Add webauthn policy properties

treydock · Jun 13, 2024 · 2ac1e12 · 2ac1e12
1 parent 0ea7130
commit 2ac1e12
Showing 1 changed file with 58 additions and 0 deletions.
diff --git a/lib/puppet/type/keycloak_realm.rb b/lib/puppet/type/keycloak_realm.rb
@@ -393,6 +393,64 @@ def insync?(is)
  end
  end
 
+ newproperty(:web_authn_policy_rp_entity_name) do
+ desc 'webAuthnPolicyRpEntityName'
+ defaultto 'keycloak'
+ end
+
+ newproperty(:web_authn_policy_signature_algorithms, array_matching: :all, parent: PuppetX::Keycloak::ArrayProperty) do
+ desc 'webAuthnPolicySignatureAlgorithms'
+ defaultto ['ES256']
+ end
+
+ newproperty(:web_authn_policy_rp_id) do
+ desc 'webAuthnPolicyRpId'
+ defaultto ''
+ end
+
+ newproperty(:web_authn_policy_attestation_conveyance_preference) do
+ desc 'webAuthnPolicyAttestationConveyancePreference'
+ defaultto 'not specified'
+ end
+
+ newproperty(:web_authn_policy_authenticator_attachment) do
+ desc 'webAuthnPolicyAuthenticatorAttachment'
+ defaultto 'not specified'
+ end
+
+ newproperty(:web_authn_policy_require_resident_key) do
+ desc 'webAuthnPolicyRequireResidentKey'
+ newvalues(:true, :false, 'not specified')
+ defaultto 'not specified'
+ end
+
+ newproperty(:web_authn_policy_user_verification_requirement) do
+ desc 'webAuthnPolicyUserVerificationRequirement'
+ newvalues(:required, :preferred, :discouraged, 'not specified')
+ defaultto 'not specified'
+ end
+
+ newproperty(:web_authn_policy_create_timeout, parent: PuppetX::Keycloak::IntegerProperty) do
+ desc 'webAuthnPolicyCreateTimeout'
+ defaultto 0
+ end
+
+ newproperty(:web_authn_policy_avoid_same_authenticator_register, boolean: true) do
+ desc 'webAuthnPolicyAvoidSameAuthenticatorRegister'
+ newvalues(:true, :false)
+ defaultto :false
+ end
+
+ newproperty(:web_authn_policy_acceptable_aaguids, array_matching: :all, parent: PuppetX::Keycloak::ArrayProperty) do
+ desc 'webAuthnPolicyAcceptableAaguids'
+ defaultto []
+ end
+
+ newproperty(:web_authn_policy_extra_origins, array_matching: :all, parent: PuppetX::Keycloak::ArrayProperty) do
+ desc 'webAuthnPolicyExtraOrigins'
+ defaultto []
+ end
+
  newproperty(:custom_properties) do
  desc 'custom properties to pass as realm configurations'
  defaultto {}