Merge remote tracking branch origin/master into feat-settings-ui

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-04-15 02:14:23 +10:00 · 2023-04-15 02:14:23 +10:00 · 86b525ce21
parent d97c0eb0ea 2733fc040c
commit 86b525ce21
11 changed files with 74 additions and 74 deletions
--- a/api/openapi.yml
+++ b/api/openapi.yml
@ -29,9 +29,9 @@ tags:
  - name: User Information
    description: User configuration endpoints
  {{- end }}
-  {{- if (or .TOTP .Webauthn .Duo) }}
+  {{- if (or .TOTP .WebAuthn .Duo) }}
  - name: Second Factor
-    description: TOTP, Webauthn and Duo endpoints
+    description: TOTP, WebAuthn and Duo endpoints
    externalDocs:
      url: https://www.authelia.com/configuration/second-factor/introduction/
  {{- end }}
@ -721,13 +721,13 @@ paths:
      security:
        - authelia_auth: []
  {{- end }}
-  {{- if .Webauthn }}
+  {{- if .WebAuthn }}
  /api/secondfactor/webauthn/assertion:
    get:
      tags:
        - Second Factor
-      summary: Second Factor Authentication - Webauthn (Request)
-      description: This endpoint starts the second factor authentication process with the FIDO2 Webauthn credential.
+      summary: Second Factor Authentication - WebAuthn (Request)
+      description: This endpoint starts the second factor authentication process with the FIDO2 WebAuthn credential.
      responses:
        "200":
          description: Successful Operation
@ -742,8 +742,8 @@ paths:
    post:
      tags:
        - Second Factor
-      summary: Second Factor Authentication - Webauthn
-      description: This endpoint completes the second factor authentication process with the FIDO2 Webauthn credential.
+      summary: Second Factor Authentication - WebAuthn
+      description: This endpoint completes the second factor authentication process with the FIDO2 WebAuthn credential.
      requestBody:
        required: true
        content:
@ -765,9 +765,9 @@ paths:
    post:
      tags:
        - Second Factor
-      summary: Identity Verification Webauthn Credential Creation
+      summary: Identity Verification WebAuthn Credential Creation
      description: >
-        This endpoint performs identity verification to begin the FIDO2 Webauthn credential attestation process
+        This endpoint performs identity verification to begin the FIDO2 WebAuthn credential attestation process
        (registration).

        The session generated from this endpoint must be utilised for the subsequent steps in the
@ -785,9 +785,9 @@ paths:
    post:
      tags:
        - Second Factor
-      summary: Identity Verification FIDO2 Webauthn Credential Validation
+      summary: Identity Verification FIDO2 WebAuthn Credential Validation
      description: >
-        This endpoint performs identity and token verification, upon success generates a FIDO2 Webauthn device
+        This endpoint performs identity and token verification, upon success generates a FIDO2 WebAuthn device
        attestation challenge (registration).

        The session cookie generated from the `/api/secondfactor/webauthn/identity/start` endpoint must be utilised
@ -811,8 +811,8 @@ paths:
    post:
      tags:
        - Second Factor
-      summary: Webauthn Credential Attestation
-      description: This endpoint performs Webauthn credential attestation (registration).
+      summary: WebAuthn Credential Attestation
+      description: This endpoint performs WebAuthn credential attestation (registration).
      requestBody:
        required: true
        content:
@ -832,8 +832,8 @@ paths:
    delete:
      tags:
        - Second Factor
-      summary: Webauthn Device Deletion
-      description: This endpoint deletes the specified Webauthn credential.
+      summary: WebAuthn Device Deletion
+      description: This endpoint deletes the specified WebAuthn credential.
      responses:
        "200":
          description: Successful Operation
@ -848,8 +848,8 @@ paths:
    put:
      tags:
        - Second Factor
-      summary: Webauthn Device Update
-      description: This endpoint updates the description of the specified Webauthn credential.
+      summary: WebAuthn Device Update
+      description: This endpoint updates the description of the specified WebAuthn credential.
      requestBody:
        required: true
        content:
@ -1457,7 +1457,7 @@ components:
      schema:
        type: integer
      required: true
-      description: Numeric Webauthn Device ID
+      description: Numeric WebAuthn Device ID
    originalMethodParam:
      name: X-Original-Method
      in: header
@ -1924,7 +1924,7 @@ components:
              type: string
              example: 'otpauth://totp/{{ .Domain | default "example.com" }}:john?algorithm=SHA1&digits=6&issuer=auth.{{ .Domain | default "example.com" }}&period=30&secret=5ZH7Y5CTFWOXN7EOLGBMMXADRNQFHVUDZSYKCN5HMFAIRSLAWY3Q'
    {{- end }}
-    {{- if .Webauthn }}
+    {{- if .WebAuthn }}
    webauthn.PublicKeyCredential:
      type: object
      properties:
--- a/config.template.yml
+++ b/config.template.yml
@ -214,13 +214,13 @@ totp:
 ##
 ## Parameters used for WebAuthn.
 webauthn:
-  ## Disable Webauthn.
+  ## Disable WebAuthn.
  disable: false

-  ## Adjust the interaction timeout for Webauthn dialogues.
+  ## Adjust the interaction timeout for WebAuthn dialogues.
  timeout: 60s

-  ## The display name the browser should show the user for when using Webauthn to login/register.
+  ## The display name the browser should show the user for when using WebAuthn to login/register.
  display_name: Authelia

  ## Conveyance preference controls if we collect the attestation statement including the AAGUID from the device.
@ -1167,7 +1167,7 @@ regulation:
 ##
 ## Notification Provider
 ##
-## Notifications are sent to users when they require a password reset, a Webauthn registration or a TOTP registration.
+## Notifications are sent to users when they require a password reset, a WebAuthn registration or a TOTP registration.
 ## The available providers are: filesystem, smtp. You must use only one of these providers.
 notifier:
  ## You can disable the notifier startup check by setting this to true.
--- a/go.mod
+++ b/go.mod
@ -33,7 +33,7 @@ require (
 	github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826
 	github.com/ory/fosite v0.44.0
 	github.com/ory/herodot v0.10.2
-	github.com/ory/x v0.0.552
+	github.com/ory/x v0.0.553
 	github.com/otiai10/copy v1.10.0
 	github.com/pkg/errors v0.9.1
 	github.com/pquerna/otp v1.4.0
--- a/go.sum
+++ b/go.sum
@ -327,8 +327,8 @@ github.com/ory/go-convenience v0.1.0 h1:zouLKfF2GoSGnJwGq+PE/nJAE6dj2Zj5QlTgmMTs
 github.com/ory/go-convenience v0.1.0/go.mod h1:uEY/a60PL5c12nYz4V5cHY03IBmwIAEm8TWB0yn9KNs=
 github.com/ory/herodot v0.10.2 h1:gGvNMHgAwWzdP/eo+roSiT5CGssygHSjDU7MSQNlJ4E=
 github.com/ory/herodot v0.10.2/go.mod h1:MMNmY6MG1uB6fnXYFaHoqdV23DTWctlPsmRCeq/2+wc=
-github.com/ory/x v0.0.552 h1:vgDw7FFQ7Ama3iyDLbjElY2Um1/ub82iIubK0pUj81M=
-github.com/ory/x v0.0.552/go.mod h1:oRVemI3SQQOLvOCJWIRinHQKlgmay/NbwSyRUIsS/Yk=
+github.com/ory/x v0.0.553 h1:dRSEcbfpJYOl+yk55LTiLUXq2JslaeVaTp6CzHQW5Kw=
+github.com/ory/x v0.0.553/go.mod h1:oRVemI3SQQOLvOCJWIRinHQKlgmay/NbwSyRUIsS/Yk=
 github.com/otiai10/copy v1.10.0 h1:znyI7l134wNg/wDktoVQPxPkgvhDfGCYUasey+h0rDQ=
 github.com/otiai10/copy v1.10.0/go.mod h1:rSaLseMUsZFFbsFGc7wCJnnkTAvdc5L6VWxPE4308Ww=
 github.com/otiai10/mint v1.5.1 h1:XaPLeE+9vGbuyEHem1JNk3bYc7KKqyI/na0/mLd/Kks=
--- a/internal/configuration/config.template.yml
+++ b/internal/configuration/config.template.yml
@ -214,13 +214,13 @@ totp:
 ##
 ## Parameters used for WebAuthn.
 webauthn:
-  ## Disable Webauthn.
+  ## Disable WebAuthn.
  disable: false

