Example 6 with DataConversionException
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.
the class AttestationObjectConverter method convert.
// ~ Methods
// ================================================================================================
/**
* Converts from a base64url {@link String} to {@link AttestationObject}.
*
* @param source the source byte array to convert
* @return the converted object
*/
@Nullable
public AttestationObject convert(@NonNull String source) {
try {
AssertUtil.notNull(source, SOURCE_NULL_CHECK_MESSAGE);
byte[] value = Base64UrlUtil.decode(source);
return convert(value);
} catch (IllegalArgumentException e) {
throw new DataConversionException(e);
}
}
Also used :
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
Nullable(org.checkerframework.checker.nullness.qual.Nullable)
Example 7 with DataConversionException
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.
the class AuthenticatorDataConverter method convert.
// ~ Methods
// ================================================================================================
/**
* Converts from a {@link AuthenticatorData} to byte[].
*
* @param source the source object to convert
* @param <T> extension type
* @return the converted byte array
*/
@NonNull
public <T extends ExtensionAuthenticatorOutput> byte[] convert(@NonNull AuthenticatorData<T> source) {
try {
ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
byte[] rpIdHash = source.getRpIdHash();
byteArrayOutputStream.write(rpIdHash);
byteArrayOutputStream.write(new byte[] { source.getFlags() });
byteArrayOutputStream.write(UnsignedNumberUtil.toBytes(source.getSignCount()));
if (source.getAttestedCredentialData() != null) {
byteArrayOutputStream.write(attestedCredentialDataConverter.convert(source.getAttestedCredentialData()));
}
byteArrayOutputStream.write(convert(source.getExtensions()));
return byteArrayOutputStream.toByteArray();
} catch (IllegalArgumentException e) {
throw new DataConversionException(e);
} catch (IOException e) {
throw new UncheckedIOException(e);
}
}
Also used :
UncheckedIOException(java.io.UncheckedIOException)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
IOException(java.io.IOException)
UncheckedIOException(java.io.UncheckedIOException)
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
NonNull(org.checkerframework.checker.nullness.qual.NonNull)
Example 8 with DataConversionException
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.
the class CollectedClientDataConverter method convert.
// ~ Methods
// ================================================================================================
/**
* Converts from a base64url {@link String} to {@link CollectedClientData}.
*
* @param base64UrlString the source byte array to convert
* @return the converted object
*/
@Nullable
public CollectedClientData convert(@NonNull String base64UrlString) {
try {
AssertUtil.notNull(base64UrlString, "base64UrlString must not be null");
byte[] bytes = Base64UrlUtil.decode(base64UrlString);
return convert(bytes);
} catch (IllegalArgumentException e) {
throw new DataConversionException(e);
}
}
Also used :
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
Nullable(org.checkerframework.checker.nullness.qual.Nullable)
Example 9 with DataConversionException
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.
the class CollectedClientDataConverter method convert.
/**
* Converts from a byte array to {@link CollectedClientData}.
*
* @param source the source byte array to convert
* @return the converted object
*/
@Nullable
public CollectedClientData convert(@NonNull byte[] source) {
try {
AssertUtil.notNull(source, "source must not be null");
String jsonString = new String(source, StandardCharsets.UTF_8);
return jsonConverter.readValue(jsonString, CollectedClientData.class);
} catch (IllegalArgumentException e) {
throw new DataConversionException(e);
}
}
Also used :
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
Nullable(org.checkerframework.checker.nullness.qual.Nullable)
Example 10 with DataConversionException
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j-spring-security by webauthn4j.
the class FidoServerAttestationOptionsEndpointFilter method processRequest.
@Override
protected ServerResponse processRequest(HttpServletRequest request) {
InputStream inputStream;
try {
inputStream = request.getInputStream();
} catch (IOException e) {
throw new UncheckedIOException(e);
}
try {
ServerPublicKeyCredentialCreationOptionsRequest serverRequest = objectConverter.getJsonConverter().readValue(inputStream, ServerPublicKeyCredentialCreationOptionsRequest.class);
String username = serverRequest.getUsername();
String displayName = serverRequest.getDisplayName();
Challenge challenge = serverEndpointFilterUtil.encodeUsername(new DefaultChallenge(), username);
challengeRepository.saveChallenge(challenge, request);
// TODO: UsernamePasswordAuthenticationToken should not be used here in this way
AttestationOptions attestationOptions = optionsProvider.getAttestationOptions(request, new UsernamePasswordAuthenticationToken(username, null, Collections.emptyList()));
String userHandle;
if (attestationOptions.getUser() == null) {
userHandle = Base64UrlUtil.encodeToString(generateUserHandle());
} else {
userHandle = Base64UrlUtil.encodeToString(attestationOptions.getUser().getId());
}
ServerPublicKeyCredentialUserEntity user = new ServerPublicKeyCredentialUserEntity(userHandle, username, displayName);
List<ServerPublicKeyCredentialDescriptor> credentials = attestationOptions.getExcludeCredentials().stream().map(credential -> new ServerPublicKeyCredentialDescriptor(credential.getType(), Base64UrlUtil.encodeToString(credential.getId()), credential.getTransports())).collect(Collectors.toList());
AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> authenticationExtensionsClientInputs;
if (serverRequest.getExtensions() != null) {
authenticationExtensionsClientInputs = serverRequest.getExtensions();
} else {
authenticationExtensionsClientInputs = attestationOptions.getExtensions();
}
return new ServerPublicKeyCredentialCreationOptionsResponse(attestationOptions.getRp(), user, Base64UrlUtil.encodeToString(attestationOptions.getChallenge().getValue()), attestationOptions.getPubKeyCredParams(), attestationOptions.getTimeout(), credentials, serverRequest.getAuthenticatorSelection(), serverRequest.getAttestation(), authenticationExtensionsClientInputs);
} catch (DataConversionException e) {
throw new com.webauthn4j.springframework.security.exception.DataConversionException("Failed to convert data", e);
}
}
Also used :
AttestationOptions(com.webauthn4j.springframework.security.options.AttestationOptions)
IOException(java.io.IOException)
Challenge(com.webauthn4j.data.client.challenge.Challenge)
UUID(java.util.UUID)
ChallengeRepository(com.webauthn4j.springframework.security.challenge.ChallengeRepository)
Base64UrlUtil(com.webauthn4j.util.Base64UrlUtil)
Collectors(java.util.stream.Collectors)
ByteBuffer(java.nio.ByteBuffer)
AuthenticationExtensionsClientInputs(com.webauthn4j.data.extension.client.AuthenticationExtensionsClientInputs)
AttestationOptionsProvider(com.webauthn4j.springframework.security.options.AttestationOptionsProvider)
UncheckedIOException(java.io.UncheckedIOException)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
List(java.util.List)
ObjectConverter(com.webauthn4j.converter.util.ObjectConverter)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge)
RegistrationExtensionClientInput(com.webauthn4j.data.extension.client.RegistrationExtensionClientInput)
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
Collections(java.util.Collections)
Assert(org.springframework.util.Assert)
InputStream(java.io.InputStream)
InputStream(java.io.InputStream)
AttestationOptions(com.webauthn4j.springframework.security.options.AttestationOptions)
UncheckedIOException(java.io.UncheckedIOException)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
IOException(java.io.IOException)
UncheckedIOException(java.io.UncheckedIOException)
Challenge(com.webauthn4j.data.client.challenge.Challenge)
DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge)
DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge)
RegistrationExtensionClientInput(com.webauthn4j.data.extension.client.RegistrationExtensionClientInput)
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
Aggregations
DataConversionException (com.webauthn4j.converter.exception.DataConversionException)18
IOException (java.io.IOException)8
ValidationException (com.webauthn4j.validator.exception.ValidationException)6
UncheckedIOException (java.io.UncheckedIOException)6
ServerProperty (com.webauthn4j.server.ServerProperty)5
NonNull (org.checkerframework.checker.nullness.qual.NonNull)5
Challenge (com.webauthn4j.data.client.challenge.Challenge)4
DefaultChallenge (com.webauthn4j.data.client.challenge.DefaultChallenge)4
InputStream (java.io.InputStream)4
Authenticator (com.webauthn4j.authenticator.Authenticator)3
HttpServletRequest (javax.servlet.http.HttpServletRequest)3
Nullable (org.checkerframework.checker.nullness.qual.Nullable)3
WebAuthnUserData (com.tremolosecurity.proxy.auth.webauthn.WebAuthnUserData)2
WebAuthnManager (com.webauthn4j.WebAuthnManager)2
DCAppleDevice (com.webauthn4j.appattest.authenticator.DCAppleDevice)2
DCServerProperty (com.webauthn4j.appattest.server.DCServerProperty)2
ObjectConverter (com.webauthn4j.converter.util.ObjectConverter)2
AttestedCredentialData (com.webauthn4j.data.attestation.authenticator.AttestedCredentialData)2
ByteArrayInputStream (java.io.ByteArrayInputStream)2
ObjectInputStream (java.io.ObjectInputStream)2
