Examples with U2fSignRequest com.google.u2f.server.messages.U2fSignRequest used on opensource projects

Search in sources :

Example 1 with U2fSignRequest

use of com.google.u2f.server.messages.U2fSignRequest in project OpenUnison by TremoloSecurity.

the class U2FServerUnison method getSignRequest.

@Override
public U2fSignRequest getSignRequest(String accountName, String appId) throws U2FException {
    if (log.isDebugEnabled()) {
        log.debug(">> getSignRequest " + accountName);
    }
    List<SecurityKeyData> securityKeyDataList = dataStore.getSecurityKeyData(accountName);
    byte[] challenge = challengeGenerator.generateChallenge(accountName);
    String challengeBase64 = Base64.encodeBase64URLSafeString(challenge);
    ImmutableList.Builder<RegisteredKey> registeredKeys = ImmutableList.builder();
    if (log.isDebugEnabled()) {
        log.debug("  challenge: " + Hex.encodeHexString(challenge));
    }
    for (SecurityKeyData securityKeyData : securityKeyDataList) {
        SignSessionData sessionData = new SignSessionData(accountName, appId, challenge, securityKeyData.getPublicKey());
        String sessionId = dataStore.storeSessionData(sessionData);
        byte[] keyHandle = securityKeyData.getKeyHandle();
        List<Transports> transports = securityKeyData.getTransports();
        if (log.isDebugEnabled()) {
            log.debug("-- Output --");
            log.debug("  sessionId: " + sessionId);
            log.debug("  keyHandle: " + Hex.encodeHexString(keyHandle));
        }
        String keyHandleBase64 = Base64.encodeBase64URLSafeString(keyHandle);
        if (log.isDebugEnabled()) {
            log.debug("<< getRegisteredKey " + accountName);
        }
        registeredKeys.add(new RegisteredKey(U2FConsts.U2F_V2, keyHandleBase64, transports, appId, sessionId));
    }
    return new U2fSignRequest(challengeBase64, registeredKeys.build());
}
Also used : SignSessionData(com.google.u2f.server.data.SignSessionData) U2fSignRequest(com.google.u2f.server.messages.U2fSignRequest) SecurityKeyData(com.google.u2f.server.data.SecurityKeyData) ImmutableList(com.google.common.collect.ImmutableList) Transports(com.google.u2f.server.data.SecurityKeyData.Transports) RegisteredKey(com.google.u2f.server.messages.RegisteredKey)

Example 2 with U2fSignRequest

use of com.google.u2f.server.messages.U2fSignRequest in project OpenUnison by TremoloSecurity.

the class U2FServerReferenceImpl method getSignRequest.

@Override
public U2fSignRequest getSignRequest(String accountName, String appId) throws U2FException {
    Log.info(">> getSignRequest " + accountName);
    List<SecurityKeyData> securityKeyDataList = dataStore.getSecurityKeyData(accountName);
    byte[] challenge = challengeGenerator.generateChallenge(accountName);
    String challengeBase64 = Base64.encodeBase64URLSafeString(challenge);
    ImmutableList.Builder<RegisteredKey> registeredKeys = ImmutableList.builder();
    Log.info("  challenge: " + Hex.encodeHexString(challenge));
    for (SecurityKeyData securityKeyData : securityKeyDataList) {
        SignSessionData sessionData = new SignSessionData(accountName, appId, challenge, securityKeyData.getPublicKey());
        String sessionId = dataStore.storeSessionData(sessionData);
        byte[] keyHandle = securityKeyData.getKeyHandle();
        List<Transports> transports = securityKeyData.getTransports();
        Log.info("-- Output --");
        Log.info("  sessionId: " + sessionId);
        Log.info("  keyHandle: " + Hex.encodeHexString(keyHandle));
        String keyHandleBase64 = Base64.encodeBase64URLSafeString(keyHandle);
        Log.info("<< getRegisteredKey " + accountName);
        registeredKeys.add(new RegisteredKey(U2FConsts.U2F_V2, keyHandleBase64, transports, appId, sessionId));
    }
    return new U2fSignRequest(challengeBase64, registeredKeys.build());
}
Also used : SignSessionData(com.google.u2f.server.data.SignSessionData) U2fSignRequest(com.google.u2f.server.messages.U2fSignRequest) SecurityKeyData(com.google.u2f.server.data.SecurityKeyData) ImmutableList(com.google.common.collect.ImmutableList) Transports(com.google.u2f.server.data.SecurityKeyData.Transports) RegisteredKey(com.google.u2f.server.messages.RegisteredKey)

Example 3 with U2fSignRequest

use of com.google.u2f.server.messages.U2fSignRequest in project OpenUnison by TremoloSecurity.

the class U2fAuth method startAuthentication.

private void startAuthentication(HttpServletRequest request, HttpServletResponse response, AuthStep as) throws ServletException, MalformedURLException, IOException {
    AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
    // SharedSession.getSharedSession().getSession(req.getSession().getId());
    HttpSession session = ((HttpServletRequest) request).getSession();
    UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
    RequestHolder reqHolder = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getHolder();
    String urlChain = holder.getUrl().getAuthChain();
    AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName());
    AuthMechType amt = act.getAuthMech().get(as.getId());
    HashMap<String, Attribute> authParams = (HashMap<String, Attribute>) session.getAttribute(ProxyConstants.AUTH_MECH_PARAMS);
    String challengeStoreAttribute = authParams.get("attribute").getValues().get(0);
    String encyrptionKeyName = authParams.get("encryptionKeyName").getValues().get(0);
    String uidAttributeName = authParams.get("uidAttributeName").getValues().get(0);
    String formURI = authParams.get("formURI").getValues().get(0);
    List<SecurityKeyData> keys;
    try {
        keys = U2fUtil.loadUserKeys(userData, challengeStoreAttribute, encyrptionKeyName);
    } catch (Exception e1) {
        throw new ServletException("Could not loak keys", e1);
    }
    Set<String> origins = new HashSet<String>();
    String appID = U2fUtil.getApplicationId(request);
    origins.add(appID);
    U2FServer u2f = new U2FServerUnison(this.challengeGen, new UnisonDataStore(UUID.randomUUID().toString(), keys), new BouncyCastleCrypto(), origins);
    String uid = userData.getAttribs().get(uidAttributeName).getValues().get(0);
    if (keys == null || keys.size() == 0) {
        if (amt.getRequired().equals("required")) {
            as.setSuccess(false);
        }
        holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
        return;
    }
    U2fSignRequest sigReq = null;
    try {
        sigReq = u2f.getSignRequest(uid, appID);
    } catch (U2FException e) {
        logger.error("Could not start authentication", e);
        if (amt.getRequired().equals("required")) {
            as.setSuccess(false);
        }
        holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
        return;
    }
    Gson gson = new Gson();
    request.getSession().setAttribute(AUTH_SIGN_REQ, sigReq);
    request.getSession().setAttribute(AUTH_SIGN_REQ_JSON, gson.toJson(sigReq));
    request.getSession().setAttribute(SERVER, u2f);
    response.sendRedirect(formURI);
}
Also used : U2FServer(com.google.u2f.server.U2FServer) BouncyCastleCrypto(com.google.u2f.server.impl.BouncyCastleCrypto) Attribute(com.tremolosecurity.saml.Attribute) HashMap(java.util.HashMap) Gson(com.google.gson.Gson) RequestHolder(com.tremolosecurity.proxy.auth.RequestHolder) HttpServletRequest(javax.servlet.http.HttpServletRequest) UrlHolder(com.tremolosecurity.config.util.UrlHolder) ServletException(javax.servlet.ServletException) U2fSignRequest(com.google.u2f.server.messages.U2fSignRequest) SecurityKeyData(com.google.u2f.server.data.SecurityKeyData) U2FException(com.google.u2f.U2FException) AuthChainType(com.tremolosecurity.config.xml.AuthChainType) HashSet(java.util.HashSet) AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo) HttpSession(javax.servlet.http.HttpSession) AuthMechType(com.tremolosecurity.config.xml.AuthMechType) AuthController(com.tremolosecurity.proxy.auth.AuthController) ServletException(javax.servlet.ServletException) U2FException(com.google.u2f.U2FException) MalformedURLException(java.net.MalformedURLException) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) IOException(java.io.IOException)

Aggregations

SecurityKeyData (com.google.u2f.server.data.SecurityKeyData)3 U2fSignRequest (com.google.u2f.server.messages.U2fSignRequest)3 ImmutableList (com.google.common.collect.ImmutableList)2 Transports (com.google.u2f.server.data.SecurityKeyData.Transports)2 SignSessionData (com.google.u2f.server.data.SignSessionData)2 RegisteredKey (com.google.u2f.server.messages.RegisteredKey)2 Gson (com.google.gson.Gson)1 U2FException (com.google.u2f.U2FException)1 U2FServer (com.google.u2f.server.U2FServer)1 BouncyCastleCrypto (com.google.u2f.server.impl.BouncyCastleCrypto)1 UrlHolder (com.tremolosecurity.config.util.UrlHolder)1 AuthChainType (com.tremolosecurity.config.xml.AuthChainType)1 AuthMechType (com.tremolosecurity.config.xml.AuthMechType)1 ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)1 AuthController (com.tremolosecurity.proxy.auth.AuthController)1 AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)1 RequestHolder (com.tremolosecurity.proxy.auth.RequestHolder)1 Attribute (com.tremolosecurity.saml.Attribute)1 IOException (java.io.IOException)1 MalformedURLException (java.net.MalformedURLException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial