From 1f901126b516fabd1996d9e82486e0cb69b299e8 Mon Sep 17 00:00:00 2001
From: Yuriy Movchan <Yuriy.Movchan@gmail.com>
Date: Mon, 1 Jul 2024 19:41:20 +0300
Subject: [PATCH] feat(setup): merge fido2 changes

Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
---
 schema/gluu_schema.json                  | 24 ++++++++++++++++++++++--
 templates/base.ldif                      | 15 +++++++++++++++
 templates/oxauth/oxauth-static-conf.json |  4 +++-
 3 files changed, 40 insertions(+), 3 deletions(-)

diff --git a/schema/gluu_schema.json b/schema/gluu_schema.json
index cd164eef0..ff9e921ce 100644
--- a/schema/gluu_schema.json
+++ b/schema/gluu_schema.json
@@ -4249,6 +4249,17 @@
             "syntax": "1.3.6.1.4.1.1466.115.121.1.15",
             "x_origin": "Gluu created attribute"
         },
+        {
+            "desc": "oxPublicKeyIdHash",
+            "equality": "integerMatch",
+            "names": [
+                "oxPublicKeyIdHash"
+            ],
+            "oid": "oxAttribute",
+            "substr": "caseIgnoreSubstringsMatch",
+            "syntax": "1.3.6.1.4.1.1466.115.121.1.27",
+            "x_origin": "Gluu created attribute"
+        },
         {
             "desc": "Lifetime of access token",
             "equality": "integerMatch",
@@ -5920,9 +5931,13 @@
                 "creationDate",
                 "oxSessionStateId",
                 "oxCodeChallenge",
+                "oxCodeChallengeHash",
                 "personInum",
                 "oxAuthenticationData",
-                "oxStatus"
+                "oxApplication",
+                "oxStatus",
+                "exp",
+                "del"
             ],
             "must": [
                 "objectclass"
@@ -5942,15 +5957,20 @@
                 "oxId",
                 "creationDate",
                 "displayName",
+                "oxApplication",
                 "oxSessionStateId",
                 "oxCodeChallenge",
                 "oxCodeChallengeHash",
                 "oxPublicKeyId",
+                "oxPublicKeyIdHash",
                 "personInum",
                 "oxRegistrationData",
+                "oxDeviceData",
                 "oxDeviceNotificationConf",
                 "oxCounter",
-                "oxStatus"
+                "oxStatus",
+                "exp",
+                "del"
             ],
             "must": [
                 "objectclass"
diff --git a/templates/base.ldif b/templates/base.ldif
index 082edc2fd..1f27454e8 100644
--- a/templates/base.ldif
+++ b/templates/base.ldif
@@ -142,6 +142,21 @@ objectClass: top
 objectClass: organizationalUnit
 ou: device
 
+dn: ou=fido2,o=gluu
+objectClass: top
+objectClass: organizationalUnit
+ou: fido2
+
+dn: ou=fido2_register,ou=fido2,o=gluu
+objectClass: top
+objectClass: organizationalUnit
+ou: fido2_register
+
+dn: ou=fido2_auth,ou=fido2,o=gluu
+objectClass: top
+objectClass: organizationalUnit
+ou: fido2_authenticate
+
 ################################
 
 # U2F data - LEVEL 2
diff --git a/templates/oxauth/oxauth-static-conf.json b/templates/oxauth/oxauth-static-conf.json
index 44408e826..d8b30263b 100644
--- a/templates/oxauth/oxauth-static-conf.json
+++ b/templates/oxauth/oxauth-static-conf.json
@@ -16,6 +16,8 @@
         "metric":"ou=statistic,o=metric",
         "sectorIdentifiers": "ou=sector_identifiers,o=gluu",
         "ciba": "ou=ciba,o=gluu",
-        "stat": "ou=stat,o=gluu"
+        "stat": "ou=stat,o=gluu",
+        "fido2Attestation":"ou=fido2_register,ou=fido2,o=gluu",
+        "fido2Assertion":"ou=fido2_auth,ou=fido2,o=gluu"
     }
 }