use of com.microsoft.identity.common.adal.internal.IDeviceCertificate in project microsoft-authentication-library-common-for-android by AzureAD.
the class PKeyAuthChallengeHandler method getWPJAPIInstance.
private static IDeviceCertificate getWPJAPIInstance(Class<IDeviceCertificate> certClazz) throws ClientException {
final IDeviceCertificate deviceCertProxy;
final Constructor<?> constructor;
try {
constructor = certClazz.getDeclaredConstructor();
deviceCertProxy = (IDeviceCertificate) constructor.newInstance((Object[]) null);
} catch (NoSuchMethodException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
throw new ClientException(ErrorStrings.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e);
}
return deviceCertProxy;
}
use of com.microsoft.identity.common.adal.internal.IDeviceCertificate in project microsoft-authentication-library-common-for-android by AzureAD.
the class PKeyAuthChallengeHandler method getChallengeHeader.
public static Map<String, String> getChallengeHeader(final PKeyAuthChallenge pKeyAuthChallenge) throws ClientException {
String authorizationHeaderValue = String.format("%s Context=\"%s\",Version=\"%s\"", AuthenticationConstants.Broker.CHALLENGE_RESPONSE_TYPE, pKeyAuthChallenge.getContext(), pKeyAuthChallenge.getVersion());
// If not device cert exists, alias or private key will not exist on the device
// Suppressing unchecked warnings due to the generic type not provided in the object returned from method getDeviceCertificateProxy
@SuppressWarnings(WarningType.unchecked_warning) Class<IDeviceCertificate> certClazz = (Class<IDeviceCertificate>) AuthenticationSettings.INSTANCE.getDeviceCertificateProxy();
if (certClazz != null) {
IDeviceCertificate deviceCertProxy = getWPJAPIInstance(certClazz);
if (deviceCertProxy.isValidIssuer(pKeyAuthChallenge.getCertAuthorities()) || StringUtil.equalsIgnoreCase(deviceCertProxy.getThumbPrint(), pKeyAuthChallenge.getThumbprint())) {
RSAPrivateKey privateKey = deviceCertProxy.getRSAPrivateKey();
if (privateKey == null) {
throw new ClientException(ErrorStrings.KEY_CHAIN_PRIVATE_KEY_EXCEPTION);
}
final String jwt = (new JWSBuilder()).generateSignedJWT(pKeyAuthChallenge.getNonce(), pKeyAuthChallenge.getSubmitUrl(), privateKey, deviceCertProxy.getRSAPublicKey(), deviceCertProxy.getCertificate());
authorizationHeaderValue = String.format("%s AuthToken=\"%s\",Context=\"%s\",Version=\"%s\"", AuthenticationConstants.Broker.CHALLENGE_RESPONSE_TYPE, jwt, pKeyAuthChallenge.getContext(), pKeyAuthChallenge.getVersion());
Logger.info(TAG, "Receive challenge response. ");
}
}
final Map<String, String> headers = new HashMap<>();
headers.put(AuthenticationConstants.Broker.CHALLENGE_RESPONSE_HEADER, authorizationHeaderValue);
return headers;
}
Aggregations