Alias "u2f" to "webauthn" and partially cleanup #10466
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Merged
codingllama
force-pushed
the
codingllama/u2f-cleanup
branch
from
32fb955 to
5187d49
Compare
zmb3
approved these changes
Feb 22, 2022
kimlisa
approved these changes
Feb 22, 2022
Definitely, there are some U2F articles we should cleanup, plus we could use a passwordless guide too. It's on my TODO list for the near future - give me a shout if you prefer to have it sooner rather than later. |
Not a thorough removal, just enough to get everything working.
codingllama
force-pushed
the
codingllama/u2f-cleanup
branch
from
5187d49 to
42c4cd3
Compare
|
Thanks, folks. Merging asap. |
codingllama
added a commit
that referenced
this pull request
Feb 24, 2022
Follows up on #10466 by removing remaining U2F references, including proto/gRPC surface and the lib/auth/u2f package itself. #10375 * Remove U2F from lib/auth/ (1) * Remove U2F from lib/auth/ (2) * Remove U2F from lib/auth/ (3) * Remove U2F from lib/services/ * Remove U2F from tsh mfa add suggestions * Remove U2F protos * Update generated protos * Cleanup a few stragglers * Remove lib/auth/u2f package * Fix references to auth.MFAAuthenticateChallenge * Revert needless lib/auth/password.go change * Update e/ to ad8fd4a (U2F cleanup) * Fix stragglers from latest master rebase * Fix lint and compile failures
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Alias the "u2f" second factor mode to "webauthn", effectively sunsetting U2F in favor of WebAuthn.
The change effectively disables "U2F mode" server-side, making Teleport use WebAuthn instead. This is in line with our compatibility promise, as Teleport 8.x clients are already WebAuthn-capable (and thus have no problems talking to the cluster).
I have cleaned up a good chunk of U2F references in lib/web and lib/client, plus a few other places. Changes on lib/auth are just the necessary to get the tests back to good standing. There is more work to be done, but this seems enough for a single PR.
#10375