idpv3-mfa issueshttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues2020-01-14T10:52:31+01:00https://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/90-RM-3787-MR-Release version 1.0.02020-01-14T10:52:31+01:00Etienne Dysli Metref-RM-3787-MR-Release version 1.0.0
*(from redmine: issue id 3787, created on 2016-12-01, closed on 2016-12-01)*
*(from redmine: issue id 3787, created on 2016-12-01, closed on 2016-12-01)*w50Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/88-RM-3785-MR-Customise send SMS button text2020-01-14T10:52:30+01:00Etienne Dysli Metref-RM-3785-MR-Customise send SMS button text
*(from redmine: issue id 3785, created on 2016-11-30, closed on 2016-12-01)*
*(from redmine: issue id 3785, created on 2016-11-30, closed on 2016-12-01)*w50Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/87-RM-3784-MR-Display message after SMS sent2020-01-14T10:52:29+01:00Etienne Dysli Metref-RM-3784-MR-Display message after SMS sentDisplay a confirmation message that the SMS OTP has been sent on the
login form, after the "Send SMS" button has been clicked.
*(from redmine: issue id 3784, created on 2016-11-28, closed on 2016-11-29)*Display a confirmation message that the SMS OTP has been sent on the
login form, after the "Send SMS" button has been clicked.
*(from redmine: issue id 3784, created on 2016-11-28, closed on 2016-11-29)*w48Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/79-RM-3751-MR-Use the InCommon MFA Profile2020-01-14T10:52:22+01:00Etienne Dysli Metref-RM-3751-MR-Use the InCommon MFA ProfileReplace the development authentication context class
`https://mfa-dev.ed.switch.ch/idp/mfa/simple` with the InCommon MFA
Profile `http://id.incommon.org/assurance/mfa`. This offers better
interoperability when moving to production.
Repl...Replace the development authentication context class
`https://mfa-dev.ed.switch.ch/idp/mfa/simple` with the InCommon MFA
Profile `http://id.incommon.org/assurance/mfa`. This offers better
interoperability when moving to production.
Replace in:
- <s>`conf/authn/general-authn.xml` (Puppet config)</s>
- <s>`README.md`</s>
- <s>`index.html` (on mfa-dev)</s>
- <s>Apache config (Hiera)</s>
*(from redmine: issue id 3751, created on 2016-09-20, closed on 2016-11-28)*w48Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/78-RM-3749-MR-Rename simple flow2020-01-14T10:52:22+01:00Etienne Dysli Metref-RM-3749-MR-Rename simple flowThe "simple" flow is no longer simple. Find a better name and rename
every reference.
*(from redmine: issue id 3749, created on 2016-09-19, closed on 2016-11-28)*The "simple" flow is no longer simple. Find a better name and rename
every reference.
*(from redmine: issue id 3749, created on 2016-09-19, closed on 2016-11-28)*w48Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/64-RM-3722-MR-Button to send SMS OTP2020-01-14T10:52:13+01:00Etienne Dysli Metref-RM-3722-MR-Button to send SMS OTPButton on the login form that triggers sending a SMS OTP.
Send "sms" as password in Access-Request packet.
*(from redmine: issue id 3722, created on 2016-07-13, closed on 2016-11-25)*Button on the login form that triggers sending a SMS OTP.
Send "sms" as password in Access-Request packet.
*(from redmine: issue id 3722, created on 2016-07-13, closed on 2016-11-25)*w48https://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/86-RM-3776-MR-Add all missing Velocity variables2020-01-14T10:52:28+01:00Etienne Dysli Metref-RM-3776-MR-Add all missing Velocity variablesProvide variables listed in
[VelocityVariables](https://wiki.shibboleth.net/confluence/display/IDP30/VelocityVariables)
in the form view.
Variables available in all templates
====================================
- <s>encoder</s>
- ...Provide variables listed in
[VelocityVariables](https://wiki.shibboleth.net/confluence/display/IDP30/VelocityVariables)
in the form view.
