From df09375be394484ac6756d81290d65d7ffddb260 Mon Sep 17 00:00:00 2001
From: Roland Gruber <post@rolandgruber.de>
Date: Sun, 17 Nov 2019 21:38:57 +0100
Subject: [PATCH] webauthn

---
 lam-packaging/debian/copyright | 28 +++++++++++++
 lam/copyright                  | 28 +++++++++++++
 lam/graphics/webauthn.svg      | 31 ++++++++++++++
 lam/lib/2factor.inc            | 74 +++++++++++++++++++++++++++++++++-
 4 files changed, 160 insertions(+), 1 deletion(-)
 create mode 100644 lam/graphics/webauthn.svg

diff --git a/lam-packaging/debian/copyright b/lam-packaging/debian/copyright
index ca07053c..cafeac9d 100644
--- a/lam-packaging/debian/copyright
+++ b/lam-packaging/debian/copyright
@@ -415,6 +415,33 @@ E:
   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
   THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+F:  
+  
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+3. Neither the name of the copyright holder nor the names of its
+   contributors may be used to endorse or promote products derived from
+   this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
+CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.  
+
 
 Programs and licenses with other licenses and/or authors than the
 main license and authors:
@@ -438,6 +465,7 @@ templates/lib/extra/cropperjs               B  2018  Chen Fengyuan
 style/600_cropper*.css                      B  2018  Chen Fengyuan
 templates/lib/extra/duo/*.js                E  2019  Duo Security
 lib/3rdParty/duo/*.php                      E  2019  Duo Security
+graphics/webauthn.svg                       F  2017  Duo Security, Inc.
 templates/lib/600_jquery.magnific-popup.js  B  2016  Dmitry Semenov
 style/610_magnific-popup.css                B  2016  Dmitry Semenov
 style/responsive/105_normalize.css          B        Nicolas Gallagher and Jonathan Neal
diff --git a/lam/copyright b/lam/copyright
index 0640e706..d2a46ec4 100644
--- a/lam/copyright
+++ b/lam/copyright
@@ -414,6 +414,33 @@ E:
   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
   THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
+F:  
+  
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+3. Neither the name of the copyright holder nor the names of its
+   contributors may be used to endorse or promote products derived from
+   this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
+CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.  
+  
 
 Programs and licenses with other licenses and/or authors than the
 main license and authors:
@@ -437,6 +464,7 @@ templates/lib/extra/cropperjs               B  2018  Chen Fengyuan
 style/600_cropper*.css                      B  2018  Chen Fengyuan
 templates/lib/extra/duo/*.js                E  2019  Duo Security
 lib/3rdParty/duo/*.php                      E  2019  Duo Security
+graphics/webauthn.svg                       F  2017  Duo Security, Inc.
 templates/lib/600_jquery.magnific-popup.js  B  2016  Dmitry Semenov
 style/610_magnific-popup.css                B  2016  Dmitry Semenov
 style/responsive/105_normalize.css          B        Nicolas Gallagher and Jonathan Neal
diff --git a/lam/graphics/webauthn.svg b/lam/graphics/webauthn.svg
new file mode 100644
index 00000000..d0bd06f4
--- /dev/null
+++ b/lam/graphics/webauthn.svg
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg width="339px" height="286px" viewBox="0 0 339 286" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+    <!-- Generator: Sketch 52.6 (67491) - http://www.bohemiancoding.com/sketch -->
+    <title>shield</title>
+    <desc>Created with Sketch.</desc>
+    <defs>
+        <linearGradient x1="17.8887298%" y1="7.54565791%" x2="76.4806308%" y2="83.7223256%" id="linearGradient-1">
+            <stop stop-color="#69C294" offset="0%"></stop>
+            <stop stop-color="#69B3BD" offset="100%"></stop>
+        </linearGradient>
+        <linearGradient x1="102.479868%" y1="12.4721624%" x2="0.31966157%" y2="87.768089%" id="linearGradient-2">
+            <stop stop-color="#6091CF" offset="0%"></stop>
+            <stop stop-color="#6A6BB0" offset="100%"></stop>
+        </linearGradient>
+    </defs>
+    <g id="shield" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">