-  ## Adjust the interaction timeout for Webauthn dialogues.
+  ## Adjust the interaction timeout for WebAuthn dialogues.
  timeout: 60s

-  ## The display name the browser should show the user for when using Webauthn to login/register.
+  ## The display name the browser should show the user for when using WebAuthn to login/register.
  display_name: Authelia

  ## Conveyance preference controls if we collect the attestation statement including the AAGUID from the device.
@ -1167,7 +1167,7 @@ regulation:
 ##
 ## Notification Provider
 ##
-## Notifications are sent to users when they require a password reset, a Webauthn registration or a TOTP registration.
+## Notifications are sent to users when they require a password reset, a WebAuthn registration or a TOTP registration.
 ## The available providers are: filesystem, smtp. You must use only one of these providers.
 notifier:
  ## You can disable the notifier startup check by setting this to true.
--- a/internal/server/template.go
+++ b/internal/server/template.go
@ -272,7 +272,7 @@ func NewTemplatedFileOptions(config *schema.Configuration) (opts *TemplatedFileO
 		Theme:                  config.Theme,

 		EndpointsPasswordReset: !(config.AuthenticationBackend.PasswordReset.Disable || config.AuthenticationBackend.PasswordReset.CustomURL.String() != ""),
-		EndpointsWebauthn:      !config.WebAuthn.Disable,
+		EndpointsWebAuthn:      !config.WebAuthn.Disable,
 		EndpointsTOTP:          !config.TOTP.Disable,
 		EndpointsDuo:           !config.DuoAPI.Disable,
 		EndpointsOpenIDConnect: !(config.IdentityProviders.OIDC == nil),
@ -304,7 +304,7 @@ type TemplatedFileOptions struct {
 	Theme                  string

 	EndpointsPasswordReset bool
-	EndpointsWebauthn      bool
+	EndpointsWebAuthn      bool
 	EndpointsTOTP          bool
 	EndpointsDuo           bool
 	EndpointsOpenIDConnect bool
@ -362,7 +362,7 @@ func (options *TemplatedFileOptions) OpenAPIData(base, baseURL, domain, nonce st

 		Session:        options.Session,
 		PasswordReset:  options.EndpointsPasswordReset,
-		Webauthn:       options.EndpointsWebauthn,
+		WebAuthn:       options.EndpointsWebAuthn,
 		TOTP:           options.EndpointsTOTP,
 		Duo:            options.EndpointsDuo,
 		OpenIDConnect:  options.EndpointsOpenIDConnect,
@ -395,7 +395,7 @@ type TemplatedFileOpenAPIData struct {
 	CSPNonce      string
 	Session       string
 	PasswordReset bool
-	Webauthn      bool
+	WebAuthn      bool
 	TOTP          bool
 	Duo           bool
 	OpenIDConnect bool
--- a/web/package.json
+++ b/web/package.json
@ -72,8 +72,8 @@
    ]
  },
  "devDependencies": {
-    "@commitlint/cli": "17.6.0",
-    "@commitlint/config-conventional": "17.6.0",
+    "@commitlint/cli": "17.6.1",
+    "@commitlint/config-conventional": "17.6.1",
    "@limegrass/eslint-plugin-import-alias": "1.0.6",
    "@testing-library/jest-dom": "5.16.5",
    "@testing-library/react": "14.0.0",
@ -97,7 +97,7 @@
    "eslint-plugin-prettier": "4.2.1",
    "eslint-plugin-react": "7.32.2",
    "eslint-plugin-react-hooks": "4.6.0",
-    "happy-dom": "9.5.0",
+    "happy-dom": "9.6.1",
    "husky": "8.0.3",
    "prettier": "2.8.7",
    "react-test-renderer": "18.2.0",
--- a/web/pnpm-lock.yaml
+++ b/web/pnpm-lock.yaml
@ -82,11 +82,11 @@ dependencies:

