feat(jans-config-api): api to manage 2FA creds for the users - Githubissues

JanssenProject / jans

An open source enterprise digital identity platform for CIAM or workforce... Janssen is a distribution of standards-based, developer friendly, components that are engineered to work together in any cloud. #OAuth #OpenID #FIDO

https://docs.jans.io

Apache License 2.0

464 stars 73 forks source link

feat(jans-config-api): api to manage 2FA creds for the users #9077

Open duttarnab opened 2 months ago

duttarnab commented 2 months ago

Parent issue# https://github.com/GluuFederation/flex/issues/1747

chat link: https://chat.gluu.org/group/service_admin_ui?msg=BsWv2LJtb7n3GFAsa

We need API in config-api to view/delete 2FA credentials for each user.

Columns need to be shown

Nickname	Type	Added On	Other Information

Database details of 2FA cred data	project	table	Columns	Sample Data
agama-sms	jansPerson	jansPerson.telephoneNumber
agama-sms	jansPerson	jansPerson.mobile	["+917837679339"]
agama-totp	jansPerson	jansPersonjansPerson.jansOTPDevices	{"devices":[{"nickName":"OTP app","addedOn":1722457840824,"id":92668751,"soft":true}]}
agama-typekey	jansPerson	jansPerson.jansAuthenticator	[{"typekey": {"id": "typekey", "type": "typekey", "custom": {"phrase": "Dolor Si Amet", "useCase": "2"}}}]
agama-typekey	jansPerson	jansPerson.jansExtUid	["typekey:typekey"]
Super-gluu/Fido2	jansFido2RegistrationEntry	jansFido2RegistrationEntry.jansAuthData	{"createdDate":1722450049709,"updatedDate":1722452448736,"createdBy":"admin","updatedBy":"admin","username":"admin","domain":"admin-ui-test.gluu.org","userId":"UWaqAphh6JejDOggrzn5pDN6Ara9Bh0h8KDQilufpPs","challenge":"JUF46EU_gddXwe1NDY6x7YFzjXE6sHoKjmFq_tIaMDM","attenstationRequest":"{\"super_gluu_request\":true,\"super_gluu_request_mode\":\"two_step\",\"super_gluu_app_id\":\"https://admin-ui-test.gluu.org\",\"username\":\"admin\",\"displayName\":\"admin\",\"session_id\":\"4ed2c4a5-d2e3-4e84-a58d-b7f6563bc55e\",\"attestation\":\"direct\"}","attenstationResponse":"{\"super_gluu_request\":true,\"super_gluu_request_mode\":\"two_step\",\"type\":\"public-key\",\"response\":{\"deviceData\":\"eyJuYW1lIjoiU00tTTMxNUYiLCJvc19uYW1lIjoicSIsIm9zX3ZlcnNpb24iOiIxMCIsInBsYXRmb3JtIjoiYW5kcm9pZCIsInB1c2hfdG9rZW4iOiJmV2tCYmJMalQ5ZVdpZ2lnU3hWTnZLOkFQQTkxYkdLdDd3Nnc2Y0l0OWNhZTNTMVdaYkNtdmpWVFg1bWpjTHUzZXowVDFxM29kN2JFZjJyWGVfQzRmQkt1WGVBMVVxVEpiV3phbnQtSUZDVkdJZnJ2SnRrVXdTN3ZkZEhnakt1SUEyQVo0X0RMYlNlaWFMSmpzeTYyVFBIZGpmOU1XaDB2NkhQIiwidHlwZSI6Im5vcm1hbCIsInV1aWQiOiIxYzM1NGUxOC01MGViLTMxZWUtYmY1Mi01YzM5MjFiZDNiMjYifQ\",\"clientDataJSON\":\"eyJjaGFsbGVuZ2UiOiJKVUY0NkVVX2dkZFh3ZTFORFk2eDdZRnpqWEU2c0hvS2ptRnFfdElhTURNIiwib3JpZ2luIjoiaHR0cHM6Ly9hZG1pbi11aS10ZXN0LmdsdXUub3JnIiwidHlwZSI6Im5hdmlnYXRvci5pZC5maW5pc2hFbnJvbGxtZW50In0\",\"attestationObject\":\"v2NmbXRzZmlkby11MmYtc3VwZXItZ2x1dWdhdHRTdG10v2N4NWOBeQQETUlJQy96Q0NBcVdnQXdJQkFnSUNFQUV3Q2dZSUtvWkl6ajBFQXdJd2dhQXhDekFKQmdOVkJBWVRBbFZUTVFzd0NRWURWUVFJREFKVVdERVJNQThHQTFVRUNnd0lSMngxZFNCSmJtTXhLakFvQmdOVkJBc01JVWRzZFhVZ1NXNWpJRk5ISUVObGNuUnBabWxqWVhSbElFRjFkR2h2Y21sMGVURWtNQ0lHQTFVRUF3d2JSMngxZFNCSmJtTWdVMGNnU1c1MFpYSnRaV1JwWVhSbElFTkJNUjh3SFFZSktvWklodmNOQVFrQkZoQnpkWEJ3YjNKMFFHZHNkWFV1YjNKbk1CNFhEVEl6TURNd056RTBNalV3TjFvWERUSTJNRFF3TlRFME1qVXdOMW93Z2JFeEN6QUpCZ05WQkFZVEFsVlRNUXN3Q1FZRFZRUUlEQUpVV0RFUE1BMEdBMVVFQnd3R1FYVnpkR2x1TVJFd0R3WURWUVFLREFoSGJIVjFJRWx1WXpFcU1DZ0dBMVVFQ3d3aFIyeDFkU0JKYm1NZ1UwY2dRMlZ5ZEdsbWFXTmhkR1VnUVhWMGFHOXlhWFI1TVNRd0lnWURWUVFEREJ0VFJ5QkhiSFYxSUVsdVl5QlRSeUJCYm1SeWIybGtJRkJ5YjJReEh6QWRCZ2txaGtpRzl3MEJDUUVXRUhOMWNIQnZjblJBWjJ4MWRTNXZjbWN3V1RBVEJnY3Foa2pPUFFJQkJnZ3Foa2pPUFFNQkJ3TkNBQVFUcFNWb1R5SThEM29EVzNMZmRBTG5hZkdQK3FpT2xleTRhVFRTYlFVbVVzalJrUnJHSU9ISHhrVlVjd2txTGxyZ3pkWE1FNEYyUHJ5emdSaURoOWJWbzRHN01JRzRNQWtHQTFVZEV3UUNNQUF3RVFZSllJWklBWWI0UWdFQkJBUURBZ2VBTURNR0NXQ0dTQUdHK0VJQkRRUW1GaVJQY0dWdVUxTk1JRWRsYm1WeVlYUmxaQ0JEYkdsbGJuUWdRMlZ5ZEdsbWFXTmhkR1V3SFFZRFZSME9CQllFRkYvNGtINUZCUm9CS0NIWVljb0U2QXNEZXpwVE1COEdBMVVkSXdRWU1CYUFGTGRod1lyVDZqRUNXTDI0TVhvV0ZXcUlyVzh3TUE0R0ExVWREd0VCL3dRRUF3SUZvREFUQmdOVkhTVUVEREFLQmdnckJnRUZCUWNEQWpBS0JnZ3Foa2pPUFFRREFnTklBREJGQWlBcEFKVDZKb0F4WlRBSzRGQm0wZVRTR0ZDQ3BEcUZHcXBtdHZJaWJJa1MzQUloQUpVZ01lMTRBbWo5b0t1cXUzS3JlaFhxUXVOZHBpem5xd3BtRWh6QTd3ZWZjc2lnWEcwRQIgctIRyIYzLJRcquT8GBQ7DR0RuXddRo76yNmvtVNsoRgCIQDBfbw5ddxaKtiEEClqgGBBaqOgX-D-yuado51K-2lBF_9oYXV0aERhdGFYzZI-L9TtvvSwxSt4bS_rQbyy4n9DCWmQEif4BgsbkFxWQQAAAAAAAAAAAAAAAAAAAAAAAAAAAEANNknPIyJcYxllyEk2HpN7nH36kfE5hTL4dT_y5mygYLXEpUfXdjKdEtqL1FhcQ4p_wYVe7PmCW7dYJ5cC1d7fv2ExAmEzJmItMQFiLTJYIB23Km61M_Q5GKs_n5uz28oP-ozBkyLYTTzCx3n8xEWcYi0zWCBCAuf34KhVij3e8xRY9gSgmSFtkDt9_fNgr1nB06x4Gf__\"},\"super_gluu_request_cancel\":false,\"id\":\"DTZJzyMiXGMZZchJNh6Te5x9-pHxOYUy-HU_8uZsoGC1xKVH13YynRLai9RYXEOKf8GFXuz5glu3WCeXAtXe3w\"}","uncompressedECPoint":"v2ExAmEzJmItMQFiLTJYIB23Km61M_Q5GKs_n5uz28oP-ozBkyLYTTzCx3n8xEWcYi0zWCBCAuf34KhVij3e8xRY9gSgmSFtkDt9_fNgr1nB06x4Gf8","publicKeyId":"DTZJzyMiXGMZZchJNh6Te5x9-pHxOYUy-HU_8uZsoGC1xKVH13YynRLai9RYXEOKf8GFXuz5glu3WCeXAtXe3w","type":"public-key","status":"registered","counter":2,"attestationType":"fido-u2f-super-gluu","signatureAlgorithm":-7,"applicationId":"https://admin-ui-test.gluu.org","backupStateFlag":false,"backupEligibilityFlag":false}
Super-gluu/Fido2	jansFido2RegistrationEntry	jansDeviceData	{"uuid":"1c354e18-50eb-31ee-bf52-5c3921bd3b26","type":"normal","platform":"android","name":"SM-M315F","os_name":"q","os_version":"10","custom_data":null,"push_token":"fWkBbbLjT9eWigigSxVNvK:APA91bGKt7w6w6cIt9cae3S1WZbCmvjVTX5mjcLu3ez0T1q3od7bEf2rXe_C4fBKuXeA1UqTJbWzant-IFCVGIfrvJtkUwS7vddHgjKuIA2AZ4_DLbSeiaLJjsy62TPHdjf9MWh0v6HP"}

duttarnab commented 2 months ago

Please keep this issue on hold. We are checking if this is possible with the existing FIDO and Person APIS (in config-api).