diff --git a/app/Resources/translations/messages.en_GB.xliff b/app/Resources/translations/messages.en_GB.xliff index b2b877313..bdd637940 100644 --- a/app/Resources/translations/messages.en_GB.xliff +++ b/app/Resources/translations/messages.en_GB.xliff @@ -1,6 +1,6 @@ - +
The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message. @@ -105,22 +105,22 @@ Error - SelfServiceBundle/Controller/LocaleController.php + SelfServiceBundle/Controller/LocaleController.php ss.flash.error_while_switching_locale Due to an unknown reason, switching locales failed. - SelfServiceBundle/Controller/LocaleController.php + SelfServiceBundle/Controller/LocaleController.php ss.flash.invalid_switch_locale_form Due to an unknown reason, switching locales failed. - Form/Type/RevokeSecondFactorType.php + Form/Type/RevokeSecondFactorType.php ss.form.ss_revoke_second_factor.cancel Cancel - Form/Type/RevokeSecondFactorType.php + Form/Type/RevokeSecondFactorType.php ss.form.ss_revoke_second_factor.revoke Remove @@ -155,42 +155,42 @@ Code - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.challenge_expired Your code has expired. Please request a new code. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.challenge_request_limit_reached You have exceeded the limit of three codes; you can no longer request any more codes. Contact your helpdesk or try again later. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.challenge_response_incorrect The code you entered does not match. Please try again or request a new code. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.incorrect_challenge_response The code you entered does not match. Please try again or request a new code. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.proof_of_possession_failed The token could not be created due to unknown reasons. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.send_sms_challenge_failed Sending the SMS failed. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.too_many_attempts You have exceeded the limit of ten attempts; you can no longer attempt verification of any more codes. Contact your helpdesk or try again later. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_yubikey_possession.proof_of_possession_failed The token could not be created due to unknown reasons. @@ -204,28 +204,53 @@ ss.registration.email_verification_email_sent.title Verify your e-mail + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.button.initiate + Register biometric device + + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.error.authn_failed + Registration of biometric device has failed. Please try again. + + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.error.proof_of_possession_failed + Registration of your token failed. Please try again. + + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.text.explanation + Click the button below to register a biometric device. + + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.title.page + Register a biometric device + - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.button.initiate Register with Tiqr - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.error.authn_failed Registration with Tiqr has failed. Please try again. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.error.proof_of_possession_failed Registration of your token failed. Please try again. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.text.explanation Click the button below to register with Tiqr. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.title.page Register with Tiqr @@ -299,6 +324,26 @@ ss.registration.registration_email_sent.title.list_of_ras Location(s) to activate your token + + Resources/views/translations.twig + ss.registration.selector.biometric.alt + Biometric device + + + Resources/views/translations.twig + ss.registration.selector.biometric.button.use + Select + + + Resources/views/translations.twig + ss.registration.selector.biometric.description + Log in using a biometric device. + + + Resources/views/translations.twig + ss.registration.selector.biometric.title + Biometric device + Resources/views/translations.twig ss.registration.selector.sms.alt @@ -388,7 +433,7 @@ For all devices with a USB port. YubiKey - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.sms.alert.no_verification_state Your session has expired. Please request a new code. @@ -438,12 +483,12 @@ For all devices with a USB port. Click 'Send new code' if you did not receive a code. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.u2f.alert.device_reported_an_error The U2F device reported an error. Try again or visit your IT helpdesk. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.u2f.alert.error The registration of the U2F device failed. Try again or visit your IT helpdesk. @@ -453,17 +498,17 @@ For all devices with a USB port. Retry - Registration/U2f/provePossession.html.twig + Registration/U2f/registration.html.twig ss.registration.u2f.prove_possession.title.page Link your U2F device - Registration/U2f/provePossession.html.twig + Registration/U2f/registration.html.twig ss.registration.u2f.text.activate_u2f_device Activate the U2F device. This is usually performed using a button. - Registration/U2f/provePossession.html.twig + Registration/U2f/registration.html.twig ss.registration.u2f.text.ensure_device_connected_to_pc Ensure your U2F device is linked to your computer. @@ -509,20 +554,20 @@ For all devices with a USB port. - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.list.text.unverified For the token below the e-mail address must be verified. An e-mail was sent to '%email%'. Please follow the instructions in this e-mail to continue with the registration. Didn't receive an e-mail? Remove the token to try again. - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.list.text.verified The following token is registered for your account, but not yet activated. An e-mail with your activation code has been sent to the e-mail address %email%. Please follow the instructions in the e-mail on how to proceed. - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.list.text.vetted The following token is registered for your account. @@ -532,12 +577,12 @@ An e-mail with your activation code has been sent to the e-mail address %email%. Token Overview - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.alert.revocation_failed Token revocation failed - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.alert.revocation_successful Your token has been removed. @@ -546,23 +591,28 @@ An e-mail with your activation code has been sent to the e-mail address %email%. ss.second_factor.revoke.button.revoke Remove + + Resources/views/translations.twig + ss.second_factor.revoke.second_factor_type.biometric + Biometric + - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.sms SMS - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.tiqr Tiqr - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.u2f U2F - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.yubikey YubiKey @@ -586,23 +636,28 @@ An e-mail with your activation code has been sent to the e-mail address %email%. ss.second_factor.revoke.title Remove token + + Resources/views/translations.twig + ss.second_factor.type.biometric + Biometric + - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.type.sms SMS - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.type.tiqr Tiqr - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.type.u2f U2F - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.type.yubikey YubiKey @@ -617,12 +672,12 @@ An e-mail with your activation code has been sent to the e-mail address %email%. Token - Resources/views/translations.twig + Resources/views/translations.twig ss.verify_yubikey_command.otp.otp_invalid This YubiKey code was invalid. Please try again. - Resources/views/translations.twig + Resources/views/translations.twig ss.verify_yubikey_command.otp.verification_error The verification of the YubiKey code failed due to unknown reasons. Please try again. diff --git a/app/Resources/translations/messages.nl_NL.xliff b/app/Resources/translations/messages.nl_NL.xliff index 09dad348e..812bb8790 100644 --- a/app/Resources/translations/messages.nl_NL.xliff +++ b/app/Resources/translations/messages.nl_NL.xliff @@ -1,6 +1,6 @@ - +
The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message. @@ -105,22 +105,22 @@ Foutmelding - SelfServiceBundle/Controller/LocaleController.php + SelfServiceBundle/Controller/LocaleController.php ss.flash.error_while_switching_locale Due to an unknown reason, switching locales failed. - SelfServiceBundle/Controller/LocaleController.php + SelfServiceBundle/Controller/LocaleController.php ss.flash.invalid_switch_locale_form Door een onbekende oorzaak is het wisselen van taal mislukt. - Form/Type/RevokeSecondFactorType.php + Form/Type/RevokeSecondFactorType.php ss.form.ss_revoke_second_factor.cancel Annuleren - Form/Type/RevokeSecondFactorType.php + Form/Type/RevokeSecondFactorType.php ss.form.ss_revoke_second_factor.revoke Verwijderen @@ -155,42 +155,42 @@ Code - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.challenge_expired Deze code is verlopen. Vraag een nieuwe code aan. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.challenge_request_limit_reached Je hebt de limiet van drie codes bereikt; je kunt geen codes meer aanvragen. Neem contact op met de helpdesk van je instelling of probeer het later nog eens. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.challenge_response_incorrect De code die je ingevoerd hebt komt niet overeen met de code die je hebt ontvangen. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.incorrect_challenge_response De ingevoerde code is onjuist. Probeer het nog eens, of vraag een nieuwe code op. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.proof_of_possession_failed Het token kon wegens een onbekende reden niet aangemaakt worden. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.send_sms_challenge_failed Het versturen van de code per SMS is mislukt. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.too_many_attempts U heeft de limiet van tien pogingen bereikt; u kunt geen codes meer verifiëren. Neem contact op met uw helpdesk of probeer het later nog eens. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_yubikey_possession.proof_of_possession_failed Het token kon wegens een onbekende reden niet aangemaakt worden. @@ -204,28 +204,53 @@ ss.registration.email_verification_email_sent.title Bevestig je e-mailadres + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.button.initiate + Registreer biometrisch apparaat + + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.error.authn_failed + Registratie biometrisch apparaat is mislukt. Probeer het nogmaals. + + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.error.proof_of_possession_failed + De registratie van uw token is mislukt. Probeer het nogmaals. + + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.text.explanation + Klik op de knop hieronder om je biometrisch apparaat te registreren. + + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.title.page + Registratie biometrisch apparaat + - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.button.initiate Registreren bij Tiqr - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.error.authn_failed Registratie bij Tiqr is mislukt. Probeer het nogmaals. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.error.proof_of_possession_failed De registratie van uw token is mislukt. Probeer het nogmaals. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.text.explanation Klik op de knop hieronder om je bij Tiqr te registreren. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.title.page Registreren bij Tiqr @@ -299,6 +324,26 @@ ss.registration.registration_email_sent.title.list_of_ras Locatie(s) om je token te activeren + + Resources/views/translations.twig + ss.registration.selector.biometric.alt + Biometrisch apparaat + + + Resources/views/translations.twig + ss.registration.selector.biometric.button.use + Selecteer + + + Resources/views/translations.twig + ss.registration.selector.biometric.description + Log in met een biometrisch apparaat. + + + Resources/views/translations.twig + ss.registration.selector.biometric.title + Biometrisch apparaat + Resources/views/translations.twig ss.registration.selector.sms.alt @@ -388,7 +433,7 @@ Geschikt voor alle devices met een USB-poort. YubiKey - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.sms.alert.no_verification_state Uw sessie is verlopen. Vraag een nieuwe code aan. @@ -438,12 +483,12 @@ Geschikt voor alle devices met een USB-poort. Geen code ontvangen? Klik dan op 'Stuur een nieuwe code' - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.u2f.alert.device_reported_an_error Het U2F-apparaat heeft een foutmelding gerapporteerd. Probeer het opnieuw of neem contact op met de IT-helpdesk. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.u2f.alert.error De registratie van het U2F-apparaat is mislukt. Probeer het opnieuw of neem contact op met de IT-helpdesk. @@ -453,17 +498,17 @@ Geschikt voor alle devices met een USB-poort. Nieuwe poging - Registration/U2f/provePossession.html.twig + Registration/U2f/registration.html.twig ss.registration.u2f.prove_possession.title.page Koppel je U2F-apparaat - Registration/U2f/provePossession.html.twig + Registration/U2f/registration.html.twig ss.registration.u2f.text.activate_u2f_device Activeer het U2F-apparaat. Dit gebeurt meestal met behulp van een knop. - Registration/U2f/provePossession.html.twig + Registration/U2f/registration.html.twig ss.registration.u2f.text.ensure_device_connected_to_pc Zorg dat je U2F-apparaat gekoppeld is aan uw computer. @@ -508,19 +553,19 @@ Geschikt voor alle devices met een USB-poort. Er zijn geen tokens geregistreerd voor jouw account. Klik op 'Registreer token' om een nieuw token te registreren. - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.list.text.unverified Voor het onderstaande token moet het e-mailadres nog bevestigd worden. Er is een e-mail verstuurd naar '%email%'. Volg de instructies in deze e-mail om verder te gaan met de registratie. Geen e-mail ontvangen? Verwijder het token om het opnieuw te proberen. - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.list.text.verified Het volgende token is geregistreerd voor jouw account, maar nog niet geactiveerd. Er is een e-mail met activatiecode gestuurd naar het e-mailadres %email%. Volg de instructies uit de e-mail om je token te activeren. - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.list.text.vetted Het volgende token is geregistreerd voor jouw account. @@ -530,12 +575,12 @@ Er is een e-mail met activatiecode gestuurd naar het e-mailadres %email%. Volg d Overzicht tokens - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.alert.revocation_failed Token intrekken is mislukt - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.alert.revocation_successful Je token is verwijderd. @@ -544,23 +589,28 @@ Er is een e-mail met activatiecode gestuurd naar het e-mailadres %email%. Volg d ss.second_factor.revoke.button.revoke Verwijderen + + Resources/views/translations.twig + ss.second_factor.revoke.second_factor_type.biometric + Biometrie + - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.sms SMS - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.tiqr Tiqr - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.u2f U2F - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.yubikey YubiKey @@ -584,23 +634,28 @@ Er is een e-mail met activatiecode gestuurd naar het e-mailadres %email%. Volg d ss.second_factor.revoke.title Verwijder token + + Resources/views/translations.twig + ss.second_factor.type.biometric + Biometrie + - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.type.sms SMS - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.type.tiqr Tiqr - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.type.u2f U2F - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.type.yubikey YubiKey @@ -615,12 +670,12 @@ Er is een e-mail met activatiecode gestuurd naar het e-mailadres %email%. Volg d Token - Resources/views/translations.twig + Resources/views/translations.twig ss.verify_yubikey_command.otp.otp_invalid Deze YubiKey code was ongeldig. Probeer het nog eens. - Resources/views/translations.twig + Resources/views/translations.twig ss.verify_yubikey_command.otp.verification_error Het verifiëren van de YubiKey-code is wegens een onbekende reden niet gelukt. Probeer het opnieuw. diff --git a/app/Resources/translations/validators.en_GB.xliff b/app/Resources/translations/validators.en_GB.xliff index b91fb3195..566ad4840 100644 --- a/app/Resources/translations/validators.en_GB.xliff +++ b/app/Resources/translations/validators.en_GB.xliff @@ -1,6 +1,6 @@ - +
The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message. @@ -366,14 +366,6 @@ middleware_client.dto.vetted_second_factor.type.must_not_be_blank middleware_client.dto.vetted_second_factor.type.must_not_be_blank - - ss.revoke_own_second_factor_command.identity_id.must_be_string - Identity ID must be a string - - - ss.revoke_own_second_factor_command.second_factor_id.must_be_string - Second factor ID must be a string - ss.send_sms_challenge_command.recipient.may_not_be_empty SMS challenge recipient may not be empty. diff --git a/app/Resources/translations/validators.nl_NL.xliff b/app/Resources/translations/validators.nl_NL.xliff index 617cb6e45..cd4149f3c 100644 --- a/app/Resources/translations/validators.nl_NL.xliff +++ b/app/Resources/translations/validators.nl_NL.xliff @@ -1,6 +1,6 @@ - +