 devDependencies:
  '@commitlint/cli':
-    specifier: 17.6.0
-    version: 17.6.0
+    specifier: 17.6.1
+    version: 17.6.1
  '@commitlint/config-conventional':
-    specifier: 17.6.0
-    version: 17.6.0
+    specifier: 17.6.1
+    version: 17.6.1
  '@limegrass/eslint-plugin-import-alias':
    specifier: 1.0.6
    version: 1.0.6(eslint@8.38.0)
@ -157,8 +157,8 @@ devDependencies:
    specifier: 4.6.0
    version: 4.6.0(eslint@8.38.0)
  happy-dom:
-    specifier: 9.5.0
-    version: 9.5.0
+    specifier: 9.6.1
+    version: 9.6.1
  husky:
    specifier: 8.0.3
    version: 8.0.3
@ -188,7 +188,7 @@ devDependencies:
    version: 4.2.0(typescript@5.0.4)(vite@4.2.1)
  vitest:
    specifier: 0.30.1
-    version: 0.30.1(happy-dom@9.5.0)
+    version: 0.30.1(happy-dom@9.6.1)
  vitest-preview:
    specifier: 0.0.1
    version: 0.0.1
@ -1554,12 +1554,12 @@ packages:
      '@babel/helper-validator-identifier': 7.19.1
      to-fast-properties: 2.0.0

-  /@commitlint/cli@17.6.0:
-    resolution: {integrity: sha512-JaZeZ1p6kfkSiZlDoQjK09AuiI9zYQMiIUJzTOM8qNRHFOXOPmiTM56nI67yzeUSNTFu6M/DRqjmdjtA5q3hEg==}
+  /@commitlint/cli@17.6.1:
+    resolution: {integrity: sha512-kCnDD9LE2ySiTnj/VPaxy4/oRayRcdv4aCuVxtoum8SxIU7OADHc0nJPQfheE8bHcs3zZdWzDMWltRosuT13bg==}
    engines: {node: '>=v14'}
    dependencies:
      '@commitlint/format': 17.4.4
-      '@commitlint/lint': 17.6.0
+      '@commitlint/lint': 17.6.1
      '@commitlint/load': 17.5.0
      '@commitlint/read': 17.5.1
      '@commitlint/types': 17.4.4
@ -1573,8 +1573,8 @@ packages:
      - '@swc/wasm'
    dev: true

-  /@commitlint/config-conventional@17.6.0:
-    resolution: {integrity: sha512-2Y9M7MN942bTK5h70fJGknhXA02+OtWCkKeIzTSwsdwz1V7y6bxYv24x052E9XHKtZHJfvM3iLuTOsjRvLqWtA==}
+  /@commitlint/config-conventional@17.6.1:
+    resolution: {integrity: sha512-ng/ybaSLuTCH9F+7uavSOnEQ9EFMl7lHEjfAEgRh1hwmEe8SpLKpQeMo2aT1IWvHaGMuTb+gjfbzoRf2IR23NQ==}
    engines: {node: '>=v14'}
    dependencies:
      conventional-changelog-conventionalcommits: 5.0.0
@ -1621,13 +1621,13 @@ packages:
      semver: 7.3.8
    dev: true

-  /@commitlint/lint@17.6.0:
-    resolution: {integrity: sha512-6cEXxpxZd7fbtYMxeosOum/Nnwu3VdSuZcrFSqP9lWNsrHRv4ijVsnLeomvo6WHPchGOeEWAazAI7Q6Ap22fJw==}
+  /@commitlint/lint@17.6.1:
+    resolution: {integrity: sha512-VARJ9kxH64isgwVnC+ABPafCYzqxpsWJIpDaTuI0gh8aX4GQ0i7cn9tvxtFNfJj4ER2BAJeWJ0vURdNYjK2RQQ==}
    engines: {node: '>=v14'}
    dependencies:
      '@commitlint/is-ignored': 17.4.4
      '@commitlint/parse': 17.4.4
-      '@commitlint/rules': 17.6.0
+      '@commitlint/rules': 17.6.1
      '@commitlint/types': 17.4.4
    dev: true

