diff --git a/cmd/authelia-scripts/cmd/gen.go b/cmd/authelia-scripts/cmd/gen.go index 40cd3c673..b2774c261 100644 --- a/cmd/authelia-scripts/cmd/gen.go +++ b/cmd/authelia-scripts/cmd/gen.go @@ -7,5 +7,5 @@ package cmd const ( - versionSwaggerUI = "4.18.1" + versionSwaggerUI = "4.18.2" ) diff --git a/docs/content/en/blog/pre-release-notes-4.38/index.md b/docs/content/en/blog/pre-release-notes-4.38/index.md index d940c73e9..90c20c02c 100644 --- a/docs/content/en/blog/pre-release-notes-4.38/index.md +++ b/docs/content/en/blog/pre-release-notes-4.38/index.md @@ -49,7 +49,7 @@ authelia configuration, and authelia database prior to attempting to do so._ Notable Missing Features from this build: - OpenID Connect 1.0 PAR -- Multi-Device Webauthn +- Multi-Device WebAuthn - Device Registration OTP - Container Images: @@ -144,7 +144,7 @@ Please see the [roadmap](../../roadmap/active/openid-connect.md) for more inform ##### Initial Implementation -_**Important Note:** This feature at the time of this writing, will not work well with Webauthn. Steps are being taken +_**Important Note:** This feature at the time of this writing, will not work well with WebAuthn. Steps are being taken to address this however it will not specifically delay the release of this feature._ This release see's the initial implementation of multi-domain protection. Users will be able to configure more than a @@ -160,14 +160,14 @@ NGINX/NGINX Proxy Manager/SWAG/HAProxy with the use of the new [Customizable Authorization Endpoints](#customizable-authorization-endpoints). This is important as it means you only need to configure a single middleware or helper to perform automatic redirection. -## Webauthn +## WebAuthn -As part of our ongoing effort for comprehensive support for Webauthn we'll be introducing several important +As part of our ongoing effort for comprehensive support for WebAuthn we'll be introducing several important features. Please see the [roadmap](../../roadmap/active/webauthn.md) for more information. -##### Multiple Webauthn Credentials Per-User +##### Multiple WebAuthn Credentials Per-User -In this release we see full support for multiple Webauthn credentials. This is a fairly basic feature but getting the +In this release we see full support for multiple WebAuthn credentials. This is a fairly basic feature but getting the frontend experience right is important to us. This is going to be supported via the [User Control Panel](#user-dashboard--control-panel). diff --git a/docs/content/en/contributing/guidelines/testing.md b/docs/content/en/contributing/guidelines/testing.md index e2ec16bb9..55e61a581 100644 --- a/docs/content/en/contributing/guidelines/testing.md +++ b/docs/content/en/contributing/guidelines/testing.md @@ -2,7 +2,7 @@ title: "Testing" description: "Authelia Development Testing Guidelines" lead: "This section covers the testing guidelines." -date: 2022-06-15T17:51:47+10:00 +date: 2023-03-20T15:03:52+11:00 draft: false images: [] menu: diff --git a/docs/content/en/contributors/amir-zarrinkafsh/_index.md b/docs/content/en/contributors/amir-zarrinkafsh/_index.md index b3938bde6..eefb4987d 100644 --- a/docs/content/en/contributors/amir-zarrinkafsh/_index.md +++ b/docs/content/en/contributors/amir-zarrinkafsh/_index.md @@ -1,6 +1,6 @@ --- title: "Amir Zarrinkafsh" -date: 2022-06-15T17:51:47+10:00 +date: 2023-03-19T16:29:12+10:00 draft: false images: [] --- diff --git a/docs/content/en/contributors/clement-michaud/_index.md b/docs/content/en/contributors/clement-michaud/_index.md index 458543fe9..bbb7ac96f 100644 --- a/docs/content/en/contributors/clement-michaud/_index.md +++ b/docs/content/en/contributors/clement-michaud/_index.md @@ -1,6 +1,6 @@ --- title: "Clément Michaud" -date: 2022-06-15T17:51:47+10:00 +date: 2023-03-19T16:29:12+10:00 draft: false images: [] --- diff --git a/docs/content/en/contributors/manuel-nunez/_index.md b/docs/content/en/contributors/manuel-nunez/_index.md index 95741a882..90f2e5dab 100644 --- a/docs/content/en/contributors/manuel-nunez/_index.md +++ b/docs/content/en/contributors/manuel-nunez/_index.md @@ -1,6 +1,6 @@ --- title: "Manuel Nuñez" -date: 2022-06-15T17:51:47+10:00 +date: 2023-03-19T16:29:12+10:00 draft: false images: [] --- diff --git a/docs/content/en/information/about.md b/docs/content/en/information/about.md index 31cb52189..ae898310f 100644 --- a/docs/content/en/information/about.md +++ b/docs/content/en/information/about.md @@ -1,7 +1,7 @@ --- title: "About" description: "About Authelia and the Authelia Team" -date: 2022-06-15T17:51:47+10:00 +date: 2023-03-19T16:29:12+10:00 draft: false images: [] aliases: diff --git a/docs/content/en/integration/openid-connect/firezone/index.md b/docs/content/en/integration/openid-connect/firezone/index.md index 96e7d55a9..39728c5a1 100644 --- a/docs/content/en/integration/openid-connect/firezone/index.md +++ b/docs/content/en/integration/openid-connect/firezone/index.md @@ -2,7 +2,7 @@ title: "Firezone" description: "Integrating Firezone with the Authelia OpenID Connect Provider." lead: "" -date: 2023-03-25T13:07:02+10:00 +date: 2023-03-28T20:29:13+11:00 draft: false images: [] menu: diff --git a/docs/content/en/integration/openid-connect/minio/index.md b/docs/content/en/integration/openid-connect/minio/index.md index ba0f725d8..6a0b2c801 100644 --- a/docs/content/en/integration/openid-connect/minio/index.md +++ b/docs/content/en/integration/openid-connect/minio/index.md @@ -2,7 +2,7 @@ title: "MinIO" description: "Integrating MinIO with the Authelia OpenID Connect Provider." lead: "" -date: 2022-06-15T17:51:47+10:00 +date: 2023-03-21T11:21:23+11:00 draft: false images: [] menu: diff --git a/docs/content/en/integration/openid-connect/misago/index.md b/docs/content/en/integration/openid-connect/misago/index.md index 88fe2192f..9fc433e10 100644 --- a/docs/content/en/integration/openid-connect/misago/index.md +++ b/docs/content/en/integration/openid-connect/misago/index.md @@ -2,7 +2,7 @@ title: "Misago" description: "Integrating Misago with the Authelia OpenID Connect Provider." lead: "" -date: 2023-03-04T13:20:00+00:00 +date: 2023-03-14T08:51:13+11:00 draft: false images: [] menu: diff --git a/docs/content/en/integration/proxies/swag.md b/docs/content/en/integration/proxies/swag.md index e43d458e0..8f39865d5 100644 --- a/docs/content/en/integration/proxies/swag.md +++ b/docs/content/en/integration/proxies/swag.md @@ -73,7 +73,7 @@ serving Authelia at `auth.example.com`. ```nginx ## Set $authelia_backend to route requests to the current domain by default set $authelia_backend $http_host; - ## In order for Webauthn to work with multiple domains authelia must operate on a separate subdomain + ## In order for WebAuthn to work with multiple domains authelia must operate on a separate subdomain ## To use authelia on a separate subdomain: ## * comment the $authelia_backend line above ## * rename /config/nginx/proxy-confs/authelia.conf.sample to /config/nginx/proxy-confs/authelia.conf @@ -88,7 +88,7 @@ serving Authelia at `auth.example.com`. ```nginx ## Set $authelia_backend to route requests to the current domain by default # set $authelia_backend $http_host; - ## In order for Webauthn to work with multiple domains authelia must operate on a separate subdomain + ## In order for WebAuthn to work with multiple domains authelia must operate on a separate subdomain ## To use authelia on a separate subdomain: ## * comment the $authelia_backend line above ## * rename /config/nginx/proxy-confs/authelia.conf.sample to /config/nginx/proxy-confs/authelia.conf diff --git a/docs/content/en/reference/cli/authelia/authelia_storage_user.md