feat(commands): add webauthn device commands (#3671)

authelia · Oct 19, 2022 · 24e41ae · 24e41ae
1 parent 52102ee
commit 24e41ae
Show file tree

Hide file tree

Showing 12 changed files with 575 additions and 7 deletions.
diff --git a/docs/content/en/reference/cli/authelia/authelia_storage_user.md b/docs/content/en/reference/cli/authelia/authelia_storage_user.md
@@ -62,4 +62,5 @@ authelia storage user --help
 * [authelia storage](authelia_storage.md)	 - Manage the Authelia storage
 * [authelia storage user identifiers](authelia_storage_user_identifiers.md)	 - Manage user opaque identifiers
 * [authelia storage user totp](authelia_storage_user_totp.md)	 - Manage TOTP configurations
+* [authelia storage user webauthn](authelia_storage_user_webauthn.md)	 - Manage Webauthn devices
 
diff --git a/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn.md b/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn.md
@@ -0,0 +1,65 @@
+---
+title: "authelia storage user webauthn"
+description: "Reference for the authelia storage user webauthn command."
+lead: ""
+date: 2022-06-15T17:51:47+10:00
+draft: false
+images: []
+menu:
+  reference:
+    parent: "cli-authelia"
+weight: 330
+toc: true
+---
+
+## authelia storage user webauthn
+
+Manage Webauthn devices
+
+### Synopsis
+
+Manage Webauthn devices.
+
+This subcommand allows interacting with Webauthn devices.
+
+### Examples
+
+```
+authelia storage user webauthn --help
+```
+
+### Options
+
+```
+  -h, --help   help for webauthn
+```
+
+### Options inherited from parent commands
+
+```
+  -c, --config strings                         configuration files to load (default [configuration.yml])
+      --encryption-key string                  the storage encryption key to use
+      --mysql.database string                  the MySQL database name (default "authelia")
+      --mysql.host string                      the MySQL hostname
+      --mysql.password string                  the MySQL password
+      --mysql.port int                         the MySQL port (default 3306)
+      --mysql.username string                  the MySQL username (default "authelia")
+      --postgres.database string               the PostgreSQL database name (default "authelia")
+      --postgres.host string                   the PostgreSQL hostname
+      --postgres.password string               the PostgreSQL password
+      --postgres.port int                      the PostgreSQL port (default 5432)
+      --postgres.schema string                 the PostgreSQL schema name (default "public")
+      --postgres.ssl.certificate string        the PostgreSQL ssl certificate file location
+      --postgres.ssl.key string                the PostgreSQL ssl key file location
+      --postgres.ssl.mode string               the PostgreSQL ssl mode (default "disable")
+      --postgres.ssl.root_certificate string   the PostgreSQL ssl root certificate file location
+      --postgres.username string               the PostgreSQL username (default "authelia")
+      --sqlite.path string                     the SQLite database path
+```
+
+### SEE ALSO
+
+* [authelia storage user](authelia_storage_user.md)	 - Manages user settings
+* [authelia storage user webauthn delete](authelia_storage_user_webauthn_delete.md)	 - Delete a WebAuthn device
+* [authelia storage user webauthn list](authelia_storage_user_webauthn_list.md)	 - List WebAuthn devices
+
diff --git a/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_delete.md b/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_delete.md
@@ -0,0 +1,78 @@
+---
+title: "authelia storage user webauthn delete"
+description: "Reference for the authelia storage user webauthn delete command."
+lead: ""
+date: 2022-06-15T17:51:47+10:00
+draft: false
+images: []
+menu:
+  reference:
+    parent: "cli-authelia"
+weight: 330
+toc: true
+---
+
+## authelia storage user webauthn delete
+
+Delete a WebAuthn device
+
+### Synopsis
+
+Delete a WebAuthn device.
+
+This subcommand allows deleting a WebAuthn device directly from the database.
+
+```
+authelia storage user webauthn delete [username] [flags]
+```
+
+### Examples
+
+```
+authelia storage user webauthn delete john --all
+authelia storage user webauthn delete john --all --config config.yml
+authelia storage user webauthn delete john --all --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
+authelia storage user webauthn delete john --description Primary
+authelia storage user webauthn delete john --description Primary --config config.yml
+authelia storage user webauthn delete john --description Primary --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
+authelia storage user webauthn delete --kid abc123
+authelia storage user webauthn delete --kid abc123 --config config.yml
+authelia storage user webauthn delete --kid abc123 --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
+```
+
+### Options
+
+```
+      --all                  delete all of the users webauthn devices
+      --description string   delete a users webauthn device by description
+  -h, --help                 help for delete