@ -1691,8 +1691,8 @@ packages:
      resolve-global: 1.0.0
    dev: true

-  /@commitlint/rules@17.6.0:
-    resolution: {integrity: sha512-Ka7AsRFvkKMYYE7itgo7hddRGCiV+0BgbTIAq4PWmnkHAECxYpdqMVzW5jaATmXZfwfRRTB57e7KZWj6EPmK1A==}
+  /@commitlint/rules@17.6.1:
+    resolution: {integrity: sha512-lUdHw6lYQ1RywExXDdLOKxhpp6857/4c95Dc/1BikrHgdysVUXz26yV0vp1GL7Gv+avx9WqZWTIVB7pNouxlfw==}
    engines: {node: '>=v14'}
    dependencies:
      '@commitlint/ensure': 17.4.4
@ -3092,7 +3092,7 @@ packages:
      istanbul-lib-source-maps: 4.0.1
      istanbul-reports: 3.1.5
      test-exclude: 6.0.0
-      vitest: 0.30.1(happy-dom@9.5.0)
+      vitest: 0.30.1(happy-dom@9.6.1)
    transitivePeerDependencies:
      - supports-color
    dev: true
@ -5095,8 +5095,8 @@ packages:
    resolution: {integrity: sha512-bzh50DW9kTPM00T8y4o8vQg89Di9oLJVLW/KaOGIXJWP/iqCN6WKYkbNOF04vFLJhwcpYUh9ydh/+5vpOqV4YQ==}
    dev: true

-  /happy-dom@9.5.0:
-    resolution: {integrity: sha512-pNdHSZRWIckzg8aDQRbBgaivr2Ef+uSTpCCRGnxIETyewHA6841T8EPE+cmfhPjGi5jQN6c+oloXGGYB5SrpcA==}
+  /happy-dom@9.6.1:
+    resolution: {integrity: sha512-lbRsmw8toqKUCwMIZQtoTW/F3XGOovazC+sdTf+gire4ITx9mPUx2TrdCr/JbB1CF4QplCwdn3+p1/2O5slWDw==}
    dependencies:
      css.escape: 1.5.1
      he: 1.2.0
@ -7482,7 +7482,7 @@ packages:
      - terser
    dev: true

-  /vitest@0.30.1(happy-dom@9.5.0):
+  /vitest@0.30.1(happy-dom@9.6.1):
    resolution: {integrity: sha512-y35WTrSTlTxfMLttgQk4rHcaDkbHQwDP++SNwPb+7H8yb13Q3cu2EixrtHzF27iZ8v0XCciSsLg00RkPAzB/aA==}
    engines: {node: '>=v14.18.0'}
    peerDependencies:
@ -7526,7 +7526,7 @@ packages:
      chai: 4.3.7
      concordance: 5.0.4
      debug: 4.3.4
-      happy-dom: 9.5.0
+      happy-dom: 9.6.1
      local-pkg: 0.4.3
      magic-string: 0.30.0
      pathe: 1.1.0
--- a/web/src/services/Api.ts
+++ b/web/src/services/Api.ts
@ -11,12 +11,12 @@ export const FirstFactorPath = basePath + "/api/firstfactor";
 export const InitiateTOTPRegistrationPath = basePath + "/api/secondfactor/totp/identity/start";
 export const CompleteTOTPRegistrationPath = basePath + "/api/secondfactor/totp/identity/finish";

-export const WebauthnRegistrationPath = basePath + "/api/secondfactor/webauthn/credential/register";
+export const WebAuthnRegistrationPath = basePath + "/api/secondfactor/webauthn/credential/register";

-export const WebauthnAssertionPath = basePath + "/api/secondfactor/webauthn";
+export const WebAuthnAssertionPath = basePath + "/api/secondfactor/webauthn";

