finish-block

README.md

@@ -1,84 +1,40 @@
-# Agama Security Key Project
-
 <!-- These are statistics for this repository-->
 [![Contributors][contributors-shield]][contributors-url]
 [![Forks][forks-shield]][forks-url]
 [![Stargazers][stars-shield]][stars-url]
 [![Issues][issues-shield]][issues-url]
 [![Apache License][license-shield]][license-url]
 
-Use this project to authenticate using security devices (Yubico Key, Windows Hello, Touch ID on Mac, etc.)
-
-## How it works at a glance
-
-When a main flow of this project is launched (namely `io.jans.agama.securitykey.main`) the user's browser is redirected
-to a view where he/she must first enter his/her username, then validate one of the security keys that he/she has
-configured for his/her user (Yubico Key, Windows Hello, Touch ID on Mac, etc.). Finally, the user's browser is
-redirected to the registered URI.
-
-> **Note:** You must have registered security devices to your user, to register you must use **Jans Casa**.
-
-## Project Deployment
-
-To deploy this project we need to meet the requirements.
-
-### Requirements
-
-1. Running instance of `Jans Auth Server`, `Jans Fido2` and `Jans Casa`
-
-### Add Java dependencies
-
-1. Download
-   latest [agama-securitykey-custom.jar](https://github.com/GluuFederation/agama-security-key/releases/latest/download/agama-securitykey-custom.jar)
-   from [Releases](https://github.com/GluuFederation/agama-securitykey/releases)
-2. `scp` the jar file to `/opt/jans/jetty/jans-auth/custom/libs/` on Auth Server
-3. On Auth Server, edit `/opt/jans/jetty/jans-auth/webapps/jans-auth.xml` and
-   add the jar file to the `<set name="extractClasspath">...</Set>` element. For example:
+# Agama Security Key
 
-```
-<Configure class="org.eclipse.jetty.webapp.WebAppContext">
-   <Set name="contextPath">/jans-auth</Set>
-   <Set name="war">
-       <Property name="jetty.webapps" default="." />/jans-auth.war
-   </Set>
-   <Set name="extractWAR">true</Set>
-   <Set name="extraClasspath">
-      ...
-      /opt/jans/jetty/jans-auth/custom/libs/agama-securitykey-custom.jar,
-      ...
-   </Set>
- </Configure>
-```
+Welcome to the https://github.com/GluuFederation/agama-securitykey project. This project is governed by Gluu and published under an Apache 2.0 license.
 
-4. Restart Auth Server to load the new jar:
+Use this project to add user authentication with **SecurityKey**(Yubico Key, Windows Hello, Touch ID on Mac, etc.)
 
-```
-systemctl restart jans-auth
-````
+For more information you can also see
+* [What is FIDO](https://fidoalliance.org/what-is-fido/)
+* [How FIDO Works](https://fidoalliance.org/how-fido-works/)
+* [FIDO Specs](https://www.w3.org/TR/webauthn-1)
 
-### Deployment
+## Supported IDPs
 
-Download the
-latest [agama-securitykey.gama](https://github.com/GluuFederation/agama-securitykey/releases/latest/download/agama-securitykey.gama)
-file and deploy it in Auth Sever.
+| IDP              | Description                                                        |
+|:-----------------|:-------------------------------------------------------------------| 
+| Jans Auth Server | [Deployment instructions](https://docs.jans.io/head/admin/install) | 
+| Gluu Flex        | [Deployment instructions](https://docs.gluu.org/head/install)      |
 
-Siga los siguientes pasos:
+## Flows
 
-- Copy (SCP/SFTP) the gama file of this project to a location in your `Jans Server`
-- Connect (SSH) to your `Jans Server` and open TUI: `python3 /opt/jans/jans-cli/jans_cli_tui.py`
-- Navigate to the `Agama` tab and then select `"Upload project"`. Choose the gama file
-- Wait for about one minute and then select the row in the table corresponding to this project
-- Press `d` and ensure there were not deployment errors
-- Pres `ESC` to close the dialog
+| Qualified Name                         | Description                                                                                                                                                                                                                                                                                                                                                                                           |
+|----------------------------------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| 
+| `org.gluu.agama.securitykey.main`      | This is the main flow that you can start directly from the browser. To use this first flow, make sure you have at least one `security key` configured, this can be done from **JANS CASA**. In this first view you will only be asked for your username and then you will be redirected to the `org.gluu.agama.passkey.fidoAuthn` flow where the validation of your security key device will be done. | 
+| `org.gluu.agama.securitykey.fidoAuthn` | This flow is used to perform the `security key` validation, you have the option to cancel the process. If you complete the flow successfully, you will be granted access.                                                                                                                                                                                                                             | 
 
-![TUI_DEPLOY](https://github.com/GluuFederation/agama-securitykey/assets/86965029/de25752e-3c86-4c67-a890-2e78494e4c6c)
+## Configuration
 
-## Testing
+This agama project does not need any additional configuration to run its flow.
 
