.github.com>
Co-authored-by: imran-ishaq <imranishaq024@gmail.com>
Co-authored-by: Jose Gonzalez <bonustrack310@gmail.com>
Co-authored-by: Mustafa Baser <mbaser@mail.com>
Co-authored-by: Devrim <devrimyatar@gluu.org>
moabu added a commit that referenced this pull request Dec 13, 2024
@imran-ishaq @mo-auto
@snyk-bot @dependabot @pujavs @maduvena @yurem @ossdhaval @uprightech @moabu @duttarnab @yackermann @shekhar16 @jgomer2001 @devrimyatar
Created new WebAuthn configuration controller that returns an origins…
2731099 
… array list (#10339)

* chore(main): release jans-orm 1.0.1-SNAPSHOT (#1713)

* chore(main): release jans-fido2 1.0.1-SNAPSHOT (#1712)

* chore(main): release jans-auth-server 1.0.1-SNAPSHOT (#1711)

* chore(main): release jans-core 1.0.1-SNAPSHOT (#1710)

* chore(main): release jans-scim 1.0.1-SNAPSHOT (#1709)

* chore(main): release jans-notify 1.0.1-SNAPSHOT (#1708)

* chore(main): release agama 1.0.1-SNAPSHOT (#1707)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#2466)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2471)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* build(deps): bump commons-text from 1.9 to 1.10.0 in /jans-bom (#2679)

Bumps commons-text from 1.9 to 1.10.0.

---
updated-dependencies:
- dependency-name: org.apache.commons:commons-text
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2676)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3037311

* fix: jans-config-api/plugins/sample/helloworld/pom.xml to reduce vulnerabilities (#972)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1009963
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1058913
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1085989
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1303102

Co-authored-by: pujavs <43700552+pujavs@users.noreply.github.com>

* fix: jans-config-api/pom.xml to reduce vulnerabilities (#1746)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGECLIPSEJETTY-2945452

Co-authored-by: pujavs <43700552+pujavs@users.noreply.github.com>

* docs: update README.md (#2367)

* chore(main): release jans-core 1.0.5-SNAPSHOT (#3143)

* chore(main): release jans-config-api 1.0.5-SNAPSHOT (#3142)

* chore(main): release jans-auth-server 1.0.5-SNAPSHOT (#3141)

* chore(main): release jans-notify 1.0.5-SNAPSHOT (#3140)

* chore(main): release jans-orm 1.0.5-SNAPSHOT (#3139)

* chore(main): release jans-eleven 1.0.5-SNAPSHOT (#3138)

* chore(main): release jans-fido2 1.0.5-SNAPSHOT (#3137)

* chore(main): release jans-bom 1.0.5-SNAPSHOT (#3136)

* chore: add owner to jans-config-api (#3283)

* build(deps): bump postgresql from 42.5.0 to 42.5.1 in /jans-bom (#3068)

Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.5.0 to 42.5.1.
- [Release notes](https://github.com/pgjdbc/pgjdbc/releases)
- [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md)
- [Commits](pgjdbc/pgjdbc@REL42.5.0...REL42.5.1)

---
updated-dependencies:
- dependency-name: org.postgresql:postgresql
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#3315)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#3314)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* chore(main): release jans-eleven 1.0.6-SNAPSHOT (#3538)

* chore(main): release jans-bom 1.0.6-SNAPSHOT (#3539)

* chore(main): release jans-notify 1.0.6-SNAPSHOT (#3540)

* chore(main): release jans-config-api 1.0.6-SNAPSHOT (#3541)

* chore(main): release jans-orm 1.0.6-SNAPSHOT (#3542)

* chore(main): release jans-scim 1.0.6-SNAPSHOT (#3543)

* chore(main): release jans-auth-server 1.0.6-SNAPSHOT (#3544)

* chore(main): release jans-fido2 1.0.6-SNAPSHOT (#3545)

* chore(main): release jans-core 1.0.6-SNAPSHOT (#3546)

* fix: cbor data stream lenght calculatro return wrong lengh #3614 (#3615)

* chore(main): release jans-core 1.0.7-SNAPSHOT (#3919)

* chore(main): release jans-scim 1.0.7-SNAPSHOT (#3918)

* chore(main): release jans-notify 1.0.7-SNAPSHOT (#3917)

* chore(main): release jans-auth-server 1.0.7-SNAPSHOT (#3916)

* chore(main): release jans-bom 1.0.7-SNAPSHOT (#3915)

* chore(main): release jans-orm 1.0.7-SNAPSHOT (#3914)

* chore(main): release agama 1.0.7-SNAPSHOT (#3913)

* chore(main): release jans-eleven 1.0.7-SNAPSHOT (#3912)

* chore(main): release jans-config-api 1.0.7-SNAPSHOT (#3911)

* chore(main): release jans-fido2 1.0.7-SNAPSHOT (#3910)

* chore(main): release jans-notify 1.0.8-SNAPSHOT (#4008)

* chore(main): release jans-auth-server 1.0.8-SNAPSHOT (#4007)

* chore(main): release jans-config-api 1.0.8-SNAPSHOT (#4006)

* chore(main): release jans-scim 1.0.8-SNAPSHOT (#4004)

* chore(main): release jans-fido2 1.0.8-SNAPSHOT (#4005)

* chore(main): release jans-bom 1.0.8-SNAPSHOT (#4003)

* chore(main): release jans-core 1.0.8-SNAPSHOT (#4002)

* chore(main): release jans-orm 1.0.8-SNAPSHOT (#4001)

* chore(main): release jans-eleven 1.0.8-SNAPSHOT (#4000)

* chore(main): release agama 1.0.8-SNAPSHOT (#3999)

* chore(main): release jans-auth-server 1.0.9-SNAPSHOT (#4064)

* chore(main): release jans-fido2 1.0.9-SNAPSHOT (#4062)

* chore(main): release jans-auth-server 1.0.10-SNAPSHOT (#4175)

* chore(main): release jans-fido2 1.0.10-SNAPSHOT (#4173)

* chore(main): release jans-eleven 1.0.10-SNAPSHOT (#4172)

* chore(main): release jans-orm 1.0.10-SNAPSHOT (#4171)

* chore(main): release jans-notify 1.0.10-SNAPSHOT (#4170)

* chore(main): release jans-config-api 1.0.10-SNAPSHOT (#4169)

* chore(main): release jans-core 1.0.10-SNAPSHOT (#4168)

* chore(main): release jans-bom 1.0.10-SNAPSHOT (#4167)

* chore(main): release agama 1.0.10-SNAPSHOT (#4166)

* chore(main): release jans-eleven 1.0.11-SNAPSHOT (#4473)

* chore(main): release jans-core 1.0.11-SNAPSHOT (#4472)

* chore(main): release jans-notify 1.0.11-SNAPSHOT (#4471)

* chore(main): release jans-auth-server 1.0.11-SNAPSHOT (#4470)

* chore(main): release jans-fido2 1.0.11-SNAPSHOT (#4469)

* chore(main): release jans-bom 1.0.11-SNAPSHOT (#4467)

* chore(main): release agama 1.0.11-SNAPSHOT (#4466)

* chore(main): release jans-orm 1.0.11-SNAPSHOT (#4465)

* chore(main): release jans-config-api 1.0.11-SNAPSHOT (#4464)

* chore(main): release jans-orm 1.0.12-SNAPSHOT (#4638)

* chore(main): release jans-bom 1.0.12-SNAPSHOT (#4636)

* chore(main): release jans-core 1.0.12-SNAPSHOT (#4637)

* chore(main): release jans-notify 1.0.12-SNAPSHOT (#4634)

* chore(main): release jans-config-api 1.0.12-SNAPSHOT (#4633)

* chore(main): release jans-auth-server 1.0.12-SNAPSHOT (#4632)

* chore(main): release jans-eleven 1.0.12-SNAPSHOT (#4631)

* chore(main): release agama 1.0.12-SNAPSHOT (#4630)

* chore(main): release jans-scim 1.0.12-SNAPSHOT (#4629)

* chore(main): release jans-fido2 1.0.12-SNAPSHOT (#4635)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#4271)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3367610

* chore(deps): bump jettison from 1.5.2 to 1.5.4 in /jans-auth-server (#4275)

Bumps [jettison](https://github.com/jettison-json/jettison) from 1.5.2 to 1.5.4.
- [Release notes](https://github.com/jettison-json/jettison/releases)
- [Commits](jettison-json/jettison@jettison-1.5.2...jettison-1.5.4)

---
updated-dependencies:
- dependency-name: org.codehaus.jettison:jettison
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(main): release jans-config-api 1.0.13-SNAPSHOT (#4920)

* chore(main): release jans-notify 1.0.13-SNAPSHOT (#4917)

* chore(main): release jans-auth-server 1.0.13-SNAPSHOT (#4918)

* chore(main): release jans-orm 1.0.13-SNAPSHOT (#4916)

* chore(main): release agama 1.0.13-SNAPSHOT (#4915)

* chore(main): release jans-bom 1.0.13-SNAPSHOT (#4913)

* chore(main): release jans-core 1.0.13-SNAPSHOT (#4914)

* chore(main): release jans-scim 1.0.13-SNAPSHOT (#4912)

* chore(main): release jans-eleven 1.0.13-SNAPSHOT (#4911)

