Skip to content
/ agama-securitykey Public
forked from GluuFederation/agama-securitykey

Agama Project to authenticate people using USB FIDO2 security keys

License

Apache-2.0 license
0 stars 7 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

shekhar16/agama-securitykey

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
code
code
 
 
lib
lib
 
 
web
web
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
logo.png
logo.png
 
 
project.json
project.json
 
 

Repository files navigation

Agama Security Key Project

Contributors Forks Stargazers Issues Apache License

Use this project to authenticate using security devices (Yubico Key, Windows Hello, Touch ID on Mac, etc.)

How it works at a glance

When a main flow of this project is launched (namely io.jans.agama.securitykey.main) the user's browser is redirected to a view where he/she must first enter his/her username, then validate one of the security keys that he/she has configured for his/her user (Yubico Key, Windows Hello, Touch ID on Mac, etc.). Finally, the user's browser is redirected to the registered URI.

Note: You must have registered security devices to your user, to register you must use Jans Casa.

Project Deployment

To deploy this project we need to meet the requirements.

Requirements

  1. Running instance of Jans Auth Server, Jans Fido2 and Jans Casa

Add Java dependencies

  1. Download latest agama-securitykey-custom.jar from Releases
  2. scp the jar file to /opt/jans/jetty/jans-auth/custom/libs/ on Auth Server
  3. On Auth Server, edit /opt/jans/jetty/jans-auth/webapps/jans-auth.xml and add the jar file to the <set name="extractClasspath">...</Set> element. For example:
<Configure class="org.eclipse.jetty.webapp.WebAppContext">
   <Set name="contextPath">/jans-auth</Set>
   <Set name="war">
       <Property name="jetty.webapps" default="." />/jans-auth.war
   </Set>
   <Set name="extractWAR">true</Set>
   <Set name="extraClasspath">
      ...
      /opt/jans/jetty/jans-auth/custom/libs/agama-securitykey-custom.jar,
      ...
   </Set>
 </Configure>
  1. Restart Auth Server to load the new jar:
systemctl restart jans-auth

Deployment

Download the latest agama-securitykey.gama file and deploy it in Auth Sever.

Siga los siguientes pasos:

  • Copy (SCP/SFTP) the gama file of this project to a location in your Jans Server
  • Connect (SSH) to your Jans Server and open TUI: python3 /opt/jans/jans-cli/jans_cli_tui.py
  • Navigate to the Agama tab and then select "Upload project". Choose the gama file
  • Wait for about one minute and then select the row in the table corresponding to this project
  • Press d and ensure there were not deployment errors
  • Pres ESC to close the dialog

TUI_DEPLOY

Testing

You'll need an OpenID Connect test RP. You can try oidcdebugger, jans-tarp or jans-tent. Check out this video to see an example of agama-securitykey in action:

TEST_AGAMA_SECURITY_KEY

Contributors

Milton
Milton Ch.

License

This project is licensed under the Apache 2.0

About

Agama Project to authenticate people using USB FIDO2 security keys

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Java 100.0%