Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat!: added attestation-based client authentication #138

Merged
merged 7 commits into from
Oct 23, 2023
Merged

feat!: added attestation-based client authentication #138

merged 7 commits into from
Oct 23, 2023

Conversation

fmarino-ipzs
Copy link
Collaborator

Title

Attestation-based Client Authentication adoption for PAR and Token Endpoint

Content

This PR adds the support for the OAuth 2.0 Attestation-Based Client Authentication

Review

  • Ensure your files are written following RST specs (not MD!)
  • Italian version
  • English version
  • Example files
  • Ask for review

peppelinux
peppelinux requested changes Oct 6, 2023
View reviewed changes
docs/en/pid-eaa-issuance.rst Show resolved Hide resolved
docs/en/pid-eaa-issuance.rst Show resolved Hide resolved
docs/en/pid-eaa-issuance.rst Outdated Show resolved Hide resolved
docs/en/pid-eaa-issuance.rst Outdated Show resolved Hide resolved
docs/en/pid-eaa-issuance.rst Outdated Show resolved Hide resolved
docs/en/pid-eaa-issuance.rst Outdated Show resolved Hide resolved
peppelinux
peppelinux requested changes Oct 7, 2023
View reviewed changes
docs/en/pid-eaa-issuance.rst Outdated Show resolved Hide resolved
docs/en/pid-eaa-issuance.rst Outdated Show resolved Hide resolved
docs/en/pid-eaa-issuance.rst Outdated Show resolved Hide resolved
docs/en/pid-eaa-issuance.rst Outdated Show resolved Hide resolved
docs/en/pid-eaa-issuance.rst Outdated Show resolved Hide resolved
docs/en/pid-eaa-issuance.rst Outdated Show resolved Hide resolved
docs/en/pid-eaa-issuance.rst Outdated Show resolved Hide resolved
docs/en/pid-eaa-issuance.rst Outdated Show resolved Hide resolved
docs/en/pid-eaa-issuance.rst Outdated Show resolved Hide resolved
@peppelinux peppelinux changed the title Added attestation-based client authentication feat!: added attestation-based client authentication Oct 9, 2023
@peppelinux peppelinux mentioned this pull request Oct 9, 2023
Closed
@peppelinux
Copy link
Member

@fmarino-ipzs @grausof

I would take in this PR also the alignment on the WIA issuance

immagine

grausof
grausof reviewed Oct 13, 2023
View reviewed changes
Copy link
Collaborator

@grausof grausof left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes please, @fmarino-ipzs can you also align the WIA part?

@peppelinux
Copy link
Member

peppelinux commented Oct 13, 2023
edited
Loading

According to today's discussion we find the there is a Google service that allows you to unify both Android and iOS claims and this service releases a JWT signed by Google which certifies the quality of the running app

unfortunately this signed JWT doesn't have any crypto key binding to be proved with oauth client-attestation based authentication, therefore we confirm RFC7523 as at this moment is

@peppelinux peppelinux added this to the 0.6.0 milestone Oct 23, 2023
@peppelinux peppelinux merged commit 16d1c8c into versione-corrente Oct 23, 2023
9 checks passed
@fmarino-ipzs fmarino-ipzs mentioned this pull request Feb 20, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@peppelinux peppelinux peppelinux approved these changes

@grausof grausof grausof approved these changes

@balanza balanza Awaiting requested review from balanza

Assignees
No one assigned
Labels
breaking change
Projects
None yet
Milestone
0.6.0
3 participants
@fmarino-ipzs @peppelinux @grausof