+      --kid string           delete a users webauthn device by key id
+```
+
+### Options inherited from parent commands
+
+```
+  -c, --config strings                         configuration files to load (default [configuration.yml])
+      --encryption-key string                  the storage encryption key to use
+      --mysql.database string                  the MySQL database name (default "authelia")
+      --mysql.host string                      the MySQL hostname
+      --mysql.password string                  the MySQL password
+      --mysql.port int                         the MySQL port (default 3306)
+      --mysql.username string                  the MySQL username (default "authelia")
+      --postgres.database string               the PostgreSQL database name (default "authelia")
+      --postgres.host string                   the PostgreSQL hostname
+      --postgres.password string               the PostgreSQL password
+      --postgres.port int                      the PostgreSQL port (default 5432)
+      --postgres.schema string                 the PostgreSQL schema name (default "public")
+      --postgres.ssl.certificate string        the PostgreSQL ssl certificate file location
+      --postgres.ssl.key string                the PostgreSQL ssl key file location
+      --postgres.ssl.mode string               the PostgreSQL ssl mode (default "disable")
+      --postgres.ssl.root_certificate string   the PostgreSQL ssl root certificate file location
+      --postgres.username string               the PostgreSQL username (default "authelia")
+      --sqlite.path string                     the SQLite database path
+```
+
+### SEE ALSO
+
+* [authelia storage user webauthn](authelia_storage_user_webauthn.md)	 - Manage Webauthn devices
+
diff --git a/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_list.md b/docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_list.md
@@ -0,0 +1,72 @@
+---
+title: "authelia storage user webauthn list"
+description: "Reference for the authelia storage user webauthn list command."
+lead: ""
+date: 2022-06-15T17:51:47+10:00
+draft: false
+images: []
+menu:
+  reference:
+    parent: "cli-authelia"
+weight: 330
+toc: true
+---
+
+## authelia storage user webauthn list
+
+List WebAuthn devices
+
+### Synopsis
+
+List WebAuthn devices.
+
+This subcommand allows listing WebAuthn devices.
+
+```
+authelia storage user webauthn list [username] [flags]
+```
+
+### Examples
+
+```
+authelia storage user webauthn list
+authelia storage user webauthn list john
+authelia storage user webauthn list --config config.yml
+authelia storage user webauthn list john --config config.yml
+authelia storage user webauthn list --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
+authelia storage user webauthn list john --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
+```
+
+### Options
+
+```
+  -h, --help   help for list
+```
+
+### Options inherited from parent commands
+
+```
+  -c, --config strings                         configuration files to load (default [configuration.yml])
+      --encryption-key string                  the storage encryption key to use
+      --mysql.database string                  the MySQL database name (default "authelia")
+      --mysql.host string                      the MySQL hostname
+      --mysql.password string                  the MySQL password
+      --mysql.port int                         the MySQL port (default 3306)
+      --mysql.username string                  the MySQL username (default "authelia")
+      --postgres.database string               the PostgreSQL database name (default "authelia")
+      --postgres.host string                   the PostgreSQL hostname
+      --postgres.password string               the PostgreSQL password
+      --postgres.port int                      the PostgreSQL port (default 5432)
+      --postgres.schema string                 the PostgreSQL schema name (default "public")
+      --postgres.ssl.certificate string        the PostgreSQL ssl certificate file location
+      --postgres.ssl.key string                the PostgreSQL ssl key file location
+      --postgres.ssl.mode string               the PostgreSQL ssl mode (default "disable")
+      --postgres.ssl.root_certificate string   the PostgreSQL ssl root certificate file location
+      --postgres.username string               the PostgreSQL username (default "authelia")
+      --sqlite.path string                     the SQLite database path
+```
+
+### SEE ALSO
+
+* [authelia storage user webauthn](authelia_storage_user_webauthn.md)	 - Manage Webauthn devices
+
diff --git a/internal/commands/const.go b/internal/commands/const.go
@@ -176,6 +176,43 @@ This subcommand allows manually adding an opaque identifier for a user to the da
 authelia storage user identifiers add john --identifier f0919359-9d15-4e15-bcba-83b41620a073 --config config.yml
 authelia storage user identifiers add john --identifier f0919359-9d15-4e15-bcba-83b41620a073 --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
 
