Example 1 with IDeviceCertificate
use of com.microsoft.identity.common.adal.internal.IDeviceCertificate in project microsoft-authentication-library-common-for-android by AzureAD.
the class PKeyAuthChallengeHandler method getWPJAPIInstance.
private static IDeviceCertificate getWPJAPIInstance(Class<IDeviceCertificate> certClazz) throws ClientException {
final IDeviceCertificate deviceCertProxy;
final Constructor<?> constructor;
try {
constructor = certClazz.getDeclaredConstructor();
deviceCertProxy = (IDeviceCertificate) constructor.newInstance((Object[]) null);
} catch (NoSuchMethodException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
throw new ClientException(ErrorStrings.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e);
}
return deviceCertProxy;
}
Also used :
IDeviceCertificate(com.microsoft.identity.common.adal.internal.IDeviceCertificate)
ClientException(com.microsoft.identity.common.exception.ClientException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
Example 2 with IDeviceCertificate
use of com.microsoft.identity.common.adal.internal.IDeviceCertificate in project microsoft-authentication-library-common-for-android by AzureAD.
the class PKeyAuthChallengeHandler method getChallengeHeader.
public static Map<String, String> getChallengeHeader(final PKeyAuthChallenge pKeyAuthChallenge) throws ClientException {
String authorizationHeaderValue = String.format("%s Context=\"%s\",Version=\"%s\"", AuthenticationConstants.Broker.CHALLENGE_RESPONSE_TYPE, pKeyAuthChallenge.getContext(), pKeyAuthChallenge.getVersion());
// If not device cert exists, alias or private key will not exist on the device
// Suppressing unchecked warnings due to the generic type not provided in the object returned from method getDeviceCertificateProxy
@SuppressWarnings(WarningType.unchecked_warning) Class<IDeviceCertificate> certClazz = (Class<IDeviceCertificate>) AuthenticationSettings.INSTANCE.getDeviceCertificateProxy();
if (certClazz != null) {
IDeviceCertificate deviceCertProxy = getWPJAPIInstance(certClazz);
if (deviceCertProxy.isValidIssuer(pKeyAuthChallenge.getCertAuthorities()) || StringUtil.equalsIgnoreCase(deviceCertProxy.getThumbPrint(), pKeyAuthChallenge.getThumbprint())) {
RSAPrivateKey privateKey = deviceCertProxy.getRSAPrivateKey();
if (privateKey == null) {
throw new ClientException(ErrorStrings.KEY_CHAIN_PRIVATE_KEY_EXCEPTION);
}
final String jwt = (new JWSBuilder()).generateSignedJWT(pKeyAuthChallenge.getNonce(), pKeyAuthChallenge.getSubmitUrl(), privateKey, deviceCertProxy.getRSAPublicKey(), deviceCertProxy.getCertificate());
authorizationHeaderValue = String.format("%s AuthToken=\"%s\",Context=\"%s\",Version=\"%s\"", AuthenticationConstants.Broker.CHALLENGE_RESPONSE_TYPE, jwt, pKeyAuthChallenge.getContext(), pKeyAuthChallenge.getVersion());
Logger.info(TAG, "Receive challenge response. ");
}
}
final Map<String, String> headers = new HashMap<>();
headers.put(AuthenticationConstants.Broker.CHALLENGE_RESPONSE_HEADER, authorizationHeaderValue);
return headers;
}
Also used :
IDeviceCertificate(com.microsoft.identity.common.adal.internal.IDeviceCertificate)
HashMap(java.util.HashMap)
ClientException(com.microsoft.identity.common.exception.ClientException)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
JWSBuilder(com.microsoft.identity.common.adal.internal.JWSBuilder)
Aggregations
IDeviceCertificate (com.microsoft.identity.common.adal.internal.IDeviceCertificate)2
ClientException (com.microsoft.identity.common.exception.ClientException)2
JWSBuilder (com.microsoft.identity.common.adal.internal.JWSBuilder)1
InvocationTargetException (java.lang.reflect.InvocationTargetException)1
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)1
HashMap (java.util.HashMap)1
