Paul Lettich
Paul Lettich
If we have an LDAP-Machine Resolver with default settings (namely Machine-ID Attribute = "DN") and search for machines (i.e. when trying to assign a machine in the token view), this...
Currently, most of the Token API requests in [`api/token.py`](https://github.com/privacyidea/privacyidea/blob/master/privacyidea/api/token.py) return without representing their result values in the audit log. This might not be relevant for some requests but i.e. for...
If no user or admin policy is active, all UI `rights` will be sent to the UI but without any values (like `totp_hashlib` without `=sha512`). Consequently some elements in the...
The `/user/add` view in the UI always shows all available (editable) resolver, even if the logged-in admin does not have the appropriate rights for the resolver. We would need something...
If an admin does a token-rollover for a user, no PIN field will be shown. The admin only ever sees a PIN field when enrolling tokens (admin PIN policies) or...
The following attestation formats need to be implemented: - [ ] [`tpm`](https://w3c.github.io/webauthn/#sctn-tpm-attestation) - [ ] [`android-key`](https://w3c.github.io/webauthn/#sctn-android-key-attestation) - [ ] [`android-safetynet`](https://w3c.github.io/webauthn/#sctn-android-safetynet-attestation) - [ ] [`apple`](https://w3c.github.io/webauthn/#sctn-apple-anonymous-attestation)
- [ ] update/remove the [SMS examples](https://github.com/privacyidea/privacyidea/blob/master/doc/configuration/sms_gateway_config.rst#examples) and links - [x] ~~[DisplayTAN](https://github.com/privacyidea/privacyidea/blob/master/doc/tokens/tokentypes/ocra.rst#displaytan-token) does not seem to exist anymore~~ For privacyIDEA it is a use case of OCRA. The website still...
Currently the tests fail with Python 3.11 since the function [`inspect.formatargspec()`](https://docs.python.org/3.10/library/inspect.html#inspect.formatargspec) was removed (deprecated since Python 3.5). The proposed `signature()` method behaves differently so we have to check how to...
In case the audit log is send to a different database using `PI_AUDIT_SQL_URI`, possible migrations of the audit table will not be applied. We should check for the existence of...
If an internal resolver is created with `pi-manage resolver create_internal` the default password hashing function is `SSHA256` which isn't cryptographically safe. We should switch to something like `argon2` while still...