* chore(main): release jans-fido2 1.0.13-SNAPSHOT (#4919)

* docs: write topic overview pages for properties, feature flags and endpoint sections (#5147)

* docs(scripts): endpoint section README.md

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(scripts): property section readme

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(scripts): add how to set properties

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(scripts): add details to feature flag readme

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

---------

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* chore(main): release jans-bom 1.0.14-SNAPSHOT (#5211)

* chore(main): release jans-config-api 1.0.14-SNAPSHOT (#5209)

* chore(main): release jans-scim 1.0.14-SNAPSHOT (#5208)

* chore(main): release jans-eleven 1.0.14-SNAPSHOT (#5207)

* chore(main): release agama 1.0.14-SNAPSHOT (#5206)

* chore(main): release jans-orm 1.0.14-SNAPSHOT (#5205)

* chore(main): release jans-fido2 1.0.14-SNAPSHOT (#5204)

* chore(main): release jans-core 1.0.14-SNAPSHOT (#5203)

* chore(main): release jans-config-api 1.0.15-SNAPSHOT (#5495)

* chore(main): release jans-bom 1.0.15-SNAPSHOT (#5493)

* chore(main): release agama 1.0.15-SNAPSHOT (#5492)

* chore(main): release jans-scim 1.0.15-SNAPSHOT (#5491)

* chore(main): release jans-orm 1.0.15-SNAPSHOT (#5490)

* chore(main): release jans-fido2 1.0.15-SNAPSHOT (#5489)

* chore(main): release jans-eleven 1.0.15-SNAPSHOT (#5488)

* chore(main): release jans-core 1.0.15-SNAPSHOT (#5494)

* chore(main): release jans-scim 1.0.16-SNAPSHOT (#5733)

* chore(main): release jans-fido2 1.0.16-SNAPSHOT (#5730)

* chore(main): release jans-auth-server 1.0.16-SNAPSHOT (#5729)

* chore(main): release jans-orm 1.0.16-SNAPSHOT (#5728)

* chore(main): release agama 1.0.16-SNAPSHOT (#5727)

* chore(main): release jans-bom 1.0.16-SNAPSHOT (#5725)

* chore(main): release jans-eleven 1.0.16-SNAPSHOT (#5726)

* chore(main): release jans-core 1.0.16-SNAPSHOT (#5732)

* chore(main): release jans-config-api 1.0.16-SNAPSHOT (#5731)

* chore(main): release jans-scim 1.0.17-SNAPSHOT (#6051)

* chore(main): release jans-core 1.0.17-SNAPSHOT (#6049)

* chore(main): release jans-bom 1.0.17-SNAPSHOT (#6048)

* chore(main): release agama 1.0.17-SNAPSHOT (#6047)

* chore(main): release jans-auth-server 1.0.17-SNAPSHOT (#6046)

* chore(main): release jans-fido2 1.0.17-SNAPSHOT (#6045)

* chore(main): release jans-config-api 1.0.17-SNAPSHOT (#6044)

* chore(main): release jans-eleven 1.0.17-SNAPSHOT (#6043)

* chore(main): release jans-orm 1.0.17-SNAPSHOT (#6050)

* chore(main): release jans-orm 1.0.18-SNAPSHOT (#6115)

* chore(main): release jans-bom 1.0.18-SNAPSHOT (#6113)

* chore(main): release jans-config-api 1.0.18-SNAPSHOT (#6112)

* chore(main): release jans-auth-server 1.0.18-SNAPSHOT (#6111)

* chore(main): release jans-core 1.0.18-SNAPSHOT (#6110)

* chore(main): release jans-fido2 1.0.18-SNAPSHOT (#6108)

* chore(main): release agama 1.0.18-SNAPSHOT (#6109)

* chore(main): release jans-eleven 1.0.18-SNAPSHOT (#6107)

* chore(main): release jans-scim 1.0.18-SNAPSHOT (#6114)

* chore(main): release jans-scim 1.0.19-SNAPSHOT (#6245)

* chore(main): release jans-bom 1.0.19-SNAPSHOT (#6241)

* chore(main): release jans-fido2 1.0.19-SNAPSHOT (#6240)

* chore(main): release jans-auth-server 1.0.19-SNAPSHOT (#6239)

* chore(main): release jans-config-api 1.0.19-SNAPSHOT (#6238)

* chore(main): release agama 1.0.19-SNAPSHOT (#6236)

* chore(main): release jans-eleven 1.0.19-SNAPSHOT (#6235)

* chore(main): release jans-orm 1.0.19-SNAPSHOT (#6244)

* chore(main): release jans-scim 1.0.20-SNAPSHOT (#6485)

* chore(main): release jans-core 1.0.20-SNAPSHOT (#6483)

* chore(main): release jans-bom 1.0.20-SNAPSHOT (#6482)

* chore(main): release jans-link 1.0.20-SNAPSHOT (#6481)

* chore(main): release jans-fido2 1.0.20-SNAPSHOT (#6480)

* chore(main): release jans-casa 1.0.20-SNAPSHOT (#6479)

* chore(main): release jans-eleven 1.0.20-SNAPSHOT (#6478)

* chore(main): release jans-config-api 1.0.20-SNAPSHOT (#6477)

* chore(main): release agama 1.0.20-SNAPSHOT (#6476)

* chore(main): release jans-auth-server 1.0.20-SNAPSHOT (#6475)

* chore(main): release jans-orm 1.0.20-SNAPSHOT (#6484)

* chore(main): release jans-orm 1.0.21-SNAPSHOT (#7022)

* chore(main): release jans-scim 1.0.21-SNAPSHOT (#7020)

* chore(main): release jans-auth-server 1.0.21-SNAPSHOT (#7019)

* chore(main): release agama 1.0.21-SNAPSHOT (#7018)

* chore(main): release jans-eleven 1.0.21-SNAPSHOT (#7017)

* chore(main): release jans-fido2 1.0.21-SNAPSHOT (#7016)

* chore(main): release jans-config-api 1.0.21-SNAPSHOT (#7015)

* chore(main): release jans-bom 1.0.21-SNAPSHOT (#7014)

* chore(main): release jans-core 1.0.21-SNAPSHOT (#7013)

* chore(main): release jans-casa 1.0.21-SNAPSHOT (#7012)

* chore(main): release jans-keycloak-link 1.0.21-SNAPSHOT (#7021)

* chore(main): release jans-keycloak-link 1.0.22-SNAPSHOT (#7469)

* chore(main): release jans-scim 1.0.22-SNAPSHOT (#7468)

* chore(main): release jans-orm 1.0.22-SNAPSHOT (#7467)

* chore(main): release jans-lock 1.0.22-SNAPSHOT (#7466)

* chore(main): release jans-link 1.0.22-SNAPSHOT (#7465)

* chore(main): release jans-fido2 1.0.22-SNAPSHOT (#7464)

* chore(main): release jans-eleven 1.0.22-SNAPSHOT (#7463)

* chore(main): release jans-config-api 1.0.22-SNAPSHOT (#7462)

* chore(main): release jans-core 1.0.22-SNAPSHOT (#7461)

* chore(main): release jans-casa 1.0.22-SNAPSHOT (#7460)

* chore(main): release agama 1.0.22-SNAPSHOT (#7459)

* chore(main): release jans-bom 1.0.22-SNAPSHOT (#7458)

* chore(main): release jans-auth-server 1.0.22-SNAPSHOT (#7457)

* fix(jans-keycloak-integration): security bugfixes #8954 (#8962)

* fix(jans-linux-setup): improper scim configuration for jans kc #8210
* updated the keycloak configuration file to reflect the  configuration for the storage-spi

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(jans-keycloak-integration): bump kc version to 24.0.0 #8315

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* fix(jans-keycloak-integration): security bugfixes #8954
* bumped nimbus oidc sdk version

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* fix(jans-keycloak-integration): security bugfixes #8954
* removed  old metadata parser and entityidhandler from `jans-core-saml`

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* fix(jans-keycloak-integration): security bugfixes #8954
* further removed old saml related code

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* fix(jans-keycloak-integration): security bugfixes #8654
* removed unused dependencies in jans-core-saml

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

---------

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>

* feat: Minimum support ES256, RS1, RS256, ED25519 (#9086)

* feat: Minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: using SHA512 for Ed25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

---------

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: refactor Assertion/Attestation to Jackson ObjectMapper (#9023)

* feat: refactor Assertion/Attestation to Jackson ObjectMapper

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

---------

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* fix(jans-fido2): removing safetynet and android #8901

* fix(jans-fido2): Removing multiple Assertion processors #8902

* feat: add support for BS / BE flags in AuthData #8903 (#8968)

* feat: add support for BS / BE flags in AuthData #8903

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: adding comments

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: adding comments

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

---------

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>
Co-authored-by: Ackermann Yuriy <1636116+yackermann@users.noreply.github.com>

* fix(jans-fido2): #8906, Basic simplification and refactoring of Attestation and Assertion Response

* Issue 8908 (#9241)

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): #8908 delete unused file

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

---------

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* fix(jans-fido2): Attestation #8906

* Issue 9111 (#9276)

* feat(jans-fido): refactor mds3 codebase and server config

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): revert rename from docker file #9111

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): add metadatarefreshinterval #9111

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): changes to refactor metadataservers #9111

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

---------

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): changes to refactor requestedParties #9111 (#9329)

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* fix(jans-fido2): resolve failing test case in `FetchMdsProviderServiceTest` (#9299)

fix(jans-fido2): resolve failing test case in FetchMdsProviderServiceTest

Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>

* docs(customization): updates to customization document to align with custom assets feature (#9106)

* docs(customize): add intro and management sections

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(customization): add location details

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(customization): add web customization instructions

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(customization): fix proofreading issues

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

---------

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* fix(jans-fido2): removed legacy SuperGluu support #9453 (#9468)

Signed-off-by: Madhumita <madhu@gluu.org>

* feat(jans-fido2): add support for isEnterpriseAttestation in local me… (#9521)

* feat(jans-fido2): add support for isEnterpriseAttestation in local metadata retrieval

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): add new unit test for isEnterpriseAttestation

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* Jans fido2 attestation mode 9332 (#9463)

* docs(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestationMode

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestation mode

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): update the full flow unit test with monitor attestation mode

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): adding missing imports

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): #9248 Renaming domain to origin and application id to RpId

Signed-off-by: Madhumita <madhu@gluu.org>

* fix(jans-fido2): #9248

* fix(jans-fido2): resolved build failure issues

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* Jans fido2 replace requested parties 9248 (#9586)

* feat(jans-fido2): changed function type to be accessible and replaced requestParties name and domain with id and origins

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): add test cases for createRpDomain function in AttestationServiceTest Class

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): #9642

* fix(jans-fido2): convert attestationMode from enum to sting

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido): move fidoconfig folder properties to db #9369 (#9611)

* feat(jans-fido): move fidoconfig folder properties to db #9369

Signed-off-by: shekhar16 shekharlaad1609@gmail.com

* feat(jans-fido): added specialized exception #9369

Signed-off-by: shekhar16 shekharlaad1609@gmail.com

---------

Signed-off-by: shekhar16 shekharlaad1609@gmail.com
Co-authored-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

* fix(jans-fido2): #9642
Signed-off-by: Madhumita Subramaniam <madhu@gluu.org>

* Reflect Authenicator Name with Passkeys (#9716)

* feat(jans-fido2): reflect authenticator name with passkeys

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): handle test cases for authenticator name

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>
Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>

* fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagge… (#9624)

fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagger and ConfigurationControllerTest

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>
Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>

* chore(deps): bump org.apache.maven.plugins:maven-site-plugin from 4.0.0-M12 to 4.0.0-M16 in /jans-scim (#9010)

chore(deps): bump org.apache.maven.plugins:maven-site-plugin

Bumps [org.apache.maven.plugins:maven-site-plugin](https://github.com/apache/maven-site-plugin) from 4.0.0-M12 to 4.0.0-M16.
- [Commits](apache/maven-site-plugin@maven-site-plugin-4.0.0-M12...maven-site-plugin-4.0.0-M16)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-site-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jose Gonzalez <bonustrack310@gmail.com>

* fix(jans-casa): fix issue caused by refactoring (#9838)

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* fix(jans-fido2): fix document refactoring issue (#9918)

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* Add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248 (#9974)

* feat(jans-fido2): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* refactor(docs): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): handle origin if http or https is missing #9248

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(docs): #9248

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-linux-setup): move fidoconfig folder properties to db

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* fix(jans-fido2): fix issues due unused injects (#10035)

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* fix: fido2 build

* fix(ProjectPasskeys) : #9981 added rawId, authenticatorData, publicKey, publicKeyAlgorithm, publicKeyId, transport to the newly created cred object.

* fix(jans-ido2): #10101 Update dynamic-conf.json

#10101 property name changed and not reflected in the template

Signed-off-by: Madhumita Subramaniam <madhu@gluu.org>

* fix(jans-linux-setup): use sqlconnection instead of mysqlconnection

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* Jans fido Review Configs #10101 (#10204)

* Make CommonVerifiersTest class test cases functational (#10209)

* fix(jans-fido2): #9642

* fix(jans-fido2): Make AppleAttestationProcessorTest,PackedAttestationProcessorTest,TPMProcessorTest and U2FAttestationProcessorTest test cases functational

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): support for ECC added #10317

* feat(jans-fido2): create new WebAuthn configuration controller that returns an origins array list #10245

* feat(jans-linux-setup): apache proxy pass for .well-known/webauthn

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* fix(ProjectPasskeys): #9765

* fix(docs): update jans fido docs #10245

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>
Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>
Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>
Signed-off-by: Madhumita <madhu@gluu.org>
Signed-off-by: imran-ishaq <imranishaq024@gmail.com>
Signed-off-by: shekhar16 shekharlaad1609@gmail.com
Signed-off-by: Mustafa Baser <mbaser@mail.com>
Signed-off-by: Madhumita Subramaniam <madhu@gluu.org>
Signed-off-by: Devrim <devrimyatar@gluu.org>
Signed-off-by: Imran <78725662+imran-ishaq@users.noreply.github.com>
Co-authored-by: mo-auto <54212639+mo-auto@users.noreply.github.com>
Co-authored-by: Snyk bot <snyk-bot@snyk.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: pujavs <43700552+pujavs@users.noreply.github.com>
Co-authored-by: Madhumita Subramaniam <madhu@gluu.org>
Co-authored-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
Co-authored-by: Dhaval D <343411+ossdhaval@users.noreply.github.com>
Co-authored-by: Djeumen Rolain Bonaventure <uprightech@gmail.com>
Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>
Co-authored-by: Arnab Dutta <arnab.bdutta@gmail.com>
Co-authored-by: Ackermann Yuriy <1636116+yackermann@users.noreply.github.com>
Co-authored-by: shekhar16 <shekhar16@users.noreply.github.com>
Co-authored-by: Jose Gonzalez <bonustrack310@gmail.com>
Co-authored-by: Mustafa Baser <mbaser@mail.com>
Co-authored-by: Devrim <devrimyatar@gluu.org>
ossdhaval added a commit that referenced this pull request Dec 27, 2024
@moabu @mo-auto
@snyk-bot @dependabot @pujavs @maduvena @yurem @ossdhaval @uprightech @duttarnab @yackermann @shekhar16 @imran-ishaq @jgomer2001 @devrimyatar
feat(jans-fido2): major FIDO2 / Passkeys upgrade ProjectPasskeys (#1…
0a77e22 
…0080)

* chore(main): release jans-orm 1.0.1-SNAPSHOT (#1713)

* chore(main): release jans-fido2 1.0.1-SNAPSHOT (#1712)

* chore(main): release jans-auth-server 1.0.1-SNAPSHOT (#1711)

* chore(main): release jans-core 1.0.1-SNAPSHOT (#1710)

* chore(main): release jans-scim 1.0.1-SNAPSHOT (#1709)

* chore(main): release jans-notify 1.0.1-SNAPSHOT (#1708)

* chore(main): release agama 1.0.1-SNAPSHOT (#1707)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#2466)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2471)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* build(deps): bump commons-text from 1.9 to 1.10.0 in /jans-bom (#2679)

Bumps commons-text from 1.9 to 1.10.0.

---
updated-dependencies:
- dependency-name: org.apache.commons:commons-text
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2676)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3037311

* fix: jans-config-api/plugins/sample/helloworld/pom.xml to reduce vulnerabilities (#972)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1009963
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1058913
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1085989
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1303102

Co-authored-by: pujavs <43700552+pujavs@users.noreply.github.com>

* fix: jans-config-api/pom.xml to reduce vulnerabilities (#1746)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGECLIPSEJETTY-2945452

Co-authored-by: pujavs <43700552+pujavs@users.noreply.github.com>

* docs: update README.md (#2367)

* chore(main): release jans-core 1.0.5-SNAPSHOT (#3143)

* chore(main): release jans-config-api 1.0.5-SNAPSHOT (#3142)

* chore(main): release jans-auth-server 1.0.5-SNAPSHOT (#3141)

* chore(main): release jans-notify 1.0.5-SNAPSHOT (#3140)

* chore(main): release jans-orm 1.0.5-SNAPSHOT (#3139)

* chore(main): release jans-eleven 1.0.5-SNAPSHOT (#3138)

* chore(main): release jans-fido2 1.0.5-SNAPSHOT (#3137)

* chore(main): release jans-bom 1.0.5-SNAPSHOT (#3136)

* chore: add owner to jans-config-api (#3283)

* build(deps): bump postgresql from 42.5.0 to 42.5.1 in /jans-bom (#3068)

Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.5.0 to 42.5.1.
- [Release notes](https://github.com/pgjdbc/pgjdbc/releases)
- [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md)
- [Commits](pgjdbc/pgjdbc@REL42.5.0...REL42.5.1)

---
updated-dependencies:
- dependency-name: org.postgresql:postgresql
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#3315)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#3314)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* chore(main): release jans-eleven 1.0.6-SNAPSHOT (#3538)

* chore(main): release jans-bom 1.0.6-SNAPSHOT (#3539)

* chore(main): release jans-notify 1.0.6-SNAPSHOT (#3540)

* chore(main): release jans-config-api 1.0.6-SNAPSHOT (#3541)

* chore(main): release jans-orm 1.0.6-SNAPSHOT (#3542)

* chore(main): release jans-scim 1.0.6-SNAPSHOT (#3543)

