Example 6 with WebAuthnManager
use of com.webauthn4j.WebAuthnManager in project webauthn4j by webauthn4j.
the class FIDOU2FAuthenticatorRegistrationValidationTest method validate_with_bad_attestationStatement_test.
@Test
void validate_with_bad_attestationStatement_test() {
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(new PublicKeyCredentialRpEntity(rpId, "example.com"), new PublicKeyCredentialUserEntity(new byte[32], "username", "displayName"), challenge, Collections.singletonList(publicKeyCredentialParameters));
AuthenticatorAttestationResponse authenticatorAttestationResponse = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
Set<String> transports = authenticatorTransportConverter.convertSetToStringSet(authenticatorAttestationResponse.getTransports());
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
RegistrationRequest registrationRequest = new RegistrationRequest(authenticatorAttestationResponse.getAttestationObject(), authenticatorAttestationResponse.getClientDataJSON(), transports);
RegistrationParameters registrationParameters = new RegistrationParameters(serverProperty, null, false, true);
WebAuthnManager target = new WebAuthnManager(Collections.singletonList(fidoU2FAttestationStatementValidator), new TrustAnchorCertPathTrustworthinessValidator(mock(TrustAnchorsResolver.class)), new DefaultSelfAttestationTrustworthinessValidator());
assertThrows(BadAttestationStatementException.class, () -> target.validate(registrationRequest, registrationParameters));
}
Also used :
ServerProperty(com.webauthn4j.server.ServerProperty)
DefaultSelfAttestationTrustworthinessValidator(com.webauthn4j.validator.attestation.trustworthiness.self.DefaultSelfAttestationTrustworthinessValidator)
TrustAnchorCertPathTrustworthinessValidator(com.webauthn4j.validator.attestation.trustworthiness.certpath.TrustAnchorCertPathTrustworthinessValidator)
WebAuthnManager(com.webauthn4j.WebAuthnManager)
Challenge(com.webauthn4j.data.client.challenge.Challenge)
DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge)
DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge)
Test(org.junit.jupiter.api.Test)
Aggregations
WebAuthnManager (com.webauthn4j.WebAuthnManager)6
ServerProperty (com.webauthn4j.server.ServerProperty)5
Authenticator (com.webauthn4j.authenticator.Authenticator)3
Challenge (com.webauthn4j.data.client.challenge.Challenge)3
WebAuthnUserData (com.tremolosecurity.proxy.auth.webauthn.WebAuthnUserData)2
DataConversionException (com.webauthn4j.converter.exception.DataConversionException)2
Origin (com.webauthn4j.data.client.Origin)2
ValidationException (com.webauthn4j.validator.exception.ValidationException)2
ByteArrayInputStream (java.io.ByteArrayInputStream)2
IOException (java.io.IOException)2
ObjectInputStream (java.io.ObjectInputStream)2
ServletException (javax.servlet.ServletException)2
JSONObject (org.json.simple.JSONObject)2
JSONParser (org.json.simple.parser.JSONParser)2
ParseException (org.json.simple.parser.ParseException)2
UrlHolder (com.tremolosecurity.config.util.UrlHolder)1
AuthChainType (com.tremolosecurity.config.xml.AuthChainType)1
AuthMechType (com.tremolosecurity.config.xml.AuthMechType)1
AuthController (com.tremolosecurity.proxy.auth.AuthController)1
AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)1