Variables available in all templates
====================================
- <s>encoder</s>
- <s>profileRequestContext</s>
- <s>environment</s>
- <s>custom</s>
- <s>request</s>
- <s>response</s>
- <s>flowRequestContext</s>
- <s>springMacroRequestContext</s>
Variables available to password login view
==========================================
- <s>rpUIContext</s>
- <s>authenticationContext</s>
- <s>authenticationErrorContext</s>
- <s>authenticationWarningContext</s>
- <s>ldapResponseContext</s>
- <s>extendedAuthenticationFlows</s>
*(from redmine: issue id 3776, created on 2016-11-02, closed on 2016-11-14)*w46Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/85-RM-3771-MR-Demo SP application2020-01-14T10:52:27+01:00Etienne Dysli Metref-RM-3771-MR-Demo SP applicationTry different authentication levels and switching between them on the
same SP.
*(from redmine: issue id 3771, created on 2016-10-19, closed on 2016-11-15)*Try different authentication levels and switching between them on the
same SP.
*(from redmine: issue id 3771, created on 2016-10-19, closed on 2016-11-15)*w46Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/81-RM-3756-MR-Add error message on OTP form2020-01-14T10:52:24+01:00Etienne Dysli Metref-RM-3756-MR-Add error message on OTP formShould display something on invalid OTP like the password form does.
- invalid credentials
- RADIUS server unreachable
- SMS sending error
*(from redmine: issue id 3756, created on 2016-09-22, closed on 2016-11-14)*Should display something on invalid OTP like the password form does.
- invalid credentials
- RADIUS server unreachable
- SMS sending error
*(from redmine: issue id 3756, created on 2016-09-22, closed on 2016-11-14)*w46Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/76-RM-3747-MR-Improve error handling in simple flow2020-01-14T10:52:21+01:00Etienne Dysli Metref-RM-3747-MR-Improve error handling in simple flowwrong OTP ->sends SAML error to SP, not ideal...
Submitting a wrong OTP should loop back to the OTP form.
*(from redmine: issue id 3747, created on 2016-09-19, closed on 2016-11-01)*
* Relations:
* child #3755
* child #3757wrong OTP ->sends SAML error to SP, not ideal...
Submitting a wrong OTP should loop back to the OTP form.
*(from redmine: issue id 3747, created on 2016-09-19, closed on 2016-11-01)*
* Relations:
* child #3755
* child #3757w42Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/71-RM-3737-MR-Verify OTPs over RADIUS2020-01-14T10:52:17+01:00Etienne Dysli Metref-RM-3737-MR-Verify OTPs over RADIUSCopied from \#3696.
Make the "simple" flow verify OTPs by contacting the authentication
server over RADIUS. No SMS support yet.
- send Access-Request
- expect Access-Accept
What happens on errors?
*(from redmine: issue id 3737, ...Copied from \#3696.
Make the "simple" flow verify OTPs by contacting the authentication
server over RADIUS. No SMS support yet.
- send Access-Request
- expect Access-Accept
What happens on errors?
*(from redmine: issue id 3737, created on 2016-08-24, closed on 2016-09-19)*
* Relations:
* child #3706
* child #3735
* child #3741
* child #3742w38Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/67-RM-3725-MR-Token revocation procedure2020-01-14T10:52:14+01:00Etienne Dysli Metref-RM-3725-MR-Token revocation procedureDescribe how tokens can be revoked.
*(from redmine: issue id 3725, created on 2016-07-13, closed on 2016-09-19)*Describe how tokens can be revoked.
*(from redmine: issue id 3725, created on 2016-07-13, closed on 2016-09-19)*w38https://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/66-RM-3724-MR-Token replacement procedure2020-01-14T10:52:14+01:00Etienne Dysli Metref-RM-3724-MR-Token replacement procedureDescribe how users can have their token replaced.
*(from redmine: issue id 3724, created on 2016-07-13, closed on 2016-09-19)*Describe how users can have their token replaced.
*(from redmine: issue id 3724, created on 2016-07-13, closed on 2016-09-19)*w38https://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/65-RM-3723-MR-Token enrollment procedure2020-01-14T10:52:13+01:00Etienne Dysli Metref-RM-3723-MR-Token enrollment procedureDescribe how users can get a new token (first time).
*(from redmine: issue id 3723, created on 2016-07-13, closed on 2016-09-19)*Describe how users can get a new token (first time).