* chore(main): release jans-auth-server 1.0.6-SNAPSHOT (#3544)

* chore(main): release jans-fido2 1.0.6-SNAPSHOT (#3545)

* chore(main): release jans-core 1.0.6-SNAPSHOT (#3546)

* fix: cbor data stream lenght calculatro return wrong lengh #3614 (#3615)

* chore(main): release jans-core 1.0.7-SNAPSHOT (#3919)

* chore(main): release jans-scim 1.0.7-SNAPSHOT (#3918)

* chore(main): release jans-notify 1.0.7-SNAPSHOT (#3917)

* chore(main): release jans-auth-server 1.0.7-SNAPSHOT (#3916)

* chore(main): release jans-bom 1.0.7-SNAPSHOT (#3915)

* chore(main): release jans-orm 1.0.7-SNAPSHOT (#3914)

* chore(main): release agama 1.0.7-SNAPSHOT (#3913)

* chore(main): release jans-eleven 1.0.7-SNAPSHOT (#3912)

* chore(main): release jans-config-api 1.0.7-SNAPSHOT (#3911)

* chore(main): release jans-fido2 1.0.7-SNAPSHOT (#3910)

* chore(main): release jans-notify 1.0.8-SNAPSHOT (#4008)

* chore(main): release jans-auth-server 1.0.8-SNAPSHOT (#4007)

* chore(main): release jans-config-api 1.0.8-SNAPSHOT (#4006)

* chore(main): release jans-scim 1.0.8-SNAPSHOT (#4004)

* chore(main): release jans-fido2 1.0.8-SNAPSHOT (#4005)

* chore(main): release jans-bom 1.0.8-SNAPSHOT (#4003)

* chore(main): release jans-core 1.0.8-SNAPSHOT (#4002)

* chore(main): release jans-orm 1.0.8-SNAPSHOT (#4001)

* chore(main): release jans-eleven 1.0.8-SNAPSHOT (#4000)

* chore(main): release agama 1.0.8-SNAPSHOT (#3999)

* chore(main): release jans-auth-server 1.0.9-SNAPSHOT (#4064)

* chore(main): release jans-fido2 1.0.9-SNAPSHOT (#4062)

* chore(main): release jans-auth-server 1.0.10-SNAPSHOT (#4175)

* chore(main): release jans-fido2 1.0.10-SNAPSHOT (#4173)

* chore(main): release jans-eleven 1.0.10-SNAPSHOT (#4172)

* chore(main): release jans-orm 1.0.10-SNAPSHOT (#4171)

* chore(main): release jans-notify 1.0.10-SNAPSHOT (#4170)

* chore(main): release jans-config-api 1.0.10-SNAPSHOT (#4169)

* chore(main): release jans-core 1.0.10-SNAPSHOT (#4168)

* chore(main): release jans-bom 1.0.10-SNAPSHOT (#4167)

* chore(main): release agama 1.0.10-SNAPSHOT (#4166)

* chore(main): release jans-eleven 1.0.11-SNAPSHOT (#4473)

* chore(main): release jans-core 1.0.11-SNAPSHOT (#4472)

* chore(main): release jans-notify 1.0.11-SNAPSHOT (#4471)

* chore(main): release jans-auth-server 1.0.11-SNAPSHOT (#4470)

* chore(main): release jans-fido2 1.0.11-SNAPSHOT (#4469)

* chore(main): release jans-bom 1.0.11-SNAPSHOT (#4467)

* chore(main): release agama 1.0.11-SNAPSHOT (#4466)

* chore(main): release jans-orm 1.0.11-SNAPSHOT (#4465)

* chore(main): release jans-config-api 1.0.11-SNAPSHOT (#4464)

* chore(main): release jans-orm 1.0.12-SNAPSHOT (#4638)

* chore(main): release jans-bom 1.0.12-SNAPSHOT (#4636)

* chore(main): release jans-core 1.0.12-SNAPSHOT (#4637)

* chore(main): release jans-notify 1.0.12-SNAPSHOT (#4634)

* chore(main): release jans-config-api 1.0.12-SNAPSHOT (#4633)

* chore(main): release jans-auth-server 1.0.12-SNAPSHOT (#4632)

* chore(main): release jans-eleven 1.0.12-SNAPSHOT (#4631)

* chore(main): release agama 1.0.12-SNAPSHOT (#4630)

* chore(main): release jans-scim 1.0.12-SNAPSHOT (#4629)

* chore(main): release jans-fido2 1.0.12-SNAPSHOT (#4635)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#4271)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3367610

* chore(deps): bump jettison from 1.5.2 to 1.5.4 in /jans-auth-server (#4275)

Bumps [jettison](https://github.com/jettison-json/jettison) from 1.5.2 to 1.5.4.
- [Release notes](https://github.com/jettison-json/jettison/releases)
- [Commits](jettison-json/jettison@jettison-1.5.2...jettison-1.5.4)

---
updated-dependencies:
- dependency-name: org.codehaus.jettison:jettison
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(main): release jans-config-api 1.0.13-SNAPSHOT (#4920)

* chore(main): release jans-notify 1.0.13-SNAPSHOT (#4917)

* chore(main): release jans-auth-server 1.0.13-SNAPSHOT (#4918)

* chore(main): release jans-orm 1.0.13-SNAPSHOT (#4916)

* chore(main): release agama 1.0.13-SNAPSHOT (#4915)

* chore(main): release jans-bom 1.0.13-SNAPSHOT (#4913)

* chore(main): release jans-core 1.0.13-SNAPSHOT (#4914)

* chore(main): release jans-scim 1.0.13-SNAPSHOT (#4912)

* chore(main): release jans-eleven 1.0.13-SNAPSHOT (#4911)

* chore(main): release jans-fido2 1.0.13-SNAPSHOT (#4919)

* docs: write topic overview pages for properties, feature flags and endpoint sections (#5147)

* docs(scripts): endpoint section README.md

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(scripts): property section readme

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(scripts): add how to set properties

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(scripts): add details to feature flag readme

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

---------

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* chore(main): release jans-bom 1.0.14-SNAPSHOT (#5211)

* chore(main): release jans-config-api 1.0.14-SNAPSHOT (#5209)

* chore(main): release jans-scim 1.0.14-SNAPSHOT (#5208)

* chore(main): release jans-eleven 1.0.14-SNAPSHOT (#5207)

* chore(main): release agama 1.0.14-SNAPSHOT (#5206)

* chore(main): release jans-orm 1.0.14-SNAPSHOT (#5205)

* chore(main): release jans-fido2 1.0.14-SNAPSHOT (#5204)

* chore(main): release jans-core 1.0.14-SNAPSHOT (#5203)

* chore(main): release jans-config-api 1.0.15-SNAPSHOT (#5495)

* chore(main): release jans-bom 1.0.15-SNAPSHOT (#5493)

* chore(main): release agama 1.0.15-SNAPSHOT (#5492)

* chore(main): release jans-scim 1.0.15-SNAPSHOT (#5491)

* chore(main): release jans-orm 1.0.15-SNAPSHOT (#5490)

* chore(main): release jans-fido2 1.0.15-SNAPSHOT (#5489)

* chore(main): release jans-eleven 1.0.15-SNAPSHOT (#5488)

* chore(main): release jans-core 1.0.15-SNAPSHOT (#5494)

* chore(main): release jans-scim 1.0.16-SNAPSHOT (#5733)

* chore(main): release jans-fido2 1.0.16-SNAPSHOT (#5730)

* chore(main): release jans-auth-server 1.0.16-SNAPSHOT (#5729)

* chore(main): release jans-orm 1.0.16-SNAPSHOT (#5728)

* chore(main): release agama 1.0.16-SNAPSHOT (#5727)

* chore(main): release jans-bom 1.0.16-SNAPSHOT (#5725)

* chore(main): release jans-eleven 1.0.16-SNAPSHOT (#5726)

* chore(main): release jans-core 1.0.16-SNAPSHOT (#5732)

* chore(main): release jans-config-api 1.0.16-SNAPSHOT (#5731)

* chore(main): release jans-scim 1.0.17-SNAPSHOT (#6051)

* chore(main): release jans-core 1.0.17-SNAPSHOT (#6049)

* chore(main): release jans-bom 1.0.17-SNAPSHOT (#6048)

* chore(main): release agama 1.0.17-SNAPSHOT (#6047)

* chore(main): release jans-auth-server 1.0.17-SNAPSHOT (#6046)

* chore(main): release jans-fido2 1.0.17-SNAPSHOT (#6045)

* chore(main): release jans-config-api 1.0.17-SNAPSHOT (#6044)

* chore(main): release jans-eleven 1.0.17-SNAPSHOT (#6043)

* chore(main): release jans-orm 1.0.17-SNAPSHOT (#6050)

* chore(main): release jans-orm 1.0.18-SNAPSHOT (#6115)

* chore(main): release jans-bom 1.0.18-SNAPSHOT (#6113)

* chore(main): release jans-config-api 1.0.18-SNAPSHOT (#6112)

* chore(main): release jans-auth-server 1.0.18-SNAPSHOT (#6111)

* chore(main): release jans-core 1.0.18-SNAPSHOT (#6110)

* chore(main): release jans-fido2 1.0.18-SNAPSHOT (#6108)

