Search in sources :

Example 51 with CollectedClientData

use of com.webauthn4j.data.client.CollectedClientData in project webauthn4j by webauthn4j.

the class AuthenticationObjectTest method getter_test.

@Test
void getter_test() {
    byte[] credentialId = new byte[32];
    CollectedClientData clientData = TestDataUtil.createClientData(ClientDataType.WEBAUTHN_CREATE);
    byte[] clientDataBytes = new CollectedClientDataConverter(objectConverter).convertToBytes(clientData);
    AuthenticatorData<AuthenticationExtensionAuthenticatorOutput> authenticatorData = TestDataUtil.createAuthenticatorData();
    byte[] authenticatorDataBytes = new AuthenticatorDataConverter(objectConverter).convert(authenticatorData);
    AuthenticationExtensionsClientOutputs<AuthenticationExtensionClientOutput> clientExtensions = new AuthenticationExtensionsClientOutputs<>();
    ServerProperty serverProperty = TestDataUtil.createServerProperty();
    Authenticator authenticator = TestDataUtil.createAuthenticator();
    AuthenticationObject authenticationObject = new AuthenticationObject(credentialId, authenticatorData, authenticatorDataBytes, clientData, clientDataBytes, clientExtensions, serverProperty, authenticator);
    assertAll(() -> assertThat(authenticationObject.getCredentialId()).isEqualTo(credentialId), () -> assertThat(authenticationObject.getCollectedClientData()).isEqualTo(clientData), () -> assertThat(authenticationObject.getCollectedClientDataBytes()).isEqualTo(clientDataBytes), () -> assertThat(authenticationObject.getAuthenticatorData()).isEqualTo(authenticatorData), () -> assertThat(authenticationObject.getAuthenticatorDataBytes()).isEqualTo(authenticatorDataBytes), () -> assertThat(authenticationObject.getClientExtensions()).isEqualTo(clientExtensions), () -> assertThat(authenticationObject.getServerProperty()).isEqualTo(serverProperty), () -> assertThat(authenticationObject.getAuthenticator()).isEqualTo(authenticator));
}
Also used : AuthenticatorDataConverter(com.webauthn4j.converter.AuthenticatorDataConverter) CollectedClientData(com.webauthn4j.data.client.CollectedClientData) AuthenticationExtensionAuthenticatorOutput(com.webauthn4j.data.extension.authenticator.AuthenticationExtensionAuthenticatorOutput) ServerProperty(com.webauthn4j.server.ServerProperty) AuthenticationExtensionClientOutput(com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput) AuthenticationExtensionsClientOutputs(com.webauthn4j.data.extension.client.AuthenticationExtensionsClientOutputs) CollectedClientDataConverter(com.webauthn4j.converter.CollectedClientDataConverter) Authenticator(com.webauthn4j.authenticator.Authenticator) Test(org.junit.jupiter.api.Test)

Example 52 with CollectedClientData

use of com.webauthn4j.data.client.CollectedClientData in project webauthn4j by webauthn4j.

the class ChallengeValidatorTest method validate_test_with_different_challenge.

@Test
void validate_test_with_different_challenge() {
    Challenge challengeA = new DefaultChallenge(new byte[] { 0x00 });
    Challenge challengeB = new DefaultChallenge(new byte[] { 0x01 });
    CollectedClientData collectedClientData = new CollectedClientData(ClientDataType.WEBAUTHN_CREATE, challengeA, Origin.create("http://example.com"), null);
    ServerProperty serverProperty = new ServerProperty(origin, rpId, challengeB, null);
    // When
    assertThrows(BadChallengeException.class, () -> target.validate(collectedClientData, serverProperty));
}
Also used : DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) CollectedClientData(com.webauthn4j.data.client.CollectedClientData) ServerProperty(com.webauthn4j.server.ServerProperty) Challenge(com.webauthn4j.data.client.challenge.Challenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) Test(org.junit.jupiter.api.Test)

Example 53 with CollectedClientData

use of com.webauthn4j.data.client.CollectedClientData in project webauthn4j by webauthn4j.

the class ChallengeValidatorTest method validate_test_without_saved_challenge.

@Test
void validate_test_without_saved_challenge() {
    Challenge challengeA = new DefaultChallenge(new byte[] { 0x00 });
    Challenge challengeB = null;
    CollectedClientData collectedClientData = new CollectedClientData(ClientDataType.WEBAUTHN_CREATE, challengeA, Origin.create("http://example.com"), null);
    ServerProperty serverProperty = new ServerProperty(origin, rpId, challengeB, null);
    // When
    assertThrows(MissingChallengeException.class, () -> target.validate(collectedClientData, serverProperty));
}
Also used : DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) CollectedClientData(com.webauthn4j.data.client.CollectedClientData) ServerProperty(com.webauthn4j.server.ServerProperty) Challenge(com.webauthn4j.data.client.challenge.Challenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) Test(org.junit.jupiter.api.Test)

Example 54 with CollectedClientData

use of com.webauthn4j.data.client.CollectedClientData in project webauthn4j-spring-security by webauthn4j.

the class WebAuthnRegistrationRequestValidationResponseTest method equals_hashCode_test.

