From ec77185545c6f387d65d190c2ceb4547ff2e86a8 Mon Sep 17 00:00:00 2001 From: lukasmatusiewicz Date: Wed, 17 Sep 2025 12:12:23 +0200 Subject: [PATCH 1/4] Update JSONParser.java --- src/main/java/org/privacyidea/JSONParser.java | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/main/java/org/privacyidea/JSONParser.java b/src/main/java/org/privacyidea/JSONParser.java index a7ec5a1..f67ea71 100644 --- a/src/main/java/org/privacyidea/JSONParser.java +++ b/src/main/java/org/privacyidea/JSONParser.java @@ -241,6 +241,9 @@ else if ("interactive".equals(modeFromResponse)) response.transactionID = getString(detail, TRANSACTION_ID); response.type = getString(detail, TYPE); response.otpLength = getInt(detail, OTPLEN); + response.isEnrollViaMultichallenge = getBoolean(detail, "enroll_via_multichallenge"); + response.isEnrollViaMultichallengeOptional = getBoolean(detail, "enroll_via_multichallenge_optional"); + // The enrollment link can be in the detail or in one of the JsonObject passkeyChallenge = detail.getAsJsonObject(PASSKEY); if (passkeyChallenge != null && !passkeyChallenge.isJsonNull()) { From 80024c680de28a358991d7e79535efa8ad786c8a Mon Sep 17 00:00:00 2001 From: lukasmatusiewicz Date: Wed, 17 Sep 2025 12:12:31 +0200 Subject: [PATCH 2/4] Update PIResponse.java --- src/main/java/org/privacyidea/PIResponse.java | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/privacyidea/PIResponse.java b/src/main/java/org/privacyidea/PIResponse.java index fc6b8ee..fd5895e 100644 --- a/src/main/java/org/privacyidea/PIResponse.java +++ b/src/main/java/org/privacyidea/PIResponse.java @@ -18,13 +18,14 @@ import com.google.gson.Gson; import com.google.gson.GsonBuilder; -import com.google.gson.JsonSyntaxException; import java.util.ArrayList; import java.util.List; import java.util.function.Predicate; import java.util.stream.Collectors; -import static org.privacyidea.PIConstants.*; +import static org.privacyidea.PIConstants.TOKEN_TYPE_PUSH; +import static org.privacyidea.PIConstants.TOKEN_TYPE_WEBAUTHN; + /** * This class parses the JSON response of privacyIDEA into a POJO for easier access. @@ -56,6 +57,9 @@ public class PIResponse public String passkeyRegistration = ""; public String username = ""; public String enrollmentLink = ""; + // Enroll via Multichallenge + public boolean isEnrollViaMultichallenge = false; + public boolean isEnrollViaMultichallengeOptional = false; public String webAuthnSignRequest = ""; public String webAuthnTransactionId = ""; From ffea1a3a28828fcb47f09726e8a78d1c06d29260 Mon Sep 17 00:00:00 2001 From: lukasmatusiewicz Date: Mon, 20 Oct 2025 11:46:31 +0200 Subject: [PATCH 3/4] Update PIConstants.java --- src/main/java/org/privacyidea/PIConstants.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main/java/org/privacyidea/PIConstants.java b/src/main/java/org/privacyidea/PIConstants.java index 7cb0614..09dd7b6 100644 --- a/src/main/java/org/privacyidea/PIConstants.java +++ b/src/main/java/org/privacyidea/PIConstants.java @@ -68,6 +68,7 @@ public class PIConstants public static final String CLIENT_MODE = "client_mode"; public static final String IMAGE = "image"; public static final String CLIENT_IP = "client"; + public static final String CANCEL_ENROLLMENT = "cancel_enrollment"; public static final String MESSAGES = "messages"; public static final String MULTI_CHALLENGE = "multi_challenge"; public static final String ATTRIBUTES = "attributes"; From 92643fc2a3b04f63a0b1228f5cac734bf43575a0 Mon Sep 17 00:00:00 2001 From: lukasmatusiewicz Date: Mon, 20 Oct 2025 11:46:34 +0200 Subject: [PATCH 4/4] Update PrivacyIDEA.java --- .../java/org/privacyidea/PrivacyIDEA.java | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/src/main/java/org/privacyidea/PrivacyIDEA.java b/src/main/java/org/privacyidea/PrivacyIDEA.java index 5a95a69..f06c084 100644 --- a/src/main/java/org/privacyidea/PrivacyIDEA.java +++ b/src/main/java/org/privacyidea/PrivacyIDEA.java @@ -41,6 +41,7 @@ import static org.privacyidea.PIConstants.ENDPOINT_TOKEN_INIT; import static org.privacyidea.PIConstants.ENDPOINT_TRIGGERCHALLENGE; import static org.privacyidea.PIConstants.ENDPOINT_VALIDATE_CHECK; +import static org.privacyidea.PIConstants.CANCEL_ENROLLMENT; import static org.privacyidea.PIConstants.ENDPOINT_VALIDATE_INITIALIZE; import static org.privacyidea.PIConstants.GENKEY; import static org.privacyidea.PIConstants.GET; @@ -373,6 +374,32 @@ public ChallengeStatus pollTransaction(String transactionID) return piresponse.challengeStatus; } + /** + * @see PrivacyIDEA#validateCheckCancelEnrollment(String, Map) + */ + public PIResponse validateCheckCancelEnrollment(String transactionID) + { + return this.validateCheckCancelEnrollment(transactionID, Collections.emptyMap()); + } + + /** + * Cancel enrollment via multichallenge. + * + * @param transactionID transaction ID + * @param headers optional headers for the request + * @return PIResponse or null if error + */ + public PIResponse validateCheckCancelEnrollment(String transactionID, Map headers) + { + Map params = new LinkedHashMap<>(); + params.put(TRANSACTION_ID, transactionID); + params.put(CANCEL_ENROLLMENT, "true"); + appendRealm(params); + + String response = runRequestAsync(ENDPOINT_VALIDATE_CHECK, params, headers, false, POST); + return this.parser.parsePIResponse(response); + } + /** * Get the service account parameters. *