Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

  •  
     
    story #31177 check my identity when doing a risky action
Actions
Summary
user
check my identity when doing a risky action

If I'm doing a risky action, I need to assert my identity by using my passkey.

By risky action, I mean : an action that can create a security failure in Tuleap.

For example, I want to add a new ssh key, When clicking on the add button, I'm asked to use my passkey to check my identity. After I confirm it, I can add the the ssh key.

A non-exhaustive list of risky actions :

  • add/delete ssh key in user preferences
  • add/delete access key in user preferences
  • As site administrator, delete one of the passkeys of a user (story #31179)
Empty
Empty
Empty
Status
Authentication & LDAP
Done
Development
  • [ ] Does it involves User Interface? 
  • [ ] Are there any mockups?
  • [ ] Are permissions checked?
  • [ ] Does it need Javascript development?
  • [ ] Does it need a forge upgrade bucket?
  • [ ] Does it need to execute things in system events?
  • [ ] Does it impact project creation (templates)?
  • [ ] Is it exploratory?
  • Implement WebAuthnOptions (create, get) for authentication
  • Add REST route GET /api/webauthn/generate_authentication_options
  • Add REST route POST /api/webauthn/check_authentication
  • Create js library
    • one method to do authentication on current user
  • Use it for manipulating ssh and access keys
Details
#31177
Kevin Traini (ktraini)
2023-07-18 15:25
2023-03-20 12:36
32765

References
Artifact links
Referencing story #31177

Artifact Tracker v5

epic #31170 Passkeys / WebAuthn
rel #31540 14.11

Git commit

tuleap/tuleap/stable

feat: add webauthn lib for strong authentication a6eb80b7a8
User avatar Kevin Traini (ktraini) , 2023-06-13 13:01
feat: Use webauthn lib for ssh keys add button e763ce4e5f
User avatar Kevin Traini (ktraini) , 2023-06-14 11:44
feat: Add function match() to Option 915ce115a2
User avatar Kevin Traini (ktraini) , 2023-06-14 14:33
fix: Use of deprecated ${var} instead of $var ca8b715923
User avatar Kevin Traini (ktraini) , 2023-06-15 15:57
feat: WebAuthn lib use a modal to advertise user on authentication 378df67902
User avatar Kevin Traini (ktraini) , 2023-06-19 09:11
fix: cypress test fail on ssh and access keys b4e7556dd1
User avatar Kevin Traini (ktraini) , 2023-06-20 11:15
feat: webauthn modal advise user then auth is done in target modal 485aab5250
User avatar Kevin Traini (ktraini) , 2023-06-28 12:35
fix: Add length limit for passkey name 4e28b91213
User avatar Kevin Traini (ktraini) , 2023-07-06 12:11
feat: Add context to webauthn modal error message 2b26466922
User avatar Joris MASSON (jmasson) , 2023-07-03 14:34
chore: Avoid e2e video naming conflict 499fe45dd9
User avatar Joris MASSON (jmasson) , 2023-07-06 14:56
refactor: Remove check button in user preferences f6bab5b98f
User avatar Kevin Traini (ktraini) , 2023-07-10 15:38
fix: Check feedback in cypress test 01e2cc9347
User avatar Kevin Traini (ktraini) , 2023-07-11 09:40
feat: add spinner for submit button ssh/access key 3c98c82fc0
User avatar Kevin Traini (ktraini) , 2023-07-12 14:34
fix: Registration of passkey with eddsa 0ededb1ec6
User avatar Kevin Traini (ktraini) , 2023-07-17 09:07
Display settings

Follow-ups

User avatar
Joris MASSON (jmasson)2023-06-28 14:58

gerrit #28818 (feat: webauthn modal advise user then auth is done in target modal) integrated in Tuleap 14.10.99.48

  • Status changed from Done to On going
User avatar
Joris MASSON (jmasson)2023-03-20 14:20
  • So that
    Something went wrong, the follow up content couldn't be loaded
    Only formatting have been changed, you should switch to markup to see the changes
  • As a
    - 
    +user 
  • Permissions set to
User avatar
Kevin Traini (ktraini)2023-03-20 13:56
  • So that
    Something went wrong, the follow up content couldn't be loaded
    Only formatting have been changed, you should switch to markup to see the changes
User avatar
Kevin Traini (ktraini)2023-03-20 12:37
  • Technical informations
    Something went wrong, the follow up content couldn't be loaded
    Only formatting have been changed, you should switch to markup to see the changes
  • Category set to Authentication & LDAP