Example 11 with DataConversionException
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j-spring-security by webauthn4j.
the class FidoServerAttestationResultEndpointFilter method processRequest.
@Override
protected ServerResponse processRequest(HttpServletRequest request) {
InputStream inputStream;
try {
inputStream = request.getInputStream();
} catch (IOException e) {
throw new UncheckedIOException(e);
}
try {
ServerPublicKeyCredential<ServerAuthenticatorAttestationResponse> credential = this.objectConverter.getJsonConverter().readValue(inputStream, credentialTypeRef);
serverPublicKeyCredentialValidator.validate(credential);
ServerAuthenticatorAttestationResponse response = credential.getResponse();
CollectedClientData collectedClientData = collectedClientDataConverter.convert(response.getClientDataJSON());
AttestationObject attestationObject = attestationObjectConverter.convert(response.getAttestationObject());
Set<String> transports = Collections.emptySet();
webAuthnRegistrationRequestValidator.validate(request, response.getClientDataJSON(), response.getAttestationObject(), transports, credential.getClientExtensionResults());
String loginUsername = serverEndpointFilterUtil.decodeUsername(collectedClientData.getChallenge());
try {
userDetailsService.loadUserByUsername(loginUsername);
} catch (UsernameNotFoundException e) {
usernameNotFoundHandler.onUsernameNotFound(loginUsername);
}
UserDetails userDetails = userDetailsService.loadUserByUsername(loginUsername);
WebAuthnAuthenticatorImpl webAuthnAuthenticator = new WebAuthnAuthenticatorImpl("Authenticator", loginUsername, attestationObject.getAuthenticatorData().getAttestedCredentialData(), attestationObject.getAttestationStatement(), attestationObject.getAuthenticatorData().getSignCount());
webAuthnAuthenticatorManager.createAuthenticator(webAuthnAuthenticator);
return new AttestationResultSuccessResponse();
} catch (DataConversionException e) {
throw new com.webauthn4j.springframework.security.exception.DataConversionException("Failed to convert data", e);
}
}
Also used :
UsernameNotFoundException(org.springframework.security.core.userdetails.UsernameNotFoundException)
WebAuthnAuthenticatorImpl(com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorImpl)
InputStream(java.io.InputStream)
UncheckedIOException(java.io.UncheckedIOException)
IOException(java.io.IOException)
UncheckedIOException(java.io.UncheckedIOException)
CollectedClientData(com.webauthn4j.data.client.CollectedClientData)
UserDetails(org.springframework.security.core.userdetails.UserDetails)
AttestationObject(com.webauthn4j.data.attestation.AttestationObject)
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
Example 12 with DataConversionException
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.
the class WebAuthnManagerSample method registrationValidationSample.
public void registrationValidationSample() {
// Client properties
byte[] attestationObject = null;
byte[] clientDataJSON = null;
String clientExtensionJSON = null;
/* set clientExtensionJSON */
Set<String> transports = null;
// Server properties
Origin origin = null;
String rpId = null;
Challenge challenge = null;
byte[] tokenBindingId = null;
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, tokenBindingId);
// expectations
List<PublicKeyCredentialParameters> pubKeyCredParams = null;
boolean userVerificationRequired = false;
boolean userPresenceRequired = true;
RegistrationRequest registrationRequest = new RegistrationRequest(attestationObject, clientDataJSON, clientExtensionJSON, transports);
RegistrationParameters registrationParameters = new RegistrationParameters(serverProperty, pubKeyCredParams, userVerificationRequired, userPresenceRequired);
RegistrationData registrationData;
try {
registrationData = webAuthnManager.parse(registrationRequest);
} catch (DataConversionException e) {
// If you would like to handle WebAuthn data structure parse error, please catch DataConversionException
throw e;
}
try {
webAuthnManager.validate(registrationData, registrationParameters);
} catch (ValidationException e) {
// If you would like to handle WebAuthn data validation error, please catch ValidationException
throw e;
}
// please persist Authenticator object, which will be used in the authentication process.
Authenticator authenticator = new // You may create your own Authenticator implementation to save friendly authenticator name
AuthenticatorImpl(registrationData.getAttestationObject().getAuthenticatorData().getAttestedCredentialData(), registrationData.getAttestationObject().getAttestationStatement(), registrationData.getAttestationObject().getAuthenticatorData().getSignCount());
// please persist authenticator in your manner
save(authenticator);
}
Also used :
Origin(com.webauthn4j.data.client.Origin)
ServerProperty(com.webauthn4j.server.ServerProperty)
ValidationException(com.webauthn4j.validator.exception.ValidationException)
Challenge(com.webauthn4j.data.client.challenge.Challenge)
AuthenticatorImpl(com.webauthn4j.authenticator.AuthenticatorImpl)
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
Authenticator(com.webauthn4j.authenticator.Authenticator)
Example 13 with DataConversionException
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.
the class DeviceCheckManagerSample method authenticationValidationSample.