+        <path d="M169.5,1.00579025 C169.551063,1.0077153 169.602029,1.00964513 169.652898,1.01157973 C185.428427,1.61153174 193.006778,5.24350679 220.754026,19.0560081 C248.501275,32.8685095 274.763943,32.8650453 277.874361,37.8080612 C280.984778,42.751077 276.93208,70.0778413 274.367871,102.555716 C270.948529,145.864562 273.237248,201.015097 264.562993,212.371826 C233.317564,253.279765 172.214345,283 169.5,283 C166.785655,282.99421 105.682436,253.273975 74.4370066,212.366036 C65.7627521,201.009306 68.0514714,145.858772 64.6321294,102.549926 C62.0679198,70.072051 58.0152222,42.7452868 61.1256394,37.8022709 C64.2360567,32.8592551 90.498725,32.8627192 118.245974,19.0502179 C145.993222,5.23771654 153.571573,1.60574149 169.347102,1.00578947 C169.397971,1.00385487 169.448937,1.00192505 169.5,1 L169.5,1.00579025 Z" id="Path" fill="url(#linearGradient-1)"></path>
+        <path d="M272.896873,128.022822 L168.948319,128.022822 L168.948319,1 L168.948319,1.00289516 C168.999638,1.00482023 169.050861,1.00675008 169.101987,1.00868469 C184.956996,1.60864287 192.573528,5.24065521 220.460572,19.0532983 C248.347617,32.8659415 274.742601,32.8624773 277.868689,37.8055439 C280.994778,42.7486105 276.921662,70.0756553 274.344533,102.553863 C273.694541,110.745372 273.249777,119.360507 272.896873,128.022822 Z M168.948319,283 C166.220299,282.99421 104.80923,253.27367 73.4063801,212.36531 C66.3377026,203.156974 66.5126812,165.157156 65,128.022822 L168.948319,128.022822 L168.948319,283 Z" id="Shape" fill="url(#linearGradient-2)"></path>
+        <path d="M219.5,199 C204.312169,199 192,186.911688 192,172 C192,157.088312 204.312169,145 219.5,145 C234.687831,145 247,157.088312 247,172 C247,186.911688 234.687831,199 219.5,199 Z M219.5,195.447368 C232.689432,195.447368 243.381579,184.949624 243.381579,172 C243.381579,159.050376 232.689432,148.552632 219.5,148.552632 C206.310568,148.552632 195.618421,159.050376 195.618421,172 C195.618421,184.949624 206.310568,195.447368 219.5,195.447368 Z" id="shield-11" fill="#FFFFFF" fill-rule="nonzero"></path>
+        <path d="M215.633926,177.835795 L228.886505,164.536089 C229.597003,163.823065 230.75096,163.82105 231.463943,164.531588 C232.176925,165.242127 232.178939,166.396152 231.468442,167.109175 L215.633926,183 L208.531558,175.872375 C207.821061,175.159351 207.823075,174.005326 208.536057,173.294788 C209.24904,172.584249 210.402997,172.586264 211.113495,173.299288 L215.633926,177.835795 Z" id="shield-10" fill="#FFFFFF" fill-rule="nonzero"></path>
+        <path d="M90.5294118,62.5047226 L90.5294118,97.7142857 C90.5294118,98.1087748 90.8454461,98.4285714 91.2352941,98.4285714 L142.764706,98.4285714 C143.154554,98.4285714 143.470588,98.1087748 143.470588,97.7142857 L143.470588,62.5047226 L90.5294118,62.5047226 Z M91.2352941,52 L142.764706,52 C145.103794,52 147,53.9187796 147,56.2857143 L147,97.7142857 C147,100.08122 145.103794,102 142.764706,102 L91.2352941,102 C88.8962058,102 87,100.08122 87,97.7142857 L87,56.2857143 C87,53.9187796 88.8962058,52 91.2352941,52 Z M92.6470588,59.8571429 C94.011527,59.8571429 95.1176471,58.7378547 95.1176471,57.3571429 C95.1176471,55.976431 94.011527,54.8571429 92.6470588,54.8571429 C91.2825906,54.8571429 90.1764706,55.976431 90.1764706,57.3571429 C90.1764706,58.7378547 91.2825906,59.8571429 92.6470588,59.8571429 Z M100.411765,59.8571429 C101.776233,59.8571429 102.882353,58.7378547 102.882353,57.3571429 C102.882353,55.976431 101.776233,54.8571429 100.411765,54.8571429 C99.0472965,54.8571429 97.9411765,55.976431 97.9411765,57.3571429 C97.9411765,58.7378547 99.0472965,59.8571429 100.411765,59.8571429 Z" id="shield-9" fill="#FFFFFF" fill-rule="nonzero"></path>
