Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This week's call will use the Zoom system at GU, see ZoomGU for access info.

AGENDA

...

  1. Git config issue from patching server

Attendees:

Brent

  • Jira Legacy
    serverSystem Jira
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJSATTR-6

    • Making progress. Have some stubbed out components. Working through the various input questions.

  • Jira Legacy
    serverSystem Jira
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyOSJ-416

    • Couldn’t spot anything obvious with user’s report of exclusions bean not working.

    • Reproducing is stalled b/c my test IdP is down.

Daniel

  • No update

Henri

  • Out this week

  • Final testing and fine-tunings for DPoP, PAR and JAR

Ian

John

Marvin

Phil

  • Closed off the issues preventing v1 release of the WebAuthn plugin

    • Jira Legacy
      serverSystem Jira
      serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
      keyJWEBAUTHN-26

    • Jira Legacy
      serverSystem Jira
      serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
      keyJWEBAUTHN-21

    • Jira Legacy
      serverSystem Jira
      serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
      keyJWEBAUTHN-24

    • Jira Legacy
      serverSystem Jira
      serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
      keyJWEBAUTHN-22

  • I’ve been testing it. It seems ready.

  • Timo has been testing it. It seems to have fixed his issues.

    • He has made a few more improvement suggestions which I think I will target for a v1.1.0.

      • Support the JSON list of passkey providers not in the FIDO Metadata Service (basically, the untrusted software authenticators)

        • This would only be to improve the UI for registrations for these authenticators

      • Add a more granular version of the allow/deny AAGUID policy I was looking at post v1, to say allow/deny for 2FA v sole-factor

  • Updating and reorganising the docs

  • Release next Tuesday?

Rod

  • A bit of JDBC apart from that nothing

  • Normal service should resume in October (starting with finishing the windows configuration for the Jetty plugin).

  • Has anyone had a chance to try it on real Unix?

Scott

  • Did some cleanup on SP 3 for a 3.5 patch, mostly done except for all the “outside” work

  • Work mostly completed on new SP SAML consumer flow, close to doing the flow unit test

    • Everything but the final steps are copied from proxy flow

    • Final steps just suck out data into IdPAttributes and encode them into agent response

    • Includes an opaque field of session data that the agent is expected to attach to session and use for operations like logout, so agent doesn’t know about the requirements or content of e.g. a SAML NameID

    • For now, no session construct in the Java code at all

  • Lot of support activity, some quite involved or frustrating

    • Probably seeing uptick of V5 upgrades

  • Jira Legacy
    serverSystem Jira
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyOSJ-416

    • Significant? bug in V4, but was accidentally patched for V5

    • Original issue I filed holds, we don’t have unit tests for this case and definitely should

  • We may have a significant issue with the override of included algorithms, need to reproduce for member

Tom

  • Jira Legacy
    serverSystem Jira
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyIDP-2323
    testing in progress

  • integration tests for WebAuthn plugin

    • will enable when Firefox / geckodriver supports virtual authenticators (any day now ?)

    • otherwise might run them on Chrome using SauceLabs

    • or could install Chrome on the Rocky nodes - not exactly sure how

...