Search in sources :

Example 1 with AuthenticationExtensionClientOutput

use of com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput in project webauthn4j by webauthn4j.

the class AuthenticationDataTest method getter_test.

@Test
void getter_test() {
    byte[] credentialId = new byte[32];
    byte[] userHandle = new byte[32];
    AuthenticatorData<AuthenticationExtensionAuthenticatorOutput> authenticatorData = null;
    byte[] authenticatorDataBytes = new byte[64];
    CollectedClientData collectedClientData = mock(CollectedClientData.class);
    byte[] collectedClientDataBytes = new byte[128];
    AuthenticationExtensionsClientOutputs<AuthenticationExtensionClientOutput> clientExtensions = null;
    byte[] signature = new byte[32];
    AuthenticationData instance = new AuthenticationData(credentialId, userHandle, authenticatorData, authenticatorDataBytes, collectedClientData, collectedClientDataBytes, clientExtensions, signature);
    assertThat(instance.getCredentialId()).isEqualTo(credentialId);
    assertThat(instance.getUserHandle()).isEqualTo(userHandle);
    assertThat(instance.getAuthenticatorData()).isEqualTo(authenticatorData);
    assertThat(instance.getAuthenticatorDataBytes()).isEqualTo(authenticatorDataBytes);
    assertThat(instance.getCollectedClientData()).isEqualTo(collectedClientData);
    assertThat(instance.getCollectedClientDataBytes()).isEqualTo(collectedClientDataBytes);
    assertThat(instance.getClientExtensions()).isEqualTo(clientExtensions);
    assertThat(instance.getSignature()).isEqualTo(signature);
}
Also used : AuthenticationExtensionAuthenticatorOutput(com.webauthn4j.data.extension.authenticator.AuthenticationExtensionAuthenticatorOutput) CollectedClientData(com.webauthn4j.data.client.CollectedClientData) AuthenticationExtensionClientOutput(com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput) Test(org.junit.jupiter.api.Test)

Example 2 with AuthenticationExtensionClientOutput

use of com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput in project webauthn4j by webauthn4j.

the class AuthenticationDataTest method equals_hashCode_test.

@Test
void equals_hashCode_test() {
    byte[] credentialId = new byte[32];
    byte[] userHandle = new byte[32];
    AuthenticatorData<AuthenticationExtensionAuthenticatorOutput> authenticatorData = null;
    byte[] authenticatorDataBytes = new byte[64];
    CollectedClientData collectedClientData = mock(CollectedClientData.class);
    byte[] collectedClientDataBytes = new byte[128];
    AuthenticationExtensionsClientOutputs<AuthenticationExtensionClientOutput> authenticationExtensionsClientOutputs = null;
    byte[] signature = new byte[32];
    AuthenticationData instanceA = new AuthenticationData(credentialId, userHandle, authenticatorData, authenticatorDataBytes, collectedClientData, collectedClientDataBytes, authenticationExtensionsClientOutputs, signature);
    AuthenticationData instanceB = new AuthenticationData(credentialId, userHandle, authenticatorData, authenticatorDataBytes, collectedClientData, collectedClientDataBytes, authenticationExtensionsClientOutputs, signature);
    assertThat(instanceA).isEqualTo(instanceB).hasSameHashCodeAs(instanceB);
}
Also used : AuthenticationExtensionAuthenticatorOutput(com.webauthn4j.data.extension.authenticator.AuthenticationExtensionAuthenticatorOutput) CollectedClientData(com.webauthn4j.data.client.CollectedClientData) AuthenticationExtensionClientOutput(com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput) Test(org.junit.jupiter.api.Test)

Example 3 with AuthenticationExtensionClientOutput

use of com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput in project webauthn4j by webauthn4j.

the class UserVerifyingAuthenticatorAuthenticationValidationTest method validate_assertion_test_with_bad_clientData_type.

@Test
void validate_assertion_test_with_bad_clientData_type() {
    String rpId = "example.com";
    long timeout = 0;
    Challenge challenge = new DefaultChallenge();
    // create
    AttestationObject attestationObject = createAttestationObject(rpId, challenge);
    // get
    PublicKeyCredentialRequestOptions credentialRequestOptions = new PublicKeyCredentialRequestOptions(challenge, timeout, rpId, null, UserVerificationRequirement.REQUIRED, null);
    // bad clientData type
    CollectedClientData collectedClientData = clientPlatform.createCollectedClientData(ClientDataType.WEBAUTHN_CREATE, challenge);
    PublicKeyCredential<AuthenticatorAssertionResponse, AuthenticationExtensionClientOutput> credential = clientPlatform.get(credentialRequestOptions, collectedClientData);
    AuthenticatorAssertionResponse authenticationRequest = credential.getAuthenticatorResponse();
    ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
    Authenticator authenticator = TestDataUtil.createAuthenticator(attestationObject);
    AuthenticationRequest webAuthnAuthenticationRequest = new AuthenticationRequest(credential.getRawId(), authenticationRequest.getAuthenticatorData(), authenticationRequest.getClientDataJSON(), authenticationRequest.getSignature());
    List<byte[]> allowCredentials = null;
    AuthenticationParameters authenticationParameters = new AuthenticationParameters(serverProperty, authenticator, allowCredentials, true);
    AuthenticationData authenticationData = target.parse(webAuthnAuthenticationRequest);
    assertThrows(InconsistentClientDataTypeException.class, () -> target.validate(authenticationData, authenticationParameters));
}
Also used : ServerProperty(com.webauthn4j.server.ServerProperty) Challenge(com.webauthn4j.data.client.challenge.Challenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) CollectedClientData(com.webauthn4j.data.client.CollectedClientData) AuthenticationExtensionClientOutput(com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput) AttestationObject(com.webauthn4j.data.attestation.AttestationObject) Authenticator(com.webauthn4j.authenticator.Authenticator) Test(org.junit.jupiter.api.Test)

