use of com.webauthn4j.data.attestation.statement.NoneAttestationStatement in project webauthn4j by webauthn4j.
the class ClientPlatform method create.
public PublicKeyCredential<AuthenticatorAttestationResponse, RegistrationExtensionClientOutput> create(PublicKeyCredentialCreationOptions publicKeyCredentialCreationOptions, RegistrationEmulationOption registrationEmulationOption, AttestationOption attestationOption) {
CollectedClientData collectedClientData;
if (registrationEmulationOption.isCollectedClientDataOverrideEnabled()) {
collectedClientData = registrationEmulationOption.getCollectedClientData();
} else {
collectedClientData = createCollectedClientData(ClientDataType.WEBAUTHN_CREATE, publicKeyCredentialCreationOptions.getChallenge());
}
if (authenticatorAdaptor == null) {
throw new NoAuthenticatorSuccessException();
}
CredentialCreationResponse credentialCreationResponse = authenticatorAdaptor.register(publicKeyCredentialCreationOptions, collectedClientData, registrationEmulationOption, attestationOption);
AttestationObject attestationObject = credentialCreationResponse.getAttestationObject();
AttestationStatement attestationStatement = credentialCreationResponse.getAttestationObject().getAttestationStatement();
AttestationConveyancePreference attestationConveyancePreference = publicKeyCredentialCreationOptions.getAttestation();
if (attestationConveyancePreference == null) {
attestationConveyancePreference = AttestationConveyancePreference.NONE;
}
if (AttestationConveyancePreference.DIRECT.equals(attestationConveyancePreference)) {
// nop
} else if (AttestationConveyancePreference.INDIRECT.equals(attestationConveyancePreference)) {
throw new NotImplementedException();
} else if (AttestationConveyancePreference.NONE.equals(attestationConveyancePreference)) {
attestationStatement = new NoneAttestationStatement();
} else {
throw new NotImplementedException();
}
attestationObject = new AttestationObject(attestationObject.getAuthenticatorData(), attestationStatement);
byte[] attestationObjectBytes = attestationObjectConverter.convertToBytes(attestationObject);
byte[] credentialId = credentialCreationResponse.getAttestationObject().getAuthenticatorData().getAttestedCredentialData().getCredentialId();
byte[] collectedClientDataBytes = collectedClientDataConverter.convertToBytes(collectedClientData);
AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput> clientExtensions = processRegistrationExtensions(publicKeyCredentialCreationOptions.getExtensions());
return new PublicKeyCredential<>(credentialId, new AuthenticatorAttestationResponse(collectedClientDataBytes, attestationObjectBytes), clientExtensions);
}
use of com.webauthn4j.data.attestation.statement.NoneAttestationStatement in project webauthn4j by webauthn4j.
the class FIDOU2FAttestationStatementValidatorTest method validate_invalid_attestation_statement_test.
@Test
void validate_invalid_attestation_statement_test() {
RegistrationObject registrationObject = mock(RegistrationObject.class);
AttestationObject attestationObject = mock(AttestationObject.class);
when(registrationObject.getAttestationObject()).thenReturn(attestationObject);
when(attestationObject.getAttestationStatement()).thenReturn(new NoneAttestationStatement());
assertThrows(IllegalArgumentException.class, () -> target.validate(registrationObject));
}
Aggregations