new configuration version

2025-02-03 16:12:41 +00:00 · 2025-02-03 16:12:41 +00:00 · 9fd9da890a
parent 4c5e30e1b9
commit 9fd9da890a
2 changed files with 15 additions and 21 deletions
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/etc/nevis/k8s-nevisauth-7022472ae407577ae604bbb8.yaml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/etc/nevis/k8s-nevisauth-7022472ae407577ae604bbb8.yaml
@ -45,7 +45,7 @@ spec:
  podDisruptionBudget:
    maxUnavailable: "50%"
  git:
-    tag: "r-8a9c62b5262336b92be8323622dfab0068aaceea"
+    tag: "r-4bb9433bfd44d7e52eeb40e9d46accdaaf0e1dbf"
    dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth"
    credentials: "git-credentials"
  keystores:
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/fido2_auth.groovy
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/fido2_auth.groovy
@ -127,26 +127,20 @@ if (path == '/nevisfido/fido2/attestation/options') {
      // returning a fake options structure, which shouldn't leak whether the user account exists or not
      // keyId is unique per environment and email, fido2SessionId and challenge are renewed each time
      def keyId = UUID.nameUUIDFromBytes("${parameters['rpId']}.${session['ch.nevis.idm.User.email']}".getBytes())
-      def responseText = """{"status": "ok",
-                             "errorMessage": "",
-                             "fido2SessionId": "${UUID.randomUUID()}",
-                             "challenge": "${base64url(UUID.randomUUID())}",
-                             "timeout": 300000,
-                             "rpId": "${parameters['rpId']}",
-                             "allowCredentials": [
-                             {
-                                "type": "public-key",
-                                "id": "${base64url(keyId)}",
-                                "transports": []
-                             }
-                                                 ],
-                             "userVerification": "required"}"""
-
-      response.setContent(responseText) // return response from nevisFIDO "as-is"
-      response.setContentType('application/json')
-      response.setHttpStatusCode(200)
-      response.setIsDirectResponse(true)
-      return
+      responseText = """{"status": "ok",
+                         "errorMessage": "",
+                         "fido2SessionId": "${UUID.randomUUID()}",
+                         "challenge": "${base64url(UUID.randomUUID())}",
+                         "timeout": 300000,
+                         "rpId": "${parameters['rpId']}",
+                         "allowCredentials": [
+                           {
+                              "type": "public-key",
+                              "id": "${base64url(keyId)}",
+                              "transports": []
+                           }
+                         ],
+                         "userVerification": "required"}"""
    }

    LOG.debug("Fido2Auth: <== Response: ${responseCode} : ${responseText}")