use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j-spring-security by webauthn4j.
the class FidoServerAttestationResultEndpointFilter method processRequest.
@Override
protected ServerResponse processRequest(HttpServletRequest request) {
InputStream inputStream;
try {
inputStream = request.getInputStream();
} catch (IOException e) {
throw new UncheckedIOException(e);
}
try {
ServerPublicKeyCredential<ServerAuthenticatorAttestationResponse> credential = this.objectConverter.getJsonConverter().readValue(inputStream, credentialTypeRef);
serverPublicKeyCredentialValidator.validate(credential);
ServerAuthenticatorAttestationResponse response = credential.getResponse();
CollectedClientData collectedClientData = collectedClientDataConverter.convert(response.getClientDataJSON());
AttestationObject attestationObject = attestationObjectConverter.convert(response.getAttestationObject());
Set<String> transports = Collections.emptySet();
webAuthnRegistrationRequestValidator.validate(request, response.getClientDataJSON(), response.getAttestationObject(), transports, credential.getClientExtensionResults());
String loginUsername = serverEndpointFilterUtil.decodeUsername(collectedClientData.getChallenge());
try {
userDetailsService.loadUserByUsername(loginUsername);
} catch (UsernameNotFoundException e) {
usernameNotFoundHandler.onUsernameNotFound(loginUsername);
}
UserDetails userDetails = userDetailsService.loadUserByUsername(loginUsername);
WebAuthnAuthenticatorImpl webAuthnAuthenticator = new WebAuthnAuthenticatorImpl("Authenticator", loginUsername, attestationObject.getAuthenticatorData().getAttestedCredentialData(), attestationObject.getAttestationStatement(), attestationObject.getAuthenticatorData().getSignCount());
webAuthnAuthenticatorManager.createAuthenticator(webAuthnAuthenticator);
return new AttestationResultSuccessResponse();
} catch (DataConversionException e) {
throw new com.webauthn4j.springframework.security.exception.DataConversionException("Failed to convert data", e);
}
}
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.
the class WebAuthnManagerSample method registrationValidationSample.
public void registrationValidationSample() {
// Client properties
byte[] attestationObject = null;
byte[] clientDataJSON = null;
String clientExtensionJSON = null;
/* set clientExtensionJSON */
Set<String> transports = null;
// Server properties
Origin origin = null;
String rpId = null;
Challenge challenge = null;
byte[] tokenBindingId = null;
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, tokenBindingId);
// expectations
List<PublicKeyCredentialParameters> pubKeyCredParams = null;
boolean userVerificationRequired = false;
boolean userPresenceRequired = true;
RegistrationRequest registrationRequest = new RegistrationRequest(attestationObject, clientDataJSON, clientExtensionJSON, transports);
RegistrationParameters registrationParameters = new RegistrationParameters(serverProperty, pubKeyCredParams, userVerificationRequired, userPresenceRequired);
RegistrationData registrationData;
try {
registrationData = webAuthnManager.parse(registrationRequest);
} catch (DataConversionException e) {
// If you would like to handle WebAuthn data structure parse error, please catch DataConversionException
throw e;
}
try {
webAuthnManager.validate(registrationData, registrationParameters);
} catch (ValidationException e) {
// If you would like to handle WebAuthn data validation error, please catch ValidationException
throw e;
}
// please persist Authenticator object, which will be used in the authentication process.
Authenticator authenticator = new // You may create your own Authenticator implementation to save friendly authenticator name
AuthenticatorImpl(registrationData.getAttestationObject().getAuthenticatorData().getAttestedCredentialData(), registrationData.getAttestationObject().getAttestationStatement(), registrationData.getAttestationObject().getAuthenticatorData().getSignCount());
// please persist authenticator in your manner
save(authenticator);
}
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.
the class DeviceCheckManagerSample method authenticationValidationSample.
public void authenticationValidationSample() {
// Client properties
byte[] keyId = null;
byte[] assertion = null;
byte[] clientDataHash = null;
// Server properties
String teamIdentifier = null;
String cfBundleIdentifier = null;
byte[] challenge = null;
DCServerProperty dcServerProperty = new DCServerProperty(teamIdentifier, cfBundleIdentifier, new DefaultChallenge(challenge));
// please load authenticator object persisted in the attestation process in your manner
DCAppleDevice dcAppleDevice = load(keyId);
DCAssertionRequest dcAssertionRequest = new DCAssertionRequest(keyId, assertion, clientDataHash);
DCAssertionParameters dcAssertionParameters = new DCAssertionParameters(dcServerProperty, dcAppleDevice);
DCAssertionData dcAssertionData;
try {
dcAssertionData = deviceCheckManager.parse(dcAssertionRequest);
} catch (DataConversionException e) {
// If you would like to handle Apple App Attest data structure parse error, please catch DataConversionException
throw e;
}
try {
deviceCheckManager.validate(dcAssertionData, dcAssertionParameters);
} catch (ValidationException e) {
// If you would like to handle Apple App Attest data validation error, please catch ValidationException
throw e;
}
// please update the counter of the authenticator record
updateCounter(dcAssertionData.getCredentialId(), dcAssertionData.getAuthenticatorData().getSignCount());
}
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.
the class AttestedCredentialDataConverter method convert.
@NonNull
public AttestedCredentialData convert(@NonNull ByteBuffer attestedCredentialData) {
try {
AssertUtil.notNull(attestedCredentialData, ATTESTED_CREDENTIAL_DATA_MUST_NOT_BE_NULL);
byte[] aaguidBytes = new byte[AAGUID_LENGTH];
attestedCredentialData.get(aaguidBytes, 0, AAGUID_LENGTH);
AAGUID aaguid = new AAGUID(aaguidBytes);
int length = UnsignedNumberUtil.getUnsignedShort(attestedCredentialData);
byte[] credentialId = new byte[length];
attestedCredentialData.get(credentialId, 0, length);
byte[] remaining = new byte[attestedCredentialData.remaining()];
attestedCredentialData.get(remaining);
ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(remaining);
COSEKeyEnvelope coseKeyEnvelope = convertToCredentialPublicKey(byteArrayInputStream);
COSEKey coseKey = coseKeyEnvelope.getCOSEKey();
assertCoseKey(coseKey);
AttestedCredentialData result = createAttestedCredentialData(aaguid, credentialId, coseKey);
int extensionsBufferLength = remaining.length - coseKeyEnvelope.getLength();
attestedCredentialData.position(attestedCredentialData.position() - extensionsBufferLength);
return result;
} catch (IllegalArgumentException e) {
throw new DataConversionException(e);
}
}
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.
the class AttestedCredentialDataConverter method convert.
@NonNull
public byte[] convert(@NonNull AttestedCredentialData attestationData) {
try {
AssertUtil.notNull(attestationData, "attestationData must not be null");
AssertUtil.notNull(attestationData.getAaguid(), "aaguid must not be null");
AssertUtil.notNull(attestationData.getCredentialId(), "credentialId must not be null");
assertCoseKey(attestationData.getCOSEKey());
ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
byteArrayOutputStream.write(attestationData.getAaguid().getBytes());
byteArrayOutputStream.write(UnsignedNumberUtil.toBytes(attestationData.getCredentialId().length));
byteArrayOutputStream.write(attestationData.getCredentialId());
byteArrayOutputStream.write(convert(attestationData.getCOSEKey()));
return byteArrayOutputStream.toByteArray();
} catch (IllegalArgumentException e) {
throw new DataConversionException(e);
} catch (IOException e) {
throw new UncheckedIOException(e);
}
}
Aggregations