Search in sources :

Example 11 with DataConversionException

use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j-spring-security by webauthn4j.

the class FidoServerAttestationResultEndpointFilter method processRequest.

@Override
protected ServerResponse processRequest(HttpServletRequest request) {
    InputStream inputStream;
    try {
        inputStream = request.getInputStream();
    } catch (IOException e) {
        throw new UncheckedIOException(e);
    }
    try {
        ServerPublicKeyCredential<ServerAuthenticatorAttestationResponse> credential = this.objectConverter.getJsonConverter().readValue(inputStream, credentialTypeRef);
        serverPublicKeyCredentialValidator.validate(credential);
        ServerAuthenticatorAttestationResponse response = credential.getResponse();
        CollectedClientData collectedClientData = collectedClientDataConverter.convert(response.getClientDataJSON());
        AttestationObject attestationObject = attestationObjectConverter.convert(response.getAttestationObject());
        Set<String> transports = Collections.emptySet();
        webAuthnRegistrationRequestValidator.validate(request, response.getClientDataJSON(), response.getAttestationObject(), transports, credential.getClientExtensionResults());
        String loginUsername = serverEndpointFilterUtil.decodeUsername(collectedClientData.getChallenge());
        try {
            userDetailsService.loadUserByUsername(loginUsername);
        } catch (UsernameNotFoundException e) {
            usernameNotFoundHandler.onUsernameNotFound(loginUsername);
        }
        UserDetails userDetails = userDetailsService.loadUserByUsername(loginUsername);
        WebAuthnAuthenticatorImpl webAuthnAuthenticator = new WebAuthnAuthenticatorImpl("Authenticator", loginUsername, attestationObject.getAuthenticatorData().getAttestedCredentialData(), attestationObject.getAttestationStatement(), attestationObject.getAuthenticatorData().getSignCount());
        webAuthnAuthenticatorManager.createAuthenticator(webAuthnAuthenticator);
        return new AttestationResultSuccessResponse();
    } catch (DataConversionException e) {
        throw new com.webauthn4j.springframework.security.exception.DataConversionException("Failed to convert data", e);
    }
}
Also used : UsernameNotFoundException(org.springframework.security.core.userdetails.UsernameNotFoundException) WebAuthnAuthenticatorImpl(com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorImpl) InputStream(java.io.InputStream) UncheckedIOException(java.io.UncheckedIOException) IOException(java.io.IOException) UncheckedIOException(java.io.UncheckedIOException) CollectedClientData(com.webauthn4j.data.client.CollectedClientData) UserDetails(org.springframework.security.core.userdetails.UserDetails) AttestationObject(com.webauthn4j.data.attestation.AttestationObject) DataConversionException(com.webauthn4j.converter.exception.DataConversionException)

Example 12 with DataConversionException

use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.

the class WebAuthnManagerSample method registrationValidationSample.

