nevis
/
adn-agov-iam-project
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
adn-agov-iam-project/patterns/9ff0369f3cf662f95d94ff09_au.../EnsureRecoveryCode.xml

47 lines
3.4 KiB
XML
Raw Permalink Blame History

<AuthState name="${state.entry}" class="ch.nevis.esauth.auth.states.jwt.JWTToken" final="false" resumeState="false">
<ResultCond name="ok" next="${state.entry}_decryptCode"/>
<Response value="AUTH_ERROR"/>
<property name="token.algorithm" value="${param.token.algorithm}"/>
<property name="out.issuer" value="ag"/>
<property name="out.subject" value="${sess:ch.adnovum.nevisidm.user.extId}"/>
<property name="out.custom.sessionId" value="${sess:ch.nevis.session.conversationId}"/>
<property name="out.include.not_before" value="true"/>
<property name="out.time_to_live" value="${param.token.time_to_live}"/>
<property name="keystoreref" value="${param.token.keystoreref}"/>
<property name="keyobjectref" value="${param.token.keyobjectref }"/>
</AuthState>
<AuthState name="${state.entry}_decryptCode" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false" resumeState="true">
<ResultCond name="default" next="${state.entry}_Process"/>
<Response value="AUTH_CONTINUE"/>
<property name="cryptoKey" value="secret://8jzQ1+F4HHvx7/tKFYRZb2/hFmyXjzt1HXgMJz+Tb16qSMh5Yv2QNnDH0JqsXHAoqtvZu1Nlo5A="/>
<property name="cryptoAlgorithm" value="AES/CTR/PKCS5Padding"/>
<property name="${sess:agov.new.recovery.code.cipher}?notes:agov.new.recovery.code:decrypt-b64" value="${sess:agov.new.recovery.code.cipher}"/>
</AuthState>
<AuthState name="${state.entry}_Process" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false" resumeState="false">
<ResultCond name="done" next="${state.done}"/>
<ResultCond name="encryptCode" next="${state.entry}_encryptCode"/>
<ResultCond name="failed" next="${state.failed}"/>
<Response value="AUTH_CONTINUE">
<Gui name="recovery_code" label="general.entryCode">
<GuiElem name="isiwebpasswd" type="hidden" value="#{ notes.getProperty('agov.new.recovery.code', inargs.getProperty('isiwebpasswd')) }" optional="true"/>
<GuiElem name="validTil" type="hidden" value="${sess:agov.new.recovery.code.validTil}" optional="true"/>
<GuiElem name="pdfAuthToken" type="hidden" value="${sess:agov.new.recovery.code.pdfAuthToken}" length="4096" optional="true"/>
<GuiElem name="authRequestId" type="hidden" value="${sess:ch.nevis.auth.saml.request.id}" optional="true"/>
<GuiElem name="submit" type="button" label="continue.button.label" value="submit"/>
</Gui>
</Response>
<property name="scriptTraceGroup" value="AGOV-ACCT"/>
<property name="script" value="file:///var/opt/nevisauth/default/conf/ensureRecoveryCode.groovy"/>
<property name="parameter.utility-service.baseUrl" value="${param.utility-service.baseUrl}"/>
<!--property name="parameter.idm.baseUrl" value="https://${param.idm-service:idm.adn-agov-nevisidm-01-dev}:8989/nevisidm/api"/-->
<property name="parameter.idm.httpclient.tls.trustStoreRef" value="Ensure_Recovery_Code"/>
<property name="parameter.cookie.domain" value="${var.idp-fqdn}"/>
</AuthState>
<AuthState name="${state.entry}_encryptCode" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false" resumeState="false">
<ResultCond name="default" next="${state.entry}_Process"/>
<Response value="AUTH_CONTINUE"/>
<property name="cryptoKey" value="secret://8jzQ1+F4HHvx7/tKFYRZb2/hFmyXjzt1HXgMJz+Tb16qSMh5Yv2QNnDH0JqsXHAoqtvZu1Nlo5A="/>
<property name="cryptoAlgorithm" value="AES/CTR/PKCS5Padding"/>
<property name="!${sess:agov.new.recovery.code.cipher}?sess:agov.new.recovery.code.cipher:encrypt-b64" value="${notes:agov.new.recovery.code}"/>
</AuthState>
Reference in New Issue View Git Blame Copy Permalink