+        <path d="M206.381818,49.5220126 C205.391053,49.5220126 204.587879,50.3104419 204.587879,51.2830189 L204.587879,96.7169811 C204.587879,97.6895581 205.391053,98.4779874 206.381818,98.4779874 L232.618182,98.4779874 C233.608947,98.4779874 234.412121,97.6895581 234.412121,96.7169811 L234.412121,51.2830189 C234.412121,50.3104419 233.608947,49.5220126 232.618182,49.5220126 L206.381818,49.5220126 Z M206.381818,46 L232.618182,46 C235.590478,46 238,48.3652881 238,51.2830189 L238,96.7169811 C238,99.6347119 235.590478,102 232.618182,102 L206.381818,102 C203.409522,102 201,99.6347119 201,96.7169811 L201,51.2830189 C201,48.3652881 203.409522,46 206.381818,46 Z M216.069091,54.1006289 C215.177402,54.1006289 214.454545,53.3910425 214.454545,52.5157233 C214.454545,51.640404 215.177402,50.9308176 216.069091,50.9308176 L222.87625,50.9308176 C223.767939,50.9308176 224.490795,51.640404 224.490795,52.5157233 C224.490795,53.3910425 223.767939,54.1006289 222.87625,54.1006289 L216.069091,54.1006289 Z M219.65697,97.0691824 C217.675439,97.0691824 216.069091,95.4923236 216.069091,93.5471698 C216.069091,91.602016 217.675439,90.0251572 219.65697,90.0251572 C221.6385,90.0251572 223.244848,91.602016 223.244848,93.5471698 C223.244848,95.4923236 221.6385,97.0691824 219.65697,97.0691824 Z" id="shield-8" fill="#FFFFFF" fill-rule="nonzero"></path>
+        <path d="M135.333145,175.16653 C134.799627,175.736343 133.916299,175.755117 133.360178,175.208464 C132.804057,174.66181 132.785734,173.756736 133.319252,173.186923 C133.701827,172.778322 134.015049,172.296051 134.262166,171.718298 C136.185858,167.220767 135.134685,160.957275 131.454897,158.022253 C127.673665,155.006319 121.842918,153.211214 116.109137,153.786802 C115.342152,153.863796 114.659472,153.28914 114.584327,152.503272 C114.509183,151.717404 115.070031,151.017916 115.837016,150.940922 C122.292352,150.292901 128.831597,152.30613 133.169191,155.765822 C137.934199,159.566422 139.222767,167.244453 136.818268,172.866095 C136.440148,173.750129 135.94386,174.514268 135.333145,175.16653 Z M115.649509,187.272492 C115.923881,188.010384 115.562498,188.836462 114.842336,189.117589 C114.122175,189.398716 113.315946,189.028435 113.041574,188.290543 C110.569205,181.641396 112.371942,175.52979 116.389558,172.17807 C117.803379,170.998581 119.470923,170.409047 121.882834,169.999616 C122.313044,169.926587 122.508864,169.897056 123.447498,169.759679 C127.24362,169.204084 128.100526,168.704706 128.100526,166.627446 C128.100526,161.611908 123.007566,159.019274 115.551637,160.620093 C109.11516,162.002031 104.562689,167.534606 103.290939,173.587685 C102.412238,177.76999 102.526294,182.454059 103.646504,187.647485 C103.812812,188.41851 103.337611,189.181688 102.585113,189.35209 C101.832614,189.522493 101.087774,189.035593 100.921466,188.264568 C99.7187352,182.688567 99.5946624,177.593147 100.562644,172.985899 C102.049436,165.909292 107.358156,159.457656 114.97927,157.821372 C123.948511,155.895639 130.891323,159.429962 130.891323,166.627446 C130.891323,168.832179 130.040438,170.397113 128.4288,171.336325 C127.313731,171.986152 126.236549,172.240008 123.842135,172.59045 C122.92799,172.724243 122.739972,172.752598 122.338981,172.820668 C120.364981,173.155761 119.102842,173.60197 118.151642,174.395515 C115.041064,176.990533 113.618986,181.811637 115.649509,187.272492 Z M121.045761,195.591146 C121.573508,196.166574 121.546064,197.071406 120.984463,197.612146 C120.422862,198.152886 119.539771,198.124767 119.012024,197.54934 C117.425125,195.819069 116.112114,194.098058 115.063758,192.390424 C114.653418,191.722035 114.849589,190.839362 115.501918,190.418919 C116.154247,189.998477 117.015711,190.199477 117.426051,190.867867 C118.375893,192.415033 119.57845,193.99127 121.045761,195.591146 Z M132.492607,181.200751 C133.256139,181.307881 133.790344,182.028931 133.685788,182.811261 C133.581232,183.59359 132.877507,184.140947 132.113976,184.033817 C129.03535,183.601858 128.000232,184.014862 128.000232,184.890926 C128.000232,186.189243 128.885632,186.852349 131.334573,186.959969 C132.104523,186.993804 132.70192,187.660768 132.668897,188.449673 C132.635874,189.238579 131.984937,189.850683 131.214987,189.816847 C127.437334,189.650837 125.209435,187.982288 125.209435,184.890926 C125.209435,183.273343 126.040683,182.045095 127.523108,181.453619 C128.737757,180.968983 130.379163,180.904216 132.492607,181.200751 Z M112.248882,193.735486 C112.688531,194.384016 112.531831,195.274934 111.898885,195.725406 C111.265938,196.175879 110.396427,196.015322 109.956779,195.366792 C108.439014,193.127921 107.262748,190.571097 106.426622,187.701984 C105.025957,182.895693 105.404964,177.208192 107.331755,172.632355 C107.63705,171.907326 108.458169,171.573158 109.165776,171.885969 C109.873383,172.19878 110.199522,173.040115 109.894227,173.765143 