Example 41 with CollectedClientData
use of com.webauthn4j.data.client.CollectedClientData in project webauthn4j by webauthn4j.
the class TestDataUtil method createRegistrationObject.
public static RegistrationObject createRegistrationObject(Function<byte[], AttestationObject> attestationObjectProvider) {
CollectedClientData collectedClientData = createClientData(ClientDataType.WEBAUTHN_CREATE);
byte[] collectedClientDataBytes = collectedClientDataConverter.convertToBytes(collectedClientData);
AttestationObject attestationObject = attestationObjectProvider.apply(collectedClientDataBytes);
byte[] attestationObjectBytes = attestationObjectConverter.convertToBytes(attestationObject);
Set<AuthenticatorTransport> transports = Collections.emptySet();
AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput> authenticationExtensionsClientOutputs = new AuthenticationExtensionsClientOutputs<>();
return new RegistrationObject(attestationObject, attestationObjectBytes, collectedClientData, collectedClientDataBytes, authenticationExtensionsClientOutputs, transports, TestDataUtil.createServerProperty());
}
Also used :
CollectedClientData(com.webauthn4j.data.client.CollectedClientData)
AttestationObject(com.webauthn4j.data.attestation.AttestationObject)
CoreRegistrationObject(com.webauthn4j.validator.CoreRegistrationObject)
DCRegistrationObject(com.webauthn4j.appattest.validator.DCRegistrationObject)
RegistrationObject(com.webauthn4j.validator.RegistrationObject)
AuthenticationExtensionsClientOutputs(com.webauthn4j.data.extension.client.AuthenticationExtensionsClientOutputs)
RegistrationExtensionClientOutput(com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput)
Example 42 with CollectedClientData
use of com.webauthn4j.data.client.CollectedClientData in project webauthn4j by webauthn4j.
the class WebAuthnAuthenticationManager method parse.
@SuppressWarnings("squid:S1130")
@NonNull
public AuthenticationData parse(@NonNull AuthenticationRequest authenticationRequest) throws DataConversionException {
AssertUtil.notNull(authenticationRequest, "authenticationRequest must not be null");
byte[] credentialId = authenticationRequest.getCredentialId();
byte[] signature = authenticationRequest.getSignature();
byte[] userHandle = authenticationRequest.getUserHandle();
byte[] clientDataBytes = authenticationRequest.getClientDataJSON();
CollectedClientData collectedClientData = clientDataBytes == null ? null : collectedClientDataConverter.convert(clientDataBytes);
byte[] authenticatorDataBytes = authenticationRequest.getAuthenticatorData();
AuthenticatorData<AuthenticationExtensionAuthenticatorOutput> authenticatorData = authenticatorDataBytes == null ? null : authenticatorDataConverter.convert(authenticatorDataBytes);
AuthenticationExtensionsClientOutputs<AuthenticationExtensionClientOutput> clientExtensions = authenticationRequest.getClientExtensionsJSON() == null ? null : authenticationExtensionsClientOutputsConverter.convert(authenticationRequest.getClientExtensionsJSON());
return new AuthenticationData(credentialId, userHandle, authenticatorData, authenticatorDataBytes, collectedClientData, clientDataBytes, clientExtensions, signature);
}
Also used :
CollectedClientData(com.webauthn4j.data.client.CollectedClientData)
AuthenticationExtensionAuthenticatorOutput(com.webauthn4j.data.extension.authenticator.AuthenticationExtensionAuthenticatorOutput)
AuthenticationData(com.webauthn4j.data.AuthenticationData)
AuthenticationExtensionClientOutput(com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput)
NonNull(org.checkerframework.checker.nullness.qual.NonNull)
Example 43 with CollectedClientData
use of com.webauthn4j.data.client.CollectedClientData in project webauthn4j by webauthn4j.
the class OriginValidatorImplTest method multiple_origins_test.
