Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

authentication: Add different auth methods for passkey #112

Merged
merged 1 commit into from
Oct 1, 2024
Merged

authentication: Add different auth methods for passkey #112

merged 1 commit into from
Oct 1, 2024

Conversation

madhuriupadhye
Copy link
Contributor

@madhuriupadhye madhuriupadhye commented Jul 8, 2024
edited
Loading 

authentication: Add different auth methods for passkey

Add following authentication methods
1. Passkey with pin (default)
2. Passkey with pin and interactive and touch prompts
3. Passkey without pin with both prompts
4. Passkey auth when we press enter for pin and
   it goes to next auth method as a password.

@madhuriupadhye madhuriupadhye marked this pull request as draft July 10, 2024 10:18
pbrezina
pbrezina requested changes Jul 12, 2024
View reviewed changes
sssd_test_framework/utils/authentication.py Outdated Show resolved Hide resolved
sssd_test_framework/utils/authentication.py Outdated Show resolved Hide resolved
sssd_test_framework/utils/authentication.py Outdated Show resolved Hide resolved
sssd_test_framework/utils/authentication.py Outdated Show resolved Hide resolved
@madhuriupadhye madhuriupadhye force-pushed the no_pin branch 3 times, most recently from 5e570af to ba6e79b Compare August 1, 2024 06:44
@madhuriupadhye madhuriupadhye requested a review from pbrezina August 1, 2024 07:27
@madhuriupadhye
Copy link
Contributor Author

Finally it worked,

INFO 2024-08-01 21:43:39,778 client.test Previous command completed with exit code 0
Output: |
spawn /tmp/mh.fs.rollback.Tu2dH84gi
+ echo '#!/bin/bash'
+ echo -n 'export '
+ env
+ grep '^UMOCKDEV_'
+ echo -n 'export '
+ printf 'LD_PRELOAD=/opt/random.so:libumockdev-preload.so.0\n'
+ echo 'exec /usr/libexec/sssd/passkey_child.orig $@'
+ chmod 755 /usr/libexec/sssd/passkey_child
+ chmod -R a+rwx /tmp/umockdev.QBVWR2
+ su --shell /bin/sh nobody -c 'su - '''user1''' -c '''klist''''
ERROR: ld.so: object 'libumockdev-preload.so.0' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
Insert your passkey device, then press ENTER.
su: warning: cannot change directory to /home/user1: Permission denied
-sh: /home/user1/.profile: Permission denied
Ticket cache: KCM:1984800008:91605
Default principal: [email protected]

                                                Valid starting     Expires            Service principal
                                                08/01/24 16:13:38  08/02/24 15:14:59  krbtgt/[email protected]

                                                expect result: Password authentication successful
                                                expect exit code: 0
                                                expect spawn exit code: 0
                                              Error output:

@madhuriupadhye madhuriupadhye force-pushed the no_pin branch 5 times, most recently from d1a67e9 to dcc6ad5 Compare August 3, 2024 07:59
@madhuriupadhye madhuriupadhye force-pushed the no_pin branch 7 times, most recently from a3c99a6 to b65ca62 Compare August 21, 2024 14:06
@madhuriupadhye madhuriupadhye force-pushed the no_pin branch 9 times, most recently from c265c7d to 4856bbd Compare September 17, 2024 11:23
@madhuriupadhye madhuriupadhye force-pushed the no_pin branch 2 times, most recently from 26ffded to ea96500 Compare September 23, 2024 14:45
@madhuriupadhye madhuriupadhye marked this pull request as ready for review September 24, 2024 04:57
@madhuriupadhye madhuriupadhye changed the title authentication: add no pin for passkey authentication: Add different auth methods for passkey Sep 24, 2024
justin-stephenson
justin-stephenson requested changes Sep 24, 2024
View reviewed changes
Copy link
Contributor

@justin-stephenson justin-stephenson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

flake8 failures

  lint-upstream: commands[0]> flake8 sssd_test_framework tests
  sssd_test_framework/utils/authentication.py:26:1: E302 expected 2 blank lines, found 1
  sssd_test_framework/utils/authentication.py:36:1: E302 expected 2 blank lines, found 1
  sssd_test_framework/utils/authentication.py:355:87: W291 trailing whitespace
  sssd_test_framework/utils/authentication.py:455:1: W293 blank line contains whitespace
  sssd_test_framework/utils/authentication.py:461:106: W291 trailing whitespace
  sssd_test_framework/utils/authentication.py:483:87: W291 trailing whitespace
  sssd_test_framework/utils/authentication.py:484:100: W291 trailing whitespace
  sssd_test_framework/utils/authentication.py:536:120: E501 line too long (141 > 119 characters)

@jakub-vavra-cz
Copy link
Contributor

Needs fixing the pep8, otherwise LGTM. My other comment is just a suggestion.

@madhuriupadhye madhuriupadhye force-pushed the no_pin branch 2 times, most recently from bb7afed to ea8eddd Compare September 26, 2024 10:39
@madhuriupadhye madhuriupadhye mentioned this pull request Sep 26, 2024
Closed
justin-stephenson
justin-stephenson previously approved these changes Sep 26, 2024
View reviewed changes
Copy link
Contributor

@justin-stephenson justin-stephenson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ack, thank you.

jakub-vavra-cz
jakub-vavra-cz previously approved these changes Sep 27, 2024
View reviewed changes
Copy link
Contributor

@jakub-vavra-cz jakub-vavra-cz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fix PEP8 and it is good to go.

@madhuriupadhye
authentication: Add different auth methos for passkey
2a62b59 
Add following authentication methods
1. Passkey with pin (default)
2. Passkey with pin and interactive and touch prompts
3. Passkey wihout pin with both prompts
4. Passkey auth when we press enter for pin and
   it goes to next auth method as a password

Signed-off-by: Madhuri Upadhye <[email protected]>
@pbrezina pbrezina merged commit f12db0e into SSSD:master Oct 1, 2024
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jakub-vavra-cz jakub-vavra-cz jakub-vavra-cz left review comments

@justin-stephenson justin-stephenson justin-stephenson left review comments

@pbrezina pbrezina Awaiting requested review from pbrezina

Assignees

@justin-stephenson justin-stephenson

@jakub-vavra-cz jakub-vavra-cz

Labels
waiting for review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@madhuriupadhye @jakub-vavra-cz @justin-stephenson @pbrezina