C108.223458,177.732965 107.890419,182.730664 109.10075,186.883836 C109.854423,189.470016 110.904254,191.752011 112.248882,193.735486 Z M111.853908,170.430195 C111.358045,171.034662 110.477825,171.112805 109.887883,170.604734 C109.297941,170.096662 109.221675,169.194772 109.717538,168.590306 C111.571503,166.330289 115.315108,164.769093 120.983747,163.748475 C121.742775,163.611815 122.466211,164.131493 122.599588,164.909208 C122.732964,165.686923 122.225773,166.42817 121.466746,166.56483 C116.390956,167.478707 113.174879,168.819909 111.853908,170.430195 Z M133.112134,148.703851 C133.76408,149.124917 133.959448,150.007777 133.5485,150.675774 C133.137552,151.343771 132.275906,151.543949 131.62396,151.122884 C129.481614,149.739231 127.970043,148.932445 125.997278,148.244448 C123.407999,147.341443 120.422122,146.859505 116.767833,146.859505 C110.903346,146.859505 105.357492,149.451382 101.196591,153.440159 C100.633834,153.979636 99.7508055,153.949532 99.2242911,153.37292 C98.6977767,152.796309 98.727157,151.89154 99.2899137,151.352063 C103.935784,146.89838 110.137463,144 116.767833,144 C120.721016,144 124.010406,144.530926 126.896514,145.53745 C129.114056,146.310812 130.801147,147.21128 133.112134,148.703851 Z M126.811937,192.745343 C127.444293,193.196687 127.599824,194.087819 127.159325,194.735743 C126.718827,195.383667 125.849107,195.543028 125.216751,195.091684 C119.005739,190.65858 116.646682,185.941339 118.600252,181.121589 C119.371946,179.217704 120.673776,177.905633 122.475054,177.026824 C123.756617,176.401574 124.860979,176.104964 127.371212,175.588756 C127.428772,175.57692 127.428772,175.57692 127.486219,175.565103 C128.244338,175.409123 128.646575,175.322827 129.086655,175.218147 C129.837349,175.039582 130.587183,175.518367 130.761457,176.287543 C130.935731,177.056719 130.46845,177.825014 129.717756,178.003578 C129.242547,178.116614 128.819954,178.207278 128.035648,178.368645 C127.977951,178.380514 127.977951,178.380514 127.920374,178.392354 C123.564191,179.288165 122.069766,180.017267 121.177616,182.218334 C119.829585,185.544131 121.554134,188.992592 126.811937,192.745343 Z M111.150835,151.885309 C111.889118,151.658845 112.666788,152.088492 112.88781,152.844951 C113.108832,153.60141 112.689509,154.398227 111.951226,154.62469 C111.456052,154.776582 110.963988,154.946984 110.475402,155.136109 C108.568809,155.874128 106.043902,157.617812 103.932822,159.837063 C101.288465,162.616916 99.4509229,165.909564 98.7655278,169.530295 C98.6187874,170.305479 97.8865195,170.812005 97.1299617,170.661652 C96.3734038,170.511299 95.8790491,169.761003 96.0257894,168.985819 C96.822499,164.777047 98.9316989,160.997623 101.934289,157.841181 C104.321951,155.331176 107.188129,153.351812 109.489114,152.461129 C110.039015,152.24827 110.593084,152.056395 111.150835,151.885309 Z" id="shield-7" fill="#FFFFFF" fill-rule="nonzero"></path>
+        <path d="M1.00643505,173 C16.8344949,175.978557 28.2982073,177.467835 35.3975723,177.467835 L57,177.467835 L57,218 L35.3975723,218 C24.0955735,218 12.6297161,216.525428 1,213.576284 L11.5897968,194.572412 L1.00643759,173.000008 L1.00643505,173 Z" id="shield-6" fill="#6165A0"></path>
+        <polygon id="shield-5" fill="#292C55" points="56.8941857 178 57 178 57 218 55.4440203 218 39.2333984 198"></polygon>
+        <path d="M336.993562,173.000008 L326.410203,194.572412 L337,213.576284 C325.370284,216.525428 313.904426,218 302.602428,218 L281,218 L281,177.467835 L302.602428,177.467835 C309.701793,177.467835 321.165505,175.978557 336.993565,173 L336.993562,173.000008 Z" id="shield-4" fill="#6165A0"></path>
+        <polygon id="shield-3" fill="#292C55" points="281 177.600098 299.962984 198.004557 282.55598 218 281 218"></polygon>
+        <path d="M39,198 C82.5,208.701754 126,214.052632 169.5,214.052632 C213,214.052632 256.5,208.701754 300,198 L300,242.947368 C256.5,253.649123 213,259 169.5,259 C126,259 82.5,253.649123 39,242.947368 L39,198 Z" id="shield-2-copy" fill="#444884"></path>
