From 3d175d1260928d6591f388abefe5dca4a56a17f5 Mon Sep 17 00:00:00 2001 From: aca Date: Sat, 1 Mar 2025 13:41:02 +0000 Subject: [PATCH] new configuration version --- .../k8s-ob-auth-d00b0dcbe241793d30daf91c.yaml | 4 +- .../var/opt/nevisauth/default/conf/env.conf | 3 +- .../conf/filterRedirectionPaths.groovy | 8 +- .../opt/nevisauth/default/conf/logging.yml | 2 + .../opt/nevisauth/default/conf/nevisauth.yml | 1 + ...-ob-fido-uaf-d990accd4fedae1acbc7109d.yaml | 6 +- ...ession-store-e891ec2f4f924135261d22ce.yaml | 2 +- .../var/opt/nevisfido/default/conf/env.conf | 2 +- .../opt/nevisfido/default/conf/logging.yml | 2 + .../default/conf/metadata/metadata.json | 100 +++++++---- .../opt/nevisfido/default/conf/nevisfido.yml | 159 +++++++++--------- ...k8s-ob-fido2-a2d03bb46b87b90160dc83d7.yaml | 4 +- .../trust/ob-auth-signer-trust-store/keypass | 2 - .../ob-auth-signer-trust-store/truststore.jks | Bin 774 -> 0 bytes .../ob-auth-signer-trust-store/truststore.p12 | Bin 1078 -> 0 bytes .../ob-auth-signer-trust-store/truststore.pem | 17 -- .../var/opt/nevisfido/default/conf/env.conf | 2 +- .../opt/nevisfido/default/conf/logging.yml | 2 + .../opt/nevisfido/default/conf/nevisfido.yml | 77 +++++---- ...s-ob-logrend-bed300e1196a171ca12db431.yaml | 4 +- .../opt/nevislogrend/default/conf/env.conf | 2 +- .../opt/nevislogrend/default/conf/logging.yml | 4 +- .../webdata/resources/mauth_link_qr.js | 51 ++++-- .../webdata/resources/mauth_onboard.js | 48 ++++-- .../webdata/resources/mauth_push_qr.js | 53 ++++-- .../webdata/resources/mauth_usernameless.js | 58 +++++-- .../webdata/resources/mauth_link_qr.js | 51 ++++-- .../webdata/resources/mauth_onboard.js | 48 ++++-- .../webdata/resources/mauth_push_qr.js | 53 ++++-- .../webdata/resources/mauth_usernameless.js | 58 +++++-- ...k8s-ob-proxy-b4d2da2fa2d0b060752a1fe2.yaml | 4 +- .../nevisproxy/default/conf/log.properties | 50 ++---- 32 files changed, 528 insertions(+), 349 deletions(-) delete mode 100755 DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/keys/trust/ob-auth-signer-trust-store/keypass delete mode 100644 DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.jks delete mode 100644 DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.p12 delete mode 100644 DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.pem diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/etc/nevis/k8s-ob-auth-d00b0dcbe241793d30daf91c.yaml b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/etc/nevis/k8s-ob-auth-d00b0dcbe241793d30daf91c.yaml index e412395..7976aeb 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/etc/nevis/k8s-ob-auth-d00b0dcbe241793d30daf91c.yaml +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/etc/nevis/k8s-ob-auth-d00b0dcbe241793d30daf91c.yaml @@ -11,7 +11,7 @@ metadata: spec: type: "NevisAuth" replicas: 1 - version: "8.2405.0" + version: "8.2411.1" gitInitVersion: "1.3.0" runAsNonRoot: true ports: @@ -45,7 +45,7 @@ spec: podDisruptionBudget: maxUnavailable: "50%" git: - tag: "r-b573f4c9983b648b2dd0a02fa08dbe000a3d18af" + tag: "r-9e206f8d793087e7a1996ae58b5ed2116e3e9af7" dir: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1" credentials: "git-credentials" keystores: diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/env.conf b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/env.conf index 3c6ec57..e7bb5da 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/env.conf +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/env.conf @@ -3,6 +3,7 @@ RTENV_SECURITY_CHECK=no_shell JAVA_OPTS=( "-XX:+UseContainerSupport" "-Dfile.encoding=UTF-8" + "-Dotel.instrumentation.metro.enabled=false" "-XX:MaxRAMPercentage=80.0" "-Djava.net.preferIPv4Stack=true" "-Djava.net.connectionTimeout=10000" @@ -12,7 +13,7 @@ JAVA_OPTS=( "-javaagent:/opt/agent/opentelemetry-javaagent.jar" "-Dotel.javaagent.logging=application" "-Dotel.javaagent.configuration-file=/var/opt/nevisauth/default/conf/otel.properties" - "-Dotel.resource.attributes=service.version=8.2405.0,service.instance.id=$HOSTNAME" + "-Dotel.resource.attributes=service.version=8.2411.1,service.instance.id=$HOSTNAME" "-Djavax.net.ssl.trustStore=/var/opt/keys/trust/ob-auth-v1-agov-work-internal-trust-store/truststore.p12" "-Djavax.net.ssl.trustStorePassword=\${exec:/var/opt/keys/trust/ob-auth-v1-agov-work-internal-trust-store/keypass}" ) diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/filterRedirectionPaths.groovy b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/filterRedirectionPaths.groovy index 4ca573e..fd0dcf9 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/filterRedirectionPaths.groovy +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/filterRedirectionPaths.groovy @@ -12,15 +12,15 @@ def getPathFromURL(url) { } } -def redirectionPath = getPathFromURL(request['currentResource']) -def applicationPaths = ["/register/"] -def denyRegexes = [".*[\\n\\r]+.*"] - if (request.getSession(false) == null) { LOG.debug("No session - create new session") session = request.getSession(true).getData() } +def redirectionPath = getPathFromURL(request['currentResource']) +def applicationPaths = ["/register/","/pwreset/"] +def denyRegexes = [".*[\\n\\r]+.*"] + def denied = false if (denyRegexes.size() > 0) { for (def denyRegex : denyRegexes) { diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/logging.yml b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/logging.yml index 164f91e..1e3f2ce 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/logging.yml +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/logging.yml @@ -12,6 +12,8 @@ Configuration: onMismatch: "ACCEPT" Loggers: Logger: + - name: "ProductAnalytics" + level: "INFO" - name: "EsAuthStart" level: "INFO" - name: "org.apache.catalina.loader.WebappClassLoader" diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/nevisauth.yml b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/nevisauth.yml index fbe15d8..e6983e8 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/nevisauth.yml +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/nevisauth.yml @@ -3,6 +3,7 @@ server: protocol: "https" port: "8991" host: "0.0.0.0" + max-threads: "200" tls: keystore: "/var/opt/keys/own/ob-auth-v1-default-identity/keystore.p12" keystore-passphrase: "${exec:/var/opt/keys/own/ob-auth-v1-default-identity/keypass}" diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/etc/nevis/k8s-ob-fido-uaf-d990accd4fedae1acbc7109d.yaml b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/etc/nevis/k8s-ob-fido-uaf-d990accd4fedae1acbc7109d.yaml index 603e315..1a83b7d 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/etc/nevis/k8s-ob-fido-uaf-d990accd4fedae1acbc7109d.yaml +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/etc/nevis/k8s-ob-fido-uaf-d990accd4fedae1acbc7109d.yaml @@ -11,7 +11,7 @@ metadata: spec: type: "NevisFIDO" replicas: 1 - version: "8.2405.0" + version: "8.2411.1" gitInitVersion: "1.3.0" runAsNonRoot: true ports: @@ -46,12 +46,12 @@ spec: podDisruptionBudget: maxUnavailable: "50%" git: - tag: "r-b573f4c9983b648b2dd0a02fa08dbe000a3d18af" + tag: "r-9e206f8d793087e7a1996ae58b5ed2116e3e9af7" dir: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1" credentials: "git-credentials" database: name: "ob-fido-uaf-v1" - requiredVersion: "8.2405.0" + requiredVersion: "8.2411.1" keystores: - "ob-fido-uaf-v1-default-server-identity" truststores: diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/etc/nevis/k8s-work-mariadb-session-store-e891ec2f4f924135261d22ce.yaml b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/etc/nevis/k8s-work-mariadb-session-store-e891ec2f4f924135261d22ce.yaml index 59c8ee2..41d84d5 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/etc/nevis/k8s-work-mariadb-session-store-e891ec2f4f924135261d22ce.yaml +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/etc/nevis/k8s-work-mariadb-session-store-e891ec2f4f924135261d22ce.yaml @@ -11,7 +11,7 @@ metadata: spec: type: "NevisFIDO" databaseType: "MariaDB" - version: "8.2405.0" + version: "8.2411.1" url: "mariadb-session-store-service.adn-agov-nevisidm-ob-01-uat" port: 3306 database: "nevisfido_uaf" diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/env.conf b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/env.conf index 30a29d9..57a659e 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/env.conf +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/env.conf @@ -6,5 +6,5 @@ JAVA_OPTS=( "-javaagent:/opt/agent/opentelemetry-javaagent.jar" "-Dotel.javaagent.logging=application" "-Dotel.javaagent.configuration-file=/var/opt/nevisfido/default/conf/otel.properties" - "-Dotel.resource.attributes=service.version=8.2405.0,service.instance.id=$HOSTNAME" + "-Dotel.resource.attributes=service.version=8.2411.1,service.instance.id=$HOSTNAME" ) \ No newline at end of file diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/logging.yml b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/logging.yml index 82fd611..90701f9 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/logging.yml +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/logging.yml @@ -12,6 +12,8 @@ Configuration: onMismatch: "ACCEPT" Loggers: Logger: + - name: "ProductAnalytics" + level: "INFO" - name: "ch.nevis.auth.fido.application.Application" level: "INFO" - name: "OpTrace" diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/metadata/metadata.json b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/metadata/metadata.json index 7a83c28..31bcaaa 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/metadata/metadata.json +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/metadata/metadata.json @@ -3,8 +3,16 @@ "aaid" : "F1D0#0001", "description" : "Android NEVIS Mobile Authentication PIN Authenticator", "assertionScheme" : "UAFV1TLV", - "attestationRootCertificates" : [], - "attestationTypes" : [ 15880 ], + "attestationRootCertificates" : [ + "MIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk", + "MIIFHDCCAwSgAwIBAgIJANUP8luj8tazMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTkxMTIyMjAzNzU4WhcNMzQxMTE4MjAzNzU4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBOMaBc8oumXb2voc7XCWnuXKhBBK3e2KMGz39t7lA3XXRe2ZLLAkLM5y3J7tURkf5a1SutfdOyXAmeE6SRo83Uh6WszodmMkxK5GM4JGrnt4pBisu5igXEydaW7qq2CdC6DOGjG+mEkN8/TA6p3cnoL/sPyz6evdjLlSeJ8rFBH6xWyIZCbrcpYEJzXaUOEaxxXxgYz5/cTiVKN2M1G2okQBUIYSY6bjEL4aUN5cfo7ogP3UvliEo3Eo0YgwuzR2v0KR6C1cZqZJSTnghIC/vAD32KdNQ+c3N+vl2OTsUVMC1GiWkngNx1OO1+kXW+YTnnTUOtOIswUP/Vqd5SYgAImMAfY8U9/iIgkQj6T2W6FsScy94IN9fFhE1UtzmLoBIuUFsVXJMTz+Jucth+IqoWFua9v1R93/k98p41pjtFX+H8DslVgfP097vju4KDlqN64xV1grw3ZLl4CiOe/A91oeLm2UHOq6wn3esB4r2EIQKb6jTVGu5sYCcdWpXr0AUVqcABPdgL+H7qJguBw09ojm6xNIrw2OocrDKsudk/okr/AwqEyPKw9WnMlQgLIKw1rODG2NvU9oR3GVGdMkUBZutL8VuFkERQGt6vQ2OCw0sV47VMkuYbacK/xyZFiRcrPJPb41zgbQj9XAEyLKCHex0SdDrx+tWUDqG8At2JHA==", + "MIIFHDCCAwSgAwIBAgIJAMNrfES5rhgxMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjExMTE3MjMxMDQyWhcNMzYxMTEzMjMxMDQyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBTNNZe5cuf8oiq+jV0itTGzWVhSTjOBEk2FQvh11J3o3lna0o7rd8RFHnN00q4hi6TapFhh4qaw/iG6Xg+xOan63niLWIC5GOPFgPeYXM9+nBb3zZzC8ABypYuCusWCmt6Tn3+Pjbz3MTVhRGXuT/TQH4KGFY4PhvzAyXwdjTOCXID+aHud4RLcSySr0Fq/L+R8TWalvM1wJJPhyRjqRCJerGtfBagiALzvhnmY7U1qFcS0NCnKjoO7oFedKdWlZz0YAfu3aGCJd4KHT0MsGiLZez9WP81xYSrKMNEsDK+zK5fVzw6jA7cxmpXcARTnmAuGUeI7VVDhDzKeVOctf3a0qQLwC+d0+xrETZ4r2fRGNw2YEs2W8Qj6oDcfPvq9JySe7pJ6wcHnl5EZ0lwc4xH7Y4Dx9RA1JlfooLMw3tOdJZH0enxPXaydfAD3YifeZpFaUzicHeLzVJLt9dvGB0bHQLE4+EqKFgOZv2EoP686DQqbVS1u+9k0p2xbMA105TBIk7npraa8VM0fnrRKi7wlZKwdH+aNAyhbXRW9xsnODJ+g8eF452zvbiKKngEKirK5LGieoXBX7tZ9D1GNBH2Ob3bKOwwIWdEFle/YF/h6zWgdeoaNGDqVBrLr2+0DtWoiB1aDEjLWl9FmyIUyUm7mD/vFDkzF+wm7cyWpQpCVQ==", + "MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgwNzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGICW/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2GtkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkxoSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mFmr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPzlHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVwn6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1EuzbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHovaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHnw1IdYIg2Wxg7yHcQZemFQg==", + "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=", + "MIIC8jCCAdqgAwIBAgIGAZFrJblQMA0GCSqGSIb3DQEBCwUAMDoxDTALBgNVBAMMBHRlc3QxCzAJBgNVBAYTAkNIMRwwGgYJKoZIhvcNAQkBFg1mYWtlQGFjbWUuY29tMB4XDTI0MDgxOTE0NTg0MFoXDTI1MDgxOTE0NTg0MFowOjENMAsGA1UEAwwEdGVzdDELMAkGA1UEBhMCQ0gxHDAaBgkqhkiG9w0BCQEWDWZha2VAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcWDBNmdq13fYHnhsmLndAW+MfbI6PeU4OenqfbrTtQUxqpyqhP6QccPYKX2SK3JeQo5uuF1jRD/9i9vAXI9NyiMMHSItjt9LjRs7bWnY4lokYGCAcSZooR9fGZX63dBSQo73V7MC8LDFGy5rw6dGDOmh0ktKxFzaT/nav8/Mx8FyG7M9+b5OPIBo2yze5Rd5cdErGJuUYa9No93BBr5tq+JfnmR/gwgCOke97ovhNj+sMu5bt946AxC6t00wNyPNVlJHKi1os0c/pWztTQkoRAx/w0JYKS9Afl0ZnGWQQ5PNLHHecp2GzriBpQAPXq81QTbOh5H7SzvhkaFQ4oxstAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD8GOaeMDqj2mzMmCqR6Cr3ChkbDAkdsBa5lOAikMKs7/tJyaw8iA5yH0nyobC58Jb61IATuxABPUALhP3RiNsUhnQQF/Dh+6CnCTD/2wsZmr8vUvNqyCLom+xkMT6Wayd9LYW4UONARv1qCLVI4RhiAr5kcomwqZnuj2DRF697lbSQDoz3iuKrCyBYSCBhS+k7UXpqpMyB2D6quRuPqh7JNtMjGSeMiNpMXhx5f4kl1YWb8NU93LDwHFR2kwnGmPA3M272VitcJC4dz3itGRKm9EYGd6d5D7kdC6lqpZPSIopChvXDyVrXjQgckvgtSGKscs6AvYgjthJGsR2z3Eao=", + "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=" + ], + "attestationTypes" : [ 15879, 15880 ], "upv" : [ { "major" : 1, "minor" : 1 @@ -13,12 +21,12 @@ "userVerification" : 4 } ] ], "attachmentHint" : 1, - "authenticationAlgorithm" : 9, + "authenticationAlgorithms" : [ 2, 9 ], "authenticatorVersion" : 1, "isSecondFactorOnly" : false, "keyProtection" : 1, "matcherProtection" : 1, - "publicKeyAlgAndEncoding" : 256, + "publicKeyAlgAndEncodings" : [ 257, 259 ], "tcDisplay" : 1, "tcDisplayContentType" : "text/plain" }, @@ -26,8 +34,16 @@ "aaid" : "F1D0#0002", "description" : "Android NEVIS Mobile Authentication Fingerprint Authenticator", "assertionScheme" : "UAFV1TLV", - "attestationRootCertificates" : [], - "attestationTypes" : [ 15880 ], + "attestationRootCertificates" : [ + "MIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk", + "MIIFHDCCAwSgAwIBAgIJANUP8luj8tazMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTkxMTIyMjAzNzU4WhcNMzQxMTE4MjAzNzU4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBOMaBc8oumXb2voc7XCWnuXKhBBK3e2KMGz39t7lA3XXRe2ZLLAkLM5y3J7tURkf5a1SutfdOyXAmeE6SRo83Uh6WszodmMkxK5GM4JGrnt4pBisu5igXEydaW7qq2CdC6DOGjG+mEkN8/TA6p3cnoL/sPyz6evdjLlSeJ8rFBH6xWyIZCbrcpYEJzXaUOEaxxXxgYz5/cTiVKN2M1G2okQBUIYSY6bjEL4aUN5cfo7ogP3UvliEo3Eo0YgwuzR2v0KR6C1cZqZJSTnghIC/vAD32KdNQ+c3N+vl2OTsUVMC1GiWkngNx1OO1+kXW+YTnnTUOtOIswUP/Vqd5SYgAImMAfY8U9/iIgkQj6T2W6FsScy94IN9fFhE1UtzmLoBIuUFsVXJMTz+Jucth+IqoWFua9v1R93/k98p41pjtFX+H8DslVgfP097vju4KDlqN64xV1grw3ZLl4CiOe/A91oeLm2UHOq6wn3esB4r2EIQKb6jTVGu5sYCcdWpXr0AUVqcABPdgL+H7qJguBw09ojm6xNIrw2OocrDKsudk/okr/AwqEyPKw9WnMlQgLIKw1rODG2NvU9oR3GVGdMkUBZutL8VuFkERQGt6vQ2OCw0sV47VMkuYbacK/xyZFiRcrPJPb41zgbQj9XAEyLKCHex0SdDrx+tWUDqG8At2JHA==", + "MIIFHDCCAwSgAwIBAgIJAMNrfES5rhgxMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjExMTE3MjMxMDQyWhcNMzYxMTEzMjMxMDQyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBTNNZe5cuf8oiq+jV0itTGzWVhSTjOBEk2FQvh11J3o3lna0o7rd8RFHnN00q4hi6TapFhh4qaw/iG6Xg+xOan63niLWIC5GOPFgPeYXM9+nBb3zZzC8ABypYuCusWCmt6Tn3+Pjbz3MTVhRGXuT/TQH4KGFY4PhvzAyXwdjTOCXID+aHud4RLcSySr0Fq/L+R8TWalvM1wJJPhyRjqRCJerGtfBagiALzvhnmY7U1qFcS0NCnKjoO7oFedKdWlZz0YAfu3aGCJd4KHT0MsGiLZez9WP81xYSrKMNEsDK+zK5fVzw6jA7cxmpXcARTnmAuGUeI7VVDhDzKeVOctf3a0qQLwC+d0+xrETZ4r2fRGNw2YEs2W8Qj6oDcfPvq9JySe7pJ6wcHnl5EZ0lwc4xH7Y4Dx9RA1JlfooLMw3tOdJZH0enxPXaydfAD3YifeZpFaUzicHeLzVJLt9dvGB0bHQLE4+EqKFgOZv2EoP686DQqbVS1u+9k0p2xbMA105TBIk7npraa8VM0fnrRKi7wlZKwdH+aNAyhbXRW9xsnODJ+g8eF452zvbiKKngEKirK5LGieoXBX7tZ9D1GNBH2Ob3bKOwwIWdEFle/YF/h6zWgdeoaNGDqVBrLr2+0DtWoiB1aDEjLWl9FmyIUyUm7mD/vFDkzF+wm7cyWpQpCVQ==", + "MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgwNzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGICW/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2GtkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkxoSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mFmr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPzlHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVwn6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1EuzbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHovaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHnw1IdYIg2Wxg7yHcQZemFQg==", + "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=", + "MIIC8jCCAdqgAwIBAgIGAZFrJblQMA0GCSqGSIb3DQEBCwUAMDoxDTALBgNVBAMMBHRlc3QxCzAJBgNVBAYTAkNIMRwwGgYJKoZIhvcNAQkBFg1mYWtlQGFjbWUuY29tMB4XDTI0MDgxOTE0NTg0MFoXDTI1MDgxOTE0NTg0MFowOjENMAsGA1UEAwwEdGVzdDELMAkGA1UEBhMCQ0gxHDAaBgkqhkiG9w0BCQEWDWZha2VAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcWDBNmdq13fYHnhsmLndAW+MfbI6PeU4OenqfbrTtQUxqpyqhP6QccPYKX2SK3JeQo5uuF1jRD/9i9vAXI9NyiMMHSItjt9LjRs7bWnY4lokYGCAcSZooR9fGZX63dBSQo73V7MC8LDFGy5rw6dGDOmh0ktKxFzaT/nav8/Mx8FyG7M9+b5OPIBo2yze5Rd5cdErGJuUYa9No93BBr5tq+JfnmR/gwgCOke97ovhNj+sMu5bt946AxC6t00wNyPNVlJHKi1os0c/pWztTQkoRAx/w0JYKS9Afl0ZnGWQQ5PNLHHecp2GzriBpQAPXq81QTbOh5H7SzvhkaFQ4oxstAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD8GOaeMDqj2mzMmCqR6Cr3ChkbDAkdsBa5lOAikMKs7/tJyaw8iA5yH0nyobC58Jb61IATuxABPUALhP3RiNsUhnQQF/Dh+6CnCTD/2wsZmr8vUvNqyCLom+xkMT6Wayd9LYW4UONARv1qCLVI4RhiAr5kcomwqZnuj2DRF697lbSQDoz3iuKrCyBYSCBhS+k7UXpqpMyB2D6quRuPqh7JNtMjGSeMiNpMXhx5f4kl1YWb8NU93LDwHFR2kwnGmPA3M272VitcJC4dz3itGRKm9EYGd6d5D7kdC6lqpZPSIopChvXDyVrXjQgckvgtSGKscs6AvYgjthJGsR2z3Eao=", + "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=" + ], + "attestationTypes" : [ 15879, 15880 ], "upv" : [ { "major" : 1, "minor" : 1 @@ -36,12 +52,12 @@ "userVerification" : 2 } ] ], "attachmentHint" : 1, - "authenticationAlgorithm" : 9, + "authenticationAlgorithms" : [ 2, 9 ], "authenticatorVersion" : 1, "isSecondFactorOnly" : false, "keyProtection" : 4, "matcherProtection" : 2, - "publicKeyAlgAndEncoding" : 256, + "publicKeyAlgAndEncodings" : [ 257, 259 ], "tcDisplay" : 1, "tcDisplayContentType" : "text/plain" }, @@ -49,8 +65,16 @@ "aaid" : "F1D0#0003", "description" : "Android NEVIS Mobile Authentication Biometric Authenticator", "assertionScheme" : "UAFV1TLV", - "attestationRootCertificates" : [], - "attestationTypes" : [ 15880 ], + "attestationRootCertificates" : [ + "MIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk", + "MIIFHDCCAwSgAwIBAgIJANUP8luj8tazMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTkxMTIyMjAzNzU4WhcNMzQxMTE4MjAzNzU4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBOMaBc8oumXb2voc7XCWnuXKhBBK3e2KMGz39t7lA3XXRe2ZLLAkLM5y3J7tURkf5a1SutfdOyXAmeE6SRo83Uh6WszodmMkxK5GM4JGrnt4pBisu5igXEydaW7qq2CdC6DOGjG+mEkN8/TA6p3cnoL/sPyz6evdjLlSeJ8rFBH6xWyIZCbrcpYEJzXaUOEaxxXxgYz5/cTiVKN2M1G2okQBUIYSY6bjEL4aUN5cfo7ogP3UvliEo3Eo0YgwuzR2v0KR6C1cZqZJSTnghIC/vAD32KdNQ+c3N+vl2OTsUVMC1GiWkngNx1OO1+kXW+YTnnTUOtOIswUP/Vqd5SYgAImMAfY8U9/iIgkQj6T2W6FsScy94IN9fFhE1UtzmLoBIuUFsVXJMTz+Jucth+IqoWFua9v1R93/k98p41pjtFX+H8DslVgfP097vju4KDlqN64xV1grw3ZLl4CiOe/A91oeLm2UHOq6wn3esB4r2EIQKb6jTVGu5sYCcdWpXr0AUVqcABPdgL+H7qJguBw09ojm6xNIrw2OocrDKsudk/okr/AwqEyPKw9WnMlQgLIKw1rODG2NvU9oR3GVGdMkUBZutL8VuFkERQGt6vQ2OCw0sV47VMkuYbacK/xyZFiRcrPJPb41zgbQj9XAEyLKCHex0SdDrx+tWUDqG8At2JHA==", + "MIIFHDCCAwSgAwIBAgIJAMNrfES5rhgxMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjExMTE3MjMxMDQyWhcNMzYxMTEzMjMxMDQyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBTNNZe5cuf8oiq+jV0itTGzWVhSTjOBEk2FQvh11J3o3lna0o7rd8RFHnN00q4hi6TapFhh4qaw/iG6Xg+xOan63niLWIC5GOPFgPeYXM9+nBb3zZzC8ABypYuCusWCmt6Tn3+Pjbz3MTVhRGXuT/TQH4KGFY4PhvzAyXwdjTOCXID+aHud4RLcSySr0Fq/L+R8TWalvM1wJJPhyRjqRCJerGtfBagiALzvhnmY7U1qFcS0NCnKjoO7oFedKdWlZz0YAfu3aGCJd4KHT0MsGiLZez9WP81xYSrKMNEsDK+zK5fVzw6jA7cxmpXcARTnmAuGUeI7VVDhDzKeVOctf3a0qQLwC+d0+xrETZ4r2fRGNw2YEs2W8Qj6oDcfPvq9JySe7pJ6wcHnl5EZ0lwc4xH7Y4Dx9RA1JlfooLMw3tOdJZH0enxPXaydfAD3YifeZpFaUzicHeLzVJLt9dvGB0bHQLE4+EqKFgOZv2EoP686DQqbVS1u+9k0p2xbMA105TBIk7npraa8VM0fnrRKi7wlZKwdH+aNAyhbXRW9xsnODJ+g8eF452zvbiKKngEKirK5LGieoXBX7tZ9D1GNBH2Ob3bKOwwIWdEFle/YF/h6zWgdeoaNGDqVBrLr2+0DtWoiB1aDEjLWl9FmyIUyUm7mD/vFDkzF+wm7cyWpQpCVQ==", + "MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgwNzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGICW/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2GtkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkxoSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mFmr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPzlHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVwn6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1EuzbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHovaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHnw1IdYIg2Wxg7yHcQZemFQg==", + "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=", + "MIIC8jCCAdqgAwIBAgIGAZFrJblQMA0GCSqGSIb3DQEBCwUAMDoxDTALBgNVBAMMBHRlc3QxCzAJBgNVBAYTAkNIMRwwGgYJKoZIhvcNAQkBFg1mYWtlQGFjbWUuY29tMB4XDTI0MDgxOTE0NTg0MFoXDTI1MDgxOTE0NTg0MFowOjENMAsGA1UEAwwEdGVzdDELMAkGA1UEBhMCQ0gxHDAaBgkqhkiG9w0BCQEWDWZha2VAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcWDBNmdq13fYHnhsmLndAW+MfbI6PeU4OenqfbrTtQUxqpyqhP6QccPYKX2SK3JeQo5uuF1jRD/9i9vAXI9NyiMMHSItjt9LjRs7bWnY4lokYGCAcSZooR9fGZX63dBSQo73V7MC8LDFGy5rw6dGDOmh0ktKxFzaT/nav8/Mx8FyG7M9+b5OPIBo2yze5Rd5cdErGJuUYa9No93BBr5tq+JfnmR/gwgCOke97ovhNj+sMu5bt946AxC6t00wNyPNVlJHKi1os0c/pWztTQkoRAx/w0JYKS9Afl0ZnGWQQ5PNLHHecp2GzriBpQAPXq81QTbOh5H7SzvhkaFQ4oxstAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD8GOaeMDqj2mzMmCqR6Cr3ChkbDAkdsBa5lOAikMKs7/tJyaw8iA5yH0nyobC58Jb61IATuxABPUALhP3RiNsUhnQQF/Dh+6CnCTD/2wsZmr8vUvNqyCLom+xkMT6Wayd9LYW4UONARv1qCLVI4RhiAr5kcomwqZnuj2DRF697lbSQDoz3iuKrCyBYSCBhS+k7UXpqpMyB2D6quRuPqh7JNtMjGSeMiNpMXhx5f4kl1YWb8NU93LDwHFR2kwnGmPA3M272VitcJC4dz3itGRKm9EYGd6d5D7kdC6lqpZPSIopChvXDyVrXjQgckvgtSGKscs6AvYgjthJGsR2z3Eao=", + "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=" + ], + "attestationTypes" : [ 15879, 15880 ], "upv" : [ { "major" : 1, "minor" : 1 @@ -59,12 +83,12 @@ "userVerification" : 346 } ] ], "attachmentHint" : 1, - "authenticationAlgorithm" : 9, + "authenticationAlgorithms" : [ 2, 9 ], "authenticatorVersion" : 1, "isSecondFactorOnly" : false, "keyProtection" : 4, "matcherProtection" : 2, - "publicKeyAlgAndEncoding" : 256, + "publicKeyAlgAndEncodings" : [ 257, 259 ], "tcDisplay" : 1, "tcDisplayContentType" : "text/plain" }, @@ -72,8 +96,16 @@ "aaid" : "F1D0#0004", "description" : "Android NEVIS Mobile Authentication Device Passcode Authenticator", "assertionScheme" : "UAFV1TLV", - "attestationRootCertificates" : [], - "attestationTypes" : [ 15880 ], + "attestationRootCertificates" : [ + "MIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk", + "MIIFHDCCAwSgAwIBAgIJANUP8luj8tazMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTkxMTIyMjAzNzU4WhcNMzQxMTE4MjAzNzU4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBOMaBc8oumXb2voc7XCWnuXKhBBK3e2KMGz39t7lA3XXRe2ZLLAkLM5y3J7tURkf5a1SutfdOyXAmeE6SRo83Uh6WszodmMkxK5GM4JGrnt4pBisu5igXEydaW7qq2CdC6DOGjG+mEkN8/TA6p3cnoL/sPyz6evdjLlSeJ8rFBH6xWyIZCbrcpYEJzXaUOEaxxXxgYz5/cTiVKN2M1G2okQBUIYSY6bjEL4aUN5cfo7ogP3UvliEo3Eo0YgwuzR2v0KR6C1cZqZJSTnghIC/vAD32KdNQ+c3N+vl2OTsUVMC1GiWkngNx1OO1+kXW+YTnnTUOtOIswUP/Vqd5SYgAImMAfY8U9/iIgkQj6T2W6FsScy94IN9fFhE1UtzmLoBIuUFsVXJMTz+Jucth+IqoWFua9v1R93/k98p41pjtFX+H8DslVgfP097vju4KDlqN64xV1grw3ZLl4CiOe/A91oeLm2UHOq6wn3esB4r2EIQKb6jTVGu5sYCcdWpXr0AUVqcABPdgL+H7qJguBw09ojm6xNIrw2OocrDKsudk/okr/AwqEyPKw9WnMlQgLIKw1rODG2NvU9oR3GVGdMkUBZutL8VuFkERQGt6vQ2OCw0sV47VMkuYbacK/xyZFiRcrPJPb41zgbQj9XAEyLKCHex0SdDrx+tWUDqG8At2JHA==", + "MIIFHDCCAwSgAwIBAgIJAMNrfES5rhgxMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjExMTE3MjMxMDQyWhcNMzYxMTEzMjMxMDQyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBTNNZe5cuf8oiq+jV0itTGzWVhSTjOBEk2FQvh11J3o3lna0o7rd8RFHnN00q4hi6TapFhh4qaw/iG6Xg+xOan63niLWIC5GOPFgPeYXM9+nBb3zZzC8ABypYuCusWCmt6Tn3+Pjbz3MTVhRGXuT/TQH4KGFY4PhvzAyXwdjTOCXID+aHud4RLcSySr0Fq/L+R8TWalvM1wJJPhyRjqRCJerGtfBagiALzvhnmY7U1qFcS0NCnKjoO7oFedKdWlZz0YAfu3aGCJd4KHT0MsGiLZez9WP81xYSrKMNEsDK+zK5fVzw6jA7cxmpXcARTnmAuGUeI7VVDhDzKeVOctf3a0qQLwC+d0+xrETZ4r2fRGNw2YEs2W8Qj6oDcfPvq9JySe7pJ6wcHnl5EZ0lwc4xH7Y4Dx9RA1JlfooLMw3tOdJZH0enxPXaydfAD3YifeZpFaUzicHeLzVJLt9dvGB0bHQLE4+EqKFgOZv2EoP686DQqbVS1u+9k0p2xbMA105TBIk7npraa8VM0fnrRKi7wlZKwdH+aNAyhbXRW9xsnODJ+g8eF452zvbiKKngEKirK5LGieoXBX7tZ9D1GNBH2Ob3bKOwwIWdEFle/YF/h6zWgdeoaNGDqVBrLr2+0DtWoiB1aDEjLWl9FmyIUyUm7mD/vFDkzF+wm7cyWpQpCVQ==", + "MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgwNzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGICW/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2GtkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkxoSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mFmr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPzlHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVwn6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1EuzbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHovaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHnw1IdYIg2Wxg7yHcQZemFQg==", + "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=", + "MIIC8jCCAdqgAwIBAgIGAZFrJblQMA0GCSqGSIb3DQEBCwUAMDoxDTALBgNVBAMMBHRlc3QxCzAJBgNVBAYTAkNIMRwwGgYJKoZIhvcNAQkBFg1mYWtlQGFjbWUuY29tMB4XDTI0MDgxOTE0NTg0MFoXDTI1MDgxOTE0NTg0MFowOjENMAsGA1UEAwwEdGVzdDELMAkGA1UEBhMCQ0gxHDAaBgkqhkiG9w0BCQEWDWZha2VAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcWDBNmdq13fYHnhsmLndAW+MfbI6PeU4OenqfbrTtQUxqpyqhP6QccPYKX2SK3JeQo5uuF1jRD/9i9vAXI9NyiMMHSItjt9LjRs7bWnY4lokYGCAcSZooR9fGZX63dBSQo73V7MC8LDFGy5rw6dGDOmh0ktKxFzaT/nav8/Mx8FyG7M9+b5OPIBo2yze5Rd5cdErGJuUYa9No93BBr5tq+JfnmR/gwgCOke97ovhNj+sMu5bt946AxC6t00wNyPNVlJHKi1os0c/pWztTQkoRAx/w0JYKS9Afl0ZnGWQQ5PNLHHecp2GzriBpQAPXq81QTbOh5H7SzvhkaFQ4oxstAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD8GOaeMDqj2mzMmCqR6Cr3ChkbDAkdsBa5lOAikMKs7/tJyaw8iA5yH0nyobC58Jb61IATuxABPUALhP3RiNsUhnQQF/Dh+6CnCTD/2wsZmr8vUvNqyCLom+xkMT6Wayd9LYW4UONARv1qCLVI4RhiAr5kcomwqZnuj2DRF697lbSQDoz3iuKrCyBYSCBhS+k7UXpqpMyB2D6quRuPqh7JNtMjGSeMiNpMXhx5f4kl1YWb8NU93LDwHFR2kwnGmPA3M272VitcJC4dz3itGRKm9EYGd6d5D7kdC6lqpZPSIopChvXDyVrXjQgckvgtSGKscs6AvYgjthJGsR2z3Eao=", + "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=" + ], + "attestationTypes" : [ 15879, 15880 ], "upv" : [ { "major" : 1, "minor" : 1 @@ -82,12 +114,12 @@ "userVerification" : 132 } ] ], "attachmentHint" : 1, - "authenticationAlgorithm" : 9, + "authenticationAlgorithms" : [ 2, 9 ], "authenticatorVersion" : 1, "isSecondFactorOnly" : false, "keyProtection" : 4, "matcherProtection" : 2, - "publicKeyAlgAndEncoding" : 259, + "publicKeyAlgAndEncodings" : [ 257, 259 ], "tcDisplay" : 1, "tcDisplayContentType" : "text/plain" }, @@ -95,8 +127,16 @@ "aaid" : "F1D0#0005", "description" : "Android NEVIS Mobile Authentication Password Authenticator", "assertionScheme" : "UAFV1TLV", - "attestationRootCertificates" : [], - "attestationTypes" : [ 15880 ], + "attestationRootCertificates" : [ + "MIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk", + "MIIFHDCCAwSgAwIBAgIJANUP8luj8tazMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTkxMTIyMjAzNzU4WhcNMzQxMTE4MjAzNzU4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBOMaBc8oumXb2voc7XCWnuXKhBBK3e2KMGz39t7lA3XXRe2ZLLAkLM5y3J7tURkf5a1SutfdOyXAmeE6SRo83Uh6WszodmMkxK5GM4JGrnt4pBisu5igXEydaW7qq2CdC6DOGjG+mEkN8/TA6p3cnoL/sPyz6evdjLlSeJ8rFBH6xWyIZCbrcpYEJzXaUOEaxxXxgYz5/cTiVKN2M1G2okQBUIYSY6bjEL4aUN5cfo7ogP3UvliEo3Eo0YgwuzR2v0KR6C1cZqZJSTnghIC/vAD32KdNQ+c3N+vl2OTsUVMC1GiWkngNx1OO1+kXW+YTnnTUOtOIswUP/Vqd5SYgAImMAfY8U9/iIgkQj6T2W6FsScy94IN9fFhE1UtzmLoBIuUFsVXJMTz+Jucth+IqoWFua9v1R93/k98p41pjtFX+H8DslVgfP097vju4KDlqN64xV1grw3ZLl4CiOe/A91oeLm2UHOq6wn3esB4r2EIQKb6jTVGu5sYCcdWpXr0AUVqcABPdgL+H7qJguBw09ojm6xNIrw2OocrDKsudk/okr/AwqEyPKw9WnMlQgLIKw1rODG2NvU9oR3GVGdMkUBZutL8VuFkERQGt6vQ2OCw0sV47VMkuYbacK/xyZFiRcrPJPb41zgbQj9XAEyLKCHex0SdDrx+tWUDqG8At2JHA==", + "MIIFHDCCAwSgAwIBAgIJAMNrfES5rhgxMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjExMTE3MjMxMDQyWhcNMzYxMTEzMjMxMDQyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBTNNZe5cuf8oiq+jV0itTGzWVhSTjOBEk2FQvh11J3o3lna0o7rd8RFHnN00q4hi6TapFhh4qaw/iG6Xg+xOan63niLWIC5GOPFgPeYXM9+nBb3zZzC8ABypYuCusWCmt6Tn3+Pjbz3MTVhRGXuT/TQH4KGFY4PhvzAyXwdjTOCXID+aHud4RLcSySr0Fq/L+R8TWalvM1wJJPhyRjqRCJerGtfBagiALzvhnmY7U1qFcS0NCnKjoO7oFedKdWlZz0YAfu3aGCJd4KHT0MsGiLZez9WP81xYSrKMNEsDK+zK5fVzw6jA7cxmpXcARTnmAuGUeI7VVDhDzKeVOctf3a0qQLwC+d0+xrETZ4r2fRGNw2YEs2W8Qj6oDcfPvq9JySe7pJ6wcHnl5EZ0lwc4xH7Y4Dx9RA1JlfooLMw3tOdJZH0enxPXaydfAD3YifeZpFaUzicHeLzVJLt9dvGB0bHQLE4+EqKFgOZv2EoP686DQqbVS1u+9k0p2xbMA105TBIk7npraa8VM0fnrRKi7wlZKwdH+aNAyhbXRW9xsnODJ+g8eF452zvbiKKngEKirK5LGieoXBX7tZ9D1GNBH2Ob3bKOwwIWdEFle/YF/h6zWgdeoaNGDqVBrLr2+0DtWoiB1aDEjLWl9FmyIUyUm7mD/vFDkzF+wm7cyWpQpCVQ==", + "MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgwNzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGICW/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2GtkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkxoSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mFmr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPzlHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVwn6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1EuzbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHovaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHnw1IdYIg2Wxg7yHcQZemFQg==", + "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=", + "MIIC8jCCAdqgAwIBAgIGAZFrJblQMA0GCSqGSIb3DQEBCwUAMDoxDTALBgNVBAMMBHRlc3QxCzAJBgNVBAYTAkNIMRwwGgYJKoZIhvcNAQkBFg1mYWtlQGFjbWUuY29tMB4XDTI0MDgxOTE0NTg0MFoXDTI1MDgxOTE0NTg0MFowOjENMAsGA1UEAwwEdGVzdDELMAkGA1UEBhMCQ0gxHDAaBgkqhkiG9w0BCQEWDWZha2VAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcWDBNmdq13fYHnhsmLndAW+MfbI6PeU4OenqfbrTtQUxqpyqhP6QccPYKX2SK3JeQo5uuF1jRD/9i9vAXI9NyiMMHSItjt9LjRs7bWnY4lokYGCAcSZooR9fGZX63dBSQo73V7MC8LDFGy5rw6dGDOmh0ktKxFzaT/nav8/Mx8FyG7M9+b5OPIBo2yze5Rd5cdErGJuUYa9No93BBr5tq+JfnmR/gwgCOke97ovhNj+sMu5bt946AxC6t00wNyPNVlJHKi1os0c/pWztTQkoRAx/w0JYKS9Afl0ZnGWQQ5PNLHHecp2GzriBpQAPXq81QTbOh5H7SzvhkaFQ4oxstAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD8GOaeMDqj2mzMmCqR6Cr3ChkbDAkdsBa5lOAikMKs7/tJyaw8iA5yH0nyobC58Jb61IATuxABPUALhP3RiNsUhnQQF/Dh+6CnCTD/2wsZmr8vUvNqyCLom+xkMT6Wayd9LYW4UONARv1qCLVI4RhiAr5kcomwqZnuj2DRF697lbSQDoz3iuKrCyBYSCBhS+k7UXpqpMyB2D6quRuPqh7JNtMjGSeMiNpMXhx5f4kl1YWb8NU93LDwHFR2kwnGmPA3M272VitcJC4dz3itGRKm9EYGd6d5D7kdC6lqpZPSIopChvXDyVrXjQgckvgtSGKscs6AvYgjthJGsR2z3Eao=", + "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=" + ], + "attestationTypes" : [ 