*(from redmine: issue id 3723, created on 2016-07-13, closed on 2016-09-19)*w38https://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/73-RM-3740-MR-Read OTP from simple flow form2020-01-14T10:52:18+01:00Etienne Dysli Metref-RM-3740-MR-Read OTP from simple flow formThe simple flow should read the OTP field from its form view.
*(from redmine: issue id 3740, created on 2016-09-07, closed on 2016-09-08)*
* Relations:
* child #3705
* child #3739The simple flow should read the OTP field from its form view.
*(from redmine: issue id 3740, created on 2016-09-07, closed on 2016-09-08)*
* Relations:
* child #3705
* child #3739w36Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/49-RM-3696-MR-Use a Java RADIUS library2020-01-14T10:51:56+01:00Etienne Dysli Metref-RM-3696-MR-Use a Java RADIUS libraryOld description moved to \#3737
*(from redmine: issue id 3696, created on 2016-06-15, closed on 2016-08-24)*
* Relations:
* child #3704
* child #3719Old description moved to \#3737
*(from redmine: issue id 3696, created on 2016-06-15, closed on 2016-08-24)*
* Relations:
* child #3704
* child #3719w34Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/48-RM-3695-MR-Use initial authentication together with simple flow2020-01-14T10:51:55+01:00Etienne Dysli Metref-RM-3695-MR-Use initial authentication together with simple flowActivate initial authentication on IdP with the "Password" flow.
- "simple" flow form should display username entered during initial
authn
- OTP still not verified
*(from redmine: issue id 3695, created on 2016-06-15, closed ...Activate initial authentication on IdP with the "Password" flow.
- "simple" flow form should display username entered during initial
authn
- OTP still not verified
*(from redmine: issue id 3695, created on 2016-06-15, closed on 2016-08-04)*
* Relations:
* child #3701
* child #3702
* child #3703w32Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/47-RM-3694-MR-Remove errors in simple flow2020-01-14T10:51:54+01:00Etienne Dysli Metref-RM-3694-MR-Remove errors in simple flowFix the "simple" login flow so that processing at the IdP can
successfully complete and return to the SP.
- must create session objects
- fixed username
*(from redmine: issue id 3694, created on 2016-06-15, closed on 2016-07-26)*...Fix the "simple" login flow so that processing at the IdP can
successfully complete and return to the SP.
- must create session objects
- fixed username
*(from redmine: issue id 3694, created on 2016-06-15, closed on 2016-07-26)*
* Relations:
* child #3698
* child #3699
* child #3700
* child #3731
* Uploads:
* [mfa-flows-1.0-SNAPSHOT.jar](/uploads/a1faae9d8e2bcbc0be80ebd770eed08b/mfa-flows-1.0-SNAPSHOT.jar) build 15w30Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/61-RM-3712-MR-Document Apache directives around authNContextClass2020-01-14T10:52:10+01:00Etienne Dysli Metref-RM-3712-MR-Document Apache directives around authNContextClassDocument Apache directives provided by mod\_shib for requesting a given
authNContextClass and verifying that a session was initiated with that
class.
*(from redmine: issue id 3712, created on 2016-06-29, closed on 2016-07-13)*Document Apache directives provided by mod\_shib for requesting a given
authNContextClass and verifying that a session was initiated with that
class.
*(from redmine: issue id 3712, created on 2016-06-29, closed on 2016-07-13)*w28Etienne Dysli MetrefEtienne Dysli Metrefhttps://gitlab.switch.ch/etienne.dysli-metref/idpv3-mfa/-/issues/28-RM-3661-MR-Install demo SP2020-01-14T10:51:33+01:00Etienne Dysli Metref-RM-3661-MR-Install demo SP
*(from redmine: issue id 3661, created on 2016-04-20, closed on 2016-06-28)*
* Relations:
* child #3681
* child #3682
* child #3683
* child #3684
* child #3697
*(from redmine: issue id 3661, created on 2016-04-20, closed on 2016-06-28)*
* Relations:
* child #3681
* child #3682
* child #3683
* child #3684
* child #3697w26Etienne Dysli MetrefEtienne Dysli Metref