+        <path d="M102.975954,228.864733 C103.185202,229.104404 103.279258,229.399329 103.258122,229.750583 C103.251076,229.867548 103.208452,230.023621 103.130248,230.220596 C101.646841,233.751079 100.150048,237.278333 98.6398683,240.801999 C98.5222103,241.062839 98.3422006,241.251921 98.0998392,241.369962 C97.8567732,241.488363 97.6024346,241.521012 97.3375279,241.469706 C96.8876798,241.405841 96.5614782,241.131368 96.358571,240.64772 C95.6406457,238.315951 94.9280044,235.983464 94.2213518,233.65026 C93.2681105,235.865064 92.3099374,238.078074 91.346128,240.290008 C91.2291745,240.516403 91.0741759,240.685034 90.8814845,240.796976 C90.6884408,240.908201 90.4827154,240.964531 90.2643083,240.96489 C90.0113788,240.979241 89.7683128,240.906766 89.5365195,240.746028 C89.3043739,240.586367 89.1560684,240.377552 89.0908985,240.120659 C88.0612147,236.415446 87.0449172,232.709156 86.0423581,229.000714 C86.004313,228.846435 85.9919836,228.686056 86.0050176,228.519219 C86.0307332,228.185187 86.1596639,227.910713 86.392514,227.693646 C86.6246596,227.477296 86.9145774,227.382217 87.2608584,227.409485 C87.8216715,227.453975 88.1658388,227.732754 88.2937126,228.24654 C89.0651829,231.136226 89.8447553,234.024835 90.6320777,236.912727 C91.5733418,234.893105 92.5096742,232.872047 93.4414271,230.849553 C93.6749818,230.362677 94.0561374,230.138434 94.5855985,230.176465 C95.0819462,230.211985 95.403216,230.486459 95.5518738,231.000245 C96.2162541,233.103107 96.8852139,235.204892 97.5594577,237.30596 C98.7156063,234.590645 99.8643572,231.873537 101.005006,229.154276 C101.218129,228.66417 101.613023,228.438492 102.19145,228.475088 C102.504969,228.49518 102.766706,228.625062 102.975954,228.864733 Z M115.036711,232.03919 C114.331467,232.531807 113.843222,233.323654 113.572327,234.416166 C116.021657,234.543178 118.471691,234.661578 120.921726,234.770291 C120.924544,234.703556 120.927362,234.636463 120.93018,234.569728 C120.88509,233.679214 120.5219,232.934727 119.843076,232.333038 C119.163548,231.732784 118.377987,231.410592 117.483927,231.367896 C116.556402,231.323406 115.74125,231.546931 115.036711,232.03919 Z M122.995536,236.55706 C122.753527,236.756905 122.47453,236.849114 122.158544,236.83548 C119.229423,236.709186 116.300302,236.569618 113.371885,236.417491 C113.427192,237.64419 113.840051,238.647005 114.61434,239.423425 C115.387571,240.200203 116.360188,240.617474 117.529722,240.673086 C118.331488,240.711118 118.988823,240.62465 119.499966,240.412965 C120.011109,240.201997 120.466241,239.920706 120.866067,239.569452 C121.122871,239.430242 121.368051,239.365301 121.601606,239.375706 C121.885183,239.387546 122.118737,239.49877 122.30227,239.707585 C122.485802,239.916401 122.572461,240.154995 122.56154,240.422293 C122.547449,240.773906 122.367087,241.084617 122.021159,241.354785 C121.515652,241.819058 120.854442,242.20081 120.036825,242.498605 C119.218855,242.797117 118.390669,242.92664 117.554029,242.886814 C116.197439,242.822591 115.018041,242.478871 114.017243,241.857449 C113.016798,241.236744 112.262941,240.400048 111.757082,239.350232 C111.250166,238.300774 111.032111,237.131481 111.099747,235.843788 C111.173371,234.439129 111.524584,233.222834 112.150919,232.190958 C112.777254,231.159798 113.57127,230.384814 114.53367,229.863853 C115.495718,229.34325 116.512016,229.108961 117.586438,229.160626 C118.643599,229.211216 119.622203,229.533049 120.524366,230.126845 C121.426528,230.720641 122.138817,231.514282 122.662642,232.508845 C123.185762,233.503049 123.432703,234.602737 123.400646,235.80755 C123.37176,236.107856 123.236489,236.357932 122.995536,236.55706 Z M140.806917,240.894675 C141.434309,240.499289 141.927134,239.950342 142.284688,239.246039 C142.642241,238.542813 142.830353,237.75563 142.849024,236.88485 C142.867694,236.014786 142.713752,235.224016 142.389312,234.513614 C142.064167,233.802494 141.599876,233.239195 140.996086,232.822641 C140.391944,232.406087 139.709245,232.187226 138.947639,232.167493 C138.168771,232.147042 137.467754,232.328589 136.843885,232.712852 C136.219311,233.097115 135.726838,233.630993 135.366819,234.315203 C135.006447,234.999414 134.812699,235.78552 134.786631,236.671729 C134.760563,237.559373 134.907812,238.359472 135.229434,239.072744 C135.550704,239.785658 136.014995,240.356491 136.621955,240.784168 C137.228563,241.211844 137.925352,241.436446 138.711266,241.456897 C139.479918,241.477348 140.179173,241.29006 140.806917,240.894675 Z M142.307233,230.918907 C143.203759,231.526337 