15879, 15880 ], "upv" : [ { "major" : 1, "minor" : 1 @@ -105,12 +145,12 @@ "userVerification" : 4 } ] ], "attachmentHint" : 1, - "authenticationAlgorithm" : 9, + "authenticationAlgorithms" : [ 2, 9 ], "authenticatorVersion" : 1, "isSecondFactorOnly" : false, "keyProtection" : 1, "matcherProtection" : 1, - "publicKeyAlgAndEncoding" : 256, + "publicKeyAlgAndEncodings" : [ 257, 259 ], "tcDisplay" : 1, "tcDisplayContentType" : "text/plain" }, @@ -128,12 +168,12 @@ "userVerification" : 4 } ] ], "attachmentHint" : 1, - "authenticationAlgorithm" : 2, + "authenticationAlgorithms" : [ 2 ], "authenticatorVersion" : 1, "isSecondFactorOnly" : false, "keyProtection" : 1, "matcherProtection" : 1, - "publicKeyAlgAndEncoding" : 257, + "publicKeyAlgAndEncodings" : [ 257 ], "tcDisplay" : 1, "tcDisplayContentType" : "text/plain" }, @@ -151,12 +191,12 @@ "userVerification" : 2 } ] ], "attachmentHint" : 1, - "authenticationAlgorithm" : 2, + "authenticationAlgorithms" : [ 2 ], "authenticatorVersion" : 1, "isSecondFactorOnly" : false, "keyProtection" : 6, "matcherProtection" : 2, - "publicKeyAlgAndEncoding" : 257, + "publicKeyAlgAndEncodings" : [ 257 ], "tcDisplay" : 1, "tcDisplayContentType" : "text/plain" }, @@ -174,12 +214,12 @@ "userVerification" : 16 } ] ], "attachmentHint" : 1, - "authenticationAlgorithm" : 2, + "authenticationAlgorithms" : [ 2 ], "authenticatorVersion" : 1, "isSecondFactorOnly" : false, "keyProtection" : 6, "matcherProtection" : 2, - "publicKeyAlgAndEncoding" : 257, + "publicKeyAlgAndEncodings" : [ 257 ], "tcDisplay" : 1, "tcDisplayContentType" : "text/plain" }, @@ -197,12 +237,12 @@ "userVerification" : 4 } ] ], "attachmentHint" : 1, - "authenticationAlgorithm" : 2, + "authenticationAlgorithms" : [ 2 ], "authenticatorVersion" : 1, "isSecondFactorOnly" : false, "keyProtection" : 6, "matcherProtection" : 2, - "publicKeyAlgAndEncoding" : 257, + "publicKeyAlgAndEncodings" : [ 257 ], "tcDisplay" : 1, "tcDisplayContentType" : "text/plain" }, @@ -220,12 +260,12 @@ "userVerification" : 4 } ] ], "attachmentHint" : 1, - "authenticationAlgorithm" : 2, + "authenticationAlgorithms" : [ 2 ], "authenticatorVersion" : 1, "isSecondFactorOnly" : false, "keyProtection" : 1, "matcherProtection" : 1, - "publicKeyAlgAndEncoding" : 257, + "publicKeyAlgAndEncodings" : [ 257 ], "tcDisplay" : 1, "tcDisplayContentType" : "text/plain" }] \ No newline at end of file diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/nevisfido.yml b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/nevisfido.yml index 449df90..e5b4e2a 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/nevisfido.yml +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/nevisfido.yml @@ -1,109 +1,102 @@ server: port: 9443 - host: 0.0.0.0 - protocol: https + host: "0.0.0.0" + protocol: "https" tls: - keystore: /var/opt/keys/own/ob-fido-uaf-v1-default-server-identity/keystore.p12 - keystore-passphrase: ${exec:/var/opt/keys/own/ob-fido-uaf-v1-default-server-identity/keypass} - keystore-type: pkcs12 - truststore: /var/opt/keys/trust/ob-fido-uaf-v1-default-client-trust/truststore.p12 - truststore-passphrase: ${exec:/var/opt/keys/trust/ob-fido-uaf-v1-default-client-trust/keypass} - truststore-type: pkcs12 - + keystore: "/var/opt/keys/own/ob-fido-uaf-v1-default-server-identity/keystore.p12" + keystore-type: "pkcs12" + keystore-passphrase: "${exec:/var/opt/keys/own/ob-fido-uaf-v1-default-server-identity/keypass}" + truststore: "/var/opt/keys/trust/ob-fido-uaf-v1-default-client-trust/truststore.p12" + truststore-type: "pkcs12" + truststore-passphrase: "${exec:/var/opt/keys/trust/ob-fido-uaf-v1-default-client-trust/keypass}" management: server: port: 9089 healthchecks: enabled: true - -credential-repository: - type: nevisidm - rest-url: https://idm.adn-agov-nevisidm-01-uat:8989/nevisidm - administration-url: https://idm.adn-agov-nevisidm-01-uat:8989/nevisidm/services/v1_46/AdminService - keystore: /var/opt/keys/own/nevisfido-techuser-key/keystore.p12 - keystore-passphrase: ${exec:/var/opt/keys/own/nevisfido-techuser-key/keypass} - keystore-type: pkcs12 - truststore: /var/opt/keys/trust/ob-fido-uaf-v1-agov-work-internal-trust-store/truststore.p12 - truststore-passphrase: ${exec:/var/opt/keys/trust/ob-fido-uaf-v1-agov-work-internal-trust-store/keypass} - truststore-type: pkcs12 - admin-service-version: v1_46 - client-id: 100 - user-attribute: extId - -session-repository: - type: sql - jdbc-url: jdbc:mariadb://mariadb-session-store-service.adn-agov-nevisidm-ob-01-uat:3306/nevisfido_uaf?sslMode=disable&autocommit=true - max-connection-lifetime: 10m - user: ${exec:/var/opt/nevisfido/default/conf/credentials/dbUser} - password: ${exec:/var/opt/nevisfido/default/conf/credentials/dbPassword} - schema-user: - schema-user-password: - automatic-db-schema-setup: false - fido-uaf: enabled: true - app-id: https://auth.agov-w.azure.adnovum.net/nevisfido/uaf/1.1/facets + app-id: "https://auth.agov-w.azure.adnovum.net/nevisfido/uaf/1.1/facets" facets: - - android:apk-key-hash:kdcDr+sJVydAkZ6nT/HR3UpJFSd+vPORXLww8DIHV7c - - ios:bundle-id:ch.nevis.accessapp - - android:apk-key-hash:ch.nevis.mobile.authentication.sdk.android.example - - android:apk-key-hash:ch.nevis.mobile.authentication.sdk.flutter.example - - android:apk-key-hash:ch.nevis.mobile.authentication.sdk.react.example - - ios:bundle-id:ch.nevis.mobile.authentication.sdk.ios.example - - ios:bundle-id:ch.nevis.mobile.authentication.sdk.flutter.example - - ios:bundle-id:ch.nevis.mobile.authentication.sdk.objc.proxy.example - - ios:bundle-id:ch.nevis.mobile.authentication.sdk.react.example - metadata: - path: conf/metadata/metadata.json + - "android:apk-key-hash:*" + - "ios:bundle-id:*" policy: - path: conf/policy/ + path: "conf/policy/" timeout: - registration: 600s - authentication: 600s - token-registration: 600s - token-authentication: 600s - token-deregistration: 600s + registration: "300s" + authentication: "300s" + token-registration: "300s" + token-deregistration: "300s" + token-authentication: "300s" + device-request: "300s" transaction-confirmation: max-text-length: 2000 + metadata: + path: "conf/metadata/metadata.json" + idm-connection-type: "soap" + dispatchers: + - type: "link" + registration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/registration" + authentication-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/authentication" + deregistration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/deregistration" + base-url: "ch.agov.access-t://x-callback-url/authenticate" + basic-full-attestation: + android-verification-level: "default" authorization: registration: - type: sectoken - truststore: /var/opt/keys/trust/ob-auth-signer-trust-store/truststore.p12 - truststore-passphrase: ${exec:/var/opt/keys/trust/ob-auth-signer-trust-store/keypass} - truststore-type: pkcs12 + type: "sectoken" + truststore: "/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.p12" + truststore-type: "pkcs12" + truststore-passphrase: "${exec:/var/opt/keys/trust/ob-auth-signer-trust-store/keypass}" username-attribute-names: - - loginId - - userid + - "loginId" + - "userid" authentication: - type: none + type: "none" deregistration: - type: sectoken - truststore: /var/opt/keys/trust/ob-auth-signer-trust-store/truststore.p12 - truststore-passphrase: ${exec:/var/opt/keys/trust/ob-auth-signer-trust-store/keypass} - truststore-type: pkcs12 + type: "sectoken" + truststore: "/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.p12" + truststore-type: "pkcs12" + truststore-passphrase: "${exec:/var/opt/keys/trust/ob-auth-signer-trust-store/keypass}" username-attribute-names: - - loginId - - userid + - "loginId" + - "userid" create-dispatch-target: - type: sectoken - truststore: /var/opt/keys/trust/ob-auth-signer-trust-store/truststore.p12 - truststore-passphrase: ${exec:/var/opt/keys/trust/ob-auth-signer-trust-store/keypass} - truststore-type: pkcs12 + type: "sectoken" + truststore: "/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.p12" + truststore-type: "pkcs12" + truststore-passphrase: "${exec:/var/opt/keys/trust/ob-auth-signer-trust-store/keypass}" username-attribute-names: - - loginId - - userid + - "loginId" + - "userid" query-dispatch-target: - type: none + type: "none" delete-dispatch-target: - type: sectoken - truststore: /var/opt/keys/trust/ob-auth-signer-trust-store/truststore.p12 - truststore-passphrase: ${exec:/var/opt/keys/trust/ob-auth-signer-trust-store/keypass} - truststore-type: pkcs12 + type: "sectoken" + truststore: "/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.p12" + truststore-type: "pkcs12" + truststore-passphrase: "${exec:/var/opt/keys/trust/ob-auth-signer-trust-store/keypass}" username-attribute-names: - - userid - dispatchers: - - type: "link" - registration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/registration" - authentication-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/authentication" - deregistration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/deregistration" - base-url: "ch.agov.access-t://x-callback-url/authenticate" \ No newline at end of file + - "userid" +session-repository: + type: "sql" + jdbc-url: "jdbc:mariadb://mariadb-session-store-service.adn-agov-nevisidm-ob-01-uat:3306/nevisfido_uaf?sslMode=disable&autocommit=true" + max-connection-lifetime: "10m" + user: "${exec:/var/opt/nevisfido/default/conf/credentials/dbUser}" + password: "${exec:/var/opt/nevisfido/default/conf/credentials/dbPassword}" + schema-user: "" + schema-user-password: "" + automatic-db-schema-setup: false +credential-repository: + type: "nevisidm" + client-id: "cfa9c9b9-119f-4dff-9bb8-86d7c0cf2720" + user-attribute: "extId" + administration-url: "https://idm.adn-agov-nevisidm-01-uat:8989/nevisidm/services/v1_46/AdminService" + admin-service-version: "v1_46" + rest-url: "https://idm.adn-agov-nevisidm-01-uat:8989/nevisidm" + keystore: "/var/opt/keys/own/nevisfido-techuser-key/keystore.p12" + keystore-type: "pkcs12" + keystore-passphrase: "${exec:/var/opt/keys/own/nevisfido-techuser-key/keypass}" + truststore: "/var/opt/keys/trust/ob-fido-uaf-v1-agov-work-internal-trust-store/truststore.p12" + truststore-type: "pkcs12" + truststore-passphrase: "${exec:/var/opt/keys/trust/ob-fido-uaf-v1-agov-work-internal-trust-store/keypass}" diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/etc/nevis/k8s-ob-fido2-a2d03bb46b87b90160dc83d7.yaml b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/etc/nevis/k8s-ob-fido2-a2d03bb46b87b90160dc83d7.yaml index 9f36827..dd7f521 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/etc/nevis/k8s-ob-fido2-a2d03bb46b87b90160dc83d7.yaml +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/etc/nevis/k8s-ob-fido2-a2d03bb46b87b90160dc83d7.yaml @@ -11,7 +11,7 @@ metadata: spec: type: "NevisFIDO" replicas: 1 - version: "8.2405.0" + version: "8.2411.1" gitInitVersion: "1.3.0" runAsNonRoot: true ports: @@ -46,7 +46,7 @@ spec: podDisruptionBudget: maxUnavailable: "50%" git: - tag: "r-b573f4c9983b648b2dd0a02fa08dbe000a3d18af" + tag: "r-9e206f8d793087e7a1996ae58b5ed2116e3e9af7" dir: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1" credentials: "git-credentials" keystores: diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/keys/trust/ob-auth-signer-trust-store/keypass b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/keys/trust/ob-auth-signer-trust-store/keypass deleted file mode 100755 index 5b0d317..0000000 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/keys/trust/ob-auth-signer-trust-store/keypass +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/bash -echo 'password' \ No newline at end of file diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.jks b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.jks deleted file mode 100644 index 6243945ca140a2840ab2ac1330f99690852596e3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 774 zcmezO_TO6u1_mY|W(3o0#hK}OsYO8U#67nUer8~e&@(l#1gbc0(8P2Yh%*;3GchtT z2{LrZddR*tKjy7}B*egR-d+|1E;bIWHji_*EX+&>5{6<1B5cf|EX=~Z#i==IU{h0c zlM@Z(#CeTO49pG94a|)!4Gg1zTvH^jL6{-80VhZ&n=q5JhanHpSRjW(nAzJR7{+5q z;c=nxxFI}#173*rP!Ab2F)9ItIDsx~`_9YA$jHjT+{DPw02Jq9YGPz$c+)91QS53- z*5fh*OaFV{ovFHv+~;O@Wng<{i}dTwgq6xpm$V6k=Cf$Nh#yL6v;8rOKrYC`hd z1*e~<9lCz+#r*=7B{}!^-j|5Eamq99`?Z{HN2PYlf6A_aJilmHy__gT z(Kpxicu!|94AigDGmN;~@bB)uFzKzDjUp$1%dh=?^3|NLe(KZK)Sg&veEzA6oa|Z$ z1CG}}uNGab6??_G^wiR@MTdVMezMBJ((#*lxYESWlP&vJ7rr%U3^?Y!eFf)FCi4#A zD;xJ+uj5(nH2F?I(nQ0#6YAzV&t2|U_i^^LPimhd&aK~eX5rjL#~7qu-Id6()7Y3J zvS1~9FB3B(1LNYxE`!E)13qBT$?`KY{$~NkC3}N`EQqhl0*X=&Z8k<$R(57aIE%@E z2P7>FQqE++U?30TDYHlzh&71(PLvW;GW;;C;0RN4b(vj1X&aeQMH#W5saUt{W zzA5xjm-v1mIN_$7w&+dvPtT-+Ivc)-Z(Fut;>Ssu?@qi9%X+V0wM$pZ$Gcoi@Tus} ze@`nji;6@yu5>(ccq-TA=rv_0J?FZvnD$|5CeQ!4H91?^T~fG?+)>tix8najrWB63 zJr(}J-%#drbBVV1?gM1d;O%`CQj4HJmaD3{_MdNM@>z& ziyvnS-{Y}aB&t0x;N-OQe}>cQQdZuz{wBE8)qdVJ$$gAHeLp(5&fVpX-*W7M=C2zI z3i=f4A6BlYE)LjVvGBo*E6>#zcq;n`-(8`%MDXJxb(^gpuI}zuyRh0>wMK2hElbHX zm*>t-jyGq%YprqS_G~zD^SF`0*EKOqYfrrDN&mTHN8x^-E%R)dV|>^4y0R8JFUfd# z;L!`|`xEDHmrFfRT9DVT|0_Cl=Z&H*Q@j$^%o5tCdjDI>6(_+8d1e#W+6Vd17{z<} zwRUJf=x%aK(AvZC&+}PiM1nDQ9RCWf$F~KHy%R(aY`YbIAvIh;OmV{Qqg>yWz121@ zKDv%0pLNc(y|;LzJ}=cfoLAwSX*HRJO-jd9gZcfzhqr`kLuX&GN~)5ZvMcB8_Gj92 z-UZ$AO1~t_>X-9~2iA?>bvDKk4?as;-^=>(6NJuq(W=Y=-{TvbPf?jv9V$ z(h|6~F+k*&Nz}wCDRA=60W;oVdsr0V>*Wt3&H>a(1ZM~)a!8WCQ5obuLC2wiR zv%f7?w~XUFUwSdC1}DYmn1uap7bxJF@T<#g!fOSS3-2Y0UNFn-aJc?TtU=i3n8Mo1 zMZ2bX9LjoOx>e=)s)akAoi$l0dX+2wfc=;GEfyKm=gH|kW%E+pk#NRY-XW|`JM`hI zUvdVPzgKwwYnNr>esDrL*S*uNP$1yXVn?-1VZHCK?HDTp4qth#`KS5fp-#8CKRn+D zR;dJhak=U9af10h%h0N2>wom~YyP--I7gs1dpE!EzTe6;C(^WQS( zGnekfRmJR%n_rcsC;U|Xex;*g2b{q=B+505ZGZNB{r; diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.pem b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.pem deleted file mode 100644 index 0bcf943..0000000 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.pem +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICwzCCAmmgAwIBAgIRAIgdSB3tN8ZLL8RUMEGevQQwCgYIKoZIzj0EAwIwGDEW -MBQGA1UEAxMNc2VsZnNpZ25lZC1jYTAeFw0yNDA3MTcwNzI5MDFaFw0yNTA3MTcw -NzI5MDFaMFYxCzAJBgNVBAYTAkNIMQwwCgYDVQQIEwNLOFMxDDAKBgNVBAcTA0s4 -UzEMMAoGA1UEChMDSzhTMQwwCgYDVQQLEwNLOFMxDzANBgNVBAMTBnNpZ25lcjCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOyJFpEW1XRq43YwOU/e9ufh -128Yct8Q3f6HoRaXpUmygAkUsyBwOLWmwNeS80SLyOVegco6kGOdoMvnZsLX3ujf -cASkbN+93xhc2MpJXvfWbLbFGrpuQki3V5Banw+UulBuTltFLmxaIRXs1y4Ny2uh -US98LjFY3YD+3d5WG7UpgRTJ+x+t+8nqnPVOJ5asfcirM8/lRB4drUAwCOv51XLR -fRbqCaXKpVaiw/vD5KpAOUH2N1cikfOTOY6rce0wgVDGS7eoCfkCN4gT1LG+134M -p0KT3FBikTGdkH6dQ52nTn7xm5byJvNYzq+2zKGdosYAGurdGGw+KLFsFKCpB40C -AwEAAaOBijCBhzAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEG -CCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAU+2EaFiIx8JLxYnML -5NE8f8gOLlEwJwYDVR0RBCAwHoIGc2lnbmVygRRub3JlcGx5QGxvY2FsLmRvbWFp -bjAKBggqhkjOPQQDAgNIADBFAiBxCyNHGWTpj8oma8cY/rUVMZu/BSDH7zzrDhh6 -Q9eJegIhAIGivTcBUZvogUDfNo7IXmmxDqZHrjpoLeu6+VgTY9Qs ------END CERTIFICATE----- diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/nevisfido/default/conf/env.conf b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/nevisfido/default/conf/env.conf index 30a29d9..57a659e 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/nevisfido/default/conf/env.conf +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/nevisfido/default/conf/env.conf @@ -6,5 +6,5 @@ JAVA_OPTS=( "-javaagent:/opt/agent/opentelemetry-javaagent.jar" "-Dotel.javaagent.logging=application" "-Dotel.javaagent.configuration-file=/var/opt/nevisfido/default/conf/otel.properties" - "-Dotel.resource.attributes=service.version=8.2405.0,service.instance.id=$HOSTNAME" + "-Dotel.resource.attributes=service.version=8.2411.1,service.instance.id=$HOSTNAME" ) \ No newline at end of file diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/nevisfido/default/conf/logging.yml b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/nevisfido/default/conf/logging.yml index 8d3cc20..c678acf 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/nevisfido/default/conf/logging.yml +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/nevisfido/default/conf/logging.yml @@ -12,6 +12,8 @@ Configuration: onMismatch: "ACCEPT" Loggers: Logger: + - name: "ProductAnalytics" + level: "INFO" - name: "ch.nevis.auth.fido.application.Application" level: "INFO" Root: diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/nevisfido/default/conf/nevisfido.yml b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/nevisfido/default/conf/nevisfido.yml index d4ef6a3..0a6f0ae 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/nevisfido/default/conf/nevisfido.yml +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/nevisfido/default/conf/nevisfido.yml @@ -1,52 +1,51 @@ server: port: 9443 - protocol: https + protocol: "https" tls: - keystore: /var/opt/keys/own/ob-fido2-v1-default-identity/keystore.p12 - keystore-passphrase: ${exec:/var/opt/keys/own/ob-fido2-v1-default-identity/keypass} - keystore-type: pkcs12 - + keystore: "/var/opt/keys/own/ob-fido2-v1-default-identity/keystore.p12" + keystore-passphrase: "${exec:/var/opt/keys/own/ob-fido2-v1-default-identity/keypass}" + keystore-type: "pkcs12" + truststore: "/var/opt/keys/trust/ob-fido2-v1-default-tls-client-trust/truststore.p12" + truststore-passphrase: "${exec:/var/opt/keys/trust/ob-fido2-v1-default-tls-client-trust/keypass}" + truststore-type: "pkcs12" management: server: port: 9089 healthchecks: enabled: true - credential-repository: - type: nevisidm - client-id: cfa9c9b9-119f-4dff-9bb8-86d7c0cf2720 - rest-url: https://idm.adn-agov-nevisidm-01-uat:8989/nevisidm - keystore: /var/opt/keys/own/nevisfido-techuser-key/keystore.p12 - keystore-passphrase: ${exec:/var/opt/keys/own/nevisfido-techuser-key/keypass} - truststore: /var/opt/keys/trust/ob-fido2-v1-agov-work-internal-trust-store/truststore.p12 - truststore-passphrase: ${exec:/var/opt/keys/trust/ob-fido2-v1-agov-work-internal-trust-store/keypass} - user-attribute: extId - -session-repository: - type: in-memory - jdbc-url: - max-connection-lifetime: - user: - password: - schema-user: - schema-user-password: - automatic-db-schema-setup: true - + type: "nevisidm" + client-id: "cfa9c9b9-119f-4dff-9bb8-86d7c0cf2720" + rest-url: "https://idm.adn-agov-nevisidm-01-uat:8989/nevisidm" + keystore: "/var/opt/keys/own/nevisfido-techuser-key/keystore.p12" + keystore-passphrase: "${exec:/var/opt/keys/own/nevisfido-techuser-key/keypass}" + keystore-type: "pkcs12" + truststore: "/var/opt/keys/trust/ob-fido2-v1-agov-work-internal-trust-store/truststore.p12" + truststore-passphrase: "${exec:/var/opt/keys/trust/ob-fido2-v1-agov-work-internal-trust-store/keypass}" + truststore-type: "pkcs12" + user-attribute: "extId" fido2: enabled: true - rp-name: AGOV-RelPartName - rp-id: adnovum.net + rp-name: "AGOV-RelPartName" + rp-id: "adnovum.net" origins: - - https://me.agov-w.azure.adnovum.net - - https://nevisidm.agov-w.azure.adnovum.net - - https://auth.agov-w.azure.adnovum.net - - https://ob.agov-w.azure.adnovum.net + - "https://me.agov-w.azure.adnovum.net" + - "https://nevisidm.agov-w.azure.adnovum.net" + - "https://auth.agov-w.azure.adnovum.net" + - "https://ob.agov-w.azure.adnovum.net" signature-algorithms: - - RS1 - - RS256 - - RS384 - - RS512 - - ES256 - - ES384 - - ES512 - display-name-source: loginId \ No newline at end of file + - "RS1" + - "RS256" + - "RS384" + - "RS512" + - "ES256" + - "ES384" + - "ES512" + display-name-source: "loginId" + metadata: + allow-listing-enabled: false + timeout: + user-verification: "300s" + no-user-verification: "120s" +session-repository: + type: "in-memory" diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/etc/nevis/k8s-ob-logrend-bed300e1196a171ca12db431.yaml b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/etc/nevis/k8s-ob-logrend-bed300e1196a171ca12db431.yaml index 235fec9..fa1b146 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/etc/nevis/k8s-ob-logrend-bed300e1196a171ca12db431.yaml +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/etc/nevis/k8s-ob-logrend-bed300e1196a171ca12db431.yaml @@ -11,7 +11,7 @@ metadata: spec: type: "NevisLogrend" replicas: 1 - version: "8.2405.0" + version: "8.2411.1" gitInitVersion: "1.3.0" runAsNonRoot: true ports: @@ -44,7 +44,7 @@ spec: podDisruptionBudget: maxUnavailable: "50%" git: - tag: "r-b573f4c9983b648b2dd0a02fa08dbe000a3d18af" + tag: "r-9e206f8d793087e7a1996ae58b5ed2116e3e9af7" dir: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1" credentials: "git-credentials" podSecurity: diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/conf/env.conf b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/conf/env.conf index 1e7049e..7a53e6d 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/conf/env.conf +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/conf/env.conf @@ -10,5 +10,5 @@ JAVA_OPTS=( "-javaagent:/opt/agent/opentelemetry-javaagent.jar" "-Dotel.javaagent.logging=application" "-Dotel.javaagent.configuration-file=/var/opt/nevislogrend/default/conf/otel.properties" - "-Dotel.resource.attributes=service.version=8.2405.0,service.instance.id=$HOSTNAME" + "-Dotel.resource.attributes=service.version=8.2411.1,service.instance.id=$HOSTNAME" ) \ No newline at end of file diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/conf/logging.yml b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/conf/logging.yml index a5708ef..533e26f 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/conf/logging.yml +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/conf/logging.yml @@ -11,7 +11,9 @@ Configuration: onMatch: "DENY" onMismatch: "ACCEPT" Loggers: - Logger: [] + Logger: + - name: "ProductAnalytics" + level: "INFO" Root: level: "WARN" additivity: "false" diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_link_qr.js b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_link_qr.js index 3676cda..fe0749a 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_link_qr.js +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_link_qr.js @@ -16,6 +16,12 @@ let statusPolling; + let isPolling = false; + let pollingTimeout = null; + + const POLLING_INTERVAL = 2000; + const REQUEST_TIMEOUT = 3000; + function dispatchLink() { document.getElementById("mauth_started").style.display = "block"; // show @@ -55,9 +61,7 @@ }); var sessionId = o.sessionId; console.log("started polling for session ID: " + sessionId); - statusPolling = window.setInterval(function () { - poll(sessionId); - }, 2000); + poll(sessionId); } else { console.log("authentication failed: " + o.dispatchResult); @@ -70,21 +74,36 @@ } function poll(sessionId) { + if (isPolling) { + return; // Exit if a polling request is already ongoing + } - const request = {}; - request.fidoUafSessionId = sessionId; + isPolling = true; - // calling nevisFIDO through nevisAuth on current URL using AJAX - fetch("", { + const request = { fidoUafSessionId: sessionId }; + + const fetchRequest = fetch("", { method: "POST", headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(request) - }).then(res => { - res.json().then(o => { + }); + + // Set up the timeout for the fetch request + const timeoutPromise = new Promise((_, reject) => { + pollingTimeout = setTimeout(() => { + reject(new Error('Request timed out')); + }, REQUEST_TIMEOUT); + }); + + Promise.race([fetchRequest, timeoutPromise]) + .then(res => res.json()) + .then(o => { + clearTimeout(pollingTimeout); var status = o.status; console.log("status: " + status); + if (status == 'clientAuthenticating') { // show process icon document.getElementById("mauth_loading").style.display = 'block'; @@ -99,20 +118,24 @@ addInput(form, "continue", "true"); // required for custom dispatching in usernameless document.body.appendChild(form); form.submit(); - } - else if (status == 'failed' || status == 'unknown') { - + } else if (status == 'failed' || status == 'unknown') { clearInterval(statusPolling); console.error("authentication failed with status: " + status); - // as this is the last call we have to do a top-level request instead of AJAX const form = createForm(); addInput(form, "fidoUafSessionId", sessionId); document.body.appendChild(form); form.submit(); } + }) + .catch((err) => { + console.error("error:", err); + }) + .finally(() => { + isPolling = false; + // Schedule the next poll if needed + setTimeout(() => poll(sessionId), POLLING_INTERVAL); }); - }).catch((err) => console.error("error: ", err)); } dispatchLink(); diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_onboard.js b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_onboard.js index 156f26e..4be9d24 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_onboard.js +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_onboard.js @@ -16,6 +16,12 @@ let statusPolling; + let isPolling = false; + let pollingTimeout = null; + + const POLLING_INTERVAL = 2000; + const REQUEST_TIMEOUT = 3000; + function renderEnrollment() { // link is provided by a hidden GuiElem @@ -52,44 +58,53 @@ } function poll() { + if (isPolling) { + return; // Exit if a polling request is already ongoing + } + + isPolling = true; // state is held on backend side const request = {}; - // calling nevisFIDO through nevisAuth on current URL using AJAX - fetch("", { + const fetchRequest = fetch("", { method: "POST", headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(request) - }).then(res => { - res.json().then(o => { + }); + // Set up the timeout for the fetch request + const timeoutPromise = new Promise((_, reject) => { + pollingTimeout = setTimeout(() => { + reject(new Error('Request timed out')); + }, REQUEST_TIMEOUT); + }); + + Promise.race([fetchRequest, timeoutPromise]) + .then(res => res.json()) + .then(o => { + clearTimeout(pollingTimeout); var status = o.status; console.log("status: " + status); if (status == 'clientRegistering') { - // show process icon document.getElementById("mauth_loading").style.display = 'block'; // hide QR-code and information document.getElementById("mauth_qrcode").style.display = 'none'; document.getElementById("mauth_qrcode_info").style.display = 'none'; - } - else if (status == 'succeeded') { - + } else if (status == 'succeeded') { clearInterval(statusPolling); - console.error("onboarding successful"); + console.log("onboarding successful"); // as this is the last call we have to do a top-level request instead of AJAX const form = createForm(); document.body.appendChild(form); form.submit(); - } - else if (status == 'failed' || status == 'unknown') { - + } else if (status == 'failed' || status == 'unknown') { clearInterval(statusPolling); console.error("onboarding failed with status: " + status); @@ -98,8 +113,15 @@ document.body.appendChild(form); form.submit(); } + }) + .catch((err) => { + console.error("error:", err); + }) + .finally(() => { + isPolling = false; + // Schedule the next poll if needed + setTimeout(() => poll(), POLLING_INTERVAL); }); - }).catch((err) => console.error("error: ", err)); } renderEnrollment(); diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_push_qr.js b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_push_qr.js index 348aa3c..9612c23 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_push_qr.js +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_push_qr.js @@ -16,6 +16,12 @@ let statusPolling; + let isPolling = false; + let pollingTimeout = null; + + const POLLING_INTERVAL = 2000; + const REQUEST_TIMEOUT = 3000; + function dispatch(id) { document.getElementById("mauth_devices").style.display = "none"; // hide selection menu @@ -70,9 +76,7 @@ }); var sessionId = o.sessionId; console.log("started polling for session ID: " + sessionId); - statusPolling = window.setInterval(function () { - poll(sessionId); - }, 2000); + poll(sessionId); } else { console.log("authentication failed: " + o.dispatchResult); @@ -125,47 +129,64 @@ } function poll(sessionId) { + if (isPolling) { + return; // Exit if a polling request is already ongoing + } + isPolling = true; - const request = {}; - request.fidoUafSessionId = sessionId; + const request = { fidoUafSessionId: sessionId }; - // calling nevisFIDO through nevisAuth on current URL using AJAX - fetch("", { + const fetchRequest = fetch("", { method: "POST", headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(request) - }).then(res => { - res.json().then(o => { + }); + + // Set up the timeout for the fetch request + const timeoutPromise = new Promise((_, reject) => { + pollingTimeout = setTimeout(() => { + reject(new Error('Request timed out')); + }, REQUEST_TIMEOUT); + }); + + Promise.race([fetchRequest, timeoutPromise]) + .then(res => res.json()) + .then(o => { + clearTimeout(pollingTimeout); var status = o.status; console.log("status: " + status); + if (status == 'clientAuthenticating') { document.getElementById("mauth_qrcode").style.display = 'none'; document.getElementById("mauth_qrcode_info").style.display = 'none'; document.getElementById("mauth_match_numbers").style.display = 'block'; document.getElementById("mauth_loading").style.display = 'block'; } + if (status == 'succeeded') { clearInterval(statusPolling); - // as this is the last call we have to do a top-level request instead of AJAX const form = createForm(); document.body.appendChild(form); form.submit(); - } - else if (status == 'failed' || status == 'unknown') { - + } else if (status == 'failed' || status == 'unknown') { clearInterval(statusPolling); console.error("authentication failed with status: " + status); - - // as this is the last call we have to do a top-level request instead of AJAX const form = createForm(); addInput(form, "fidoUafSessionId", sessionId); document.body.appendChild(form); form.submit(); } + }) + .catch((err) => { + console.error("error:", err); + }) + .finally(() => { + isPolling = false; + // Schedule the next poll if needed + setTimeout(() => poll(sessionId), POLLING_INTERVAL); }); - }).catch((err) => console.error("error: ", err)); } renderDeviceList(); diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_usernameless.js b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_usernameless.js index e5955ef..900befb 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_usernameless.js +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_usernameless.js @@ -16,6 +16,12 @@ let statusPolling; + let isPolling = false; + let pollingTimeout = null; + + const POLLING_INTERVAL = 2000; + const REQUEST_TIMEOUT = 3000; + function dispatch() { console.log("initiating usernameless mobile authentication..."); @@ -58,9 +64,7 @@ }); var sessionId = o.sessionId; console.log("started polling for session ID: " + sessionId); - statusPolling = window.setInterval(function () { - poll(sessionId); - }, 2000); + poll(sessionId); } else { console.log("authentication failed: " + o.dispatchResult); @@ -73,46 +77,66 @@ } function poll(sessionId) { + if (isPolling) { + return; // Exit if a polling request is already ongoing + } - const request = {}; - request.fidoUafSessionId = sessionId; + isPolling = true; - // calling nevisFIDO through nevisAuth on current URL using AJAX - fetch("", { + const request = { fidoUafSessionId: sessionId }; + + const fetchRequest = fetch("", { method: "POST", headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(request) - }).then(res => { - res.json().then(o => { + }); + + // Set up the timeout for the fetch request + const timeoutPromise = new Promise((_, reject) => { + pollingTimeout = setTimeout(() => { + reject(new Error('Request timed out')); + }, REQUEST_TIMEOUT); + }); + + Promise.race([fetchRequest, timeoutPromise]) + .then(res => res.json()) + .then(o => { + clearTimeout(pollingTimeout); var status = o.status; console.log("status: " + status); + if (status == 'clientAuthenticating') { - document.getElementById("mauth_qrcode").style.display = 'none'; + // show process icon document.getElementById("mauth_loading").style.display = 'block'; + document.getElementById("mauth_qrcode").style.display = 'none'; } if (status == 'succeeded') { clearInterval(statusPolling); // as this is the last call we have to do a top-level request instead of AJAX const form = createForm(); - addInput(form, "fidoUafDone", "true"); // checked by Groovy script + addInput(form, "continue", "true"); // required for custom dispatching in usernameless document.body.appendChild(form); form.submit(); - } - else if (status == 'failed' || status == 'unknown') { - + } else if (status == 'failed' || status == 'unknown') { clearInterval(statusPolling); console.error("authentication failed with status: " + status); - // as this is the last call we have to do a top-level request instead of AJAX const form = createForm(); - addInput(form, "fidoUafSessionId", sessionId); // checked by Groovy script + addInput(form, "fidoUafSessionId", sessionId); document.body.appendChild(form); form.submit(); } + }) + .catch((err) => { + console.error("error:", err); + }) + .finally(() => { + isPolling = false; + // Schedule the next poll if needed + setTimeout(() => poll(sessionId), POLLING_INTERVAL); }); - }).catch((err) => console.error("error: ", err)); } dispatch(); diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-realm/webdata/resources/mauth_link_qr.js b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-realm/webdata/resources/mauth_link_qr.js index 3676cda..fe0749a 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-realm/webdata/resources/mauth_link_qr.js +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-realm/webdata/resources/mauth_link_qr.js @@ -16,6 +16,12 @@ let statusPolling; + let isPolling = false; + let pollingTimeout = null; + + const POLLING_INTERVAL = 2000; + const REQUEST_TIMEOUT = 3000; + function dispatchLink() { document.getElementById("mauth_started").style.display = "block"; // show @@ -55,9 +61,7 @@ }); var sessionId = o.sessionId; console.log("started polling for session ID: " + sessionId); - statusPolling = window.setInterval(function () { - poll(sessionId); - }, 2000); + poll(sessionId); } else { console.log("authentication failed: " + o.dispatchResult); @@ -70,21 +74,36 @@ } function poll(sessionId) { + if (isPolling) { + return; // Exit if a polling request is already ongoing + } - const request = {}; - request.fidoUafSessionId = sessionId; + isPolling = true; - // calling nevisFIDO through nevisAuth on current URL using AJAX - fetch("", { + const request = { fidoUafSessionId: sessionId }; + + const fetchRequest = fetch("", { method: "POST", headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(request) - }).then(res => { - res.json().then(o => { + }); + + // Set up the timeout for the fetch request + const timeoutPromise = new Promise((_, reject) => { + pollingTimeout = setTimeout(() => { + reject(new Error('Request timed out')); + }, REQUEST_TIMEOUT); + }); + + Promise.race([fetchRequest, timeoutPromise]) + .then(res => res.json()) + .then(o => { + clearTimeout(pollingTimeout); var status = o.status; console.log("status: " + status); + if (status == 'clientAuthenticating') { // show process icon document.getElementById("mauth_loading").style.display = 'block'; @@ -99,20 +118,24 @@ addInput(form, "continue", "true"); // required for custom dispatching in usernameless document.body.appendChild(form); form.submit(); - } - else if (status == 'failed' || status == 'unknown') { - + } else if (status == 'failed' || status == 'unknown') { clearInterval(statusPolling); console.error("authentication failed with status: " + status); - // as this is the last call we have to do a top-level request instead of AJAX const form = createForm(); addInput(form, "fidoUafSessionId", sessionId); document.body.appendChild(form); form.submit(); } + }) + .catch((err) => { + console.error("error:", err); + }) + .finally(() => { + isPolling = false; + // Schedule the next poll if needed + setTimeout(() => poll(sessionId), POLLING_INTERVAL); }); - }).catch((err) => console.error("error: ", err)); } dispatchLink(); diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-realm/webdata/resources/mauth_onboard.js b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-realm/webdata/resources/mauth_onboard.js index 156f26e..4be9d24 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-realm/webdata/resources/mauth_onboard.js +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-realm/webdata/resources/mauth_onboard.js @@ -16,6 +16,12 @@ let statusPolling; + let isPolling = false; + let pollingTimeout = null; + + const POLLING_INTERVAL = 2000; + const REQUEST_TIMEOUT = 3000; + function renderEnrollment() { // link is provided by a hidden GuiElem @@ -52,44 +58,53 @@ } function poll() { + if (isPolling) { + return; // Exit if a polling request is already ongoing + } + + isPolling = true; // state is held on backend side const request = {}; - // calling nevisFIDO through nevisAuth on current URL using AJAX - fetch("", { + const fetchRequest = fetch("", { method: "POST", headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(request) - }).then(res => { - res.json().then(o => { + }); + // Set up the timeout for the fetch request + const timeoutPromise = new Promise((_, reject) => { + pollingTimeout = setTimeout(() => { + reject(new Error('Request timed out')); + }, REQUEST_TIMEOUT); + }); + + Promise.race([fetchRequest, timeoutPromise]) + .then(res => res.json()) + .then(o => { + clearTimeout(pollingTimeout); var status = o.status; console.log("status: " + status); if (status == 'clientRegistering') { - // show process icon document.getElementById("mauth_loading").style.display = 'block'; // hide QR-code and information document.getElementById("mauth_qrcode").style.display = 'none'; document.getElementById("mauth_qrcode_info").style.display = 'none'; - } - else if (status == 'succeeded') { - + } else if (status == 'succeeded') { clearInterval(statusPolling); - console.error("onboarding successful"); + console.log("onboarding successful"); // as this is the last call we have to do a top-level request instead of AJAX const form = createForm(); document.body.appendChild(form); form.submit(); - } - else if (status == 'failed' || status == 'unknown') { - + } else if (status == 'failed' || status == 'unknown') { clearInterval(statusPolling); console.error("onboarding failed with status: " + status); @@ -98,8 +113,15 @@ document.body.appendChild(form); form.submit(); } + }) + .catch((err) => { + console.error("error:", err); + }) + .finally(() => { + isPolling = false; + // Schedule the next poll if needed + setTimeout(() => poll(), POLLING_INTERVAL); }); - }).catch((err) => console.error("error: ", err)); } renderEnrollment(); diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-realm/webdata/resources/mauth_push_qr.js b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-realm/webdata/resources/mauth_push_qr.js index 348aa3c..9612c23 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-realm/webdata/resources/mauth_push_qr.js +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-realm/webdata/resources/mauth_push_qr.js @@ -16,6 +16,12 @@ let statusPolling; + let isPolling = false; + let pollingTimeout = null; + + const POLLING_INTERVAL = 2000; + const REQUEST_TIMEOUT = 3000; + function dispatch(id) { document.getElementById("mauth_devices").style.display = "none"; // hide selection menu @@ -70,9 +76,7 @@ }); var sessionId = o.sessionId; console.log("started polling for session ID: " + sessionId); - statusPolling = window.setInterval(function () { - poll(sessionId); - }, 2000); + poll(sessionId); } else { console.log("authentication failed: " + o.dispatchResult); @@ -125,47 +129,64 @@ } function poll(sessionId) { + if (isPolling) { + return; // Exit if a polling request is already ongoing + } + isPolling = true; - const request = {}; - request.fidoUafSessionId = sessionId; + const request = { fidoUafSessionId: sessionId }; - // calling nevisFIDO through nevisAuth on current URL using AJAX - fetch("", { + const fetchRequest = fetch("", { method: "POST", headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(request) - }).then(res => { - res.json().then(o => { + }); + + // Set up the timeout for the fetch request + const timeoutPromise = new Promise((_, reject) => { + pollingTimeout = setTimeout(() => { + reject(new Error('Request timed out')); + }, REQUEST_TIMEOUT); + }); + + Promise.race([fetchRequest, timeoutPromise]) + .then(res => res.json()) + .then(o => { + clearTimeout(pollingTimeout); var status = o.status; console.log("status: " + status); + if (status == 'clientAuthenticating') { document.getElementById("mauth_qrcode").style.display = 'none'; document.getElementById("mauth_qrcode_info").style.display = 'none'; document.getElementById("mauth_match_numbers").style.display = 'block'; document.getElementById("mauth_loading").style.display = 'block'; } + if (status == 'succeeded') { clearInterval(statusPolling); - // as this is the last call we have to do a top-level request instead of AJAX const form = createForm(); document.body.appendChild(form); form.submit(); - } - else if (status == 'failed' || status == 'unknown') { - + } else if (status == 'failed' || status == 'unknown') { clearInterval(statusPolling); console.error("authentication failed with status: " + status); - - // as this is the last call we have to do a top-level request instead of AJAX const form = createForm(); addInput(form, "fidoUafSessionId", sessionId); document.body.appendChild(form); form.submit(); } + }) + .catch((err) => { + console.error("error:", err); + }) + .finally(() => { + isPolling = false; + // Schedule the next poll if needed + setTimeout(() => poll(sessionId), POLLING_INTERVAL); }); - }).catch((err) => console.error("error: ", err)); } renderDeviceList(); diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-realm/webdata/resources/mauth_usernameless.js b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-realm/webdata/resources/mauth_usernameless.js index e5955ef..900befb 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-realm/webdata/resources/mauth_usernameless.js +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-realm/webdata/resources/mauth_usernameless.js @@ -16,6 +16,12 @@ let statusPolling; + let isPolling = false; + let pollingTimeout = null; + + const POLLING_INTERVAL = 2000; + const REQUEST_TIMEOUT = 3000; + function dispatch() { console.log("initiating usernameless mobile authentication..."); @@ -58,9 +64,7 @@ }); var sessionId = o.sessionId; console.log("started polling for session ID: " + sessionId); - statusPolling = window.setInterval(function () { - poll(sessionId); - }, 2000); + poll(sessionId); } else { console.log("authentication failed: " + o.dispatchResult); @@ -73,46 +77,66 @@ } function poll(sessionId) { + if (isPolling) { + return; // Exit if a polling request is already ongoing + } - const request = {}; - request.fidoUafSessionId = sessionId; + isPolling = true; - // calling nevisFIDO through nevisAuth on current URL using AJAX - fetch("", { + const request = { fidoUafSessionId: sessionId }; + + const fetchRequest = fetch("", { method: "POST", headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(request) - }).then(res => { - res.json().then(o => { + }); + + // Set up the timeout for the fetch request + const timeoutPromise = new Promise((_, reject) => { + pollingTimeout = setTimeout(() => { + reject(new Error('Request timed out')); + }, REQUEST_TIMEOUT); + }); + + Promise.race([fetchRequest, timeoutPromise]) + .then(res => res.json()) + .then(o => { + clearTimeout(pollingTimeout); var status = o.status; console.log("status: " + status); + if (status == 'clientAuthenticating') { - document.getElementById("mauth_qrcode").style.display = 'none'; + // show process icon document.getElementById("mauth_loading").style.display = 'block'; + document.getElementById("mauth_qrcode").style.display = 'none'; } if (status == 'succeeded') { clearInterval(statusPolling); // as this is the last call we have to do a top-level request instead of AJAX const form = createForm(); - addInput(form, "fidoUafDone", "true"); // checked by Groovy script + addInput(form, "continue", "true"); // required for custom dispatching in usernameless document.body.appendChild(form); form.submit(); - } - else if (status == 'failed' || status == 'unknown') { - + } else if (status == 'failed' || status == 'unknown') { clearInterval(statusPolling); console.error("authentication failed with status: " + status); - // as this is the last call we have to do a top-level request instead of AJAX const form = createForm(); - addInput(form, "fidoUafSessionId", sessionId); // checked by Groovy script + addInput(form, "fidoUafSessionId", sessionId); document.body.appendChild(form); form.submit(); } + }) + .catch((err) => { + console.error("error:", err); + }) + .finally(() => { + isPolling = false; + // Schedule the next poll if needed + setTimeout(() => poll(sessionId), POLLING_INTERVAL); }); - }).catch((err) => console.error("error: ", err)); } dispatch(); diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-proxy-v1/etc/nevis/k8s-ob-proxy-b4d2da2fa2d0b060752a1fe2.yaml b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-proxy-v1/etc/nevis/k8s-ob-proxy-b4d2da2fa2d0b060752a1fe2.yaml index ca0e474..1ba2a7a 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-proxy-v1/etc/nevis/k8s-ob-proxy-b4d2da2fa2d0b060752a1fe2.yaml +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-proxy-v1/etc/nevis/k8s-ob-proxy-b4d2da2fa2d0b060752a1fe2.yaml @@ -11,7 +11,7 @@ metadata: spec: type: "NevisProxy" replicas: 1 - version: "8.2405.0" + version: "8.2411.1" gitInitVersion: "1.3.0" runAsNonRoot: true ports: @@ -46,7 +46,7 @@ spec: podDisruptionBudget: maxUnavailable: "50%" git: - tag: "r-b573f4c9983b648b2dd0a02fa08dbe000a3d18af" + tag: "r-9e206f8d793087e7a1996ae58b5ed2116e3e9af7" dir: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-proxy-v1" credentials: "git-credentials" keystores: diff --git a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-proxy-v1/var/opt/nevisproxy/default/conf/log.properties b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-proxy-v1/var/opt/nevisproxy/default/conf/log.properties index 58f55e3..5eb7160 100644 --- a/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-proxy-v1/var/opt/nevisproxy/default/conf/log.properties +++ b/DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-proxy-v1/var/opt/nevisproxy/default/conf/log.properties @@ -15,8 +15,6 @@ BC.Tracer.ProgName=isi3web # source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.Secrets.Cipher=AES # source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.NavajoHttpSess=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.NavajoResource=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.NavajoRequest=0 @@ -27,10 +25,6 @@ BC.Tracer.DebugProfile.NavajoSSL=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.NavajoCookie=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.NavajoConIdent=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.NavajoSession=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.NavajoStart=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.NavajoConfig=0 @@ -41,17 +35,7 @@ BC.Tracer.DebugProfile.NavajoHeader=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.NavajoTimer=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.NavajoMgmt=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.NavajoAdmin=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.NevisMgmt=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.JmxAmp=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.MBeanSrv=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.HttpAdaptor=0 +BC.Tracer.DebugProfile.Apache=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.IsiwebOp=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 @@ -61,10 +45,6 @@ BC.Tracer.DebugProfile.IW4HttpsConnSrv=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.IW4Esau4ConnSrv=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.IW4NISConnSrv=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.IW4PAMConnSrv=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.IW4X509AuthSrv=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.IW4LogRenSrv=0 @@ -145,10 +125,6 @@ BC.Tracer.DebugProfile.IW4MappingFlt=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.IW4ResSessFlt=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.JMXSessionFlt=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.JMXRequestFlt=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.NevisSession=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.IW4ParamFlt=0 @@ -161,8 +137,6 @@ BC.Tracer.DebugProfile.IW4CSRFFlt=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.IW4FltMappFlt=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.IW4QmrFlt=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.IW4LogFlt=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.IW4WebSocketSrv=0 @@ -219,14 +193,16 @@ BC.Tracer.DebugProfile.EsauthProvider=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.IsiOp=0 # source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.transTCP=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.IO=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.IOSub=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.Alarming=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 -BC.Tracer.DebugProfile.AlarmEngine=0 -# source: pattern://b4d2da2fa2d0b060752a1fe2 BC.Tracer.DebugProfile.NPMultiLevelStr=0 +# source: pattern://b4d2da2fa2d0b060752a1fe2 +BC.Tracer.DebugProfile.NPPSQLSessSrv=0 +# source: pattern://b4d2da2fa2d0b060752a1fe2 +BC.Tracer.DebugProfile.NPFileReader=0 +# source: pattern://b4d2da2fa2d0b060752a1fe2 +BC.Tracer.DebugProfile.NPPerfMeter=0 +# source: pattern://b4d2da2fa2d0b060752a1fe2 +BC.Tracer.DebugProfile.NPLoadBalance=0 +# source: pattern://b4d2da2fa2d0b060752a1fe2 +BC.Tracer.DebugProfile.NPCountryIpFlt=0 +# source: pattern://b4d2da2fa2d0b060752a1fe2 +BC.Tracer.DebugProfile.WSInspFlt=0