public void authenticationValidationSample() {
// Client properties
byte[] keyId = null;
byte[] assertion = null;
byte[] clientDataHash = null;
// Server properties
String teamIdentifier = null;
String cfBundleIdentifier = null;
byte[] challenge = null;
DCServerProperty dcServerProperty = new DCServerProperty(teamIdentifier, cfBundleIdentifier, new DefaultChallenge(challenge));
// please load authenticator object persisted in the attestation process in your manner
DCAppleDevice dcAppleDevice = load(keyId);
DCAssertionRequest dcAssertionRequest = new DCAssertionRequest(keyId, assertion, clientDataHash);
DCAssertionParameters dcAssertionParameters = new DCAssertionParameters(dcServerProperty, dcAppleDevice);
DCAssertionData dcAssertionData;
try {
dcAssertionData = deviceCheckManager.parse(dcAssertionRequest);
} catch (DataConversionException e) {
// If you would like to handle Apple App Attest data structure parse error, please catch DataConversionException
throw e;
}
try {
deviceCheckManager.validate(dcAssertionData, dcAssertionParameters);
} catch (ValidationException e) {
// If you would like to handle Apple App Attest data validation error, please catch ValidationException
throw e;
}
// please update the counter of the authenticator record
updateCounter(dcAssertionData.getCredentialId(), dcAssertionData.getAuthenticatorData().getSignCount());
}
Also used :
DCServerProperty(com.webauthn4j.appattest.server.DCServerProperty)
DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge)
DCAppleDevice(com.webauthn4j.appattest.authenticator.DCAppleDevice)
ValidationException(com.webauthn4j.validator.exception.ValidationException)
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
Example 14 with DataConversionException
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.
the class AttestedCredentialDataConverter method convert.
@NonNull
public AttestedCredentialData convert(@NonNull ByteBuffer attestedCredentialData) {
try {
AssertUtil.notNull(attestedCredentialData, ATTESTED_CREDENTIAL_DATA_MUST_NOT_BE_NULL);
byte[] aaguidBytes = new byte[AAGUID_LENGTH];
attestedCredentialData.get(aaguidBytes, 0, AAGUID_LENGTH);
AAGUID aaguid = new AAGUID(aaguidBytes);
int length = UnsignedNumberUtil.getUnsignedShort(attestedCredentialData);
byte[] credentialId = new byte[length];
attestedCredentialData.get(credentialId, 0, length);
byte[] remaining = new byte[attestedCredentialData.remaining()];
attestedCredentialData.get(remaining);
ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(remaining);
COSEKeyEnvelope coseKeyEnvelope = convertToCredentialPublicKey(byteArrayInputStream);
COSEKey coseKey = coseKeyEnvelope.getCOSEKey();
assertCoseKey(coseKey);
AttestedCredentialData result = createAttestedCredentialData(aaguid, credentialId, coseKey);
int extensionsBufferLength = remaining.length - coseKeyEnvelope.getLength();
attestedCredentialData.position(attestedCredentialData.position() - extensionsBufferLength);
return result;
} catch (IllegalArgumentException e) {
throw new DataConversionException(e);
}
}
Also used :
AttestedCredentialData(com.webauthn4j.data.attestation.authenticator.AttestedCredentialData)
COSEKey(com.webauthn4j.data.attestation.authenticator.COSEKey)
COSEKeyEnvelope(com.webauthn4j.converter.jackson.deserializer.cbor.COSEKeyEnvelope)
AAGUID(com.webauthn4j.data.attestation.authenticator.AAGUID)
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
NonNull(org.checkerframework.checker.nullness.qual.NonNull)
Example 15 with DataConversionException
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.
the class AttestedCredentialDataConverter method convert.
@NonNull
public byte[] convert(@NonNull AttestedCredentialData attestationData) {
try {
AssertUtil.notNull(attestationData, "attestationData must not be null");
AssertUtil.notNull(attestationData.getAaguid(), "aaguid must not be null");
AssertUtil.notNull(attestationData.getCredentialId(), "credentialId must not be null");
assertCoseKey(attestationData.getCOSEKey());
ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
byteArrayOutputStream.write(attestationData.getAaguid().getBytes());
byteArrayOutputStream.write(UnsignedNumberUtil.toBytes(attestationData.getCredentialId().length));
byteArrayOutputStream.write(attestationData.getCredentialId());
byteArrayOutputStream.write(convert(attestationData.getCOSEKey()));
return byteArrayOutputStream.toByteArray();
} catch (IllegalArgumentException e) {
throw new DataConversionException(e);
} catch (IOException e) {
throw new UncheckedIOException(e);
}
}
Also used :
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
NonNull(org.checkerframework.checker.nullness.qual.NonNull)
Aggregations
DataConversionException (com.webauthn4j.converter.exception.DataConversionException)18
IOException (java.io.IOException)8
ValidationException (com.webauthn4j.validator.exception.ValidationException)6
UncheckedIOException (java.io.UncheckedIOException)6
ServerProperty (com.webauthn4j.server.ServerProperty)5
NonNull (org.checkerframework.checker.nullness.qual.NonNull)5
Challenge (com.webauthn4j.data.client.challenge.Challenge)4
DefaultChallenge (com.webauthn4j.data.client.challenge.DefaultChallenge)4
InputStream (java.io.InputStream)4
Authenticator (com.webauthn4j.authenticator.Authenticator)3
HttpServletRequest (javax.servlet.http.HttpServletRequest)3
Nullable (org.checkerframework.checker.nullness.qual.Nullable)3
WebAuthnUserData (com.tremolosecurity.proxy.auth.webauthn.WebAuthnUserData)2
WebAuthnManager (com.webauthn4j.WebAuthnManager)2
DCAppleDevice (com.webauthn4j.appattest.authenticator.DCAppleDevice)2
DCServerProperty (com.webauthn4j.appattest.server.DCServerProperty)2
ObjectConverter (com.webauthn4j.converter.util.ObjectConverter)2
AttestedCredentialData (com.webauthn4j.data.attestation.authenticator.AttestedCredentialData)2
ByteArrayInputStream (java.io.ByteArrayInputStream)2
ObjectInputStream (java.io.ObjectInputStream)2