@Test
public void equals_hashCode_test() {
    CollectedClientData clientData = TestDataUtil.createClientData(ClientDataType.WEBAUTHN_CREATE);
    AttestationObject attestationObject = TestDataUtil.createAttestationObjectWithFIDOU2FAttestationStatement();
    AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput> clientExtensions = new AuthenticationExtensionsClientOutputs<>();
    Set<AuthenticatorTransport> transports = new HashSet<>();
    WebAuthnRegistrationRequestValidationResponse instanceA = new WebAuthnRegistrationRequestValidationResponse(clientData, attestationObject, clientExtensions, transports);
    WebAuthnRegistrationRequestValidationResponse instanceB = new WebAuthnRegistrationRequestValidationResponse(clientData, attestationObject, clientExtensions, transports);
    assertThat(instanceA).isEqualTo(instanceB);
    assertThat(instanceB).hasSameHashCodeAs(instanceB);
}
Also used : CollectedClientData(com.webauthn4j.data.client.CollectedClientData) AttestationObject(com.webauthn4j.data.attestation.AttestationObject) AuthenticationExtensionsClientOutputs(com.webauthn4j.data.extension.client.AuthenticationExtensionsClientOutputs) RegistrationExtensionClientOutput(com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput) AuthenticatorTransport(com.webauthn4j.data.AuthenticatorTransport) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 55 with CollectedClientData

use of com.webauthn4j.data.client.CollectedClientData in project webauthn4j-spring-security by webauthn4j.

the class WebAuthnRegistrationRequestValidatorTest method validate_with_transports_null_test.

@Test
public void validate_with_transports_null_test() {
    WebAuthnRegistrationRequestValidator target = new WebAuthnRegistrationRequestValidator(webAuthnManager, serverPropertyProvider);
    ServerProperty serverProperty = mock(ServerProperty.class);
    when(serverPropertyProvider.provide(any())).thenReturn(serverProperty);
    CollectedClientData collectedClientData = mock(CollectedClientData.class);
    AttestationObject attestationObject = mock(AttestationObject.class);
    AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput> clientExtensionOutputs = new AuthenticationExtensionsClientOutputs<>();
    when(webAuthnManager.validate(any(RegistrationRequest.class), any(RegistrationParameters.class))).thenReturn(new RegistrationData(attestationObject, null, collectedClientData, null, clientExtensionOutputs, null));
    MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
    mockHttpServletRequest.setScheme("https");
    mockHttpServletRequest.setServerName("example.com");
    mockHttpServletRequest.setServerPort(443);
    String clientDataBase64 = "clientDataBase64";
    String attestationObjectBase64 = "attestationObjectBase64";
    String clientExtensionsJSON = "clientExtensionsJSON";
    target.validate(mockHttpServletRequest, clientDataBase64, attestationObjectBase64, null, clientExtensionsJSON);
    ArgumentCaptor<RegistrationRequest> registrationRequestArgumentCaptor = ArgumentCaptor.forClass(RegistrationRequest.class);
    ArgumentCaptor<RegistrationParameters> registrationParametersArgumentCaptor = ArgumentCaptor.forClass(RegistrationParameters.class);
    verify(webAuthnManager).validate(registrationRequestArgumentCaptor.capture(), registrationParametersArgumentCaptor.capture());
    RegistrationRequest registrationRequest = registrationRequestArgumentCaptor.getValue();
    RegistrationParameters registrationParameters = registrationParametersArgumentCaptor.getValue();
    assertThat(registrationRequest.getClientDataJSON()).isEqualTo(Base64UrlUtil.decode(clientDataBase64));
    assertThat(registrationRequest.getAttestationObject()).isEqualTo(Base64UrlUtil.decode(attestationObjectBase64));
    assertThat(registrationRequest.getClientExtensionsJSON()).isEqualTo(clientExtensionsJSON);
    assertThat(registrationParameters.getServerProperty()).isEqualTo(serverProperty);
}
Also used : RegistrationData(com.webauthn4j.data.RegistrationData) ServerProperty(com.webauthn4j.server.ServerProperty) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RegistrationExtensionClientOutput(com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput) RegistrationRequest(com.webauthn4j.data.RegistrationRequest) CollectedClientData(com.webauthn4j.data.client.CollectedClientData) AttestationObject(com.webauthn4j.data.attestation.AttestationObject) AuthenticationExtensionsClientOutputs(com.webauthn4j.data.extension.client.AuthenticationExtensionsClientOutputs) RegistrationParameters(com.webauthn4j.data.RegistrationParameters) Test(org.junit.Test)

Aggregations

CollectedClientData (com.webauthn4j.data.client.CollectedClientData)56 Test (org.junit.jupiter.api.Test)33 ServerProperty (com.webauthn4j.server.ServerProperty)30 AttestationObject (com.webauthn4j.data.attestation.AttestationObject)23 RegistrationExtensionClientOutput (com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput)19 Origin (com.webauthn4j.data.client.Origin)17 AuthenticationExtensionsClientOutputs (com.webauthn4j.data.extension.client.AuthenticationExtensionsClientOutputs)16 DefaultChallenge (com.webauthn4j.data.client.challenge.DefaultChallenge)14 AuthenticationExtensionClientOutput (com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput)11 Challenge (com.webauthn4j.data.client.challenge.Challenge)10 AuthenticatorTransport (com.webauthn4j.data.AuthenticatorTransport)8 RegistrationObject (com.webauthn4j.validator.RegistrationObject)8 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)8 DCRegistrationObject (com.webauthn4j.appattest.validator.DCRegistrationObject)7 Authenticator (com.webauthn4j.authenticator.Authenticator)7 CollectedClientDataConverter (com.webauthn4j.converter.CollectedClientDataConverter)7 AuthenticationExtensionAuthenticatorOutput (com.webauthn4j.data.extension.authenticator.AuthenticationExtensionAuthenticatorOutput)7 CoreRegistrationObject (com.webauthn4j.validator.CoreRegistrationObject)7 Test (org.junit.Test)5 RegistrationData (com.webauthn4j.data.RegistrationData)4