143.903366,232.353345 144.404998,233.401727 C144.90663,234.451184 145.145821,235.627294 145.12081,236.933286 C145.095446,238.239278 144.81046,239.414311 144.263033,240.45767 C143.715959,241.501387 142.975136,242.306509 142.041974,242.870884 C141.107755,243.435618 140.087583,243.703633 138.981809,243.67493 C138.110646,243.652685 137.303245,243.437412 136.560308,243.030904 C135.817372,242.624755 135.220275,242.129626 134.769018,241.545876 C134.761972,241.788777 134.754927,242.031318 134.747881,242.274218 C134.738018,242.609327 134.616837,242.890259 134.383635,243.117372 C134.150432,243.344844 133.858049,243.453198 133.506484,243.442076 C133.171475,243.431312 132.894591,243.309324 132.67548,243.076111 C132.456368,242.843257 132.352801,242.550485 132.364074,242.199231 C132.535981,236.751739 132.707536,231.304605 132.879444,225.857472 C132.890717,225.505859 133.006261,225.220622 133.227486,225.00176 C133.448359,224.782899 133.731232,224.679209 134.076808,224.689973 C134.422032,224.700736 134.702439,224.826671 134.917323,225.067777 C135.132912,225.309242 135.235422,225.596632 135.225911,225.931382 C135.166025,227.972891 135.10614,230.015118 135.046606,232.056627 C135.461579,231.466419 136.055858,230.964832 136.828737,230.551507 C137.601265,230.138541 138.417121,229.943001 139.276658,229.965246 C140.40075,229.994667 141.40965,230.312554 142.307233,230.918907 Z M161.872388,241.197421 C162.483223,240.79773 162.960548,240.245912 163.304011,239.543404 C163.646769,238.840536 163.818677,238.046177 163.819734,237.157816 C163.821143,236.287394 163.650997,235.499852 163.312113,234.796267 C162.972878,234.092324 162.501189,233.535124 161.897399,233.122876 C161.292904,232.710627 160.602456,232.50253 159.82394,232.498224 C159.04472,232.494278 158.351806,232.690535 157.744141,233.088073 C157.136124,233.485611 156.658447,234.033841 156.312518,234.734197 C155.965885,235.434553 155.788341,236.228194 155.780591,237.11512 C155.772136,238.003123 155.935942,238.799634 156.272007,239.505731 C156.60772,240.212186 157.079409,240.769027 157.686721,241.175176 C158.293329,241.581325 158.990119,241.786911 159.776384,241.790858 C160.561945,241.795163 161.260848,241.597111 161.872388,241.197421 Z M165.750523,230.767068 C165.974214,230.992746 166.086236,231.290182 166.086588,231.657941 C166.090111,235.291037 166.093633,238.924493 166.097156,242.557948 C166.097508,242.893416 165.985134,243.177935 165.758977,243.412225 C165.53282,243.646873 165.243959,243.764197 164.892394,243.763838 C164.540829,243.763838 164.255491,243.65046 164.038141,243.424423 C163.820438,243.198028 163.712644,242.909203 163.712996,242.557589 C163.713348,242.340163 163.7137,242.122378 163.714053,241.904952 C163.277943,242.490496 162.683312,242.98706 161.928399,243.395003 C161.173485,243.802946 160.35939,244.004585 159.48858,243.999921 C158.348988,243.993104 157.316134,243.692798 156.391779,243.098643 C155.467776,242.504847 154.747737,241.680709 154.232719,240.628381 C153.717701,239.576412 153.468646,238.397073 153.483441,237.091081 C153.498237,235.78509 153.773359,234.612209 154.306695,233.571362 C154.840384,232.531233 155.564297,231.722523 156.479494,231.143796 C157.394338,230.565787 158.396544,230.280191 159.487875,230.286649 C160.364322,230.291672 161.17736,230.479319 161.929455,230.849589 C162.680494,231.220577 163.280057,231.69059 163.726734,232.260706 C163.726734,232.059426 163.727087,231.858504 163.727439,231.657582 C163.727791,231.306328 163.835586,231.013197 164.051175,230.778908 C164.265707,230.544977 164.547522,230.427653 164.89486,230.427653 C165.241846,230.427653 165.527184,230.540672 165.750523,230.767068 Z M186.249333,230.728426 C186.477251,230.958769 186.594909,231.240418 186.601954,231.574809 C186.648806,233.801453 186.695658,236.028097 186.741805,238.254383 C186.778794,239.995585 186.327537,241.357548 185.384159,242.339912 C184.440781,243.322276 183.088066,243.829963 181.328832,243.858307 C179.586155,243.886651 178.230622,243.423096 177.265755,242.471588 C176.300889,241.520797 175.811235,240.173903 175.793269,238.432342 C175.770371,236.205698 175.747122,233.978695 175.724224,231.752051 C175.720349,231.417301 175.8292,231.131705 176.050426,230.894545 C176.270946,230.658104 176.546773,230.537551 