The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message. @@ -366,14 +366,6 @@ middleware_client.dto.vetted_second_factor.type.must_not_be_blank middleware_client.dto.vetted_second_factor.type.must_not_be_blank - - ss.revoke_own_second_factor_command.identity_id.must_be_string - Identity ID must be a string - - - ss.revoke_own_second_factor_command.second_factor_id.must_be_string - Second factor ID must be a string - ss.send_sms_challenge_command.recipient.may_not_be_empty SMS challenge recipient may not be empty. diff --git a/app/config/samlstepupproviders.yml b/app/config/samlstepupproviders.yml index 3e70a367d..8695117aa 100644 --- a/app/config/samlstepupproviders.yml +++ b/app/config/samlstepupproviders.yml @@ -3,8 +3,8 @@ imports: surfnet_stepup_self_service_saml_stepup_provider: routes: - consume_assertion: %gssp_routes_consume_assertion% - metadata: %gssp_routes_metadata% + consume_assertion: ss_registration_gssf_consume_assertion + metadata: ss_registration_gssf_saml_metadata providers: tiqr: hosted: @@ -18,3 +18,15 @@ surfnet_stepup_self_service_saml_stepup_provider: entity_id: %gssp_tiqr_remote_entity_id% sso_url: %gssp_tiqr_remote_sso_url% certificate: %gssp_tiqr_remote_certificate% + biometric: + hosted: + service_provider: + public_key: %gssp_biometric_sp_publickey% + private_key: %gssp_biometric_sp_privatekey% + metadata: + public_key: %gssp_biometric_metadata_publickey% + private_key: %gssp_biometric_metadata_privatekey% + remote: + entity_id: %gssp_biometric_remote_entity_id% + sso_url: %gssp_biometric_remote_sso_url% + certificate: %gssp_biometric_remote_certificate% diff --git a/app/config/samlstepupproviders_parameters.yml.dist b/app/config/samlstepupproviders_parameters.yml.dist index 4a354e319..fc22ba12b 100644 --- a/app/config/samlstepupproviders_parameters.yml.dist +++ b/app/config/samlstepupproviders_parameters.yml.dist @@ -1,7 +1,5 @@ parameters: - # the routes should be kept as is, they map to specific URLs on the gateway - gssp_routes_consume_assertion: ss_registration_gssf_consume_assertion - gssp_routes_metadata: ss_registration_gssf_saml_metadata + gssp_tiqr_sp_publickey: '/full/path/to/the/gateway-as-sp/public-key-file.cer' gssp_tiqr_sp_privatekey: '/full/path/to/the/gateway-as-sp/private-key-file.pem' gssp_tiqr_metadata_publickey: '/full/path/to/the/gateway-metadata/public-key-file.cer' @@ -9,3 +7,11 @@ parameters: gssp_tiqr_remote_entity_id: 'https://actual-gssp.entity-id.tld' gssp_tiqr_remote_sso_url: 'https://actual-gssp.entity-id.tld/single-sign-on/url' gssp_tiqr_remote_certificate: 'The contents of the certificate published by the gssp' + + gssp_biometric_sp_publickey: '/full/path/to/the/gateway-as-sp/public-key-file.cer' + gssp_biometric_sp_privatekey: '/full/path/to/the/gateway-as-sp/private-key-file.pem' + gssp_biometric_metadata_publickey: '/full/path/to/the/gateway-metadata/public-key-file.cer' + gssp_biometric_metadata_privatekey: '/full/path/to/the/gateway-as-sp/private-key-file.pem' + gssp_biometric_remote_entity_id: 'https://actual-gssp.entity-id.tld' + gssp_biometric_remote_sso_url: 'https://actual-gssp.entity-id.tld/single-sign-on/url' + gssp_biometric_remote_certificate: 'The contents of the certificate published by the gssp' diff --git a/composer.json b/composer.json index 64c9ac7d1..aec50b655 100644 --- a/composer.json +++ b/composer.json @@ -26,7 +26,7 @@ "surfnet/stepup-middleware-client-bundle": "dev-develop", "guzzlehttp/guzzle": "~4", "surfnet/stepup-saml-bundle": "dev-develop", - "surfnet/stepup-bundle": "dev-develop", + "surfnet/stepup-bundle": "^1.3.0", "symfony/swiftmailer-bundle": "~2.3", "surfnet/stepup-u2f-bundle": "dev-develop", "mopa/composer-bridge": "dev-master as v1.5.0" diff --git a/composer.lock b/composer.lock index b9c116625..ce5a21538 100644 --- a/composer.lock +++ b/composer.lock @@ -4,8 +4,8 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "hash": "6d7c01295d0ddbd530bbc980c22d88e5", - "content-hash": "21b20e3560e0f838ee26cfaa40fbd891", + "hash": "e67454e3a5b28160994099f8a412afeb", + "content-hash": "85805175bbebf4fb1d8fd16527d9ea59", "packages": [ { "name": "beberlei/assert", @@ -1191,7 +1191,7 @@ }, "dist": { "type": "zip", - "url": "https://github.com/repos/phiamo/MopaBootstrapBundle/zipball/cc093b4f10f5598f9c5d77acd365c0e61283e8e7", + "url": "https://github.com/repos/phiamo/MopaBootstrapBundle/zipball/8a1bfa82398f339d9c53db24194626aed4fd4801", "reference": "818b0f47ebd352559950e9a64431ff9472e8a9dd", "shasum": "" }, @@ -1741,16 +1741,16 @@ }, { "name": "surfnet/stepup-bundle", - "version": "dev-develop", + "version": "1.3.0", "source": { "type": "git", "url": "https://github.com/SURFnet/Stepup-bundle.git", - "reference": "1e15e4adf96144f470ec7660b02c2faf2b5cc9d0" + "reference": "d4426aec24f17b075be54de0e931a547b43de6c8" }, "dist": { "type": "zip", - "url": "https://github.com/repos/SURFnet/Stepup-bundle/zipball/1e15e4adf96144f470ec7660b02c2faf2b5cc9d0", - "reference": "1e15e4adf96144f470ec7660b02c2faf2b5cc9d0", + "url": "https://github.com/repos/SURFnet/Stepup-bundle/zipball/d4426aec24f17b075be54de0e931a547b43de6c8", + "reference": "d4426aec24f17b075be54de0e931a547b43de6c8", "shasum": "" }, "require": { @@ -1790,7 +1790,7 @@ "suaas", "surfnet" ], - "time": "2015-09-09 09:07:14" + "time": "2016-04-28 12:40:48" }, { "name": "surfnet/stepup-middleware-client-bundle", @@ -1851,7 +1851,7 @@ }, "dist": { "type": "zip", - "url": "https://github.com/repos/SURFnet/Stepup-saml-bundle/zipball/f8b6257f7b5ca5ddc21da2c89207bec1ce2bdd5e", + "url": "https://github.com/repos/SURFnet/Stepup-saml-bundle/zipball/40adf16ceecd6efba5e8b3f2b85f78d1ebb27839", "reference": "53b7fd0198a1e9de2504a3762af499f744ad222d", "shasum": "" }, @@ -4382,7 +4382,6 @@ "mopa/bootstrap-bundle": 20, "surfnet/stepup-middleware-client-bundle": 20, "surfnet/stepup-saml-bundle": 20, - "surfnet/stepup-bundle": 20, "surfnet/stepup-u2f-bundle": 20, "mopa/composer-bridge": 20 }, diff --git a/src/Surfnet/StepupSelfService/SelfServiceBundle/Resources/views/Registration/displaySecondFactorTypes.html.twig b/src/Surfnet/StepupSelfService/SelfServiceBundle/Resources/views/Registration/displaySecondFactorTypes.html.twig index 67c9e72ad..d91f7832e 100644 --- a/src/Surfnet/StepupSelfService/SelfServiceBundle/Resources/views/Registration/displaySecondFactorTypes.html.twig +++ b/src/Surfnet/StepupSelfService/SelfServiceBundle/Resources/views/Registration/displaySecondFactorTypes.html.twig @@ -40,5 +40,12 @@ 'url': path('ss_registration_u2f_registration') } only %} {% endif %} + {% if enabledSecondFactors.biometric is defined %} + {% include 'SurfnetStepupSelfServiceSelfServiceBundle::Registration/partial/secondFactor.html.twig' with { + 'type': 'biometric', + 'security': 3, + 'url': path('ss_registration_gssf_initiate', {'provider': 'biometric'}) + } only %} + {% endif %} {% endblock %} diff --git a/src/Surfnet/StepupSelfService/SelfServiceBundle/Resources/views/translations.twig b/src/Surfnet/StepupSelfService/SelfServiceBundle/Resources/views/translations.twig index 97009b6b4..e9f1342ed 100644 --- a/src/Surfnet/StepupSelfService/SelfServiceBundle/Resources/views/translations.twig +++ b/src/Surfnet/StepupSelfService/SelfServiceBundle/Resources/views/translations.twig @@ -15,6 +15,10 @@ {{ 'ss.registration.selector.u2f.title'|trans }} {{ 'ss.registration.selector.u2f.description'|trans }} {{ 'ss.registration.selector.u2f.button.use'|trans }} +{{ 'ss.registration.selector.biometric.alt'|trans }} +{{ 'ss.registration.selector.biometric.title'|trans }} +{{ 'ss.registration.selector.biometric.description'|trans }} +{{ 'ss.registration.selector.biometric.button.use'|trans }} {# SmsController form errors #} {{ 'ss.prove_phone_possession.send_sms_challenge_failed'|trans }} @@ -40,12 +44,14 @@ {{ 'ss.second_factor.type.yubikey'|trans }} {{ 'ss.second_factor.type.tiqr'|trans }} {{ 'ss.second_factor.type.u2f'|trans }} +{{ 'ss.second_factor.type.biometric'|trans }} {# SecondFactorController revoke #} {{ 'ss.second_factor.revoke.second_factor_type.sms'|trans }} {{ 'ss.second_factor.revoke.second_factor_type.yubikey'|trans }} {{ 'ss.second_factor.revoke.second_factor_type.tiqr'|trans }} {{ 'ss.second_factor.revoke.second_factor_type.u2f'|trans }} +{{ 'ss.second_factor.revoke.second_factor_type.biometric'|trans }} {{ 'ss.second_factor.revoke.alert.revocation_successful'|trans }} {{ 'ss.second_factor.revoke.alert.revocation_failed'|trans }} @@ -55,6 +61,11 @@ {{ ('ss.registration.gssf.initiate.tiqr.button.initiate')|trans }} {{ ('ss.registration.gssf.initiate.tiqr.error.authn_failed')|trans }} {{ ('ss.registration.gssf.initiate.tiqr.error.proof_of_possession_failed')|trans }} +{{ ('ss.registration.gssf.initiate.biometric.title.page')|trans }} +{{ ('ss.registration.gssf.initiate.biometric.text.explanation')|trans }} +{{ ('ss.registration.gssf.initiate.biometric.button.initiate')|trans }} +{{ ('ss.registration.gssf.initiate.biometric.error.authn_failed')|trans }} +{{ ('ss.registration.gssf.initiate.biometric.error.proof_of_possession_failed')|trans }} {# U2fController #} {{ 'ss.registration.u2f.alert.device_reported_an_error'|trans }} diff --git a/web/images/second-factor/biometric.png b/web/images/second-factor/biometric.png new file mode 100644 index 000000000..20448ec11 Binary files /dev/null and b/web/images/second-factor/biometric.png differ