-export const WebauthnDevicesPath = basePath + "/api/secondfactor/webauthn/credentials";
-export const WebauthnDevicePath = basePath + "/api/secondfactor/webauthn/credential";
+export const WebAuthnDevicesPath = basePath + "/api/secondfactor/webauthn/credentials";
+export const WebAuthnDevicePath = basePath + "/api/secondfactor/webauthn/credential";

 export const InitiateDuoDeviceSelectionPath = basePath + "/api/secondfactor/duo_devices";
 export const CompleteDuoDeviceSelectionPath = basePath + "/api/secondfactor/duo_device";
--- a/web/src/services/UserWebauthnDevices.ts
+++ b/web/src/services/UserWebauthnDevices.ts
@ -1,8 +1,8 @@
 import { WebauthnDevice } from "@models/Webauthn";
-import { WebauthnDevicesPath } from "@services/Api";
+import { WebAuthnDevicesPath } from "@services/Api";
 import { GetWithOptionalData } from "@services/Client";

 // getWebauthnDevices returns the list of webauthn devices for the authenticated user.
 export async function getWebauthnDevices(): Promise<WebauthnDevice[] | null> {
-    return GetWithOptionalData<WebauthnDevice[] | null>(WebauthnDevicesPath);
+    return GetWithOptionalData<WebauthnDevice[] | null>(WebAuthnDevicesPath);
 }
--- a/web/src/services/Webauthn.ts
+++ b/web/src/services/Webauthn.ts
@ -21,9 +21,9 @@ import {
    AuthenticationOKResponse,
    OptionalDataServiceResponse,
    ServiceResponse,
-    WebauthnAssertionPath,
-    WebauthnDevicePath,
-    WebauthnRegistrationPath,
+    WebAuthnAssertionPath,
+    WebAuthnDevicePath,
+    WebAuthnRegistrationPath,
    validateStatusAuthentication,
 } from "@services/Api";
 import { SignInResponse } from "@services/SignIn";
@ -108,7 +108,7 @@ export async function getAttestationCreationOptions(
    description: string,
 ): Promise<PublicKeyCredentialCreationOptionsStatus> {
    const response = await axios.put<ServiceResponse<CredentialCreation>>(
-        WebauthnRegistrationPath,
+        WebAuthnRegistrationPath,
        {
            description: description,
        },
@ -134,7 +134,7 @@ export async function getAttestationCreationOptions(
 export async function getAuthenticationOptions(): Promise<PublicKeyCredentialRequestOptionsStatus> {
    let response: AxiosResponse<ServiceResponse<CredentialRequest>>;

-    response = await axios.get<ServiceResponse<CredentialRequest>>(WebauthnAssertionPath);
+    response = await axios.get<ServiceResponse<CredentialRequest>>(WebAuthnAssertionPath);

    if (response.data.status !== "OK" || response.data.data == null) {
        return {
@ -205,7 +205,7 @@ export async function getAuthenticationResult(options: PublicKeyCredentialReques
 async function postRegistrationResponse(
    response: RegistrationResponseJSON,
 ): Promise<AxiosResponse<OptionalDataServiceResponse<any>>> {
-    return axios.post<OptionalDataServiceResponse<any>>(WebauthnRegistrationPath, response);
+    return axios.post<OptionalDataServiceResponse<any>>(WebAuthnRegistrationPath, response);
 }

 export async function postAuthenticationResponse(
@ -214,7 +214,7 @@ export async function postAuthenticationResponse(
    workflow?: string,
    workflowID?: string,
 ) {
-    return axios.post<ServiceResponse<SignInResponse>>(WebauthnAssertionPath, {
+    return axios.post<ServiceResponse<SignInResponse>>(WebAuthnAssertionPath, {
        response: response,
        targetURL: targetURL,
        workflow: workflow,
@ -248,7 +248,7 @@ export async function finishRegistration(response: RegistrationResponseJSON) {
 export async function deleteDevice(deviceID: string) {
    return await axios<AuthenticationOKResponse>({
        method: "DELETE",
-        url: `${WebauthnDevicePath}/${deviceID}`,
+        url: `${WebAuthnDevicePath}/${deviceID}`,
        validateStatus: validateStatusAuthentication,
    });
 }
@ -256,7 +256,7 @@ export async function deleteDevice(deviceID: string) {
 export async function updateDevice(deviceID: string, description: string) {
    return await axios<AuthenticationOKResponse>({
        method: "PUT",
-        url: `${WebauthnDevicePath}/${deviceID}`,
+        url: `${WebAuthnDevicePath}/${deviceID}`,
        data: { description: description },
        validateStatus: validateStatusAuthentication,
    });