176.877202,230.533245 C177.224892,230.52894 177.511287,230.643034 177.737797,230.874095 C177.963954,231.106231 178.079498,231.389315 178.083373,231.723348 C178.111555,233.950351 178.139736,236.177354 178.16827,238.403998 C178.195395,240.596916 179.237408,241.681176 181.29431,241.648526 C182.313778,241.632022 183.086657,241.341761 183.611891,240.779539 C184.136068,240.216599 184.387588,239.391385 184.367509,238.302819 C184.325941,236.076534 184.284373,233.84989 184.242806,231.623605 C184.236465,231.288855 184.343202,231.002541 184.561962,230.763229 C184.780721,230.524993 185.054787,230.402287 185.386272,230.395111 C185.73361,230.387936 186.021414,230.49916 186.249333,230.728426 Z M200.073868,232.321234 C200.158765,234.814458 200.24331,237.307682 200.328559,239.801265 C200.357093,240.63832 200.747055,241.043393 201.499151,241.015766 C201.615752,241.01146 201.773921,240.976658 201.972249,240.910282 C202.170929,240.844623 202.328393,240.809103 202.444994,240.804798 C202.662697,240.796905 202.8494,240.881579 203.006512,241.059897 C203.163976,241.238574 203.247464,241.469634 203.258032,241.754153 C203.270714,242.105767 203.081545,242.414325 202.689117,242.680546 C202.296336,242.946768 201.848602,243.088848 201.346618,243.107146 C200.793555,243.12688 200.28523,243.086695 199.820586,242.985158 C199.356647,242.88398 198.93639,242.600895 198.561575,242.136264 C198.186408,241.671632 197.983853,240.953695 197.953206,239.982812 C197.872888,237.455862 197.792571,234.928912 197.712253,232.401961 C197.23211,232.417748 196.751262,232.433176 196.270766,232.448245 C195.95619,232.458291 195.691988,232.361777 195.478512,232.159061 C195.265037,231.956345 195.154072,231.695506 195.144913,231.377619 C195.135402,231.059732 195.230867,230.79674 195.432013,230.590077 C195.633159,230.382338 195.890315,230.274343 196.20454,230.264656 C196.683979,230.249587 197.163417,230.2338 197.643208,230.218013 L197.575925,228.109411 C197.565357,227.774661 197.667867,227.486553 197.882752,227.245088 C198.097988,227.003264 198.378395,226.876253 198.724676,226.864772 C199.053696,226.853649 199.33375,226.961286 199.564486,227.187323 C199.794871,227.414078 199.916051,227.694292 199.927676,228.029042 C199.951278,228.731909 199.975585,229.434777 199.999187,230.137644 C200.685408,230.113606 201.371629,230.088132 202.05785,230.062657 C202.371722,230.051176 202.635924,230.145897 202.850456,230.346818 C203.064636,230.548458 203.178067,230.807503 203.190044,231.12539 C203.201669,231.443277 203.107613,231.706628 202.908229,231.915444 C202.708492,232.124259 202.451335,232.234407 202.136406,232.246247 C201.448776,232.271721 200.761146,232.297195 200.073868,232.321234 Z M223.394181,234.140078 C223.520645,236.371745 223.64711,238.603054 223.773575,240.834721 C223.792597,241.169471 223.696076,241.46009 223.482953,241.706937 C223.270534,241.954142 222.988718,242.088329 222.637506,242.108422 C222.302145,242.127796 222.01575,242.026618 221.776911,241.805245 C221.538425,241.584231 221.410199,241.306887 221.391881,240.971778 C221.2707,238.739752 221.149167,236.508444 221.027986,234.276418 C220.908919,232.102875 219.939473,231.068486 218.119649,231.166436 C217.142453,231.21846 216.347381,231.574738 215.732319,232.23455 C215.117256,232.894722 214.830861,233.684416 214.875247,234.604351 C214.983394,236.836736 215.09154,239.069121 215.199335,241.301864 C215.215539,241.636614 215.116199,241.926516 214.901667,242.171568 C214.686783,242.417339 214.40391,242.548656 214.051993,242.565519 C213.70078,242.582741 213.410862,242.483715 213.183296,242.268441 C212.954673,242.053168 212.83314,241.770084 212.816936,241.41847 C212.568938,236.03269 212.320588,230.647627 212.072591,225.261846 C212.057443,224.927455 212.155022,224.638271 212.366383,224.39286 C212.577041,224.148524 212.846879,224.017925 213.175546,224.00178 C213.521475,223.984917 213.809984,224.087889 214.043539,224.310697 C214.277093,224.534581 214.402149,224.813001 214.418001,225.147393 C214.520511,227.262453 214.62267,229.378232 214.72518,231.493651 C215.107392,230.820922 215.659047,230.235737 216.37979,229.737021 C217.100886,229.238663 217.881867,228.966701 218.723791,228.920776 C221.628958,228.76255 223.185989,230.4955 223.394181,234.140078 Z M244.469444,232.550033 