Skip to content

Remove ExtensionGrantValidator#3363

Merged
trmartin4 merged 1 commit into
fido2from
remove-unused-extension-grant
Oct 20, 2023
Merged

Remove ExtensionGrantValidator#3363
trmartin4 merged 1 commit into
fido2from
remove-unused-extension-grant

Conversation

@trmartin4

@trmartin4 trmartin4 commented Oct 19, 2023

Copy link
Copy Markdown
Member

Objective

@coroiu and I discussed this, and prior to merging the fido2 branch to master, we would like to remove the ExtensionGrantValidator and references to it from the branch. This validator will be replaced by the WebAuthnGrantValidator (and webauthn grant type) in the final implementation, so we did not want to leak this to master only to be replaced, especially since it exposed a new potential authentication method.

This will be the final change before we can merge the fido2 branch to master. The fido2 branch will contain the (feature-flagged) changes to enable passkey registration.

Code changes

  • ExtensionGrantValidator.cs: Removed validator.
  • ApiClient.cs: Removed extension grant type.
  • ServiceCollectionExtensions.cs: Removed DI for ExtensionGrantValidator
  • openid-configuration.json: Removed extension grant type.

Before you submit

  • Please check for formatting errors (dotnet format --verify-no-changes) (required)
  • If making database changes - make sure you also update Entity Framework queries and/or migrations
  • Please add unit tests where it makes sense to do so (encouraged but not required)
  • If this change requires a documentation update - notify the documentation team
  • If this change has particular deployment requirements - notify the DevOps team

@trmartin4 trmartin4 marked this pull request as ready for review October 19, 2023 22:04
@trmartin4 trmartin4 requested a review from a team as a code owner October 19, 2023 22:04
@trmartin4 trmartin4 requested review from jlf0dev and removed request for a team October 19, 2023 22:04
@trmartin4 trmartin4 merged commit d56900b into fido2 Oct 20, 2023
@trmartin4 trmartin4 deleted the remove-unused-extension-grant branch October 20, 2023 15:03
trmartin4 added a commit that referenced this pull request Oct 30, 2023
* support for fido2 auth

* stub out registration implementations

* stub out assertion steps and token issuance

* verify token

* webauthn tokenable

* remove duplicate expiration set

* revert sqlproj changes

* update sqlproj target framework

* update new validator signature

* [PM-2014] Passkey registration (#2915)

* [PM-2014] chore: rename `IWebAuthnRespository` to `IWebAuthnCredentialRepository`

* [PM-2014] fix: add missing service registration

* [PM-2014] feat: add user verification when fetching options

* [PM-2014] feat: create migration script for mssql

* [PM-2014] chore: append to todo comment

* [PM-2014] feat: add support for creation token

* [PM-2014] feat: implement credential saving

* [PM-2014] chore: add resident key TODO comment

* [PM-2014] feat: implement passkey listing

* [PM-2014] feat: implement deletion without user verification

* [PM-2014] feat: add user verification to delete

* [PM-2014] feat: implement passkey limit

* [PM-2014] chore: clean up todo comments

* [PM-2014] fix: add missing sql scripts

Missed staging them when commiting

* [PM-2014] feat: include options response model in swagger docs

* [PM-2014] chore: move properties after ctor

* [PM-2014] feat: use `Guid` directly as input paramter

* [PM-2014] feat: use nullable guid in token

* [PM-2014] chore: add new-line

* [PM-2014] feat: add support for feature flag

* [PM-2014] feat: start adding controller tests

* [PM-2014] feat: add user verification test

* [PM-2014] feat: add controller tests for token interaction

* [PM-2014] feat: add tokenable tests

* [PM-2014] chore: clean up commented premium check

* [PM-2014] feat: add user service test for credential limit

* [PM-2014] fix: run `dotnet format`

* [PM-2014] chore: remove trailing comma

* [PM-2014] chore: add `Async` suffix

* [PM-2014] chore: move delay to constant

* [PM-2014] chore: change `default` to `null`

* [PM-2014] chore: remove autogenerated weirdness

* [PM-2014] fix: lint

* Added check for PasswordlessLogin feature flag on new controller and methods. (#3284)

* Added check for PasswordlessLogin feature flag on new controller and methods.

* fix: build error from missing constructor argument

---------

Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>

* [PM-4171] Update DB to support PRF (#3321)

* [PM-4171] feat: update database to support PRF

* [PM-4171] feat: rename `DescriptorId` to `CredentialId`

* [PM-4171] feat: add PRF felds to domain object

* [PM-4171] feat: add `SupportsPrf` column

* [PM-4171] fix: add missing comma

* [PM-4171] fix: add comma

* [PM-3263] fix identity server tests for passkey registration (#3331)

* Added WebAuthnRepo to EF DI

* updated config to match current grant types

* Remove ExtensionGrantValidator (#3363)

* Linting

---------

Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
Co-authored-by: Todd Martin <106564991+trmartin4@users.noreply.github.com>
Co-authored-by: Ike <137194738+ike-kottlowski@users.noreply.github.com>
Co-authored-by: Todd Martin <tmartin@bitwarden.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants