Search in sources :

Example 1 with AttestationObjectConverter

use of com.webauthn4j.converter.AttestationObjectConverter in project webauthn4j by webauthn4j.

the class PackedAttestationStatementValidatorTest method validate_with_yubikey_fido2_data_test.

@Test
void validate_with_yubikey_fido2_data_test() {
    byte[] attestationObjectBytes = Base64UrlUtil.decode("o2NmbXRmcGFja2VkaGF1dGhEYXRhWJRJlg3liA6MaHQ0Fw9kdmBbj-SuuaKGMseZXPO6gx2XY0UAAAADbUS6m_bsLkm5MAyP6SDLcwAQpt-LSNKw2Ni2n3k1ltLMrqUBAgMmIAEhWCA6CWZ7k4UFMb5kynCGxmRhRVTvppyLpwBKmZ1m96qSjiJYID1KElygcTfTMT5RRoU0oAbBoZEfjHUZytXNemDDkuZpZ2F0dFN0bXSjY2FsZyZjc2lnWEYwRAIgTqgNTx1zMoc4L1Eb_dOgyqtouZBVfrQscgsGrgE4lRICICLuRuy1T05B1kv86XzP0dnN0-DzRcU1t9tS0FTktASBY3g1Y4FZAsEwggK9MIIBpaADAgECAgQq52JjMA0GCSqGSIb3DQEBCwUAMC4xLDAqBgNVBAMTI1l1YmljbyBVMkYgUm9vdCBDQSBTZXJpYWwgNDU3MjAwNjMxMCAXDTE0MDgwMTAwMDAwMFoYDzIwNTAwOTA0MDAwMDAwWjBuMQswCQYDVQQGEwJTRTESMBAGA1UECgwJWXViaWNvIEFCMSIwIAYDVQQLDBlBdXRoZW50aWNhdG9yIEF0dGVzdGF0aW9uMScwJQYDVQQDDB5ZdWJpY28gVTJGIEVFIFNlcmlhbCA3MTk4MDcwNzUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQqA4ZeYEPZnhH_EKolVFeEvwmvjmseOzIXKSFvVRIajNkQ05ndx2i9_kp7x-PavGLm0kaf9Wdbj_qJDMp0hp4_o2wwajAiBgkrBgEEAYLECgIEFTEuMy42LjEuNC4xLjQxNDgyLjEuMTATBgsrBgEEAYLlHAIBAQQEAwIEMDAhBgsrBgEEAYLlHAEBBAQSBBBtRLqb9uwuSbkwDI_pIMtzMAwGA1UdEwEB_wQCMAAwDQYJKoZIhvcNAQELBQADggEBAHJX0Dzcw-EVaYSQ1vgO-VtTByNz2eZHMmMrEdzcd4rsa9WSbQfhe5xUMHiN4y9OR7RYdv-MVSICm-k4eHlXIzHnJ3AWgopxGznHT9bBJYvR5NnlZtVweQNH2lI1wD8P_kCxQo4FxukXmeR1VHFpAe64i7BXiTWIrYiq0w1xTy8vrDbVTbrXEJxbAnqwyrjPNU7xAIoJCGyghpavDPzbwYOY_N8CMWwmIsle5iK90cAKR4nkocy3SaNUul8nYEIwvv-uBua_AvvAFbzRUd811wqYqOQtykSI_PBxBCGI3-odX3S36niLKvnFFKm6uU_nOJzaGVGQsrEwfb-RGOGpKfg=");
    byte[] clientDataBytes = Base64UrlUtil.decode("ew0KCSJ0eXBlIiA6ICJ3ZWJhdXRobi5jcmVhdGUiLA0KCSJjaGFsbGVuZ2UiIDogIno5LWxDWmFQUlBtMGFReDlLMnE4a3ciLA0KCSJvcmlnaW4iIDogImh0dHA6Ly9sb2NhbGhvc3Q6ODA4MCIsDQoJInRva2VuQmluZGluZyIgOiANCgl7DQoJCSJzdGF0dXMiIDogInN1cHBvcnRlZCINCgl9DQp9");
    AttestationObject attestationObject = new AttestationObjectConverter(objectConverter).convert(attestationObjectBytes);
    validate(clientDataBytes, attestationObject);
}
Also used : AttestationObjectConverter(com.webauthn4j.converter.AttestationObjectConverter) AttestationObject(com.webauthn4j.data.attestation.AttestationObject) Test(org.junit.jupiter.api.Test)

Example 2 with AttestationObjectConverter

use of com.webauthn4j.converter.AttestationObjectConverter in project webauthn4j by webauthn4j.

the class PackedAttestationStatementValidatorTest method validate.

private void validate(byte[] clientDataBytes, AttestationObject attestationObject) {
    byte[] attestationObjectBytes = new AttestationObjectConverter(objectConverter).convertToBytes(attestationObject);
    Origin origin = new Origin(originUrl);
    Challenge challenge = (Challenge) () -> Base64UrlUtil.decode(challengeString);
    CollectedClientData collectedClientData = new CollectedClientDataConverter(objectConverter).convert(clientDataBytes);
    Set<AuthenticatorTransport> transports = Collections.emptySet();
    AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput> authenticationExtensionsClientOutputs = new AuthenticationExtensionsClientOutputs<>();
    RegistrationObject registrationObject = new RegistrationObject(attestationObject, attestationObjectBytes, collectedClientData, clientDataBytes, authenticationExtensionsClientOutputs, transports, new ServerProperty(origin, rpId, challenge, tokenBindingId));
    target.validate(registrationObject);
}
Also used : Origin(com.webauthn4j.data.client.Origin) AttestationObjectConverter(com.webauthn4j.converter.AttestationObjectConverter) ServerProperty(com.webauthn4j.server.ServerProperty) CollectedClientDataConverter(com.webauthn4j.converter.CollectedClientDataConverter) RegistrationExtensionClientOutput(com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput) Challenge(com.webauthn4j.data.client.challenge.Challenge) CollectedClientData(com.webauthn4j.data.client.CollectedClientData) RegistrationObject(com.webauthn4j.validator.RegistrationObject) AuthenticationExtensionsClientOutputs(com.webauthn4j.data.extension.client.AuthenticationExtensionsClientOutputs) AuthenticatorTransport(com.webauthn4j.data.AuthenticatorTransport)

Example 3 with AttestationObjectConverter

use of com.webauthn4j.converter.AttestationObjectConverter in project webauthn4j by webauthn4j.

the class UserVerifyingAuthenticatorAuthenticationValidationTest method createAttestationObject.

private AttestationObject createAttestationObject(String rpId, Challenge challenge) {
    AuthenticatorSelectionCriteria authenticatorSelectionCriteria = new AuthenticatorSelectionCriteria(AuthenticatorAttachment.CROSS_PLATFORM, true, UserVerificationRequirement.REQUIRED);
    PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
    PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity(new byte[32], "username", "displayName");
    AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> extensions = new AuthenticationExtensionsClientInputs<>();
    PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(new PublicKeyCredentialRpEntity(rpId, "example.com"), publicKeyCredentialUserEntity, challenge, Collections.singletonList(publicKeyCredentialParameters), null, Collections.emptyList(), authenticatorSelectionCriteria, AttestationConveyancePreference.NONE, extensions);
    AuthenticatorAttestationResponse registrationRequest = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
    AttestationObjectConverter attestationObjectConverter = new AttestationObjectConverter(objectConverter);
    return attestationObjectConverter.convert(registrationRequest.getAttestationObject());
}
Also used : AttestationObjectConverter(com.webauthn4j.converter.AttestationObjectConverter) AuthenticationExtensionsClientInputs(com.webauthn4j.data.extension.client.AuthenticationExtensionsClientInputs) RegistrationExtensionClientInput(com.webauthn4j.data.extension.client.RegistrationExtensionClientInput)

Example 4 with AttestationObjectConverter

use of com.webauthn4j.converter.AttestationObjectConverter in project webauthn4j by webauthn4j.

the class FIDOAuthenticatorCoreAuthenticationValidationTest method createAttestationObject.

private AttestationObject createAttestationObject(String rpId, Challenge challenge) {
    AuthenticatorSelectionCriteria authenticatorSelectionCriteria = new AuthenticatorSelectionCriteria(AuthenticatorAttachment.CROSS_PLATFORM, true, UserVerificationRequirement.REQUIRED);
    PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
    PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity(new byte[32], "username", "displayName");
    AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> extensions = new AuthenticationExtensionsClientInputs<>();
    PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(new PublicKeyCredentialRpEntity(rpId, "example.com"), publicKeyCredentialUserEntity, challenge, Collections.singletonList(publicKeyCredentialParameters), null, Collections.emptyList(), authenticatorSelectionCriteria, AttestationConveyancePreference.NONE, extensions);
    AuthenticatorAttestationResponse registrationRequest = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
    AttestationObjectConverter attestationObjectConverter = new AttestationObjectConverter(objectConverter);
    return attestationObjectConverter.convert(registrationRequest.getAttestationObject());
}
Also used : AttestationObjectConverter(com.webauthn4j.converter.AttestationObjectConverter) AuthenticationExtensionsClientInputs(com.webauthn4j.data.extension.client.AuthenticationExtensionsClientInputs) RegistrationExtensionClientInput(com.webauthn4j.data.extension.client.RegistrationExtensionClientInput)

Example 5 with AttestationObjectConverter

use of com.webauthn4j.converter.AttestationObjectConverter in project webauthn4j by webauthn4j.

the class CustomAuthenticationValidationTest method createAttestationObject.

private AttestationObject createAttestationObject(String rpId, Challenge challenge) {
    PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
    PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(new PublicKeyCredentialRpEntity(rpId, "example.com"), new PublicKeyCredentialUserEntity(new byte[32], "username", "displayName"), challenge, Collections.singletonList(publicKeyCredentialParameters));
    AuthenticatorAttestationResponse registrationRequest = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
    AttestationObjectConverter attestationObjectConverter = new AttestationObjectConverter(objectConverter);
    return attestationObjectConverter.convert(registrationRequest.getAttestationObject());
}
Also used : AttestationObjectConverter(com.webauthn4j.converter.AttestationObjectConverter)

Aggregations

AttestationObjectConverter (com.webauthn4j.converter.AttestationObjectConverter)9 AttestationObject (com.webauthn4j.data.attestation.AttestationObject)4 CollectedClientDataConverter (com.webauthn4j.converter.CollectedClientDataConverter)3 AuthenticatorTransport (com.webauthn4j.data.AuthenticatorTransport)3 CollectedClientData (com.webauthn4j.data.client.CollectedClientData)3 AuthenticationExtensionsClientOutputs (com.webauthn4j.data.extension.client.AuthenticationExtensionsClientOutputs)3 RegistrationExtensionClientOutput (com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput)3 ServerProperty (com.webauthn4j.server.ServerProperty)3 Test (org.junit.jupiter.api.Test)3 AuthenticationExtensionsClientInputs (com.webauthn4j.data.extension.client.AuthenticationExtensionsClientInputs)2 RegistrationExtensionClientInput (com.webauthn4j.data.extension.client.RegistrationExtensionClientInput)2 Instant (java.time.Instant)2 AuthenticatorDataConverter (com.webauthn4j.converter.AuthenticatorDataConverter)1 Origin (com.webauthn4j.data.client.Origin)1 Challenge (com.webauthn4j.data.client.challenge.Challenge)1 RegistrationExtensionAuthenticatorOutput (com.webauthn4j.data.extension.authenticator.RegistrationExtensionAuthenticatorOutput)1 RegistrationObject (com.webauthn4j.validator.RegistrationObject)1 Test (org.junit.Test)1