b/docs/content/en/reference/cli/authelia/authelia_storage_user.md index f179c61cd..7aa82e580 100644 --- a/docs/content/en/reference/cli/authelia/authelia_storage_user.md +++ b/docs/content/en/reference/cli/authelia/authelia_storage_user.md @@ -63,5 +63,5 @@ authelia storage user --help * [authelia storage](authelia_storage.md) - Manage the Authelia storage * [authelia storage user identifiers](authelia_storage_user_identifiers.md) - Manage user opaque identifiers * [authelia storage user totp](authelia_storage_user_totp.md) - Manage TOTP configurations -* [authelia storage user webauthn](authelia_storage_user_webauthn.md) - Manage Webauthn devices +* [authelia storage user webauthn](authelia_storage_user_webauthn.md) - Manage WebAuthn devices diff --git a/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn.md b/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn.md index 5b08f4244..f758a594a 100644 --- a/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn.md +++ b/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn.md @@ -14,13 +14,13 @@ toc: true ## authelia storage user webauthn -Manage Webauthn devices +Manage WebAuthn devices ### Synopsis -Manage Webauthn devices. +Manage WebAuthn devices. -This subcommand allows interacting with Webauthn devices. +This subcommand allows interacting with WebAuthn devices. ### Examples @@ -61,8 +61,8 @@ authelia storage user webauthn --help ### SEE ALSO * [authelia storage user](authelia_storage_user.md) - Manages user settings -* [authelia storage user webauthn delete](authelia_storage_user_webauthn_delete.md) - Delete a Webauthn device -* [authelia storage user webauthn export](authelia_storage_user_webauthn_export.md) - Perform exports of the Webauthn devices -* [authelia storage user webauthn import](authelia_storage_user_webauthn_import.md) - Perform imports of the Webauthn devices -* [authelia storage user webauthn list](authelia_storage_user_webauthn_list.md) - List Webauthn devices +* [authelia storage user webauthn delete](authelia_storage_user_webauthn_delete.md) - Delete a WebAuthn device +* [authelia storage user webauthn export](authelia_storage_user_webauthn_export.md) - Perform exports of the WebAuthn devices +* [authelia storage user webauthn import](authelia_storage_user_webauthn_import.md) - Perform imports of the WebAuthn devices +* [authelia storage user webauthn list](authelia_storage_user_webauthn_list.md) - List WebAuthn devices diff --git a/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_delete.md b/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_delete.md index aec44c2bf..c8cdee461 100644 --- a/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_delete.md +++ b/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_delete.md @@ -14,13 +14,13 @@ toc: true ## authelia storage user webauthn delete -Delete a Webauthn device +Delete a WebAuthn device ### Synopsis -Delete a Webauthn device. +Delete a WebAuthn device. -This subcommand allows deleting a Webauthn device directly from the database. +This subcommand allows deleting a WebAuthn device directly from the database. ``` authelia storage user webauthn delete [username] [flags] @@ -75,5 +75,5 @@ authelia storage user webauthn delete --kid abc123 --encryption-key b3453fde-ecc ### SEE ALSO -* [authelia storage user webauthn](authelia_storage_user_webauthn.md) - Manage Webauthn devices +* [authelia storage user webauthn](authelia_storage_user_webauthn.md) - Manage WebAuthn devices diff --git a/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_export.md b/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_export.md index 81406c3ba..2b5be245d 100644 --- a/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_export.md +++ b/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_export.md @@ -14,13 +14,13 @@ toc: true ## authelia storage user webauthn export -Perform exports of the Webauthn devices +Perform exports of the WebAuthn devices ### Synopsis -Perform exports of the Webauthn devices. +Perform exports of the WebAuthn devices. -This subcommand allows exporting Webauthn devices to various formats. +This subcommand allows exporting WebAuthn devices to various formats. ``` authelia storage user webauthn export [flags] @@ -68,5 +68,5 @@ authelia storage user webauthn export--encryption-key b3453fde-ecc2-4a1f-9422-27 ### SEE ALSO -* [authelia storage user webauthn](authelia_storage_user_webauthn.md) - Manage Webauthn devices +* [authelia storage user webauthn](authelia_storage_user_webauthn.md) - Manage WebAuthn devices diff --git a/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_import.md b/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_import.md index 3e967809c..fdb382084 100644 --- a/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_import.md +++ b/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_import.md @@ -14,13 +14,13 @@ toc: true ## authelia storage user webauthn import -Perform imports of the Webauthn devices +Perform imports of the WebAuthn devices ### Synopsis -Perform imports of the Webauthn devices. +Perform imports of the WebAuthn devices. -This subcommand allows importing Webauthn devices from various formats. +This subcommand allows importing WebAuthn devices from various formats. ``` authelia storage user webauthn import [flags] @@ -67,5 +67,5 @@ authelia storage user webauthn import --file authelia.export.webauthn.yaml --enc ### SEE ALSO -* [authelia storage user webauthn](authelia_storage_user_webauthn.md) - Manage Webauthn devices +* [authelia storage user webauthn](authelia_storage_user_webauthn.md) - Manage WebAuthn devices diff --git a/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_list.md b/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_list.md index 9a1f569fa..46e3994a6 100644 --- a/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_list.md +++ b/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_list.md @@ -14,13 +14,13 @@ toc: true ## authelia storage user webauthn list -List Webauthn devices +List WebAuthn devices ### Synopsis -List Webauthn devices. +List WebAuthn devices. -This subcommand allows listing Webauthn devices. +This subcommand allows listing WebAuthn devices. ``` authelia storage user webauthn list [username] [flags] @@ -69,5 +69,5 @@ authelia storage user webauthn list john --encryption-key b3453fde-ecc2-4a1f-942 ### SEE ALSO -* [authelia storage user webauthn](authelia_storage_user_webauthn.md) - Manage Webauthn devices +* [authelia storage user webauthn](authelia_storage_user_webauthn.md) - Manage WebAuthn devices diff --git a/internal/commands/const.go b/internal/commands/const.go index d3a03e8f5..2f628fa18 100644 --- a/internal/commands/const.go +++ b/internal/commands/const.go @@ -177,56 +177,56 @@ This subcommand allows manually adding an opaque identifier for a user to the da authelia storage user identifiers add john --identifier f0919359-9d15-4e15-bcba-83b41620a073 --config config.yml authelia storage user identifiers add john --identifier f0919359-9d15-4e15-bcba-83b41620a073 --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw` - cmdAutheliaStorageUserWebauthnShort = "Manage Webauthn devices" + cmdAutheliaStorageUserWebAuthnShort = "Manage WebAuthn devices" - cmdAutheliaStorageUserWebauthnLong = `Manage Webauthn devices. + cmdAutheliaStorageUserWebAuthnLong = `Manage WebAuthn devices. -This subcommand allows interacting with Webauthn devices.` +This subcommand allows interacting with WebAuthn devices.` - cmdAutheliaStorageUserWebauthnExample = `authelia storage user webauthn --help` + cmdAutheliaStorageUserWebAuthnExample = `authelia storage user webauthn --help` - cmdAutheliaStorageUserWebauthnImportShort = "Perform imports of the Webauthn devices" + cmdAutheliaStorageUserWebAuthnImportShort = "Perform imports of the WebAuthn devices" - cmdAutheliaStorageUserWebauthnImportLong = `Perform imports of the Webauthn devices. + cmdAutheliaStorageUserWebAuthnImportLong = `Perform imports of the WebAuthn devices. -This subcommand allows importing Webauthn devices from various formats.` +This subcommand allows importing WebAuthn devices from various formats.` - cmdAutheliaStorageUserWebauthnImportExample = `authelia storage user webauthn export + cmdAutheliaStorageUserWebAuthnImportExample = `authelia storage user webauthn export authelia storage user webauthn import --file authelia.export.webauthn.yaml authelia storage user webauthn import --file authelia.export.webauthn.yaml --config config.yml authelia storage user webauthn import --file authelia.export.webauthn.yaml --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw` - cmdAutheliaStorageUserWebauthnExportShort = "Perform exports of the Webauthn devices" + cmdAutheliaStorageUserWebAuthnExportShort = "Perform exports of the WebAuthn devices" - cmdAutheliaStorageUserWebauthnExportLong = `Perform exports of the Webauthn devices. + cmdAutheliaStorageUserWebAuthnExportLong = `Perform exports of the WebAuthn devices. -This subcommand allows exporting Webauthn devices to various formats.` +This subcommand allows exporting WebAuthn devices to various formats.` - cmdAutheliaStorageUserWebauthnExportExample = `authelia storage user webauthn export + cmdAutheliaStorageUserWebAuthnExportExample = `authelia storage user webauthn export authelia storage user webauthn export --file authelia.export.webauthn.yaml authelia storage user webauthn export --config config.yml authelia storage user webauthn export--encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw` - cmdAutheliaStorageUserWebauthnListShort = "List Webauthn devices" + cmdAutheliaStorageUserWebAuthnListShort = "List WebAuthn devices" - cmdAutheliaStorageUserWebauthnListLong = `List Webauthn devices. + cmdAutheliaStorageUserWebAuthnListLong = `List WebAuthn devices. -This subcommand allows listing Webauthn devices.` +This subcommand allows listing WebAuthn devices.` - cmdAutheliaStorageUserWebauthnListExample = `authelia storage user webauthn list + cmdAutheliaStorageUserWebAuthnListExample = `authelia storage user webauthn list authelia storage user webauthn list john authelia storage user webauthn list --config config.yml authelia storage user webauthn list john --config config.yml authelia storage user webauthn list --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw authelia storage user webauthn list john --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw` - cmdAutheliaStorageUserWebauthnDeleteShort = "Delete a Webauthn device" + cmdAutheliaStorageUserWebAuthnDeleteShort = "Delete a WebAuthn device" - cmdAutheliaStorageUserWebauthnDeleteLong = `Delete a Webauthn device. + cmdAutheliaStorageUserWebAuthnDeleteLong = `Delete a WebAuthn device. -This subcommand allows deleting a Webauthn device directly from the database.` +This subcommand allows deleting a WebAuthn device directly from the database.` - cmdAutheliaStorageUserWebauthnDeleteExample = `authelia storage user webauthn delete john --all + cmdAutheliaStorageUserWebAuthnDeleteExample = `authelia storage user webauthn delete john --all authelia storage user webauthn delete john --all --config config.yml authelia storage user webauthn delete john --all --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw authelia storage user webauthn delete john --description Primary diff --git a/internal/commands/helpers.go b/internal/commands/helpers.go index f5d9117b1..84ff9074c 100644 --- a/internal/commands/helpers.go +++ b/internal/commands/helpers.go @@ -68,7 +68,7 @@ func storageTOTPGenerateRunEOptsFromFlags(flags *pflag.FlagSet) (force bool, fil return force, filename, secret, nil } -func storageWebauthnDeleteRunEOptsFromFlags(flags *pflag.FlagSet, args []string) (all, byKID bool, description, kid, user string, err error) { +func storageWebAuthnDeleteRunEOptsFromFlags(flags *pflag.FlagSet, args []string) (all, byKID bool, description, kid, user string, err error) { if len(args) != 0 { user = args[0] } diff --git a/internal/commands/storage.go b/internal/commands/storage.go index b201af5df..2db678929 100644 --- a/internal/commands/storage.go +++ b/internal/commands/storage.go @@ -124,7 +124,7 @@ func newStorageUserCmd(ctx *CmdCtx) (cmd *cobra.Command) { cmd.AddCommand( newStorageUserIdentifiersCmd(ctx), newStorageUserTOTPCmd(ctx), - newStorageUserWebauthnCmd(ctx), + newStorageUserWebAuthnCmd(ctx), ) return cmd @@ -221,34 +221,34 @@ func newStorageUserIdentifiersAddCmd(ctx *CmdCtx) (cmd *cobra.Command) { return cmd } -func newStorageUserWebauthnCmd(ctx *CmdCtx) (cmd *cobra.Command) { +func newStorageUserWebAuthnCmd(ctx *CmdCtx) (cmd *cobra.Command) { cmd = &cobra.Command{ Use: "webauthn", - Short: cmdAutheliaStorageUserWebauthnShort, - Long: cmdAutheliaStorageUserWebauthnLong, - Example: cmdAutheliaStorageUserWebauthnExample, + Short: cmdAutheliaStorageUserWebAuthnShort, + Long: cmdAutheliaStorageUserWebAuthnLong, + Example: cmdAutheliaStorageUserWebAuthnExample, Args: cobra.NoArgs, DisableAutoGenTag: true, } cmd.AddCommand( - newStorageUserWebauthnListCmd(ctx), - newStorageUserWebauthnDeleteCmd(ctx), - newStorageUserWebauthnExportCmd(ctx), - newStorageUserWebauthnImportCmd(ctx), + newStorageUserWebAuthnListCmd(ctx), + newStorageUserWebAuthnDeleteCmd(ctx), + newStorageUserWebAuthnExportCmd(ctx), + newStorageUserWebAuthnImportCmd(ctx), ) return cmd } -func newStorageUserWebauthnImportCmd(ctx *CmdCtx) (cmd *cobra.Command) { +func newStorageUserWebAuthnImportCmd(ctx *CmdCtx) (cmd *cobra.Command) { cmd = &cobra.Command{ Use: cmdUseImportFileName, - Short: cmdAutheliaStorageUserWebauthnImportShort, - Long: cmdAutheliaStorageUserWebauthnImportLong, - Example: cmdAutheliaStorageUserWebauthnImportExample, - RunE: ctx.StorageUserWebauthnImportRunE, + Short: cmdAutheliaStorageUserWebAuthnImportShort, + Long: cmdAutheliaStorageUserWebAuthnImportLong, + Example: cmdAutheliaStorageUserWebAuthnImportExample, + RunE: ctx.StorageUserWebAuthnImportRunE, Args: cobra.ExactArgs(1), DisableAutoGenTag: true, @@ -257,13 +257,13 @@ func newStorageUserWebauthnImportCmd(ctx *CmdCtx) (cmd *cobra.Command) { return cmd } -func newStorageUserWebauthnExportCmd(ctx *CmdCtx) (cmd *cobra.Command) { +func newStorageUserWebAuthnExportCmd(ctx *CmdCtx) (cmd *cobra.Command) { cmd = &cobra.Command{ Use: cmdUseExport, - Short: cmdAutheliaStorageUserWebauthnExportShort, - Long: cmdAutheliaStorageUserWebauthnExportLong, - Example: cmdAutheliaStorageUserWebauthnExportExample, - RunE: ctx.StorageUserWebauthnExportRunE, + Short: cmdAutheliaStorageUserWebAuthnExportShort, + Long: cmdAutheliaStorageUserWebAuthnExportLong, + Example: cmdAutheliaStorageUserWebAuthnExportExample, + RunE: ctx.StorageUserWebAuthnExportRunE, Args: cobra.NoArgs, DisableAutoGenTag: true, @@ -274,13 +274,13 @@ func newStorageUserWebauthnExportCmd(ctx *CmdCtx) (cmd *cobra.Command) { return cmd } -func newStorageUserWebauthnListCmd(ctx *CmdCtx) (cmd *cobra.Command) { +func newStorageUserWebAuthnListCmd(ctx *CmdCtx) (cmd *cobra.Command) { cmd = &cobra.Command{ Use: "list [username]", - Short: cmdAutheliaStorageUserWebauthnListShort, - Long: cmdAutheliaStorageUserWebauthnListLong, - Example: cmdAutheliaStorageUserWebauthnListExample, - RunE: ctx.StorageUserWebauthnListRunE, + Short: cmdAutheliaStorageUserWebAuthnListShort, + Long: cmdAutheliaStorageUserWebAuthnListLong, + Example: cmdAutheliaStorageUserWebAuthnListExample, + RunE: ctx.StorageUserWebAuthnListRunE, Args: cobra.MaximumNArgs(1), DisableAutoGenTag: true, @@ -289,13 +289,13 @@ func newStorageUserWebauthnListCmd(ctx *CmdCtx) (cmd *cobra.Command) { return cmd } -func newStorageUserWebauthnDeleteCmd(ctx *CmdCtx) (cmd *cobra.Command) { +func newStorageUserWebAuthnDeleteCmd(ctx *CmdCtx) (cmd *cobra.Command) { cmd = &cobra.Command{ Use: "delete [username]", - Short: cmdAutheliaStorageUserWebauthnDeleteShort, - Long: cmdAutheliaStorageUserWebauthnDeleteLong, - Example: cmdAutheliaStorageUserWebauthnDeleteExample, - RunE: ctx.StorageUserWebauthnDeleteRunE, + Short: cmdAutheliaStorageUserWebAuthnDeleteShort, + Long: cmdAutheliaStorageUserWebAuthnDeleteLong, + Example: cmdAutheliaStorageUserWebAuthnDeleteExample, + RunE: ctx.StorageUserWebAuthnDeleteRunE, Args: cobra.MaximumNArgs(1), DisableAutoGenTag: true, diff --git a/internal/commands/storage_run.go b/internal/commands/storage_run.go index fb39bd7f9..615e11686 100644 --- a/internal/commands/storage_run.go +++ b/internal/commands/storage_run.go @@ -415,7 +415,7 @@ func (ctx *CmdCtx) StorageSchemaInfoRunE(_ *cobra.Command, _ []string) (err erro return nil } -func (ctx *CmdCtx) StorageUserWebauthnExportRunE(cmd *cobra.Command, args []string) (err error) { +func (ctx *CmdCtx) StorageUserWebAuthnExportRunE(cmd *cobra.Command, args []string) (err error) { defer func() { _ = ctx.providers.StorageProvider.Close() }() @@ -443,11 +443,11 @@ func (ctx *CmdCtx) StorageUserWebauthnExportRunE(cmd *cobra.Command, args []stri count := 0 var ( - devices []model.WebauthnDevice + devices []model.WebAuthnDevice ) - export := &model.WebauthnDeviceExport{ - WebauthnDevices: nil, + export := &model.WebAuthnDeviceExport{ + WebAuthnDevices: nil, } for page := 0; true; page++ { @@ -455,7 +455,7 @@ func (ctx *CmdCtx) StorageUserWebauthnExportRunE(cmd *cobra.Command, args []stri return err } - export.WebauthnDevices = append(export.WebauthnDevices, devices...) + export.WebAuthnDevices = append(export.WebAuthnDevices, devices...) l := len(devices) @@ -476,12 +476,12 @@ func (ctx *CmdCtx) StorageUserWebauthnExportRunE(cmd *cobra.Command, args []stri return fmt.Errorf("error occurred writing to file '%s': %w", filename, err) } - fmt.Printf(cliOutputFmtSuccessfulUserExportFile, count, "Webauthn devices", "YAML", filename) + fmt.Printf(cliOutputFmtSuccessfulUserExportFile, count, "WebAuthn devices", "YAML", filename) return nil } -func (ctx *CmdCtx) StorageUserWebauthnImportRunE(cmd *cobra.Command, args []string) (err error) { +func (ctx *CmdCtx) StorageUserWebAuthnImportRunE(cmd *cobra.Command, args []string) (err error) { defer func() { _ = ctx.providers.StorageProvider.Close() }() @@ -507,46 +507,46 @@ func (ctx *CmdCtx) StorageUserWebauthnImportRunE(cmd *cobra.Command, args []stri return err } - export := &model.WebauthnDeviceExport{} + export := &model.WebAuthnDeviceExport{} if err = yaml.Unmarshal(data, export); err != nil { return err } - if len(export.WebauthnDevices) == 0 { - return fmt.Errorf("can't import a YAML file without Webauthn devices data") + if len(export.WebAuthnDevices) == 0 { + return fmt.Errorf("can't import a YAML file without WebAuthn devices data") } if err = ctx.CheckSchema(); err != nil { return storageWrapCheckSchemaErr(err) } - for _, device := range export.WebauthnDevices { + for _, device := range export.WebAuthnDevices { if err = ctx.providers.StorageProvider.SaveWebauthnDevice(ctx, device); err != nil { return err } } - fmt.Printf(cliOutputFmtSuccessfulUserImportFile, len(export.WebauthnDevices), "Webauthn devices", "YAML", filename) + fmt.Printf(cliOutputFmtSuccessfulUserImportFile, len(export.WebAuthnDevices), "WebAuthn devices", "YAML", filename) return nil } -// StorageUserWebauthnListRunE is the RunE for the authelia storage user webauthn list command. -func (ctx *CmdCtx) StorageUserWebauthnListRunE(cmd *cobra.Command, args []string) (err error) { +// StorageUserWebAuthnListRunE is the RunE for the authelia storage user webauthn list command. +func (ctx *CmdCtx) StorageUserWebAuthnListRunE(cmd *cobra.Command, args []string) (err error) { defer func() { _ = ctx.providers.StorageProvider.Close() }() if len(args) == 0 || args[0] == "" { - return ctx.StorageUserWebauthnListAllRunE(cmd, args) + return ctx.StorageUserWebAuthnListAllRunE(cmd, args) } if err = ctx.CheckSchema(); err != nil { return storageWrapCheckSchemaErr(err) } - var devices []model.WebauthnDevice + var devices []model.WebAuthnDevice user := args[0] @@ -558,7 +558,7 @@ func (ctx *CmdCtx) StorageUserWebauthnListRunE(cmd *cobra.Command, args []string case err != nil: return fmt.Errorf("can't list devices for user '%s': %w", user, err) default: - fmt.Printf("Webauthn Devices for user '%s':\n\n", user) + fmt.Printf("WebAuthn Devices for user '%s':\n\n", user) fmt.Printf("ID\tKID\tDescription\n") for _, device := range devices { @@ -569,8 +569,8 @@ func (ctx *CmdCtx) StorageUserWebauthnListRunE(cmd *cobra.Command, args []string return nil } -// StorageUserWebauthnListAllRunE is the RunE for the authelia storage user webauthn list command when no args are specified. -func (ctx *CmdCtx) StorageUserWebauthnListAllRunE(_ *cobra.Command, _ []string) (err error) { +// StorageUserWebAuthnListAllRunE is the RunE for the authelia storage user webauthn list command when no args are specified. +func (ctx *CmdCtx) StorageUserWebAuthnListAllRunE(_ *cobra.Command, _ []string) (err error) { defer func() { _ = ctx.providers.StorageProvider.Close() }() @@ -579,7 +579,7 @@ func (ctx *CmdCtx) StorageUserWebauthnListAllRunE(_ *cobra.Command, _ []string) return storageWrapCheckSchemaErr(err) } - var devices []model.WebauthnDevice + var devices []model.WebAuthnDevice limit := 10 @@ -603,14 +603,14 @@ func (ctx *CmdCtx) StorageUserWebauthnListAllRunE(_ *cobra.Command, _ []string) } } - fmt.Printf("Webauthn Devices:\n\nID\tKID\tDescription\tUsername\n") + fmt.Printf("WebAuthn Devices:\n\nID\tKID\tDescription\tUsername\n") fmt.Println(output.String()) return nil } -// StorageUserWebauthnDeleteRunE is the RunE for the authelia storage user webauthn delete command. -func (ctx *CmdCtx) StorageUserWebauthnDeleteRunE(cmd *cobra.Command, args []string) (err error) { +// StorageUserWebAuthnDeleteRunE is the RunE for the authelia storage user webauthn delete command. +func (ctx *CmdCtx) StorageUserWebAuthnDeleteRunE(cmd *cobra.Command, args []string) (err error) { defer func() { _ = ctx.providers.StorageProvider.Close() }() @@ -624,7 +624,7 @@ func (ctx *CmdCtx) StorageUserWebauthnDeleteRunE(cmd *cobra.Command, args []stri description, kid, user string ) - if all, byKID, description, kid, user, err = storageWebauthnDeleteRunEOptsFromFlags(cmd.Flags(), args); err != nil { + if all, byKID, description, kid, user, err = storageWebAuthnDeleteRunEOptsFromFlags(cmd.Flags(), args); err != nil { return err } @@ -633,7 +633,7 @@ func (ctx *CmdCtx) StorageUserWebauthnDeleteRunE(cmd *cobra.Command, args []stri return fmt.Errorf("failed to delete webauthn device with kid '%s': %w", kid, err) } - fmt.Printf("Successfully deleted Webauthn device with key id '%s'\n", kid) + fmt.Printf("Successfully deleted WebAuthn device with key id '%s'\n", kid) } else { err = ctx.providers.StorageProvider.DeleteWebauthnDeviceByUsername(ctx, user, description) @@ -642,13 +642,13 @@ func (ctx *CmdCtx) StorageUserWebauthnDeleteRunE(cmd *cobra.Command, args []stri return fmt.Errorf("failed to delete all webauthn devices with username '%s': %w", user, err) } - fmt.Printf("Successfully deleted all Webauthn devices for user '%s'\n", user) + fmt.Printf("Successfully deleted all WebAuthn devices for user '%s'\n", user) } else { if err != nil { return fmt.Errorf("failed to delete webauthn device with username '%s' and description '%s': %w", user, description, err) } - fmt.Printf("Successfully deleted Webauthn device with description '%s' for user '%s'\n", description, user) + fmt.Printf("Successfully deleted WebAuthn device with description '%s' for user '%s'\n", description, user) } } diff --git a/internal/handlers/handler_register_webauthn.go b/internal/handlers/handler_register_webauthn.go index a29802f2e..754041874 100644 --- a/internal/handlers/handler_register_webauthn.go +++ b/internal/handlers/handler_register_webauthn.go @@ -33,7 +33,7 @@ var WebauthnIdentityFinish = middlewares.IdentityVerificationFinish( func SecondFactorWebauthnAttestationGET(ctx *middlewares.AutheliaCtx, _ string) { var ( w *webauthn.WebAuthn - user *model.WebauthnUser + user *model.WebAuthnUser userSession session.UserSession err error ) @@ -94,7 +94,7 @@ func WebauthnAttestationPOST(ctx *middlewares.AutheliaCtx) { var ( err error w *webauthn.WebAuthn - user *model.WebauthnUser + user *model.WebAuthnUser userSession session.UserSession @@ -150,7 +150,7 @@ func WebauthnAttestationPOST(ctx *middlewares.AutheliaCtx) { return } - device := model.NewWebauthnDeviceFromCredential(w.Config.RPID, userSession.Username, "Primary", credential) + device := model.NewWebAuthnDeviceFromCredential(w.Config.RPID, userSession.Username, "Primary", credential) if err = ctx.Providers.StorageProvider.SaveWebauthnDevice(ctx, device); err != nil { ctx.Logger.Errorf("Unable to load %s devices for assertion challenge for user '%s': %+v", regulation.AuthTypeWebauthn, userSession.Username, err) diff --git a/internal/handlers/handler_sign_webauthn.go b/internal/handlers/handler_sign_webauthn.go index 7c65c6a8c..cdd633a5b 100644 --- a/internal/handlers/handler_sign_webauthn.go +++ b/internal/handlers/handler_sign_webauthn.go @@ -16,7 +16,7 @@ import ( func WebauthnAssertionGET(ctx *middlewares.AutheliaCtx) { var ( w *webauthn.WebAuthn - user *model.WebauthnUser + user *model.WebAuthnUser userSession session.UserSession err error ) @@ -134,7 +134,7 @@ func WebauthnAssertionPOST(ctx *middlewares.AutheliaCtx) { var ( assertionResponse *protocol.ParsedCredentialAssertionData credential *webauthn.Credential - user *model.WebauthnUser + user *model.WebAuthnUser ) if assertionResponse, err = protocol.ParseCredentialRequestResponseBody(bytes.NewReader(ctx.PostBody())); err != nil { diff --git a/internal/handlers/handler_user_info_test.go b/internal/handlers/handler_user_info_test.go index 251f7e247..30eff7cf0 100644 --- a/internal/handlers/handler_user_info_test.go +++ b/internal/handlers/handler_user_info_test.go @@ -62,7 +62,7 @@ func TestUserInfoEndpoint_SetCorrectMethod(t *testing.T) { { db: model.UserInfo{ Method: "webauthn", - HasWebauthn: true, + HasWebAuthn: true, HasTOTP: true, }, err: nil, @@ -70,7 +70,7 @@ func TestUserInfoEndpoint_SetCorrectMethod(t *testing.T) { { db: model.UserInfo{ Method: "webauthn", - HasWebauthn: true, + HasWebAuthn: true, HasTOTP: false, }, err: nil, @@ -78,7 +78,7 @@ func TestUserInfoEndpoint_SetCorrectMethod(t *testing.T) { { db: model.UserInfo{ Method: "mobile_push", - HasWebauthn: false, + HasWebAuthn: false, HasTOTP: false, }, err: nil, @@ -128,7 +128,7 @@ func TestUserInfoEndpoint_SetCorrectMethod(t *testing.T) { }) t.Run("registered webauthn", func(t *testing.T) { - assert.Equal(t, resp.api.HasWebauthn, actualPreferences.HasWebauthn) + assert.Equal(t, resp.api.HasWebAuthn, actualPreferences.HasWebAuthn) }) t.Run("registered totp", func(t *testing.T) { @@ -160,13 +160,13 @@ func TestUserInfoEndpoint_SetDefaultMethod(t *testing.T) { db: model.UserInfo{ Method: "", HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, HasDuo: false, }, api: &model.UserInfo{ Method: "totp", HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, HasDuo: false, }, config: &schema.Configuration{}, @@ -178,13 +178,13 @@ func TestUserInfoEndpoint_SetDefaultMethod(t *testing.T) { db: model.UserInfo{ Method: "", HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, HasDuo: true, }, api: &model.UserInfo{ Method: "mobile_push", HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, HasDuo: true, }, config: &schema.Configuration{}, @@ -196,13 +196,13 @@ func TestUserInfoEndpoint_SetDefaultMethod(t *testing.T) { db: model.UserInfo{ Method: "", HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, HasDuo: true, }, api: &model.UserInfo{ Method: "totp", HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, HasDuo: true, }, config: &schema.Configuration{DuoAPI: schema.DuoAPIConfiguration{Disable: true}}, @@ -214,13 +214,13 @@ func TestUserInfoEndpoint_SetDefaultMethod(t *testing.T) { db: model.UserInfo{ Method: "", HasTOTP: true, - HasWebauthn: true, + HasWebAuthn: true, HasDuo: true, }, api: &model.UserInfo{ Method: "webauthn", HasTOTP: true, - HasWebauthn: true, + HasWebAuthn: true, HasDuo: true, }, config: &schema.Configuration{ @@ -236,13 +236,13 @@ func TestUserInfoEndpoint_SetDefaultMethod(t *testing.T) { db: model.UserInfo{ Method: "", HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, HasDuo: false, }, api: &model.UserInfo{ Method: "totp", HasTOTP: true, - HasWebauthn: true, + HasWebAuthn: true, HasDuo: true, }, config: &schema.Configuration{}, @@ -322,7 +322,7 @@ func TestUserInfoEndpoint_SetDefaultMethod(t *testing.T) { }) t.Run("registered webauthn", func(t *testing.T) { - assert.Equal(t, resp.api.HasWebauthn, actualPreferences.HasWebauthn) + assert.Equal(t, resp.api.HasWebAuthn, actualPreferences.HasWebAuthn) }) t.Run("registered totp", func(t *testing.T) { diff --git a/internal/handlers/webauthn.go b/internal/handlers/webauthn.go index 5154689de..8899fed79 100644 --- a/internal/handlers/webauthn.go +++ b/internal/handlers/webauthn.go @@ -12,8 +12,8 @@ import ( "github.com/authelia/authelia/v4/internal/session" ) -func getWebAuthnUser(ctx *middlewares.AutheliaCtx, userSession session.UserSession) (user *model.WebauthnUser, err error) { - user = &model.WebauthnUser{ +func getWebAuthnUser(ctx *middlewares.AutheliaCtx, userSession session.UserSession) (user *model.WebAuthnUser, err error) { + user = &model.WebAuthnUser{ Username: userSession.Username, DisplayName: userSession.DisplayName, } diff --git a/internal/handlers/webauthn_test.go b/internal/handlers/webauthn_test.go index a566c4a7d..cba439188 100644 --- a/internal/handlers/webauthn_test.go +++ b/internal/handlers/webauthn_test.go @@ -21,7 +21,7 @@ func TestWebauthnGetUser(t *testing.T) { DisplayName: "John Smith", } - ctx.StorageMock.EXPECT().LoadWebauthnDevicesByUsername(ctx.Ctx, "john").Return([]model.WebauthnDevice{ + ctx.StorageMock.EXPECT().LoadWebauthnDevicesByUsername(ctx.Ctx, "john").Return([]model.WebAuthnDevice{ { ID: 1, RPID: "https://example.com", @@ -106,7 +106,7 @@ func TestWebauthnGetUserWithoutDisplayName(t *testing.T) { Username: "john", } - ctx.StorageMock.EXPECT().LoadWebauthnDevicesByUsername(ctx.Ctx, "john").Return([]model.WebauthnDevice{ + ctx.StorageMock.EXPECT().LoadWebauthnDevicesByUsername(ctx.Ctx, "john").Return([]model.WebAuthnDevice{ { ID: 1, RPID: "https://example.com", diff --git a/internal/middlewares/authelia_context.go b/internal/middlewares/authelia_context.go index bb7840c33..4c6367d6b 100644 --- a/internal/middlewares/authelia_context.go +++ b/internal/middlewares/authelia_context.go @@ -50,7 +50,7 @@ func (ctx *AutheliaCtx) AvailableSecondFactorMethods() (methods []string) { } if !ctx.Configuration.Webauthn.Disable { - methods = append(methods, model.SecondFactorMethodWebauthn) + methods = append(methods, model.SecondFactorMethodWebAuthn) } if !ctx.Configuration.DuoAPI.Disable { diff --git a/internal/middlewares/authelia_context_test.go b/internal/middlewares/authelia_context_test.go index ef4a761f1..f53627abd 100644 --- a/internal/middlewares/authelia_context_test.go +++ b/internal/middlewares/authelia_context_test.go @@ -235,15 +235,15 @@ func TestShouldReturnCorrectSecondFactorMethods(t *testing.T) { mock.Ctx.Configuration.DuoAPI.Disable = true - assert.Equal(t, []string{model.SecondFactorMethodTOTP, model.SecondFactorMethodWebauthn}, mock.Ctx.AvailableSecondFactorMethods()) + assert.Equal(t, []string{model.SecondFactorMethodTOTP, model.SecondFactorMethodWebAuthn}, mock.Ctx.AvailableSecondFactorMethods()) mock.Ctx.Configuration.DuoAPI.Disable = false - assert.Equal(t, []string{model.SecondFactorMethodTOTP, model.SecondFactorMethodWebauthn, model.SecondFactorMethodDuo}, mock.Ctx.AvailableSecondFactorMethods()) + assert.Equal(t, []string{model.SecondFactorMethodTOTP, model.SecondFactorMethodWebAuthn, model.SecondFactorMethodDuo}, mock.Ctx.AvailableSecondFactorMethods()) mock.Ctx.Configuration.TOTP.Disable = true - assert.Equal(t, []string{model.SecondFactorMethodWebauthn, model.SecondFactorMethodDuo}, mock.Ctx.AvailableSecondFactorMethods()) + assert.Equal(t, []string{model.SecondFactorMethodWebAuthn, model.SecondFactorMethodDuo}, mock.Ctx.AvailableSecondFactorMethods()) mock.Ctx.Configuration.Webauthn.Disable = true diff --git a/internal/mocks/storage.go b/internal/mocks/storage.go index 2c74f695e..01a771fc8 100644 --- a/internal/mocks/storage.go +++ b/internal/mocks/storage.go @@ -421,10 +421,10 @@ func (mr *MockStorageMockRecorder) LoadUserOpaqueIdentifiers(arg0 interface{}) * } // LoadWebauthnDevices mocks base method. -func (m *MockStorage) LoadWebauthnDevices(arg0 context.Context, arg1, arg2 int) ([]model.WebauthnDevice, error) { +func (m *MockStorage) LoadWebauthnDevices(arg0 context.Context, arg1, arg2 int) ([]model.WebAuthnDevice, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "LoadWebauthnDevices", arg0, arg1, arg2) - ret0, _ := ret[0].([]model.WebauthnDevice) + ret0, _ := ret[0].([]model.WebAuthnDevice) ret1, _ := ret[1].(error) return ret0, ret1 } @@ -436,10 +436,10 @@ func (mr *MockStorageMockRecorder) LoadWebauthnDevices(arg0, arg1, arg2 interfac } // LoadWebauthnDevicesByUsername mocks base method. -func (m *MockStorage) LoadWebauthnDevicesByUsername(arg0 context.Context, arg1 string) ([]model.WebauthnDevice, error) { +func (m *MockStorage) LoadWebauthnDevicesByUsername(arg0 context.Context, arg1 string) ([]model.WebAuthnDevice, error) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "LoadWebauthnDevicesByUsername", arg0, arg1) - ret0, _ := ret[0].([]model.WebauthnDevice) + ret0, _ := ret[0].([]model.WebAuthnDevice) ret1, _ := ret[1].(error) return ret0, ret1 } @@ -690,7 +690,7 @@ func (mr *MockStorageMockRecorder) SaveUserOpaqueIdentifier(arg0, arg1 interface } // SaveWebauthnDevice mocks base method. -func (m *MockStorage) SaveWebauthnDevice(arg0 context.Context, arg1 model.WebauthnDevice) error { +func (m *MockStorage) SaveWebauthnDevice(arg0 context.Context, arg1 model.WebAuthnDevice) error { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "SaveWebauthnDevice", arg0, arg1) ret0, _ := ret[0].(error) diff --git a/internal/model/const.go b/internal/model/const.go index 3c0b13a64..085ef8946 100644 --- a/internal/model/const.go +++ b/internal/model/const.go @@ -15,8 +15,8 @@ const ( // SecondFactorMethodTOTP method using Time-Based One-Time Password applications like Google Authenticator. SecondFactorMethodTOTP = "totp" - // SecondFactorMethodWebauthn method using Webauthn devices like YubiKey's. - SecondFactorMethodWebauthn = "webauthn" + // SecondFactorMethodWebAuthn method using WebAuthn devices like YubiKey's. + SecondFactorMethodWebAuthn = "webauthn" // SecondFactorMethodDuo method using Duo application to receive push notifications. SecondFactorMethodDuo = "mobile_push" diff --git a/internal/model/user_info.go b/internal/model/user_info.go index 62f87f28d..74c6beeb7 100644 --- a/internal/model/user_info.go +++ b/internal/model/user_info.go @@ -15,8 +15,8 @@ type UserInfo struct { // True if a TOTP device has been registered. HasTOTP bool `db:"has_totp" json:"has_totp" valid:"required"` - // True if a Webauthn device has been registered. - HasWebauthn bool `db:"has_webauthn" json:"has_webauthn" valid:"required"` + // True if a WebAuthn device has been registered. + HasWebAuthn bool `db:"has_webauthn" json:"has_webauthn" valid:"required"` // True if a duo device has been configured as the preferred. HasDuo bool `db:"has_duo" json:"has_duo" valid:"required"` @@ -31,7 +31,7 @@ func (i *UserInfo) SetDefaultPreferred2FAMethod(methods []string, fallback strin before := i.Method - totp, webauthn, duo := utils.IsStringInSlice(SecondFactorMethodTOTP, methods), utils.IsStringInSlice(SecondFactorMethodWebauthn, methods), utils.IsStringInSlice(SecondFactorMethodDuo, methods) + totp, webauthn, duo := utils.IsStringInSlice(SecondFactorMethodTOTP, methods), utils.IsStringInSlice(SecondFactorMethodWebAuthn, methods), utils.IsStringInSlice(SecondFactorMethodDuo, methods) if i.Method == "" && utils.IsStringInSlice(fallback, methods) { i.Method = fallback @@ -50,8 +50,8 @@ func (i *UserInfo) setMethod(totp, webauthn, duo bool, methods []string, fallbac switch { case i.HasTOTP && totp: i.Method = SecondFactorMethodTOTP - case i.HasWebauthn && webauthn: - i.Method = SecondFactorMethodWebauthn + case i.HasWebAuthn && webauthn: + i.Method = SecondFactorMethodWebAuthn case i.HasDuo && duo: i.Method = SecondFactorMethodDuo case fallback != "" && utils.IsStringInSlice(fallback, methods): @@ -59,7 +59,7 @@ func (i *UserInfo) setMethod(totp, webauthn, duo bool, methods []string, fallbac case totp: i.Method = SecondFactorMethodTOTP case webauthn: - i.Method = SecondFactorMethodWebauthn + i.Method = SecondFactorMethodWebAuthn case duo: i.Method = SecondFactorMethodDuo } diff --git a/internal/model/user_info_test.go b/internal/model/user_info_test.go index c4f7f21ea..8513db574 100644 --- a/internal/model/user_info_test.go +++ b/internal/model/user_info_test.go @@ -20,7 +20,7 @@ func TestUserInfo_SetDefaultMethod(t *testing.T) { has := "" - if have.HasTOTP || have.HasDuo || have.HasWebauthn { + if have.HasTOTP || have.HasDuo || have.HasWebAuthn { has += " has" if have.HasTOTP { @@ -31,8 +31,8 @@ func TestUserInfo_SetDefaultMethod(t *testing.T) { has += " " + SecondFactorMethodDuo } - if have.HasWebauthn { - has += " " + SecondFactorMethodWebauthn + if have.HasWebAuthn { + has += " " + SecondFactorMethodWebAuthn } } @@ -62,60 +62,60 @@ func TestUserInfo_SetDefaultMethod(t *testing.T) { Method: SecondFactorMethodTOTP, HasDuo: true, HasTOTP: true, - HasWebauthn: true, + HasWebAuthn: true, }, want: UserInfo{ - Method: SecondFactorMethodWebauthn, + Method: SecondFactorMethodWebAuthn, HasDuo: true, HasTOTP: true, - HasWebauthn: true, + HasWebAuthn: true, }, - methods: []string{SecondFactorMethodWebauthn, SecondFactorMethodDuo}, + methods: []string{SecondFactorMethodWebAuthn, SecondFactorMethodDuo}, changed: true, }, { have: UserInfo{ HasDuo: true, HasTOTP: true, - HasWebauthn: true, + HasWebAuthn: true, }, want: UserInfo{ Method: SecondFactorMethodTOTP, HasDuo: true, HasTOTP: true, - HasWebauthn: true, + HasWebAuthn: true, }, - methods: []string{SecondFactorMethodTOTP, SecondFactorMethodWebauthn, SecondFactorMethodDuo}, + methods: []string{SecondFactorMethodTOTP, SecondFactorMethodWebAuthn, SecondFactorMethodDuo}, changed: true, }, { have: UserInfo{ - Method: SecondFactorMethodWebauthn, + Method: SecondFactorMethodWebAuthn, HasDuo: true, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, want: UserInfo{ Method: SecondFactorMethodTOTP, HasDuo: true, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, methods: []string{SecondFactorMethodTOTP}, changed: true, }, { have: UserInfo{ - Method: SecondFactorMethodWebauthn, + Method: SecondFactorMethodWebAuthn, HasDuo: false, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, want: UserInfo{ Method: SecondFactorMethodTOTP, HasDuo: false, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, methods: []string{SecondFactorMethodTOTP}, changed: true, @@ -125,15 +125,15 @@ func TestUserInfo_SetDefaultMethod(t *testing.T) { Method: SecondFactorMethodTOTP, HasDuo: false, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, want: UserInfo{ - Method: SecondFactorMethodWebauthn, + Method: SecondFactorMethodWebAuthn, HasDuo: false, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, - methods: []string{SecondFactorMethodWebauthn}, + methods: []string{SecondFactorMethodWebAuthn}, changed: true, }, { @@ -141,31 +141,31 @@ func TestUserInfo_SetDefaultMethod(t *testing.T) { Method: SecondFactorMethodTOTP, HasDuo: false, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, want: UserInfo{ Method: SecondFactorMethodDuo, HasDuo: false, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, methods: []string{SecondFactorMethodDuo}, changed: true, }, { have: UserInfo{ - Method: SecondFactorMethodWebauthn, + Method: SecondFactorMethodWebAuthn, HasDuo: false, HasTOTP: true, - HasWebauthn: true, + HasWebAuthn: true, }, want: UserInfo{ - Method: SecondFactorMethodWebauthn, + Method: SecondFactorMethodWebAuthn, HasDuo: false, HasTOTP: true, - HasWebauthn: true, + HasWebAuthn: true, }, - methods: []string{SecondFactorMethodTOTP, SecondFactorMethodWebauthn, SecondFactorMethodDuo}, + methods: []string{SecondFactorMethodTOTP, SecondFactorMethodWebAuthn, SecondFactorMethodDuo}, changed: false, }, { @@ -173,15 +173,15 @@ func TestUserInfo_SetDefaultMethod(t *testing.T) { Method: "", HasDuo: false, HasTOTP: true, - HasWebauthn: true, + HasWebAuthn: true, }, want: UserInfo{ - Method: SecondFactorMethodWebauthn, + Method: SecondFactorMethodWebAuthn, HasDuo: false, HasTOTP: true, - HasWebauthn: true, + HasWebAuthn: true, }, - methods: []string{SecondFactorMethodWebauthn, SecondFactorMethodDuo}, + methods: []string{SecondFactorMethodWebAuthn, SecondFactorMethodDuo}, changed: true, }, { @@ -189,13 +189,13 @@ func TestUserInfo_SetDefaultMethod(t *testing.T) { Method: "", HasDuo: false, HasTOTP: true, - HasWebauthn: true, + HasWebAuthn: true, }, want: UserInfo{ Method: SecondFactorMethodDuo, HasDuo: false, HasTOTP: true, - HasWebauthn: true, + HasWebAuthn: true, }, methods: []string{SecondFactorMethodDuo}, changed: true, @@ -205,13 +205,13 @@ func TestUserInfo_SetDefaultMethod(t *testing.T) { Method: "", HasDuo: false, HasTOTP: true, - HasWebauthn: true, + HasWebAuthn: true, }, want: UserInfo{ Method: "", HasDuo: false, HasTOTP: true, - HasWebauthn: true, + HasWebAuthn: true, }, methods: nil, changed: false, @@ -221,15 +221,15 @@ func TestUserInfo_SetDefaultMethod(t *testing.T) { Method: "", HasDuo: false, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, want: UserInfo{ Method: SecondFactorMethodDuo, HasDuo: false, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, - methods: []string{SecondFactorMethodTOTP, SecondFactorMethodWebauthn, SecondFactorMethodDuo}, + methods: []string{SecondFactorMethodTOTP, SecondFactorMethodWebAuthn, SecondFactorMethodDuo}, fallback: SecondFactorMethodDuo, changed: true, }, @@ -238,15 +238,15 @@ func TestUserInfo_SetDefaultMethod(t *testing.T) { Method: "", HasDuo: false, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, want: UserInfo{ Method: SecondFactorMethodTOTP, HasDuo: false, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, - methods: []string{SecondFactorMethodTOTP, SecondFactorMethodWebauthn}, + methods: []string{SecondFactorMethodTOTP, SecondFactorMethodWebAuthn}, fallback: SecondFactorMethodDuo, changed: true, }, @@ -255,15 +255,15 @@ func TestUserInfo_SetDefaultMethod(t *testing.T) { Method: SecondFactorMethodTOTP, HasDuo: true, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, want: UserInfo{ Method: SecondFactorMethodDuo, HasDuo: true, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, - methods: []string{SecondFactorMethodWebauthn, SecondFactorMethodDuo}, + methods: []string{SecondFactorMethodWebAuthn, SecondFactorMethodDuo}, changed: true, }, { @@ -271,30 +271,30 @@ func TestUserInfo_SetDefaultMethod(t *testing.T) { Method: SecondFactorMethodTOTP, HasDuo: false, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, want: UserInfo{ - Method: SecondFactorMethodWebauthn, + Method: SecondFactorMethodWebAuthn, HasDuo: false, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, - methods: []string{SecondFactorMethodWebauthn, SecondFactorMethodDuo}, - fallback: SecondFactorMethodWebauthn, + methods: []string{SecondFactorMethodWebAuthn, SecondFactorMethodDuo}, + fallback: SecondFactorMethodWebAuthn, changed: true, }, { have: UserInfo{ - Method: SecondFactorMethodWebauthn, + Method: SecondFactorMethodWebAuthn, HasDuo: false, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, want: UserInfo{ Method: SecondFactorMethodDuo, HasDuo: false, HasTOTP: false, - HasWebauthn: false, + HasWebAuthn: false, }, methods: []string{SecondFactorMethodTOTP, SecondFactorMethodDuo}, fallback: SecondFactorMethodDuo, diff --git a/internal/model/webauthn.go b/internal/model/webauthn.go index a3a19c62e..bf53b9681 100644 --- a/internal/model/webauthn.go +++ b/internal/model/webauthn.go @@ -17,15 +17,15 @@ const ( attestationTypeFIDOU2F = "fido-u2f" ) -// WebauthnUser is an object to represent a user for the Webauthn lib. -type WebauthnUser struct { +// WebAuthnUser is an object to represent a user for the WebAuthn lib. +type WebAuthnUser struct { Username string DisplayName string - Devices []WebauthnDevice + Devices []WebAuthnDevice } // HasFIDOU2F returns true if the user has any attestation type `fido-u2f` devices. -func (w WebauthnUser) HasFIDOU2F() bool { +func (w WebAuthnUser) HasFIDOU2F() bool { for _, c := range w.Devices { if c.AttestationType == attestationTypeFIDOU2F { return true @@ -36,27 +36,27 @@ func (w WebauthnUser) HasFIDOU2F() bool { } // WebAuthnID implements the webauthn.User interface. -func (w WebauthnUser) WebAuthnID() []byte { +func (w WebAuthnUser) WebAuthnID() []byte { return []byte(w.Username) } // WebAuthnName implements the webauthn.User interface. -func (w WebauthnUser) WebAuthnName() string { +func (w WebAuthnUser) WebAuthnName() string { return w.Username } // WebAuthnDisplayName implements the webauthn.User interface. -func (w WebauthnUser) WebAuthnDisplayName() string { +func (w WebAuthnUser) WebAuthnDisplayName() string { return w.DisplayName } // WebAuthnIcon implements the webauthn.User interface. -func (w WebauthnUser) WebAuthnIcon() string { +func (w WebAuthnUser) WebAuthnIcon() string { return "" } // WebAuthnCredentials implements the webauthn.User interface. -func (w WebauthnUser) WebAuthnCredentials() (credentials []webauthn.Credential) { +func (w WebAuthnUser) WebAuthnCredentials() (credentials []webauthn.Credential) { credentials = make([]webauthn.Credential, len(w.Devices)) var credential webauthn.Credential @@ -96,7 +96,7 @@ func (w WebauthnUser) WebAuthnCredentials() (credentials []webauthn.Credential) } // WebAuthnCredentialDescriptors decodes the users credentials into protocol.CredentialDescriptor's. -func (w WebauthnUser) WebAuthnCredentialDescriptors() (descriptors []protocol.CredentialDescriptor) { +func (w WebAuthnUser) WebAuthnCredentialDescriptors() (descriptors []protocol.CredentialDescriptor) { credentials := w.WebAuthnCredentials() descriptors = make([]protocol.CredentialDescriptor, len(credentials)) @@ -108,15 +108,15 @@ func (w WebauthnUser) WebAuthnCredentialDescriptors() (descriptors []protocol.Cr return descriptors } -// NewWebauthnDeviceFromCredential creates a WebauthnDevice from a webauthn.Credential. -func NewWebauthnDeviceFromCredential(rpid, username, description string, credential *webauthn.Credential) (device WebauthnDevice) { +// NewWebAuthnDeviceFromCredential creates a WebAuthnDevice from a webauthn.Credential. +func NewWebAuthnDeviceFromCredential(rpid, username, description string, credential *webauthn.Credential) (device WebAuthnDevice) { transport := make([]string, len(credential.Transport)) for i, t := range credential.Transport { transport[i] = string(t) } - device = WebauthnDevice{ + device = WebAuthnDevice{ RPID: rpid, Username: username, CreatedAt: time.Now(), @@ -137,8 +137,8 @@ func NewWebauthnDeviceFromCredential(rpid, username, description string, credent return device } -// WebauthnDevice represents a Webauthn Device in the database storage. -type WebauthnDevice struct { +// WebAuthnDevice represents a WebAuthn Device in the database storage. +type WebAuthnDevice struct { ID int `db:"id"` CreatedAt time.Time `db:"created_at"` LastUsedAt sql.NullTime `db:"last_used_at"` @@ -154,8 +154,8 @@ type WebauthnDevice struct { CloneWarning bool `db:"clone_warning"` } -// UpdateSignInInfo adjusts the values of the WebauthnDevice after a sign in. -func (d *WebauthnDevice) UpdateSignInInfo(config *webauthn.Config, now time.Time, signCount uint32) { +// UpdateSignInInfo adjusts the values of the WebAuthnDevice after a sign in. +func (d *WebAuthnDevice) UpdateSignInInfo(config *webauthn.Config, now time.Time, signCount uint32) { d.LastUsedAt = sql.NullTime{Time: now, Valid: true} d.SignCount = signCount @@ -172,7 +172,7 @@ func (d *WebauthnDevice) UpdateSignInInfo(config *webauthn.Config, now time.Time } } -func (d *WebauthnDevice) LastUsed() *time.Time { +func (d *WebAuthnDevice) LastUsed() *time.Time { if d.LastUsedAt.Valid { return &d.LastUsedAt.Time } @@ -181,8 +181,8 @@ func (d *WebauthnDevice) LastUsed() *time.Time { } // MarshalYAML marshals this model into YAML. -func (d *WebauthnDevice) MarshalYAML() (any, error) { - o := WebauthnDeviceData{ +func (d *WebAuthnDevice) MarshalYAML() (any, error) { + o := WebAuthnDeviceData{ CreatedAt: d.CreatedAt, LastUsedAt: d.LastUsed(), RPID: d.RPID, @@ -201,8 +201,8 @@ func (d *WebauthnDevice) MarshalYAML() (any, error) { } // UnmarshalYAML unmarshalls YAML into this model. -func (d *WebauthnDevice) UnmarshalYAML(value *yaml.Node) (err error) { - o := &WebauthnDeviceData{} +func (d *WebAuthnDevice) UnmarshalYAML(value *yaml.Node) (err error) { + o := &WebAuthnDeviceData{} if err = value.Decode(o); err != nil { return err @@ -246,8 +246,8 @@ func (d *WebauthnDevice) UnmarshalYAML(value *yaml.Node) (err error) { return nil } -// WebauthnDeviceData represents a Webauthn Device in the database storage. -type WebauthnDeviceData struct { +// WebAuthnDeviceData represents a WebAuthn Device in the database storage. +type WebAuthnDeviceData struct { CreatedAt time.Time `yaml:"created_at"` LastUsedAt *time.Time `yaml:"last_used_at"` RPID string `yaml:"rpid"` @@ -262,7 +262,7 @@ type WebauthnDeviceData struct { CloneWarning bool `yaml:"clone_warning"` } -// WebauthnDeviceExport represents a WebauthnDevice export file. -type WebauthnDeviceExport struct { - WebauthnDevices []WebauthnDevice `yaml:"webauthn_devices"` +// WebAuthnDeviceExport represents a WebAuthnDevice export file. +type WebAuthnDeviceExport struct { + WebAuthnDevices []WebAuthnDevice `yaml:"webauthn_devices"` } diff --git a/internal/storage/provider.go b/internal/storage/provider.go index a31390fe0..68e939a04 100644 --- a/internal/storage/provider.go +++ b/internal/storage/provider.go @@ -38,12 +38,12 @@ type Provider interface { LoadTOTPConfiguration(ctx context.Context, username string) (config *model.TOTPConfiguration, err error) LoadTOTPConfigurations(ctx context.Context, limit, page int) (configs []model.TOTPConfiguration, err error) - SaveWebauthnDevice(ctx context.Context, device model.WebauthnDevice) (err error) + SaveWebauthnDevice(ctx context.Context, device model.WebAuthnDevice) (err error) UpdateWebauthnDeviceSignIn(ctx context.Context, id int, rpid string, lastUsedAt sql.NullTime, signCount uint32, cloneWarning bool) (err error) DeleteWebauthnDevice(ctx context.Context, kid string) (err error) DeleteWebauthnDeviceByUsername(ctx context.Context, username, description string) (err error) - LoadWebauthnDevices(ctx context.Context, limit, page int) (devices []model.WebauthnDevice, err error) - LoadWebauthnDevicesByUsername(ctx context.Context, username string) (devices []model.WebauthnDevice, err error) + LoadWebauthnDevices(ctx context.Context, limit, page int) (devices []model.WebAuthnDevice, err error) + LoadWebauthnDevicesByUsername(ctx context.Context, username string) (devices []model.WebAuthnDevice, err error) SavePreferredDuoDevice(ctx context.Context, device model.DuoDevice) (err error) DeletePreferredDuoDevice(ctx context.Context, username string) (err error) diff --git a/internal/storage/sql_provider.go b/internal/storage/sql_provider.go index 2a4cce037..7467114a8 100644 --- a/internal/storage/sql_provider.go +++ b/internal/storage/sql_provider.go @@ -882,7 +882,7 @@ func (p *SQLProvider) LoadTOTPConfigurations(ctx context.Context, limit, page in } // SaveWebauthnDevice saves a registered Webauthn device. -func (p *SQLProvider) SaveWebauthnDevice(ctx context.Context, device model.WebauthnDevice) (err error) { +func (p *SQLProvider) SaveWebauthnDevice(ctx context.Context, device model.WebAuthnDevice) (err error) { if device.PublicKey, err = p.encrypt(device.PublicKey); err != nil { return fmt.Errorf("error encrypting Webauthn device public key for user '%s' kid '%x': %w", device.Username, device.KID, err) } @@ -937,8 +937,8 @@ func (p *SQLProvider) DeleteWebauthnDeviceByUsername(ctx context.Context, userna } // LoadWebauthnDevices loads Webauthn device registrations. -func (p *SQLProvider) LoadWebauthnDevices(ctx context.Context, limit, page int) (devices []model.WebauthnDevice, err error) { - devices = make([]model.WebauthnDevice, 0, limit) +func (p *SQLProvider) LoadWebauthnDevices(ctx context.Context, limit, page int) (devices []model.WebAuthnDevice, err error) { + devices = make([]model.WebAuthnDevice, 0, limit) if err = p.db.SelectContext(ctx, &devices, p.sqlSelectWebauthnDevices, limit, limit*page); err != nil { if errors.Is(err, sql.ErrNoRows) { @@ -958,7 +958,7 @@ func (p *SQLProvider) LoadWebauthnDevices(ctx context.Context, limit, page int) } // LoadWebauthnDevicesByUsername loads all webauthn devices registration for a given username. -func (p *SQLProvider) LoadWebauthnDevicesByUsername(ctx context.Context, username string) (devices []model.WebauthnDevice, err error) { +func (p *SQLProvider) LoadWebauthnDevicesByUsername(ctx context.Context, username string) (devices []model.WebAuthnDevice, err error) { if err = p.db.SelectContext(ctx, &devices, p.sqlSelectWebauthnDevicesByUsername, username); err != nil { if errors.Is(err, sql.ErrNoRows) { return nil, ErrNoWebauthnDevice