L244.995735,239.360206 C245.021451,239.694597 244.930917,239.987369 244.723078,240.23888 C244.515592,240.49075 244.236242,240.630319 243.885029,240.658304 C243.550725,240.684496 243.261864,240.589776 243.018798,240.373426 C242.775732,240.157435 242.641518,239.882603 242.616507,239.548211 L242.107829,232.762078 C242.033853,231.777202 241.751333,231.009753 241.261326,230.459729 C240.770967,229.910065 240.022042,229.673264 239.013494,229.748968 C238.351932,229.798481 237.762937,229.988998 237.245806,230.320519 C236.728674,230.65204 236.333428,231.075411 236.061828,231.589556 C235.788819,232.104776 235.67257,232.654082 235.713081,233.238191 C235.868432,235.50179 236.023783,237.764672 236.179486,240.027912 C236.202383,240.362304 236.109384,240.654358 235.899431,240.903716 C235.689831,241.153792 235.409072,241.291208 235.05786,241.315964 C234.707351,241.340003 234.414615,241.247077 234.182822,241.036468 C233.949972,240.826218 233.822098,240.545645 233.799201,240.194749 L233.086912,229.469831 C233.065071,229.135798 233.15807,228.844461 233.365205,228.595103 C233.571987,228.345745 233.841121,228.209764 234.171549,228.186443 C234.518535,228.162404 234.810919,228.258918 235.049757,228.476703 C235.288244,228.695205 235.419993,228.970755 235.44289,229.304788 C235.46297,229.597201 235.482697,229.889614 235.503128,230.181668 C235.887102,229.483106 236.446858,228.876752 237.182397,228.361173 C237.918288,227.845952 238.722167,227.555333 239.597205,227.489316 C242.565075,227.263996 244.189038,228.943846 244.469444,232.550033 Z" id="Combined-Shape" fill="#FFFFFF"></path>
+    </g>
+</svg>
\ No newline at end of file
diff --git a/lam/lib/2factor.inc b/lam/lib/2factor.inc
index 55267b31..38733342 100644
--- a/lam/lib/2factor.inc
+++ b/lam/lib/2factor.inc
@@ -3,8 +3,8 @@ namespace LAM\LIB\TWO_FACTOR;
 use \selfServiceProfile;
 use \LAMConfig;
 use \htmlScript;
-use \htmlInputField;
 use \htmlIframe;
+use \htmlImage;
 
 /*
   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
@@ -464,6 +464,76 @@ class DuoProvider extends BaseProvider {
 
 }
 
+/**
+ * Provider for Webauthn.
+ */
+class WebauthnProvider extends BaseProvider {
+
+	/**
+	 * Constructor.
+	 *
+	 * @param TwoFactorConfiguration $config configuration
+	 */
+	public function __construct(&$config) {
+		$this->config = $config;
+	}
+
+	/**
+	 * {@inheritDoc}
+	 * @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::getSerials()
+	 */
+	public function getSerials($user, $password) {
+		return array('WEBAUTHN');
+	}
+
+	/**
+	 * {@inheritDoc}
+	 * @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::isShowSubmitButton()
+	 */
+	public function isShowSubmitButton() {
+		return false;
+	}
+
+	/**
+	 * {@inheritDoc}
+	 * @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::hasCustomInputForm()
+	 */
+	public function hasCustomInputForm() {
+		return true;
+	}
+
+	/**
+	 * {@inheritDoc}
+	 * @see \LAM\LIB\TWO_FACTOR\BaseProvider::addCustomInput()
+	 */
+	public function addCustomInput(&$row, $userDn) {
+		$pathPrefix = $this->config->isSelfService ? '../' : '';
+		$row->add(new htmlImage($pathPrefix . '../graphics/webauthn.svg'), 12);
+	}
+
+	/**
+	 * {@inheritDoc}
+	 * @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::verify2ndFactor()
+	 */
+	public function verify2ndFactor($user, $password, $serial, $twoFactorInput) {
+		logNewMessage(LOG_DEBUG, 'PrivacyIDEAProvider: Checking 2nd factor for ' . $user);
+		$loginAttribute = $this->getLoginAttributeValue($user);
+		$response = $_POST['sig_response'];
+		include_once(__DIR__ . "/3rdParty/duo/Web.php");
+		$result = \Duo\Web::verifyResponse(
+				$this->config->twoFactorAuthenticationClientId,
+				$this->config->twoFactorAuthenticationSecretKey,
+				$this->getAKey(),
+				$response);
+		if ($result === $loginAttribute) {
+			return true;
+		}
+		logNewMessage(LOG_ERR, 'DUO authentication failed');
+		return false;
+	}
+
+}
+
 /**
  * Returns the correct 2 factor provider.
  */
@@ -477,6 +547,8 @@ class TwoFactorProviderService {
 	const TWO_FACTOR_YUBICO = 'yubico';
 	/** 2factor authentication via DUO */
 	const TWO_FACTOR_DUO = 'duo';
+	/** 2factor authentication via webauthn */
+	const TWO_FACTOR_WEBAUTHN = 'webauthn';
 
 	private $config;