Example 16 with DataConversionException
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j by webauthn4j.
the class AuthenticatorDataConverter method convert.
/**
* Converts from a byte array to {@link AuthenticatorData}.
*
* @param <T> ExtensionAuthenticatorOutput
* @param source the source byte array to convert
* @return the converted object
*/
@NonNull
public <T extends ExtensionAuthenticatorOutput> AuthenticatorData<T> convert(@NonNull byte[] source) {
try {
ByteBuffer byteBuffer = ByteBuffer.wrap(source);
byte[] rpIdHash = new byte[RPID_HASH_LENGTH];
byteBuffer.get(rpIdHash, 0, RPID_HASH_LENGTH);
byte flags = byteBuffer.get();
long counter = UnsignedNumberUtil.getUnsignedInt(byteBuffer);
AttestedCredentialData attestedCredentialData;
AuthenticationExtensionsAuthenticatorOutputs<T> extensions;
if (AuthenticatorData.checkFlagAT(flags)) {
if (byteBuffer.hasRemaining()) {
attestedCredentialData = attestedCredentialDataConverter.convert(byteBuffer);
} else {
// Apple App Attest API assertion has AT flag even though they don't have attestedCredentialData.
attestedCredentialData = null;
}
} else {
attestedCredentialData = null;
}
if (AuthenticatorData.checkFlagED(flags)) {
extensions = convertToExtensions(byteBuffer);
} else {
extensions = new AuthenticationExtensionsAuthenticatorOutputs<>();
}
if (byteBuffer.hasRemaining()) {
throw new DataConversionException("provided data does not have proper byte layout");
}
return new AuthenticatorData<>(rpIdHash, flags, counter, attestedCredentialData, extensions);
} catch (IllegalArgumentException e) {
throw new DataConversionException(e);
} catch (BufferUnderflowException e) {
throw new DataConversionException("provided data does not have proper byte layout", e);
}
}
Also used :
AttestedCredentialData(com.webauthn4j.data.attestation.authenticator.AttestedCredentialData)
AuthenticatorData(com.webauthn4j.data.attestation.authenticator.AuthenticatorData)
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
ByteBuffer(java.nio.ByteBuffer)
BufferUnderflowException(java.nio.BufferUnderflowException)
NonNull(org.checkerframework.checker.nullness.qual.NonNull)
Example 17 with DataConversionException
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j-spring-security by webauthn4j.
the class FidoServerAssertionOptionsEndpointFilter method processRequest.
@Override
protected ServerResponse processRequest(HttpServletRequest request) {
InputStream inputStream;
try {
inputStream = request.getInputStream();
} catch (IOException e) {
throw new UncheckedIOException(e);
}
try {
ServerPublicKeyCredentialGetOptionsRequest serverRequest = objectConverter.getJsonConverter().readValue(inputStream, ServerPublicKeyCredentialGetOptionsRequest.class);
Challenge challenge = serverEndpointFilterUtil.encodeUserVerification(new DefaultChallenge(), serverRequest.getUserVerification());
challengeRepository.saveChallenge(challenge, request);
// TODO: UsernamePasswordAuthenticationToken should not be used here in this way
AssertionOptions options = optionsProvider.getAssertionOptions(request, new UsernamePasswordAuthenticationToken(serverRequest.getUsername(), null, Collections.emptyList()));
List<ServerPublicKeyCredentialDescriptor> credentials = options.getAllowCredentials().stream().map(credential -> new ServerPublicKeyCredentialDescriptor(credential.getType(), Base64UrlUtil.encodeToString(credential.getId()), credential.getTransports())).collect(Collectors.toList());
AuthenticationExtensionsClientInputs<AuthenticationExtensionClientInput> authenticationExtensionsClientInputs;
if (serverRequest.getExtensions() != null) {
authenticationExtensionsClientInputs = serverRequest.getExtensions();
} else {
authenticationExtensionsClientInputs = options.getExtensions();
}
return new ServerPublicKeyCredentialGetOptionsResponse(Base64UrlUtil.encodeToString(options.getChallenge().getValue()), options.getTimeout(), options.getRpId(), credentials, serverRequest.getUserVerification(), authenticationExtensionsClientInputs);
} catch (DataConversionException e) {
throw new com.webauthn4j.springframework.security.exception.DataConversionException("Failed to convert data", e);
}
}
Also used :
AssertionOptionsProvider(com.webauthn4j.springframework.security.options.AssertionOptionsProvider)
AssertionOptions(com.webauthn4j.springframework.security.options.AssertionOptions)
IOException(java.io.IOException)
Challenge(com.webauthn4j.data.client.challenge.Challenge)
AuthenticationExtensionClientInput(com.webauthn4j.data.extension.client.AuthenticationExtensionClientInput)
ChallengeRepository(com.webauthn4j.springframework.security.challenge.ChallengeRepository)
Base64UrlUtil(com.webauthn4j.util.Base64UrlUtil)
Collectors(java.util.stream.Collectors)
AuthenticationExtensionsClientInputs(com.webauthn4j.data.extension.client.AuthenticationExtensionsClientInputs)
UncheckedIOException(java.io.UncheckedIOException)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
List(java.util.List)
ObjectConverter(com.webauthn4j.converter.util.ObjectConverter)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge)
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
Collections(java.util.Collections)
Assert(org.springframework.util.Assert)
InputStream(java.io.InputStream)
InputStream(java.io.InputStream)
AssertionOptions(com.webauthn4j.springframework.security.options.AssertionOptions)
UncheckedIOException(java.io.UncheckedIOException)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
IOException(java.io.IOException)
UncheckedIOException(java.io.UncheckedIOException)
Challenge(com.webauthn4j.data.client.challenge.Challenge)
DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge)
DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge)
AuthenticationExtensionClientInput(com.webauthn4j.data.extension.client.AuthenticationExtensionClientInput)
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
Example 18 with DataConversionException
use of com.webauthn4j.converter.exception.DataConversionException in project webauthn4j-spring-security by webauthn4j.