@Test
void multiple_origins_test() {
final Origin originA = new Origin("https://example.com:14443");
final Origin originB = new Origin("http://localhost:9090");
final Origin originC = new Origin("android:apk-key-hash:pNiP5iKyQ8JwgGOaKA1zGPUPJIS-0H1xKCQcfIoGLck");
final Origin originD = new Origin("android:apk-key-hash-sha256:qSiQ5iKyQ8JwgGOaKA1zGPUPJIS-0H1xKCQcfIoGLck");
final ServerProperty serverProperty = new ServerProperty(new HashSet<>(Arrays.asList(originA, originB, originC, originD)), "example.com", TestDataUtil.createChallenge(), null);
final CollectedClientData collectedClientDataA = new CollectedClientData(ClientDataType.WEBAUTHN_CREATE, TestDataUtil.createChallenge(), originA, null);
final CollectedClientData collectedClientDataB = new CollectedClientData(ClientDataType.WEBAUTHN_CREATE, TestDataUtil.createChallenge(), originB, null);
final CollectedClientData collectedClientDataC = new CollectedClientData(ClientDataType.WEBAUTHN_GET, TestDataUtil.createChallenge(), originC, null);
final CollectedClientData collectedClientDataD = new CollectedClientData(ClientDataType.WEBAUTHN_GET, TestDataUtil.createChallenge(), originD, null);
target.validate(collectedClientDataA, serverProperty);
target.validate(collectedClientDataB, serverProperty);
target.validate(collectedClientDataC, serverProperty);
target.validate(collectedClientDataD, serverProperty);
}
Also used :
Origin(com.webauthn4j.data.client.Origin)
ServerProperty(com.webauthn4j.server.ServerProperty)
CollectedClientData(com.webauthn4j.data.client.CollectedClientData)
Test(org.junit.jupiter.api.Test)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
Example 44 with CollectedClientData
use of com.webauthn4j.data.client.CollectedClientData in project webauthn4j by webauthn4j.
the class OriginValidatorImplTest method test_with_not_equal_origins.
@SuppressWarnings("java:S5976")
@Test
void test_with_not_equal_origins() {
Origin originA = new Origin("https://example.com:14443");
Origin originB = new Origin("http://example.com");
CollectedClientData collectedClientData = new CollectedClientData(ClientDataType.WEBAUTHN_CREATE, TestDataUtil.createChallenge(), originA, null);
ServerProperty serverProperty = new ServerProperty(originB, "example.com", TestDataUtil.createChallenge(), null);
assertThrows(BadOriginException.class, () -> target.validate(collectedClientData, serverProperty));
}
Also used :
Origin(com.webauthn4j.data.client.Origin)
CollectedClientData(com.webauthn4j.data.client.CollectedClientData)
ServerProperty(com.webauthn4j.server.ServerProperty)
Test(org.junit.jupiter.api.Test)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
Example 45 with CollectedClientData
use of com.webauthn4j.data.client.CollectedClientData in project webauthn4j by webauthn4j.
the class OriginValidatorImplTest method apk_key_hash_test_with_not_equal_origins.
@SuppressWarnings("java:S5976")
@Test
void apk_key_hash_test_with_not_equal_origins() {
Origin originA = new Origin("android:apk-key-hash:aNiP5iKyQ8JwgGOaKA1zGPUPJIS-0H1xKCQcfIoGLck");
Origin originB = new Origin("android:apk-key-hash:pNiP5iKyQ8JwgGOaKA1zGPUPJIS-0H1xKCQcfIoGLck");
CollectedClientData collectedClientData = new CollectedClientData(ClientDataType.WEBAUTHN_CREATE, TestDataUtil.createChallenge(), originA, null);
ServerProperty serverProperty = new ServerProperty(originB, "1.example.com", TestDataUtil.createChallenge(), null);
assertThrows(BadOriginException.class, () -> target.validate(collectedClientData, serverProperty));
}
Also used :
Origin(com.webauthn4j.data.client.Origin)
CollectedClientData(com.webauthn4j.data.client.CollectedClientData)
ServerProperty(com.webauthn4j.server.ServerProperty)
Test(org.junit.jupiter.api.Test)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
Aggregations
CollectedClientData (com.webauthn4j.data.client.CollectedClientData)56
Test (org.junit.jupiter.api.Test)33
ServerProperty (com.webauthn4j.server.ServerProperty)30
AttestationObject (com.webauthn4j.data.attestation.AttestationObject)23
RegistrationExtensionClientOutput (com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput)19
Origin (com.webauthn4j.data.client.Origin)17
AuthenticationExtensionsClientOutputs (com.webauthn4j.data.extension.client.AuthenticationExtensionsClientOutputs)16
DefaultChallenge (com.webauthn4j.data.client.challenge.DefaultChallenge)14
AuthenticationExtensionClientOutput (com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput)11
Challenge (com.webauthn4j.data.client.challenge.Challenge)10
AuthenticatorTransport (com.webauthn4j.data.AuthenticatorTransport)8
RegistrationObject (com.webauthn4j.validator.RegistrationObject)8
ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)8
DCRegistrationObject (com.webauthn4j.appattest.validator.DCRegistrationObject)7
Authenticator (com.webauthn4j.authenticator.Authenticator)7
CollectedClientDataConverter (com.webauthn4j.converter.CollectedClientDataConverter)7
AuthenticationExtensionAuthenticatorOutput (com.webauthn4j.data.extension.authenticator.AuthenticationExtensionAuthenticatorOutput)7
CoreRegistrationObject (com.webauthn4j.validator.CoreRegistrationObject)7
Test (org.junit.Test)5
RegistrationData (com.webauthn4j.data.RegistrationData)4