public void registrationValidationSample() {
    // Client properties
    byte[] attestationObject = null;
    byte[] clientDataJSON = null;
    String clientExtensionJSON = null;
    /* set clientExtensionJSON */
    Set<String> transports = null;
    // Server properties
    Origin origin = null;
    String rpId = null;
    Challenge challenge = null;
    byte[] tokenBindingId = null;
    ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, tokenBindingId);
    // expectations
    List<PublicKeyCredentialParameters> pubKeyCredParams = null;
    boolean userVerificationRequired = false;
    boolean userPresenceRequired = true;
    RegistrationRequest registrationRequest = new RegistrationRequest(attestationObject, clientDataJSON, clientExtensionJSON, transports);
    RegistrationParameters registrationParameters = new RegistrationParameters(serverProperty, pubKeyCredParams, userVerificationRequired, userPresenceRequired);
    RegistrationData registrationData;
    try {
        registrationData = webAuthnManager.parse(registrationRequest);
    } catch (DataConversionException e) {
        // If you would like to handle WebAuthn data structure parse error, please catch DataConversionException
        throw e;
    }
    try {
        webAuthnManager.validate(registrationData, registrationParameters);
    } catch (ValidationException e) {
        // If you would like to handle WebAuthn data validation error, please catch ValidationException
        throw e;
    }
    // please persist Authenticator object, which will be used in the authentication process.
    Authenticator authenticator = new // You may create your own Authenticator implementation to save friendly authenticator name
    AuthenticatorImpl(registrationData.getAttestationObject().getAuthenticatorData().getAttestedCredentialData(), registrationData.getAttestationObject().getAttestationStatement(), registrationData.getAttestationObject().getAuthenticatorData().getSignCount());
    // please persist authenticator in your manner
    save(authenticator);
}
Also used : Origin(com.webauthn4j.data.client.Origin) ServerProperty(com.webauthn4j.server.ServerProperty) ValidationException(com.webauthn4j.validator.exception.ValidationException) Challenge(com.webauthn4j.data.client.challenge.Challenge) AuthenticatorImpl(com.webauthn4j.authenticator.AuthenticatorImpl) DataConversionException(com.webauthn4j.converter.exception.DataConversionException) Authenticator(com.webauthn4j.authenticator.Authenticator)

Example 13 with DataConversionException

use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.

the class DeviceCheckManagerSample method authenticationValidationSample.

public void authenticationValidationSample() {
    // Client properties
    byte[] keyId = null;
    byte[] assertion = null;
    byte[] clientDataHash = null;
    // Server properties
    String teamIdentifier = null;
    String cfBundleIdentifier = null;
    byte[] challenge = null;
    DCServerProperty dcServerProperty = new DCServerProperty(teamIdentifier, cfBundleIdentifier, new DefaultChallenge(challenge));
    // please load authenticator object persisted in the attestation process in your manner
    DCAppleDevice dcAppleDevice = load(keyId);
    DCAssertionRequest dcAssertionRequest = new DCAssertionRequest(keyId, assertion, clientDataHash);
    DCAssertionParameters dcAssertionParameters = new DCAssertionParameters(dcServerProperty, dcAppleDevice);
    DCAssertionData dcAssertionData;
    try {
        dcAssertionData = deviceCheckManager.parse(dcAssertionRequest);
    } catch (DataConversionException e) {
        // If you would like to handle Apple App Attest data structure parse error, please catch DataConversionException
        throw e;
    }
    try {
        deviceCheckManager.validate(dcAssertionData, dcAssertionParameters);
    } catch (ValidationException e) {
        // If you would like to handle Apple App Attest data validation error, please catch ValidationException
        throw e;
    }
    // please update the counter of the authenticator record
    updateCounter(dcAssertionData.getCredentialId(), dcAssertionData.getAuthenticatorData().getSignCount());
}
Also used : DCServerProperty(com.webauthn4j.appattest.server.DCServerProperty) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) DCAppleDevice(com.webauthn4j.appattest.authenticator.DCAppleDevice) ValidationException(com.webauthn4j.validator.exception.ValidationException) DataConversionException(com.webauthn4j.converter.exception.DataConversionException)

Example 14 with DataConversionException

use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.

the class AttestedCredentialDataConverter method convert.

