use of com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput in project webauthn4j by webauthn4j.
the class AuthenticationDataTest method getter_test.
@Test
void getter_test() {
byte[] credentialId = new byte[32];
byte[] userHandle = new byte[32];
AuthenticatorData<AuthenticationExtensionAuthenticatorOutput> authenticatorData = null;
byte[] authenticatorDataBytes = new byte[64];
CollectedClientData collectedClientData = mock(CollectedClientData.class);
byte[] collectedClientDataBytes = new byte[128];
AuthenticationExtensionsClientOutputs<AuthenticationExtensionClientOutput> clientExtensions = null;
byte[] signature = new byte[32];
AuthenticationData instance = new AuthenticationData(credentialId, userHandle, authenticatorData, authenticatorDataBytes, collectedClientData, collectedClientDataBytes, clientExtensions, signature);
assertThat(instance.getCredentialId()).isEqualTo(credentialId);
assertThat(instance.getUserHandle()).isEqualTo(userHandle);
assertThat(instance.getAuthenticatorData()).isEqualTo(authenticatorData);
assertThat(instance.getAuthenticatorDataBytes()).isEqualTo(authenticatorDataBytes);
assertThat(instance.getCollectedClientData()).isEqualTo(collectedClientData);
assertThat(instance.getCollectedClientDataBytes()).isEqualTo(collectedClientDataBytes);
assertThat(instance.getClientExtensions()).isEqualTo(clientExtensions);
assertThat(instance.getSignature()).isEqualTo(signature);
}
use of com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput in project webauthn4j by webauthn4j.
the class AuthenticationDataTest method equals_hashCode_test.
@Test
void equals_hashCode_test() {
byte[] credentialId = new byte[32];
byte[] userHandle = new byte[32];
AuthenticatorData<AuthenticationExtensionAuthenticatorOutput> authenticatorData = null;
byte[] authenticatorDataBytes = new byte[64];
CollectedClientData collectedClientData = mock(CollectedClientData.class);
byte[] collectedClientDataBytes = new byte[128];
AuthenticationExtensionsClientOutputs<AuthenticationExtensionClientOutput> authenticationExtensionsClientOutputs = null;
byte[] signature = new byte[32];
AuthenticationData instanceA = new AuthenticationData(credentialId, userHandle, authenticatorData, authenticatorDataBytes, collectedClientData, collectedClientDataBytes, authenticationExtensionsClientOutputs, signature);
AuthenticationData instanceB = new AuthenticationData(credentialId, userHandle, authenticatorData, authenticatorDataBytes, collectedClientData, collectedClientDataBytes, authenticationExtensionsClientOutputs, signature);
assertThat(instanceA).isEqualTo(instanceB).hasSameHashCodeAs(instanceB);
}
use of com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput in project webauthn4j by webauthn4j.
the class UserVerifyingAuthenticatorAuthenticationValidationTest method validate_assertion_test_with_bad_clientData_type.
@Test
void validate_assertion_test_with_bad_clientData_type() {
String rpId = "example.com";
long timeout = 0;
Challenge challenge = new DefaultChallenge();
// create
AttestationObject attestationObject = createAttestationObject(rpId, challenge);
// get
PublicKeyCredentialRequestOptions credentialRequestOptions = new PublicKeyCredentialRequestOptions(challenge, timeout, rpId, null, UserVerificationRequirement.REQUIRED, null);
// bad clientData type
CollectedClientData collectedClientData = clientPlatform.createCollectedClientData(ClientDataType.WEBAUTHN_CREATE, challenge);
PublicKeyCredential<AuthenticatorAssertionResponse, AuthenticationExtensionClientOutput> credential = clientPlatform.get(credentialRequestOptions, collectedClientData);
AuthenticatorAssertionResponse authenticationRequest = credential.getAuthenticatorResponse();
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
Authenticator authenticator = TestDataUtil.createAuthenticator(attestationObject);
AuthenticationRequest webAuthnAuthenticationRequest = new AuthenticationRequest(credential.getRawId(), authenticationRequest.getAuthenticatorData(), authenticationRequest.getClientDataJSON(), authenticationRequest.getSignature());
List<byte[]> allowCredentials = null;
AuthenticationParameters authenticationParameters = new AuthenticationParameters(serverProperty, authenticator, allowCredentials, true);
AuthenticationData authenticationData = target.parse(webAuthnAuthenticationRequest);
assertThrows(InconsistentClientDataTypeException.class, () -> target.validate(authenticationData, authenticationParameters));
}
use of com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput in project webauthn4j by webauthn4j.
