Merge pull request #21 from aseigler/main

Add workflow to download and update data from MDS
2023-09-28 19:12:50 -04:00 · 2023-09-28 19:12:50 -04:00 · b8ef156ab0
parent 20e59da37f 38049fcd2c
commit b8ef156ab0
2 changed files with 90 additions and 0 deletions
--- a/.github/workflows/update-from-mds.yml
+++ b/.github/workflows/update-from-mds.yml
@ -0,0 +1,89 @@
+name: Download MDS
+
+on:
+  schedule:
+    - cron: '0 12 1 * *' # Update first of the month
+  workflow_dispatch:
+    inputs:
+      logLevel:
+        description: 'Log level'     
+        required: true
+        default: 'warning'
+      tags:
+        description: 'Test scenario tags'
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-python@v4
+        with:
+          python-version: '3.x'
+      - name: Install python packages
+        run: |
+          python -m pip install --upgrade pip
+          pip install requests
+      - uses: jannekem/run-python-script-action@v1
+        id: script
+        with:
+          fail-on-error: false
+          script: |
+            import os
+            import requests
+            import base64
+            import json
+            
+            # Download MDS blob from FIDO endpoint
+            response = requests.get("https://mds.fidoalliance.org/")
+            mdstocjwt = response.content.decode('ascii')
+            
+            # Parse out MDS data from JWT
+            jwt_payload = mdstocjwt.split('.')[1].replace('-', '+').replace('_', '/')
+            while len(jwt_payload) % 4:
+                jwt_payload += "="
+            mds_bytes = base64.b64decode(jwt_payload)
+            mds_strings = mds_bytes.decode('utf-8')
+            mds_data = json.loads(mds_strings)
+
+            # Build commit msg and export to environment variable
+            mds_number = mds_data['no']
+            mds_next = mds_data['nextUpdate']
+            commit_msg=f'COMMIT_MSG=from MDS file version {mds_number}, next update expected {mds_next}.'
+            env_file = os.getenv('GITHUB_ENV')
+            with open(env_file, "a") as myfile:
+              myfile.write(commit_msg)
+              
+            # Extract FIDO2 statements with non-null aaguid and required properties
+            fido2_statements = [
+                entry['metadataStatement']
+                for entry in mds_data['entries']
+                if entry.get('aaguid') is not None
+            ]
+            
+            # Create a dictionary with the desired structure
+            result_dict = {}
+            for statement in fido2_statements:
+                result_dict[statement['aaguid']] = {
+                    "name": statement['description'],
+                    "icon_light": statement.get('icon', None),
+                    "icon_dark": statement.get('icon', None)
+                }
+            
+            # import custom aaguid.json
+            with open('aaguid.json', 'r') as aaguid_file:
+              aaguid = json.load(aaguid_file)
+            
+            # Combine custom aaguid.json with data from MDS            
+            result = {**aaguid, **result_dict}
+            
+            # Write combined result to file
+            with open('combined_aaguid.json', 'w') as output_file:
+              json.dump(result, output_file)
+      - name: Commit files and push
+        run: |
+          git config --local user.email "action@github.com"
+          git config --local user.name "GitHub Action"
+          git add -A
+          timestamp=$(date -u -I)
+          git commit -m "bot: Updated ${timestamp}, ${{ env.COMMIT_MSG }}" -a || exit 0
+          git push
--- a/combined_aaguid.json
+++ b/combined_aaguid.json