Skip to content
No description, website, or topics provided.
Branch: master
Clone or download
tnorimat Issue#10 IndexOutOfBoundsException on authentication if a user withou…
…t registering 2nd factor authenticator's credential
Latest commit b73b0ed Apr 16, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
webauthn4j-ear bump version to 0.2-SNAPSHOT Apr 15, 2019
webauthn4j-ejb
.gitignore support Security Key Apr 11, 2019
.travis.yml Travis integration (#2) Mar 15, 2019
LICENSE
README.md
pom.xml bump version to 0.2-SNAPSHOT Apr 15, 2019

README.md

Keycloak WebAuthn Authenticator

Build Status license

Web Authentication(WebAuthn) sample plugin for Keycloak , implements with webauthn4j.

Environment

We've confirmed that this demo had worked well under the following environments:

  • 2 Factor Authentication with Resident Key Not supported Authenticator Scenario

    • OS : Windows 10
    • Browser : Google Chrome (ver 73), Mozilla FireFox (ver 66)
    • Authenticator : Yubico Security Key
    • Server(RP) : keycloak-5.0.0 on localhost
  • 2 Factor Authentication with Resident Key Not supported Authenticator Scenario

    • OS : macOS OS Mojave (ver 10.14.3)
    • Browser : Google Chrome (ver 73), Mozilla FireFox (ver 66)
    • Authenticator : Yubico Security Key
    • Server(RP) : keycloak-5.0.0 on localhost
  • 2 Factor Authentication with Resident Key supported Authenticator Scenario

    • OS : Windows 10
    • Browser : Microsoft Edge (ver 44)
    • Authenticator : Internal Fingerprint Authentication Device
    • Server(RP) : keycloak-5.0.0 on localhost
  • Authentication with Resident Key supported Authenticator Scenario

    • OS : Windows 10
    • Browser : Microsoft Edge (ver 44)
    • Authenticator : Internal Fingerprint Authentication Device
    • Server(RP) : keycloak-5.0.0 on localhost

Install

  • build

    • $ mvn install
  • Add the EAR file to the Keycloak Server

    • $ cp webuahtn4j-ear/target/keycloak-webauthn4j-ear-*.ear $KEYCLOAK_HOME/standalone/deployment/

Authentication Flow Settings

Realm Settings

  • Enable User registration in 'Realm Settings' - 'Login'

Registration Flow

Auth Type Requirement
Copy Of Registration Registration Form REQUIRED
Registration User Creation REQUIRED
Profile Validation REQUIRED
Password Validation REQUIRED
Recaptcha DISABLED
WebAuthn Register REQUIRED

Browser Flow (2 Factor Authentication)

Auth Type Requirement
Cookie ALTERNATIVE
Kerberos DISABLED
Identity Provider Redirector ALTERNATIVE
Copy of Browser Flow ALTERNATIVE
Username Password Form REQUIRED
OTP Form OPTIONAL
WebAuthn Authenticator REQUIRED

Browser Flow (Use Resident Key)

Auth Type Requirement
Cookie ALTERNATIVE
Kerberos DISABLED
Identity Provider Redirector ALTERNATIVE
WebAuthn Authenticator REQUIRED

TODO

TBD

You can’t perform that action at this time.