use of com.webauthn4j.data.client.CollectedClientData in project webauthn4j by webauthn4j.
the class AuthenticationObjectTest method getter_test.
@Test
void getter_test() {
byte[] credentialId = new byte[32];
CollectedClientData clientData = TestDataUtil.createClientData(ClientDataType.WEBAUTHN_CREATE);
byte[] clientDataBytes = new CollectedClientDataConverter(objectConverter).convertToBytes(clientData);
AuthenticatorData<AuthenticationExtensionAuthenticatorOutput> authenticatorData = TestDataUtil.createAuthenticatorData();
byte[] authenticatorDataBytes = new AuthenticatorDataConverter(objectConverter).convert(authenticatorData);
AuthenticationExtensionsClientOutputs<AuthenticationExtensionClientOutput> clientExtensions = new AuthenticationExtensionsClientOutputs<>();
ServerProperty serverProperty = TestDataUtil.createServerProperty();
Authenticator authenticator = TestDataUtil.createAuthenticator();
AuthenticationObject authenticationObject = new AuthenticationObject(credentialId, authenticatorData, authenticatorDataBytes, clientData, clientDataBytes, clientExtensions, serverProperty, authenticator);
assertAll(() -> assertThat(authenticationObject.getCredentialId()).isEqualTo(credentialId), () -> assertThat(authenticationObject.getCollectedClientData()).isEqualTo(clientData), () -> assertThat(authenticationObject.getCollectedClientDataBytes()).isEqualTo(clientDataBytes), () -> assertThat(authenticationObject.getAuthenticatorData()).isEqualTo(authenticatorData), () -> assertThat(authenticationObject.getAuthenticatorDataBytes()).isEqualTo(authenticatorDataBytes), () -> assertThat(authenticationObject.getClientExtensions()).isEqualTo(clientExtensions), () -> assertThat(authenticationObject.getServerProperty()).isEqualTo(serverProperty), () -> assertThat(authenticationObject.getAuthenticator()).isEqualTo(authenticator));
}
use of com.webauthn4j.data.client.CollectedClientData in project webauthn4j by webauthn4j.
the class ChallengeValidatorTest method validate_test_with_different_challenge.
@Test
void validate_test_with_different_challenge() {
Challenge challengeA = new DefaultChallenge(new byte[] { 0x00 });
Challenge challengeB = new DefaultChallenge(new byte[] { 0x01 });
CollectedClientData collectedClientData = new CollectedClientData(ClientDataType.WEBAUTHN_CREATE, challengeA, Origin.create("http://example.com"), null);
ServerProperty serverProperty = new ServerProperty(origin, rpId, challengeB, null);
// When
assertThrows(BadChallengeException.class, () -> target.validate(collectedClientData, serverProperty));
}
use of com.webauthn4j.data.client.CollectedClientData in project webauthn4j by webauthn4j.
the class ChallengeValidatorTest method validate_test_without_saved_challenge.
@Test
void validate_test_without_saved_challenge() {
Challenge challengeA = new DefaultChallenge(new byte[] { 0x00 });
Challenge challengeB = null;
CollectedClientData collectedClientData = new CollectedClientData(ClientDataType.WEBAUTHN_CREATE, challengeA, Origin.create("http://example.com"), null);
ServerProperty serverProperty = new ServerProperty(origin, rpId, challengeB, null);
// When
assertThrows(MissingChallengeException.class, () -> target.validate(collectedClientData, serverProperty));
}
use of com.webauthn4j.data.client.CollectedClientData in project webauthn4j-spring-security by webauthn4j.
the class WebAuthnRegistrationRequestValidationResponseTest method equals_hashCode_test.
@Test
public void equals_hashCode_test() {
CollectedClientData clientData = TestDataUtil.createClientData(ClientDataType.WEBAUTHN_CREATE);
AttestationObject attestationObject = TestDataUtil.createAttestationObjectWithFIDOU2FAttestationStatement();
AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput> clientExtensions = new AuthenticationExtensionsClientOutputs<>();
Set<AuthenticatorTransport> transports = new HashSet<>();
WebAuthnRegistrationRequestValidationResponse instanceA = new WebAuthnRegistrationRequestValidationResponse(clientData, attestationObject, clientExtensions, transports);
WebAuthnRegistrationRequestValidationResponse instanceB = new WebAuthnRegistrationRequestValidationResponse(clientData, attestationObject, clientExtensions, transports);
assertThat(instanceA).isEqualTo(instanceB);
assertThat(instanceB).hasSameHashCodeAs(instanceB);
}
use of com.webauthn4j.data.client.CollectedClientData in project webauthn4j-spring-security by webauthn4j.
the class WebAuthnRegistrationRequestValidatorTest method validate_with_transports_null_test.
@Test
public void validate_with_transports_null_test() {
WebAuthnRegistrationRequestValidator target = new WebAuthnRegistrationRequestValidator(webAuthnManager, serverPropertyProvider);
ServerProperty serverProperty = mock(ServerProperty.class);
when(serverPropertyProvider.provide(any())).thenReturn(serverProperty);
CollectedClientData collectedClientData = mock(CollectedClientData.class);
AttestationObject attestationObject = mock(AttestationObject.class);
AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput> clientExtensionOutputs = new AuthenticationExtensionsClientOutputs<>();
when(webAuthnManager.validate(any(RegistrationRequest.class), any(RegistrationParameters.class))).thenReturn(new RegistrationData(attestationObject, null, collectedClientData, null, clientExtensionOutputs, null));
MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
mockHttpServletRequest.setScheme("https");
mockHttpServletRequest.setServerName("example.com");
mockHttpServletRequest.setServerPort(443);
String clientDataBase64 = "clientDataBase64";
String attestationObjectBase64 = "attestationObjectBase64";
String clientExtensionsJSON = "clientExtensionsJSON";
target.validate(mockHttpServletRequest, clientDataBase64, attestationObjectBase64, null, clientExtensionsJSON);
ArgumentCaptor<RegistrationRequest> registrationRequestArgumentCaptor = ArgumentCaptor.forClass(RegistrationRequest.class);
ArgumentCaptor<RegistrationParameters> registrationParametersArgumentCaptor = ArgumentCaptor.forClass(RegistrationParameters.class);
verify(webAuthnManager).validate(registrationRequestArgumentCaptor.capture(), registrationParametersArgumentCaptor.capture());
RegistrationRequest registrationRequest = registrationRequestArgumentCaptor.getValue();
RegistrationParameters registrationParameters = registrationParametersArgumentCaptor.getValue();
assertThat(registrationRequest.getClientDataJSON()).isEqualTo(Base64UrlUtil.decode(clientDataBase64));
assertThat(registrationRequest.getAttestationObject()).isEqualTo(Base64UrlUtil.decode(attestationObjectBase64));
assertThat(registrationRequest.getClientExtensionsJSON()).isEqualTo(clientExtensionsJSON);
assertThat(registrationParameters.getServerProperty()).isEqualTo(serverProperty);
}
Aggregations