the class FidoServerAssertionResultEndpointFilter method attemptAuthentication.
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) {
InputStream inputStream;
try {
inputStream = request.getInputStream();
} catch (IOException e) {
throw new UncheckedIOException(e);
}
try {
ServerPublicKeyCredential<ServerAuthenticatorAssertionResponse> credential = jsonConverter.readValue(inputStream, credentialTypeRef);
serverPublicKeyCredentialValidator.validate(credential);
ServerAuthenticatorAssertionResponse assertionResponse = credential.getResponse();
ServerProperty serverProperty = serverPropertyProvider.provide(request);
CollectedClientData collectedClientData = collectedClientDataConverter.convert(assertionResponse.getClientDataJSON());
UserVerificationRequirement userVerificationRequirement = serverEndpointFilterUtil.decodeUserVerification(collectedClientData.getChallenge());
WebAuthnAuthenticationRequest webAuthnAuthenticationRequest = new WebAuthnAuthenticationRequest(credential.getRawId() == null ? null : Base64UrlUtil.decode(credential.getRawId()), assertionResponse.getClientDataJSON() == null ? null : Base64UrlUtil.decode(assertionResponse.getClientDataJSON()), assertionResponse.getAuthenticatorData() == null ? null : Base64UrlUtil.decode(assertionResponse.getAuthenticatorData()), assertionResponse.getSignature() == null ? null : Base64UrlUtil.decode(assertionResponse.getSignature()), credential.getClientExtensionResults());
WebAuthnAuthenticationParameters webAuthnAuthenticationParameters = new WebAuthnAuthenticationParameters(serverProperty, userVerificationRequirement == UserVerificationRequirement.REQUIRED, false);
WebAuthnAssertionAuthenticationToken webAuthnAssertionAuthenticationToken = new WebAuthnAssertionAuthenticationToken(webAuthnAuthenticationRequest, webAuthnAuthenticationParameters, Collections.emptyList());
setDetails(request, webAuthnAssertionAuthenticationToken);
return this.getAuthenticationManager().authenticate(webAuthnAssertionAuthenticationToken);
} catch (DataConversionException e) {
throw new com.webauthn4j.springframework.security.exception.DataConversionException("Failed to convert data", e);
}
}
Also used :
WebAuthnAuthenticationRequest(com.webauthn4j.springframework.security.WebAuthnAuthenticationRequest)
UserVerificationRequirement(com.webauthn4j.data.UserVerificationRequirement)
ServerProperty(com.webauthn4j.server.ServerProperty)
InputStream(java.io.InputStream)
UncheckedIOException(java.io.UncheckedIOException)
IOException(java.io.IOException)
UncheckedIOException(java.io.UncheckedIOException)
WebAuthnAssertionAuthenticationToken(com.webauthn4j.springframework.security.WebAuthnAssertionAuthenticationToken)
CollectedClientData(com.webauthn4j.data.client.CollectedClientData)
WebAuthnAuthenticationParameters(com.webauthn4j.springframework.security.WebAuthnAuthenticationParameters)
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
Aggregations
DataConversionException (com.webauthn4j.converter.exception.DataConversionException)18
IOException (java.io.IOException)8
ValidationException (com.webauthn4j.validator.exception.ValidationException)6
UncheckedIOException (java.io.UncheckedIOException)6
ServerProperty (com.webauthn4j.server.ServerProperty)5
NonNull (org.checkerframework.checker.nullness.qual.NonNull)5
Challenge (com.webauthn4j.data.client.challenge.Challenge)4
DefaultChallenge (com.webauthn4j.data.client.challenge.DefaultChallenge)4
InputStream (java.io.InputStream)4
Authenticator (com.webauthn4j.authenticator.Authenticator)3
HttpServletRequest (javax.servlet.http.HttpServletRequest)3
Nullable (org.checkerframework.checker.nullness.qual.Nullable)3
WebAuthnUserData (com.tremolosecurity.proxy.auth.webauthn.WebAuthnUserData)2
WebAuthnManager (com.webauthn4j.WebAuthnManager)2
DCAppleDevice (com.webauthn4j.appattest.authenticator.DCAppleDevice)2
DCServerProperty (com.webauthn4j.appattest.server.DCServerProperty)2
ObjectConverter (com.webauthn4j.converter.util.ObjectConverter)2
AttestedCredentialData (com.webauthn4j.data.attestation.authenticator.AttestedCredentialData)2
ByteArrayInputStream (java.io.ByteArrayInputStream)2
ObjectInputStream (java.io.ObjectInputStream)2