* chore(main): release agama 1.0.18-SNAPSHOT (#6109)

* chore(main): release jans-eleven 1.0.18-SNAPSHOT (#6107)

* chore(main): release jans-scim 1.0.18-SNAPSHOT (#6114)

* chore(main): release jans-scim 1.0.19-SNAPSHOT (#6245)

* chore(main): release jans-bom 1.0.19-SNAPSHOT (#6241)

* chore(main): release jans-fido2 1.0.19-SNAPSHOT (#6240)

* chore(main): release jans-auth-server 1.0.19-SNAPSHOT (#6239)

* chore(main): release jans-config-api 1.0.19-SNAPSHOT (#6238)

* chore(main): release agama 1.0.19-SNAPSHOT (#6236)

* chore(main): release jans-eleven 1.0.19-SNAPSHOT (#6235)

* chore(main): release jans-orm 1.0.19-SNAPSHOT (#6244)

* chore(main): release jans-scim 1.0.20-SNAPSHOT (#6485)

* chore(main): release jans-core 1.0.20-SNAPSHOT (#6483)

* chore(main): release jans-bom 1.0.20-SNAPSHOT (#6482)

* chore(main): release jans-link 1.0.20-SNAPSHOT (#6481)

* chore(main): release jans-fido2 1.0.20-SNAPSHOT (#6480)

* chore(main): release jans-casa 1.0.20-SNAPSHOT (#6479)

* chore(main): release jans-eleven 1.0.20-SNAPSHOT (#6478)

* chore(main): release jans-config-api 1.0.20-SNAPSHOT (#6477)

* chore(main): release agama 1.0.20-SNAPSHOT (#6476)

* chore(main): release jans-auth-server 1.0.20-SNAPSHOT (#6475)

* chore(main): release jans-orm 1.0.20-SNAPSHOT (#6484)

* chore(main): release jans-orm 1.0.21-SNAPSHOT (#7022)

* chore(main): release jans-scim 1.0.21-SNAPSHOT (#7020)

* chore(main): release jans-auth-server 1.0.21-SNAPSHOT (#7019)

* chore(main): release agama 1.0.21-SNAPSHOT (#7018)

* chore(main): release jans-eleven 1.0.21-SNAPSHOT (#7017)

* chore(main): release jans-fido2 1.0.21-SNAPSHOT (#7016)

* chore(main): release jans-config-api 1.0.21-SNAPSHOT (#7015)

* chore(main): release jans-bom 1.0.21-SNAPSHOT (#7014)

* chore(main): release jans-core 1.0.21-SNAPSHOT (#7013)

* chore(main): release jans-casa 1.0.21-SNAPSHOT (#7012)

* chore(main): release jans-keycloak-link 1.0.21-SNAPSHOT (#7021)

* chore(main): release jans-keycloak-link 1.0.22-SNAPSHOT (#7469)

* chore(main): release jans-scim 1.0.22-SNAPSHOT (#7468)

* chore(main): release jans-orm 1.0.22-SNAPSHOT (#7467)

* chore(main): release jans-lock 1.0.22-SNAPSHOT (#7466)

* chore(main): release jans-link 1.0.22-SNAPSHOT (#7465)

* chore(main): release jans-fido2 1.0.22-SNAPSHOT (#7464)

* chore(main): release jans-eleven 1.0.22-SNAPSHOT (#7463)

* chore(main): release jans-config-api 1.0.22-SNAPSHOT (#7462)

* chore(main): release jans-core 1.0.22-SNAPSHOT (#7461)

* chore(main): release jans-casa 1.0.22-SNAPSHOT (#7460)

* chore(main): release agama 1.0.22-SNAPSHOT (#7459)

* chore(main): release jans-bom 1.0.22-SNAPSHOT (#7458)

* chore(main): release jans-auth-server 1.0.22-SNAPSHOT (#7457)

* fix(jans-keycloak-integration): security bugfixes #8954 (#8962)

* fix(jans-linux-setup): improper scim configuration for jans kc #8210
* updated the keycloak configuration file to reflect the  configuration for the storage-spi

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(jans-keycloak-integration): bump kc version to 24.0.0 #8315

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* fix(jans-keycloak-integration): security bugfixes #8954
* bumped nimbus oidc sdk version

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* fix(jans-keycloak-integration): security bugfixes #8954
* removed  old metadata parser and entityidhandler from `jans-core-saml`

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* fix(jans-keycloak-integration): security bugfixes #8954
* further removed old saml related code

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* fix(jans-keycloak-integration): security bugfixes #8654
* removed unused dependencies in jans-core-saml

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

---------

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>

* feat: Minimum support ES256, RS1, RS256, ED25519 (#9086)

* feat: Minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: using SHA512 for Ed25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

---------

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: refactor Assertion/Attestation to Jackson ObjectMapper (#9023)

* feat: refactor Assertion/Attestation to Jackson ObjectMapper

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

---------

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* fix(jans-fido2): removing safetynet and android #8901

* fix(jans-fido2): Removing multiple Assertion processors #8902

* feat: add support for BS / BE flags in AuthData #8903 (#8968)

* feat: add support for BS / BE flags in AuthData #8903

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: adding comments

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: adding comments

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

---------

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>
Co-authored-by: Ackermann Yuriy <1636116+yackermann@users.noreply.github.com>

* fix(jans-fido2): #8906, Basic simplification and refactoring of Attestation and Assertion Response

* Issue 8908 (#9241)

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): #8908 delete unused file

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

---------

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* fix(jans-fido2): Attestation #8906

* Issue 9111 (#9276)

* feat(jans-fido): refactor mds3 codebase and server config

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): revert rename from docker file #9111

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): add metadatarefreshinterval #9111

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): changes to refactor metadataservers #9111

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

---------

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): changes to refactor requestedParties #9111 (#9329)

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* fix(jans-fido2): resolve failing test case in `FetchMdsProviderServiceTest` (#9299)

fix(jans-fido2): resolve failing test case in FetchMdsProviderServiceTest

Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>

* docs(customization): updates to customization document to align with custom assets feature (#9106)

* docs(customize): add intro and management sections

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(customization): add location details

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(customization): add web customization instructions

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(customization): fix proofreading issues

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

---------

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* fix(jans-fido2): removed legacy SuperGluu support #9453 (#9468)

Signed-off-by: Madhumita <madhu@gluu.org>

* feat(jans-fido2): add support for isEnterpriseAttestation in local me… (#9521)

* feat(jans-fido2): add support for isEnterpriseAttestation in local metadata retrieval

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): add new unit test for isEnterpriseAttestation

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* Jans fido2 attestation mode 9332 (#9463)

* docs(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestationMode

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestation mode

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): update the full flow unit test with monitor attestation mode

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): adding missing imports

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): #9248 Renaming domain to origin and application id to RpId

Signed-off-by: Madhumita <madhu@gluu.org>

* fix(jans-fido2): #9248

* fix(jans-fido2): resolved build failure issues

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* Jans fido2 replace requested parties 9248 (#9586)

* feat(jans-fido2): changed function type to be accessible and replaced requestParties name and domain with id and origins

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): add test cases for createRpDomain function in AttestationServiceTest Class

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): #9642

* fix(jans-fido2): convert attestationMode from enum to sting

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido): move fidoconfig folder properties to db #9369 (#9611)

* feat(jans-fido): move fidoconfig folder properties to db #9369

Signed-off-by: shekhar16 shekharlaad1609@gmail.com

* feat(jans-fido): added specialized exception #9369

Signed-off-by: shekhar16 shekharlaad1609@gmail.com

---------

Signed-off-by: shekhar16 shekharlaad1609@gmail.com
Co-authored-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

* fix(jans-fido2): #9642
Signed-off-by: Madhumita Subramaniam <madhu@gluu.org>

* Reflect Authenicator Name with Passkeys (#9716)

* feat(jans-fido2): reflect authenticator name with passkeys

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): handle test cases for authenticator name

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>
Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>

* fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagge… (#9624)

fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagger and ConfigurationControllerTest

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>
Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>

* chore(deps): bump org.apache.maven.plugins:maven-site-plugin from 4.0.0-M12 to 4.0.0-M16 in /jans-scim (#9010)

chore(deps): bump org.apache.maven.plugins:maven-site-plugin

Bumps [org.apache.maven.plugins:maven-site-plugin](https://github.com/apache/maven-site-plugin) from 4.0.0-M12 to 4.0.0-M16.
- [Commits](apache/maven-site-plugin@maven-site-plugin-4.0.0-M12...maven-site-plugin-4.0.0-M16)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-site-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jose Gonzalez <bonustrack310@gmail.com>

* fix(jans-casa): fix issue caused by refactoring (#9838)

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* fix(jans-fido2): fix document refactoring issue (#9918)

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* Add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248 (#9974)

* feat(jans-fido2): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* refactor(docs): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): handle origin if http or https is missing #9248

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(docs): #9248

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-linux-setup): move fidoconfig folder properties to db

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* fix(jans-fido2): fix issues due unused injects (#10035)

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* fix: fido2 build

* fix(ProjectPasskeys) : #9981 added rawId, authenticatorData, publicKey, publicKeyAlgorithm, publicKeyId, transport to the newly created cred object.

* fix(jans-ido2): #10101 Update dynamic-conf.json

#10101 property name changed and not reflected in the template

Signed-off-by: Madhumita Subramaniam <madhu@gluu.org>

* fix(jans-linux-setup): use sqlconnection instead of mysqlconnection

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* Jans fido Review Configs #10101 (#10204)

* Make CommonVerifiersTest class test cases functational (#10209)

* fix(jans-fido2): #9642

* fix(jans-fido2): Make AppleAttestationProcessorTest,PackedAttestationProcessorTest,TPMProcessorTest and U2FAttestationProcessorTest test cases functational

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): support for ECC added #10317

* fix(ProjectPasskeys): #9765

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>
Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>
Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>
Signed-off-by: Madhumita <madhu@gluu.org>
Signed-off-by: imran-ishaq <imranishaq024@gmail.com>
Signed-off-by: shekhar16 shekharlaad1609@gmail.com
Signed-off-by: Mustafa Baser <mbaser@mail.com>
Signed-off-by: Madhumita Subramaniam <madhu@gluu.org>
Signed-off-by: Devrim <devrimyatar@gluu.org>
Co-authored-by: mo-auto <54212639+mo-auto@users.noreply.github.com>
Co-authored-by: Snyk bot <snyk-bot@snyk.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: pujavs <43700552+pujavs@users.noreply.github.com>
Co-authored-by: Madhumita Subramaniam <madhu@gluu.org>
Co-authored-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
Co-authored-by: Dhaval D <343411+ossdhaval@users.noreply.github.com>
Co-authored-by: Djeumen Rolain Bonaventure <uprightech@gmail.com>
Co-authored-by: Arnab Dutta <arnab.bdutta@gmail.com>
Co-authored-by: Ackermann Yuriy <1636116+yackermann@users.noreply.github.com>
Co-authored-by: shekhar16 <shekhar16@users.noreply.github.com>
Co-authored-by: Imran <78725662+imran-ishaq@users.noreply.github.com>
Co-authored-by: imran-ishaq <imranishaq024@gmail.com>
Co-authored-by: Jose Gonzalez <bonustrack310@gmail.com>
Co-authored-by: Mustafa Baser <mbaser@mail.com>
Co-authored-by: Devrim <devrimyatar@gluu.org>
ossdhaval added a commit that referenced this pull request Dec 27, 2024
@imran-ishaq @mo-auto
@snyk-bot @dependabot @pujavs @maduvena @yurem @ossdhaval @uprightech @moabu @duttarnab @yackermann @shekhar16 @jgomer2001 @devrimyatar
Created new WebAuthn configuration controller that returns an origins…
f47d6ae 
… array list (#10339)

* chore(main): release jans-orm 1.0.1-SNAPSHOT (#1713)

* chore(main): release jans-fido2 1.0.1-SNAPSHOT (#1712)

* chore(main): release jans-auth-server 1.0.1-SNAPSHOT (#1711)

* chore(main): release jans-core 1.0.1-SNAPSHOT (#1710)

* chore(main): release jans-scim 1.0.1-SNAPSHOT (#1709)

* chore(main): release jans-notify 1.0.1-SNAPSHOT (#1708)

* chore(main): release agama 1.0.1-SNAPSHOT (#1707)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#2466)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2471)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* build(deps): bump commons-text from 1.9 to 1.10.0 in /jans-bom (#2679)

Bumps commons-text from 1.9 to 1.10.0.

---
updated-dependencies:
- dependency-name: org.apache.commons:commons-text
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#2676)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3033152
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3037311

* fix: jans-config-api/plugins/sample/helloworld/pom.xml to reduce vulnerabilities (#972)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1009963
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1058913
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1085989
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSRESTEASY-1303102

Co-authored-by: pujavs <43700552+pujavs@users.noreply.github.com>

* fix: jans-config-api/pom.xml to reduce vulnerabilities (#1746)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGECLIPSEJETTY-2945452

Co-authored-by: pujavs <43700552+pujavs@users.noreply.github.com>

* docs: update README.md (#2367)

* chore(main): release jans-core 1.0.5-SNAPSHOT (#3143)

* chore(main): release jans-config-api 1.0.5-SNAPSHOT (#3142)

* chore(main): release jans-auth-server 1.0.5-SNAPSHOT (#3141)

* chore(main): release jans-notify 1.0.5-SNAPSHOT (#3140)

* chore(main): release jans-orm 1.0.5-SNAPSHOT (#3139)

* chore(main): release jans-eleven 1.0.5-SNAPSHOT (#3138)

* chore(main): release jans-fido2 1.0.5-SNAPSHOT (#3137)

* chore(main): release jans-bom 1.0.5-SNAPSHOT (#3136)

* chore: add owner to jans-config-api (#3283)

* build(deps): bump postgresql from 42.5.0 to 42.5.1 in /jans-bom (#3068)

Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.5.0 to 42.5.1.
- [Release notes](https://github.com/pgjdbc/pgjdbc/releases)
- [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md)
- [Commits](pgjdbc/pgjdbc@REL42.5.0...REL42.5.1)

---
updated-dependencies:
- dependency-name: org.postgresql:postgresql
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix: jans-eleven/pom.xml to reduce vulnerabilities (#3315)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#3314)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168084
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3168085

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* chore(main): release jans-eleven 1.0.6-SNAPSHOT (#3538)

* chore(main): release jans-bom 1.0.6-SNAPSHOT (#3539)

* chore(main): release jans-notify 1.0.6-SNAPSHOT (#3540)

* chore(main): release jans-config-api 1.0.6-SNAPSHOT (#3541)

* chore(main): release jans-orm 1.0.6-SNAPSHOT (#3542)

* chore(main): release jans-scim 1.0.6-SNAPSHOT (#3543)

* chore(main): release jans-auth-server 1.0.6-SNAPSHOT (#3544)

* chore(main): release jans-fido2 1.0.6-SNAPSHOT (#3545)

* chore(main): release jans-core 1.0.6-SNAPSHOT (#3546)

* fix: cbor data stream lenght calculatro return wrong lengh #3614 (#3615)

* chore(main): release jans-core 1.0.7-SNAPSHOT (#3919)

* chore(main): release jans-scim 1.0.7-SNAPSHOT (#3918)

* chore(main): release jans-notify 1.0.7-SNAPSHOT (#3917)

* chore(main): release jans-auth-server 1.0.7-SNAPSHOT (#3916)

* chore(main): release jans-bom 1.0.7-SNAPSHOT (#3915)

* chore(main): release jans-orm 1.0.7-SNAPSHOT (#3914)

* chore(main): release agama 1.0.7-SNAPSHOT (#3913)

* chore(main): release jans-eleven 1.0.7-SNAPSHOT (#3912)

* chore(main): release jans-config-api 1.0.7-SNAPSHOT (#3911)

* chore(main): release jans-fido2 1.0.7-SNAPSHOT (#3910)

* chore(main): release jans-notify 1.0.8-SNAPSHOT (#4008)

* chore(main): release jans-auth-server 1.0.8-SNAPSHOT (#4007)

* chore(main): release jans-config-api 1.0.8-SNAPSHOT (#4006)

* chore(main): release jans-scim 1.0.8-SNAPSHOT (#4004)

* chore(main): release jans-fido2 1.0.8-SNAPSHOT (#4005)

* chore(main): release jans-bom 1.0.8-SNAPSHOT (#4003)

* chore(main): release jans-core 1.0.8-SNAPSHOT (#4002)

* chore(main): release jans-orm 1.0.8-SNAPSHOT (#4001)

* chore(main): release jans-eleven 1.0.8-SNAPSHOT (#4000)

* chore(main): release agama 1.0.8-SNAPSHOT (#3999)

* chore(main): release jans-auth-server 1.0.9-SNAPSHOT (#4064)

* chore(main): release jans-fido2 1.0.9-SNAPSHOT (#4062)

* chore(main): release jans-auth-server 1.0.10-SNAPSHOT (#4175)

* chore(main): release jans-fido2 1.0.10-SNAPSHOT (#4173)

* chore(main): release jans-eleven 1.0.10-SNAPSHOT (#4172)

* chore(main): release jans-orm 1.0.10-SNAPSHOT (#4171)

* chore(main): release jans-notify 1.0.10-SNAPSHOT (#4170)

* chore(main): release jans-config-api 1.0.10-SNAPSHOT (#4169)

* chore(main): release jans-core 1.0.10-SNAPSHOT (#4168)

* chore(main): release jans-bom 1.0.10-SNAPSHOT (#4167)

* chore(main): release agama 1.0.10-SNAPSHOT (#4166)

* chore(main): release jans-eleven 1.0.11-SNAPSHOT (#4473)

* chore(main): release jans-core 1.0.11-SNAPSHOT (#4472)

* chore(main): release jans-notify 1.0.11-SNAPSHOT (#4471)

* chore(main): release jans-auth-server 1.0.11-SNAPSHOT (#4470)

* chore(main): release jans-fido2 1.0.11-SNAPSHOT (#4469)

* chore(main): release jans-bom 1.0.11-SNAPSHOT (#4467)

* chore(main): release agama 1.0.11-SNAPSHOT (#4466)

* chore(main): release jans-orm 1.0.11-SNAPSHOT (#4465)

* chore(main): release jans-config-api 1.0.11-SNAPSHOT (#4464)

