ProjectPasskeys: Rework SuperGluu - Githubissues

JanssenProject / jans

An open source enterprise digital identity platform for CIAM or workforce... Janssen is a distribution of standards-based, developer friendly, components that are engineered to work together in any cloud. #OAuth #OpenID #FIDO

https://docs.jans.io

Apache License 2.0

469 stars 74 forks source link

ProjectPasskeys: Rework SuperGluu #8904

Open yackermann opened 3 months ago

yackermann commented 3 months ago

If SuperGluu authenticator is used, it should be using FIDO2, with proper metadata flow.

[Future discussion]

yackermann commented 3 months ago

At this point I think we can deprecate superGluu completely, and move to platform specific attestations

yackermann commented 3 months ago

Android: https://developer.android.com/privacy-and-security/security-key-attestation iOS: https://developer.apple.com/documentation/devicecheck/establishing-your-app-s-integrity

That means that we can run it as standard attestation validation, with standard metadata containing Android's and Apple's certificates

yackermann commented 3 months ago

@shekhar16

yackermann commented 3 months ago

Gluu_ SuperGluu

yackermann commented 3 months ago

Project requirements:

jans-fido2

[ ] Remove legacy supergluu code #9453
[ ] Rewrite android keystore support
[ ] Set apple attestation to support app-attest
[ ] Create AppAttest and Keystore SuperGluu metadatas

Update jans-casa