the class UserVerifyingAuthenticatorAuthenticationValidationTest method validate_bad_rpId_test.
@Test
void validate_bad_rpId_test() {
String rpId = "example.com";
String anotherSiteRpId = "another.site.example.net";
long timeout = 0;
Challenge challenge = new DefaultChallenge();
// create
AttestationObject attestationObject = createAttestationObject(rpId, challenge);
// get
PublicKeyCredentialRequestOptions credentialRequestOptions = new PublicKeyCredentialRequestOptions(challenge, timeout, rpId, null, UserVerificationRequirement.REQUIRED, null);
PublicKeyCredential<AuthenticatorAssertionResponse, AuthenticationExtensionClientOutput> credential = clientPlatform.get(credentialRequestOptions);
AuthenticatorAssertionResponse authenticationRequest = credential.getAuthenticatorResponse();
ServerProperty serverProperty = new ServerProperty(origin, anotherSiteRpId, challenge, null);
Authenticator authenticator = TestDataUtil.createAuthenticator(attestationObject);
AuthenticationRequest webAuthnAuthenticationRequest = new AuthenticationRequest(credential.getRawId(), authenticationRequest.getAuthenticatorData(), authenticationRequest.getClientDataJSON(), authenticationRequest.getSignature());
List<byte[]> allowCredentials = null;
AuthenticationParameters authenticationParameters = new AuthenticationParameters(serverProperty, authenticator, allowCredentials, true);
AuthenticationData authenticationData = target.parse(webAuthnAuthenticationRequest);
assertThrows(BadRpIdException.class, () -> target.validate(authenticationData, authenticationParameters));
}
use of com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput in project webauthn4j by webauthn4j.
the class UserVerifyingAuthenticatorAuthenticationValidationTest method validate_assertion_with_bad_challenge_test.
@Test
void validate_assertion_with_bad_challenge_test() {
String rpId = "example.com";
long timeout = 0;
Challenge challenge = new DefaultChallenge();
Challenge badChallenge = new DefaultChallenge();
// create
AttestationObject attestationObject = createAttestationObject(rpId, challenge);
// get
PublicKeyCredentialRequestOptions credentialRequestOptions = new PublicKeyCredentialRequestOptions(// bad challenge
badChallenge, timeout, rpId, null, UserVerificationRequirement.REQUIRED, null);
PublicKeyCredential<AuthenticatorAssertionResponse, AuthenticationExtensionClientOutput> credential = clientPlatform.get(credentialRequestOptions);
AuthenticatorAssertionResponse authenticationRequest = credential.getAuthenticatorResponse();
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
Authenticator authenticator = TestDataUtil.createAuthenticator(attestationObject);
AuthenticationRequest webAuthnAuthenticationRequest = new AuthenticationRequest(credential.getRawId(), authenticationRequest.getAuthenticatorData(), authenticationRequest.getClientDataJSON(), authenticationRequest.getSignature());
List<byte[]> allowCredentials = null;
AuthenticationParameters authenticationParameters = new AuthenticationParameters(serverProperty, authenticator, allowCredentials, true);
AuthenticationData authenticationData = target.parse(webAuthnAuthenticationRequest);
assertThrows(BadChallengeException.class, () -> target.validate(authenticationData, authenticationParameters));
}
Aggregations