* chore(main): release jans-orm 1.0.12-SNAPSHOT (#4638)

* chore(main): release jans-bom 1.0.12-SNAPSHOT (#4636)

* chore(main): release jans-core 1.0.12-SNAPSHOT (#4637)

* chore(main): release jans-notify 1.0.12-SNAPSHOT (#4634)

* chore(main): release jans-config-api 1.0.12-SNAPSHOT (#4633)

* chore(main): release jans-auth-server 1.0.12-SNAPSHOT (#4632)

* chore(main): release jans-eleven 1.0.12-SNAPSHOT (#4631)

* chore(main): release agama 1.0.12-SNAPSHOT (#4630)

* chore(main): release jans-scim 1.0.12-SNAPSHOT (#4629)

* chore(main): release jans-fido2 1.0.12-SNAPSHOT (#4635)

* fix: jans-auth-server/pom.xml to reduce vulnerabilities (#4271)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJETTISON-3367610

* chore(deps): bump jettison from 1.5.2 to 1.5.4 in /jans-auth-server (#4275)

Bumps [jettison](https://github.com/jettison-json/jettison) from 1.5.2 to 1.5.4.
- [Release notes](https://github.com/jettison-json/jettison/releases)
- [Commits](jettison-json/jettison@jettison-1.5.2...jettison-1.5.4)

---
updated-dependencies:
- dependency-name: org.codehaus.jettison:jettison
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(main): release jans-config-api 1.0.13-SNAPSHOT (#4920)

* chore(main): release jans-notify 1.0.13-SNAPSHOT (#4917)

* chore(main): release jans-auth-server 1.0.13-SNAPSHOT (#4918)

* chore(main): release jans-orm 1.0.13-SNAPSHOT (#4916)

* chore(main): release agama 1.0.13-SNAPSHOT (#4915)

* chore(main): release jans-bom 1.0.13-SNAPSHOT (#4913)

* chore(main): release jans-core 1.0.13-SNAPSHOT (#4914)

* chore(main): release jans-scim 1.0.13-SNAPSHOT (#4912)

* chore(main): release jans-eleven 1.0.13-SNAPSHOT (#4911)

* chore(main): release jans-fido2 1.0.13-SNAPSHOT (#4919)

* docs: write topic overview pages for properties, feature flags and endpoint sections (#5147)

* docs(scripts): endpoint section README.md

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(scripts): property section readme

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(scripts): add how to set properties

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(scripts): add details to feature flag readme

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

---------

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* chore(main): release jans-bom 1.0.14-SNAPSHOT (#5211)

* chore(main): release jans-config-api 1.0.14-SNAPSHOT (#5209)

* chore(main): release jans-scim 1.0.14-SNAPSHOT (#5208)

* chore(main): release jans-eleven 1.0.14-SNAPSHOT (#5207)

* chore(main): release agama 1.0.14-SNAPSHOT (#5206)

* chore(main): release jans-orm 1.0.14-SNAPSHOT (#5205)

* chore(main): release jans-fido2 1.0.14-SNAPSHOT (#5204)

* chore(main): release jans-core 1.0.14-SNAPSHOT (#5203)

* chore(main): release jans-config-api 1.0.15-SNAPSHOT (#5495)

* chore(main): release jans-bom 1.0.15-SNAPSHOT (#5493)

* chore(main): release agama 1.0.15-SNAPSHOT (#5492)

* chore(main): release jans-scim 1.0.15-SNAPSHOT (#5491)

* chore(main): release jans-orm 1.0.15-SNAPSHOT (#5490)

* chore(main): release jans-fido2 1.0.15-SNAPSHOT (#5489)

* chore(main): release jans-eleven 1.0.15-SNAPSHOT (#5488)

* chore(main): release jans-core 1.0.15-SNAPSHOT (#5494)

* chore(main): release jans-scim 1.0.16-SNAPSHOT (#5733)

* chore(main): release jans-fido2 1.0.16-SNAPSHOT (#5730)

* chore(main): release jans-auth-server 1.0.16-SNAPSHOT (#5729)

* chore(main): release jans-orm 1.0.16-SNAPSHOT (#5728)

* chore(main): release agama 1.0.16-SNAPSHOT (#5727)

* chore(main): release jans-bom 1.0.16-SNAPSHOT (#5725)

* chore(main): release jans-eleven 1.0.16-SNAPSHOT (#5726)

* chore(main): release jans-core 1.0.16-SNAPSHOT (#5732)

* chore(main): release jans-config-api 1.0.16-SNAPSHOT (#5731)

* chore(main): release jans-scim 1.0.17-SNAPSHOT (#6051)

* chore(main): release jans-core 1.0.17-SNAPSHOT (#6049)

* chore(main): release jans-bom 1.0.17-SNAPSHOT (#6048)

* chore(main): release agama 1.0.17-SNAPSHOT (#6047)

* chore(main): release jans-auth-server 1.0.17-SNAPSHOT (#6046)

* chore(main): release jans-fido2 1.0.17-SNAPSHOT (#6045)

* chore(main): release jans-config-api 1.0.17-SNAPSHOT (#6044)

* chore(main): release jans-eleven 1.0.17-SNAPSHOT (#6043)

* chore(main): release jans-orm 1.0.17-SNAPSHOT (#6050)

* chore(main): release jans-orm 1.0.18-SNAPSHOT (#6115)

* chore(main): release jans-bom 1.0.18-SNAPSHOT (#6113)

* chore(main): release jans-config-api 1.0.18-SNAPSHOT (#6112)

* chore(main): release jans-auth-server 1.0.18-SNAPSHOT (#6111)

* chore(main): release jans-core 1.0.18-SNAPSHOT (#6110)

* chore(main): release jans-fido2 1.0.18-SNAPSHOT (#6108)

* chore(main): release agama 1.0.18-SNAPSHOT (#6109)

* chore(main): release jans-eleven 1.0.18-SNAPSHOT (#6107)

* chore(main): release jans-scim 1.0.18-SNAPSHOT (#6114)

* chore(main): release jans-scim 1.0.19-SNAPSHOT (#6245)

* chore(main): release jans-bom 1.0.19-SNAPSHOT (#6241)

* chore(main): release jans-fido2 1.0.19-SNAPSHOT (#6240)

* chore(main): release jans-auth-server 1.0.19-SNAPSHOT (#6239)

* chore(main): release jans-config-api 1.0.19-SNAPSHOT (#6238)

* chore(main): release agama 1.0.19-SNAPSHOT (#6236)

* chore(main): release jans-eleven 1.0.19-SNAPSHOT (#6235)

* chore(main): release jans-orm 1.0.19-SNAPSHOT (#6244)

* chore(main): release jans-scim 1.0.20-SNAPSHOT (#6485)

* chore(main): release jans-core 1.0.20-SNAPSHOT (#6483)

* chore(main): release jans-bom 1.0.20-SNAPSHOT (#6482)

* chore(main): release jans-link 1.0.20-SNAPSHOT (#6481)

* chore(main): release jans-fido2 1.0.20-SNAPSHOT (#6480)

* chore(main): release jans-casa 1.0.20-SNAPSHOT (#6479)

* chore(main): release jans-eleven 1.0.20-SNAPSHOT (#6478)

* chore(main): release jans-config-api 1.0.20-SNAPSHOT (#6477)

* chore(main): release agama 1.0.20-SNAPSHOT (#6476)

* chore(main): release jans-auth-server 1.0.20-SNAPSHOT (#6475)

* chore(main): release jans-orm 1.0.20-SNAPSHOT (#6484)

* chore(main): release jans-orm 1.0.21-SNAPSHOT (#7022)

* chore(main): release jans-scim 1.0.21-SNAPSHOT (#7020)

* chore(main): release jans-auth-server 1.0.21-SNAPSHOT (#7019)

* chore(main): release agama 1.0.21-SNAPSHOT (#7018)

* chore(main): release jans-eleven 1.0.21-SNAPSHOT (#7017)

* chore(main): release jans-fido2 1.0.21-SNAPSHOT (#7016)

* chore(main): release jans-config-api 1.0.21-SNAPSHOT (#7015)

* chore(main): release jans-bom 1.0.21-SNAPSHOT (#7014)

* chore(main): release jans-core 1.0.21-SNAPSHOT (#7013)

* chore(main): release jans-casa 1.0.21-SNAPSHOT (#7012)

* chore(main): release jans-keycloak-link 1.0.21-SNAPSHOT (#7021)

* chore(main): release jans-keycloak-link 1.0.22-SNAPSHOT (#7469)

* chore(main): release jans-scim 1.0.22-SNAPSHOT (#7468)

* chore(main): release jans-orm 1.0.22-SNAPSHOT (#7467)

* chore(main): release jans-lock 1.0.22-SNAPSHOT (#7466)

* chore(main): release jans-link 1.0.22-SNAPSHOT (#7465)

* chore(main): release jans-fido2 1.0.22-SNAPSHOT (#7464)

* chore(main): release jans-eleven 1.0.22-SNAPSHOT (#7463)

* chore(main): release jans-config-api 1.0.22-SNAPSHOT (#7462)

* chore(main): release jans-core 1.0.22-SNAPSHOT (#7461)

* chore(main): release jans-casa 1.0.22-SNAPSHOT (#7460)

* chore(main): release agama 1.0.22-SNAPSHOT (#7459)

* chore(main): release jans-bom 1.0.22-SNAPSHOT (#7458)

* chore(main): release jans-auth-server 1.0.22-SNAPSHOT (#7457)

* fix(jans-keycloak-integration): security bugfixes #8954 (#8962)

* fix(jans-linux-setup): improper scim configuration for jans kc #8210
* updated the keycloak configuration file to reflect the  configuration for the storage-spi

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* chore(jans-keycloak-integration): bump kc version to 24.0.0 #8315

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* fix(jans-keycloak-integration): security bugfixes #8954
* bumped nimbus oidc sdk version

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* fix(jans-keycloak-integration): security bugfixes #8954
* removed  old metadata parser and entityidhandler from `jans-core-saml`

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* fix(jans-keycloak-integration): security bugfixes #8954
* further removed old saml related code

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

* fix(jans-keycloak-integration): security bugfixes #8654
* removed unused dependencies in jans-core-saml

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>

---------

Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>

* feat: Minimum support ES256, RS1, RS256, ED25519 (#9086)

* feat: Minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: minimum support ES256, RS1, RS256, ED25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: using SHA512 for Ed25519

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

---------

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: refactor Assertion/Attestation to Jackson ObjectMapper (#9023)

* feat: refactor Assertion/Attestation to Jackson ObjectMapper

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: fixing sonar issues

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: addressing PR reviews

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

---------

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* fix(jans-fido2): removing safetynet and android #8901

* fix(jans-fido2): Removing multiple Assertion processors #8902

* feat: add support for BS / BE flags in AuthData #8903 (#8968)

* feat: add support for BS / BE flags in AuthData #8903

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: adding comments

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

* feat: adding comments

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>

---------

Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>
Co-authored-by: Ackermann Yuriy <1636116+yackermann@users.noreply.github.com>

* fix(jans-fido2): #8906, Basic simplification and refactoring of Attestation and Assertion Response

* Issue 8908 (#9241)

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): #8908 add support for webauthn hints

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): #8908 delete unused file

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

---------

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* fix(jans-fido2): Attestation #8906

* Issue 9111 (#9276)

* feat(jans-fido): refactor mds3 codebase and server config

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): revert rename from docker file #9111

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): add metadatarefreshinterval #9111

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): changes to refactor metadataservers #9111

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

---------

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* feat(jans-fido): changes to refactor requestedParties #9111 (#9329)

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* fix(jans-fido2): resolve failing test case in `FetchMdsProviderServiceTest` (#9299)

fix(jans-fido2): resolve failing test case in FetchMdsProviderServiceTest

Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>

* docs(customization): updates to customization document to align with custom assets feature (#9106)

* docs(customize): add intro and management sections

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(customization): add location details

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(customization): add web customization instructions

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* docs(customization): fix proofreading issues

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

---------

Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>

* fix(jans-fido2): removed legacy SuperGluu support #9453 (#9468)

Signed-off-by: Madhumita <madhu@gluu.org>

* feat(jans-fido2): add support for isEnterpriseAttestation in local me… (#9521)

* feat(jans-fido2): add support for isEnterpriseAttestation in local metadata retrieval

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): add new unit test for isEnterpriseAttestation

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* Jans fido2 attestation mode 9332 (#9463)

* docs(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestationMode

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): replaced skipValidateMdsInAttestationEnabled && skipAttestation with attestation mode

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): update the full flow unit test with monitor attestation mode

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): adding missing imports

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): #9248 Renaming domain to origin and application id to RpId

Signed-off-by: Madhumita <madhu@gluu.org>

* fix(jans-fido2): #9248

* fix(jans-fido2): resolved build failure issues

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* Jans fido2 replace requested parties 9248 (#9586)

* feat(jans-fido2): changed function type to be accessible and replaced requestParties name and domain with id and origins

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido2): add test cases for createRpDomain function in AttestationServiceTest Class

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): #9642

* fix(jans-fido2): convert attestationMode from enum to sting

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-fido): move fidoconfig folder properties to db #9369 (#9611)

* feat(jans-fido): move fidoconfig folder properties to db #9369

Signed-off-by: shekhar16 shekharlaad1609@gmail.com

* feat(jans-fido): added specialized exception #9369

Signed-off-by: shekhar16 shekharlaad1609@gmail.com

---------

Signed-off-by: shekhar16 shekharlaad1609@gmail.com
Co-authored-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>

* fix(jans-fido2): #9642
Signed-off-by: Madhumita Subramaniam <madhu@gluu.org>

* Reflect Authenicator Name with Passkeys (#9716)

* feat(jans-fido2): reflect authenticator name with passkeys

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): handle test cases for authenticator name

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>
Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>

* fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagge… (#9624)

fix(jans-fido2): remove superGluu-related endpoints from FIDO2 Swagger and ConfigurationControllerTest

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>
Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>

* chore(deps): bump org.apache.maven.plugins:maven-site-plugin from 4.0.0-M12 to 4.0.0-M16 in /jans-scim (#9010)

chore(deps): bump org.apache.maven.plugins:maven-site-plugin

Bumps [org.apache.maven.plugins:maven-site-plugin](https://github.com/apache/maven-site-plugin) from 4.0.0-M12 to 4.0.0-M16.
- [Commits](apache/maven-site-plugin@maven-site-plugin-4.0.0-M12...maven-site-plugin-4.0.0-M16)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-site-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jose Gonzalez <bonustrack310@gmail.com>

* fix(jans-casa): fix issue caused by refactoring (#9838)

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* fix(jans-fido2): fix document refactoring issue (#9918)

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* Add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248 (#9974)

* feat(jans-fido2): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* refactor(docs): add origin parameter in Fido2ExternalAuthenticator script for attestation and assertion API calls #9248

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): handle origin if http or https is missing #9248

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

---------

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(docs): #9248

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* feat(jans-linux-setup): move fidoconfig folder properties to db

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* fix(jans-fido2): fix issues due unused injects (#10035)

Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>

* fix: fido2 build

* fix(ProjectPasskeys) : #9981 added rawId, authenticatorData, publicKey, publicKeyAlgorithm, publicKeyId, transport to the newly created cred object.

* fix(jans-ido2): #10101 Update dynamic-conf.json

#10101 property name changed and not reflected in the template

Signed-off-by: Madhumita Subramaniam <madhu@gluu.org>

* fix(jans-linux-setup): use sqlconnection instead of mysqlconnection

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* Jans fido Review Configs #10101 (#10204)

* Make CommonVerifiersTest class test cases functational (#10209)

* fix(jans-fido2): #9642

* fix(jans-fido2): Make AppleAttestationProcessorTest,PackedAttestationProcessorTest,TPMProcessorTest and U2FAttestationProcessorTest test cases functational

Signed-off-by: imran-ishaq <imranishaq024@gmail.com>

* fix(jans-fido2): support for ECC added #10317

* feat(jans-fido2): create new WebAuthn configuration controller that returns an origins array list #10245

* feat(jans-linux-setup): apache proxy pass for .well-known/webauthn

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* fix(ProjectPasskeys): #9765

* fix(docs): update jans fido docs #10245

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: ossdhaval <343411+ossdhaval@users.noreply.github.com>
Signed-off-by: Rolain Djeumen <uprightech@gmail.com>
Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>
Signed-off-by: shekhar16 <shekharlaad1609@gmail.com>
Signed-off-by: Madhumita <madhu@gluu.org>
Signed-off-by: imran-ishaq <imranishaq024@gmail.com>
Signed-off-by: shekhar16 shekharlaad1609@gmail.com
Signed-off-by: Mustafa Baser <mbaser@mail.com>
Signed-off-by: Madhumita Subramaniam <madhu@gluu.org>
Signed-off-by: Devrim <devrimyatar@gluu.org>
Signed-off-by: Imran <78725662+imran-ishaq@users.noreply.github.com>
Co-authored-by: mo-auto <54212639+mo-auto@users.noreply.github.com>
Co-authored-by: Snyk bot <snyk-bot@snyk.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: pujavs <43700552+pujavs@users.noreply.github.com>
Co-authored-by: Madhumita Subramaniam <madhu@gluu.org>
Co-authored-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
Co-authored-by: Dhaval D <343411+ossdhaval@users.noreply.github.com>
Co-authored-by: Djeumen Rolain Bonaventure <uprightech@gmail.com>
Co-authored-by: Mohammad Abudayyeh <47318409+moabu@users.noreply.github.com>
Co-authored-by: Arnab Dutta <arnab.bdutta@gmail.com>
Co-authored-by: Ackermann Yuriy <1636116+yackermann@users.noreply.github.com>
Co-authored-by: shekhar16 <shekhar16@users.noreply.github.com>
Co-authored-by: Jose Gonzalez <bonustrack310@gmail.com>
Co-authored-by: Mustafa Baser <mbaser@mail.com>
Co-authored-by: Devrim <devrimyatar@gluu.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yackermann yackermann yackermann approved these changes

@yurem yurem Awaiting requested review from yurem

Assignees
No one assigned
Labels
comp-jans-fido2 Component affected by issue or PR kind-feature Issue or PR is a new feature request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

ProjectPasskeys: Minimum support ES256, RS1, RS256, ED25519
3 participants
@duttarnab @yackermann @mo-auto