From 951309f76aab22e3742e8872bf0642fcea2570ae Mon Sep 17 00:00:00 2001
From: Jonas Franz <info@jonasfranz.software>
Date: Sat, 19 May 2018 16:12:37 +0200
Subject: Add support for FIDO U2F (#3971)

* Add support for U2F

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add vendor library
Add missing translations

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Minor improvements

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F support for Firefox, Chrome (Android) by introducing a custom JS library
Add U2F error handling

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F login page to OAuth

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Move U2F user settings to a separate file

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add unit tests for u2f model
Renamed u2f table name

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Fix problems caused by refactoring

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add U2F documentation

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Remove not needed console.log-s

Signed-off-by: Jonas Franz <info@jonasfranz.software>

* Add default values to app.ini.sample
Add FIDO U2F to comparison

Signed-off-by: Jonas Franz <info@jonasfranz.software>
---
 modules/auth/user_form.go  | 20 ++++++++++++++++++++
 modules/setting/setting.go |  8 ++++++++
 2 files changed, 28 insertions(+)

(limited to 'modules')

diff --git a/modules/auth/user_form.go b/modules/auth/user_form.go
index 1b00f62634..0c342df86a 100644
--- a/modules/auth/user_form.go
+++ b/modules/auth/user_form.go
@@ -211,3 +211,23 @@ type TwoFactorScratchAuthForm struct {
 func (f *TwoFactorScratchAuthForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors {
 	return validate(errs, ctx.Data, f, ctx.Locale)
 }
+
+// U2FRegistrationForm for reserving an U2F name
+type U2FRegistrationForm struct {
+	Name string `binding:"Required"`
+}
+
+// Validate valideates the fields
+func (f *U2FRegistrationForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors {
+	return validate(errs, ctx.Data, f, ctx.Locale)
+}
+
+// U2FDeleteForm for deleting U2F keys
+type U2FDeleteForm struct {
+	ID int64 `binding:"Required"`
+}
+
+// Validate valideates the fields
+func (f *U2FDeleteForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors {
+	return validate(errs, ctx.Data, f, ctx.Locale)
+}
diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index 9f20d955cc..adf4bb74fd 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -521,6 +521,11 @@ var (
 		MaxResponseItems:      50,
 	}
 
+	U2F = struct {
+		AppID         string
+		TrustedFacets []string
+	}{}
+
 	// I18n settings
 	Langs     []string
 	Names     []string
@@ -1135,6 +1140,9 @@ func NewContext() {
 			IsInputFile:    sec.Key("IS_INPUT_FILE").MustBool(false),
 		})
 	}
+	sec = Cfg.Section("U2F")
+	U2F.TrustedFacets, _ = shellquote.Split(sec.Key("TRUSTED_FACETS").MustString(strings.TrimRight(AppURL, "/")))
+	U2F.AppID = sec.Key("APP_ID").MustString(strings.TrimRight(AppURL, "/"))
 }
 
 // Service settings
-- 
cgit v1.2.3