-You'll need an OpenID Connect test RP. You can try [oidcdebugger](https://oidcdebugger.com/),
-[jans-tarp](https://github.com/JanssenProject/jans/tree/main/demos/jans-tarp)
-or [jans-tent](https://github.com/JanssenProject/jans/tree/main/demos/jans-tent). Check out this video to see an example
-of **agama-securitykey** in action:
+## Demo
 
 ![TEST_AGAMA_SECURITY_KEY](https://github.com/GluuFederation/agama-securitykey/assets/86965029/53baa0ab-d2d0-4e5f-a3c1-7c15c2dc48be)
 
@@ -98,26 +54,26 @@ of **agama-securitykey** in action:
 
 # License
 
-This project is licensed under the [Apache 2.0](https://github.com/GluuFederation/agama-security-key/blob/main/LICENSE)
+This project is licensed under the [Apache 2.0](https://github.com/GluuFederation/agama-securitykey/blob/main/LICENSE)
 
 <!-- This are stats url reference for this repository -->
 
-[contributors-shield]: https://img.shields.io/github/contributors/GluuFederation/agama-security-key.svg?style=for-the-badge
+[contributors-shield]: https://img.shields.io/github/contributors/GluuFederation/agama-securitykey.svg?style=for-the-badge
 
-[contributors-url]: https://github.com/GluuFederation/agama-security-key/graphs/contributors
+[contributors-url]: https://github.com/GluuFederation/agama-securitykey/graphs/contributors
 
-[forks-shield]: https://img.shields.io/github/forks/GluuFederation/agama-security-key.svg?style=for-the-badge
+[forks-shield]: https://img.shields.io/github/forks/GluuFederation/agama-securitykey.svg?style=for-the-badge
 
 [forks-url]: https://github.com/GluuFederation/agama-security-key/network/members
 
-[stars-shield]: https://img.shields.io/github/stars/GluuFederation/agama-security-key?style=for-the-badge
+[stars-shield]: https://img.shields.io/github/stars/GluuFederation/agama-securitykey?style=for-the-badge
 
-[stars-url]: https://github.com/GluuFederation/agama-security-key/stargazers
+[stars-url]: https://github.com/GluuFederation/agama-securitykey/stargazers
 
-[issues-shield]: https://img.shields.io/github/issues/GluuFederation/agama-security-key.svg?style=for-the-badge
+[issues-shield]: https://img.shields.io/github/issues/GluuFederation/agama-securitykey.svg?style=for-the-badge
 
-[issues-url]: https://github.com/GluuFederation/agama-security-key/issues
+[issues-url]: https://github.com/GluuFederation/agama-securitykey/issues
 
-[license-shield]: https://img.shields.io/github/license/GluuFederation/agama-security-key.svg?style=for-the-badge
+[license-shield]: https://img.shields.io/github/license/GluuFederation/agama-securitykey.svg?style=for-the-badge
 
-[license-url]: https://github.com/GluuFederation/agama-security-key/blob/master/LICENSE
+[license-url]: https://github.com/GluuFederation/agama-securitykey/blob/master/LICENSE

code/org.gluu.agama.securitykey.fidoAuthn.flow

@@ -1,12 +1,22 @@
+// This flow is responsible for validation with the security key device
 Flow org.gluu.agama.securitykey.fidoAuthn
      Basepath ""
      Inputs userData withEscape
+// Mark startup logs
 Log "@debug Fido Authn flow started!"
-jose = Call org.gluu.agama.securitykey.authn.FidoValidator#new
+// Get instance FidoValidator
+jose = Call org.gluu.agama.securitykey.authn.FidoValidator#new 
+// Generates the assertionRequest record to initiate validation
 assertion = Call jose assertionRequest userData.uid
+// "obj" variable declaration to be sent to validation view
 obj = { name: userData.name, escape: withEscape, assertion: assertion }
+// Load fido-authn page and pass "obj"
 obj = RRF "fido-authn.ftlh" obj
 When obj.skipped is ""
-     Finish false
+     it_obhbo = {success:false, error: "false"}
+     Finish it_obhbo
+// Performs the verification after processing the security device
 obj = Call jose verify obj.tokenResponse
-Finish true
+// Ends the flow correctly
+it_mdehp = {success:false, error: "true"}
+Finish it_mdehp