@NonNull
public AttestedCredentialData convert(@NonNull ByteBuffer attestedCredentialData) {
    try {
        AssertUtil.notNull(attestedCredentialData, ATTESTED_CREDENTIAL_DATA_MUST_NOT_BE_NULL);
        byte[] aaguidBytes = new byte[AAGUID_LENGTH];
        attestedCredentialData.get(aaguidBytes, 0, AAGUID_LENGTH);
        AAGUID aaguid = new AAGUID(aaguidBytes);
        int length = UnsignedNumberUtil.getUnsignedShort(attestedCredentialData);
        byte[] credentialId = new byte[length];
        attestedCredentialData.get(credentialId, 0, length);
        byte[] remaining = new byte[attestedCredentialData.remaining()];
        attestedCredentialData.get(remaining);
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(remaining);
        COSEKeyEnvelope coseKeyEnvelope = convertToCredentialPublicKey(byteArrayInputStream);
        COSEKey coseKey = coseKeyEnvelope.getCOSEKey();
        assertCoseKey(coseKey);
        AttestedCredentialData result = createAttestedCredentialData(aaguid, credentialId, coseKey);
        int extensionsBufferLength = remaining.length - coseKeyEnvelope.getLength();
        attestedCredentialData.position(attestedCredentialData.position() - extensionsBufferLength);
        return result;
    } catch (IllegalArgumentException e) {
        throw new DataConversionException(e);
    }
}
Also used : AttestedCredentialData(com.webauthn4j.data.attestation.authenticator.AttestedCredentialData) COSEKey(com.webauthn4j.data.attestation.authenticator.COSEKey) COSEKeyEnvelope(com.webauthn4j.converter.jackson.deserializer.cbor.COSEKeyEnvelope) AAGUID(com.webauthn4j.data.attestation.authenticator.AAGUID) DataConversionException(com.webauthn4j.converter.exception.DataConversionException) NonNull(org.checkerframework.checker.nullness.qual.NonNull)

Example 15 with DataConversionException

use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.

the class AttestedCredentialDataConverter method convert.

@NonNull
public byte[] convert(@NonNull AttestedCredentialData attestationData) {
    try {
        AssertUtil.notNull(attestationData, "attestationData must not be null");
        AssertUtil.notNull(attestationData.getAaguid(), "aaguid must not be null");
        AssertUtil.notNull(attestationData.getCredentialId(), "credentialId must not be null");
        assertCoseKey(attestationData.getCOSEKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(attestationData.getAaguid().getBytes());
        byteArrayOutputStream.write(UnsignedNumberUtil.toBytes(attestationData.getCredentialId().length));
        byteArrayOutputStream.write(attestationData.getCredentialId());
        byteArrayOutputStream.write(convert(attestationData.getCOSEKey()));
        return byteArrayOutputStream.toByteArray();
    } catch (IllegalArgumentException e) {
        throw new DataConversionException(e);
    } catch (IOException e) {
        throw new UncheckedIOException(e);
    }
}
Also used : DataConversionException(com.webauthn4j.converter.exception.DataConversionException) NonNull(org.checkerframework.checker.nullness.qual.NonNull)

Aggregations

DataConversionException (com.webauthn4j.converter.exception.DataConversionException)18 IOException (java.io.IOException)8 ValidationException (com.webauthn4j.validator.exception.ValidationException)6 UncheckedIOException (java.io.UncheckedIOException)6 ServerProperty (com.webauthn4j.server.ServerProperty)5 NonNull (org.checkerframework.checker.nullness.qual.NonNull)5 Challenge (com.webauthn4j.data.client.challenge.Challenge)4 DefaultChallenge (com.webauthn4j.data.client.challenge.DefaultChallenge)4 InputStream (java.io.InputStream)4 Authenticator (com.webauthn4j.authenticator.Authenticator)3 HttpServletRequest (javax.servlet.http.HttpServletRequest)3 Nullable (org.checkerframework.checker.nullness.qual.Nullable)3 WebAuthnUserData (com.tremolosecurity.proxy.auth.webauthn.WebAuthnUserData)2 WebAuthnManager (com.webauthn4j.WebAuthnManager)2 DCAppleDevice (com.webauthn4j.appattest.authenticator.DCAppleDevice)2 DCServerProperty (com.webauthn4j.appattest.server.DCServerProperty)2 ObjectConverter (com.webauthn4j.converter.util.ObjectConverter)2 AttestedCredentialData (com.webauthn4j.data.attestation.authenticator.AttestedCredentialData)2 ByteArrayInputStream (java.io.ByteArrayInputStream)2 ObjectInputStream (java.io.ObjectInputStream)2