Search in sources :

Example 1 with NoneAttestationStatement

use of com.webauthn4j.data.attestation.statement.NoneAttestationStatement in project webauthn4j by webauthn4j.

the class ClientPlatform method create.

public PublicKeyCredential<AuthenticatorAttestationResponse, RegistrationExtensionClientOutput> create(PublicKeyCredentialCreationOptions publicKeyCredentialCreationOptions, RegistrationEmulationOption registrationEmulationOption, AttestationOption attestationOption) {
    CollectedClientData collectedClientData;
    if (registrationEmulationOption.isCollectedClientDataOverrideEnabled()) {
        collectedClientData = registrationEmulationOption.getCollectedClientData();
    } else {
        collectedClientData = createCollectedClientData(ClientDataType.WEBAUTHN_CREATE, publicKeyCredentialCreationOptions.getChallenge());
    }
    if (authenticatorAdaptor == null) {
        throw new NoAuthenticatorSuccessException();
    }
    CredentialCreationResponse credentialCreationResponse = authenticatorAdaptor.register(publicKeyCredentialCreationOptions, collectedClientData, registrationEmulationOption, attestationOption);
    AttestationObject attestationObject = credentialCreationResponse.getAttestationObject();
    AttestationStatement attestationStatement = credentialCreationResponse.getAttestationObject().getAttestationStatement();
    AttestationConveyancePreference attestationConveyancePreference = publicKeyCredentialCreationOptions.getAttestation();
    if (attestationConveyancePreference == null) {
        attestationConveyancePreference = AttestationConveyancePreference.NONE;
    }
    if (AttestationConveyancePreference.DIRECT.equals(attestationConveyancePreference)) {
    // nop
    } else if (AttestationConveyancePreference.INDIRECT.equals(attestationConveyancePreference)) {
        throw new NotImplementedException();
    } else if (AttestationConveyancePreference.NONE.equals(attestationConveyancePreference)) {
        attestationStatement = new NoneAttestationStatement();
    } else {
        throw new NotImplementedException();
    }
    attestationObject = new AttestationObject(attestationObject.getAuthenticatorData(), attestationStatement);
    byte[] attestationObjectBytes = attestationObjectConverter.convertToBytes(attestationObject);
    byte[] credentialId = credentialCreationResponse.getAttestationObject().getAuthenticatorData().getAttestedCredentialData().getCredentialId();
    byte[] collectedClientDataBytes = collectedClientDataConverter.convertToBytes(collectedClientData);
    AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput> clientExtensions = processRegistrationExtensions(publicKeyCredentialCreationOptions.getExtensions());
    return new PublicKeyCredential<>(credentialId, new AuthenticatorAttestationResponse(collectedClientDataBytes, attestationObjectBytes), clientExtensions);
}
Also used : NotImplementedException(com.webauthn4j.util.exception.NotImplementedException) AttestationObject(com.webauthn4j.data.attestation.AttestationObject) NoneAttestationStatement(com.webauthn4j.data.attestation.statement.NoneAttestationStatement) NoneAttestationStatement(com.webauthn4j.data.attestation.statement.NoneAttestationStatement) AttestationStatement(com.webauthn4j.data.attestation.statement.AttestationStatement) CredentialCreationResponse(com.webauthn4j.test.authenticator.CredentialCreationResponse)

Example 2 with NoneAttestationStatement

use of com.webauthn4j.data.attestation.statement.NoneAttestationStatement in project webauthn4j by webauthn4j.

the class FIDOU2FAttestationStatementValidatorTest method validate_invalid_attestation_statement_test.

@Test
void validate_invalid_attestation_statement_test() {
    RegistrationObject registrationObject = mock(RegistrationObject.class);
    AttestationObject attestationObject = mock(AttestationObject.class);
    when(registrationObject.getAttestationObject()).thenReturn(attestationObject);
    when(attestationObject.getAttestationStatement()).thenReturn(new NoneAttestationStatement());
    assertThrows(IllegalArgumentException.class, () -> target.validate(registrationObject));
}
Also used : RegistrationObject(com.webauthn4j.validator.RegistrationObject) AttestationObject(com.webauthn4j.data.attestation.AttestationObject) NoneAttestationStatement(com.webauthn4j.data.attestation.statement.NoneAttestationStatement) Test(org.junit.jupiter.api.Test)

Aggregations

AttestationObject (com.webauthn4j.data.attestation.AttestationObject)2 NoneAttestationStatement (com.webauthn4j.data.attestation.statement.NoneAttestationStatement)2 AttestationStatement (com.webauthn4j.data.attestation.statement.AttestationStatement)1 CredentialCreationResponse (com.webauthn4j.test.authenticator.CredentialCreationResponse)1 NotImplementedException (com.webauthn4j.util.exception.NotImplementedException)1 RegistrationObject (com.webauthn4j.validator.RegistrationObject)1 Test (org.junit.jupiter.api.Test)1