+	cmdAutheliaStorageUserWebAuthnShort = "Manage Webauthn devices"
+
+	cmdAutheliaStorageUserWebAuthnLong = `Manage Webauthn devices.
+
+This subcommand allows interacting with Webauthn devices.`
+
+	cmdAutheliaStorageUserWebAuthnExample = `authelia storage user webauthn --help`
+
+	cmdAutheliaStorageUserWebAuthnListShort = "List WebAuthn devices"
+
+	cmdAutheliaStorageUserWebAuthnListLong = `List WebAuthn devices.
+
+This subcommand allows listing WebAuthn devices.`
+
+	cmdAutheliaStorageUserWebAuthnListExample = `authelia storage user webauthn list
+authelia storage user webauthn list john
+authelia storage user webauthn list --config config.yml
+authelia storage user webauthn list john --config config.yml
+authelia storage user webauthn list --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
+authelia storage user webauthn list john --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
+
+	cmdAutheliaStorageUserWebAuthnDeleteShort = "Delete a WebAuthn device"
+
+	cmdAutheliaStorageUserWebAuthnDeleteLong = `Delete a WebAuthn device.
+
+This subcommand allows deleting a WebAuthn device directly from the database.`
+
+	cmdAutheliaStorageUserWebAuthnDeleteExample = `authelia storage user webauthn delete john --all
+authelia storage user webauthn delete john --all --config config.yml
+authelia storage user webauthn delete john --all --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
+authelia storage user webauthn delete john --description Primary
+authelia storage user webauthn delete john --description Primary --config config.yml
+authelia storage user webauthn delete john --description Primary --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
+authelia storage user webauthn delete --kid abc123
+authelia storage user webauthn delete --kid abc123 --config config.yml
+authelia storage user webauthn delete --kid abc123 --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
+
 	cmdAutheliaStorageUserTOTPShort = "Manage TOTP configurations"
 
 	cmdAutheliaStorageUserTOTPLong = `Manage TOTP configurations.

diff --git a/internal/commands/storage.go b/internal/commands/storage.go
@@ -117,6 +117,7 @@ func newStorageUserCmd() (cmd *cobra.Command) {
 	cmd.AddCommand(
 		newStorageUserIdentifiersCmd(),
 		newStorageUserTOTPCmd(),
+		newStorageUserWebAuthnCmd(),
 	)
 
 	return cmd
@@ -211,6 +212,58 @@ func newStorageUserIdentifiersAddCmd() (cmd *cobra.Command) {
 	return cmd
 }
 
+func newStorageUserWebAuthnCmd() (cmd *cobra.Command) {
+	cmd = &cobra.Command{
+		Use:     "webauthn",
+		Short:   cmdAutheliaStorageUserWebAuthnShort,
+		Long:    cmdAutheliaStorageUserWebAuthnLong,
+		Example: cmdAutheliaStorageUserWebAuthnExample,
+
+		DisableAutoGenTag: true,
+	}
+
+	cmd.AddCommand(
+		newStorageUserWebAuthnListCmd(),
+		newStorageUserWebAuthnDeleteCmd(),
+	)
+
+	return cmd
+}
+
+func newStorageUserWebAuthnListCmd() (cmd *cobra.Command) {
+	cmd = &cobra.Command{
+		Use:     "list [username]",
+		Short:   cmdAutheliaStorageUserWebAuthnListShort,
+		Long:    cmdAutheliaStorageUserWebAuthnListLong,
+		Example: cmdAutheliaStorageUserWebAuthnListExample,
+		RunE:    storageWebAuthnListRunE,
+		Args:    cobra.MaximumNArgs(1),
+
+		DisableAutoGenTag: true,
+	}
+
+	return cmd
+}
+
+func newStorageUserWebAuthnDeleteCmd() (cmd *cobra.Command) {
+	cmd = &cobra.Command{
+		Use:     "delete [username]",
+		Short:   cmdAutheliaStorageUserWebAuthnDeleteShort,
+		Long:    cmdAutheliaStorageUserWebAuthnDeleteLong,
+		Example: cmdAutheliaStorageUserWebAuthnDeleteExample,
+		RunE:    storageWebAuthnDeleteRunE,
+		Args:    cobra.MaximumNArgs(1),
+
+		DisableAutoGenTag: true,
+	}
+
+	cmd.Flags().Bool("all", false, "delete all of the users webauthn devices")
+	cmd.Flags().String("description", "", "delete a users webauthn device by description")
+	cmd.Flags().String("kid", "", "delete a users webauthn device by key id")
+
+	return cmd
+}
+
 func newStorageUserTOTPCmd() (cmd *cobra.Command) {
 	cmd = &cobra.Command{
 		Use:     "totp",