Example 4 with AuthenticationExtensionClientOutput

use of com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput in project webauthn4j by webauthn4j.

the class UserVerifyingAuthenticatorAuthenticationValidationTest method validate_bad_rpId_test.

@Test
void validate_bad_rpId_test() {
    String rpId = "example.com";
    String anotherSiteRpId = "another.site.example.net";
    long timeout = 0;
    Challenge challenge = new DefaultChallenge();
    // create
    AttestationObject attestationObject = createAttestationObject(rpId, challenge);
    // get
    PublicKeyCredentialRequestOptions credentialRequestOptions = new PublicKeyCredentialRequestOptions(challenge, timeout, rpId, null, UserVerificationRequirement.REQUIRED, null);
    PublicKeyCredential<AuthenticatorAssertionResponse, AuthenticationExtensionClientOutput> credential = clientPlatform.get(credentialRequestOptions);
    AuthenticatorAssertionResponse authenticationRequest = credential.getAuthenticatorResponse();
    ServerProperty serverProperty = new ServerProperty(origin, anotherSiteRpId, challenge, null);
    Authenticator authenticator = TestDataUtil.createAuthenticator(attestationObject);
    AuthenticationRequest webAuthnAuthenticationRequest = new AuthenticationRequest(credential.getRawId(), authenticationRequest.getAuthenticatorData(), authenticationRequest.getClientDataJSON(), authenticationRequest.getSignature());
    List<byte[]> allowCredentials = null;
    AuthenticationParameters authenticationParameters = new AuthenticationParameters(serverProperty, authenticator, allowCredentials, true);
    AuthenticationData authenticationData = target.parse(webAuthnAuthenticationRequest);
    assertThrows(BadRpIdException.class, () -> target.validate(authenticationData, authenticationParameters));
}
Also used : ServerProperty(com.webauthn4j.server.ServerProperty) Challenge(com.webauthn4j.data.client.challenge.Challenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) AuthenticationExtensionClientOutput(com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput) AttestationObject(com.webauthn4j.data.attestation.AttestationObject) Authenticator(com.webauthn4j.authenticator.Authenticator) Test(org.junit.jupiter.api.Test)

Example 5 with AuthenticationExtensionClientOutput

use of com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput in project webauthn4j by webauthn4j.

the class UserVerifyingAuthenticatorAuthenticationValidationTest method validate_assertion_with_bad_challenge_test.

@Test
void validate_assertion_with_bad_challenge_test() {
    String rpId = "example.com";
    long timeout = 0;
    Challenge challenge = new DefaultChallenge();
    Challenge badChallenge = new DefaultChallenge();
    // create
    AttestationObject attestationObject = createAttestationObject(rpId, challenge);
    // get
    PublicKeyCredentialRequestOptions credentialRequestOptions = new PublicKeyCredentialRequestOptions(// bad challenge
    badChallenge, timeout, rpId, null, UserVerificationRequirement.REQUIRED, null);
    PublicKeyCredential<AuthenticatorAssertionResponse, AuthenticationExtensionClientOutput> credential = clientPlatform.get(credentialRequestOptions);
    AuthenticatorAssertionResponse authenticationRequest = credential.getAuthenticatorResponse();
    ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
    Authenticator authenticator = TestDataUtil.createAuthenticator(attestationObject);
    AuthenticationRequest webAuthnAuthenticationRequest = new AuthenticationRequest(credential.getRawId(), authenticationRequest.getAuthenticatorData(), authenticationRequest.getClientDataJSON(), authenticationRequest.getSignature());
    List<byte[]> allowCredentials = null;
    AuthenticationParameters authenticationParameters = new AuthenticationParameters(serverProperty, authenticator, allowCredentials, true);
    AuthenticationData authenticationData = target.parse(webAuthnAuthenticationRequest);
    assertThrows(BadChallengeException.class, () -> target.validate(authenticationData, authenticationParameters));
}
Also used : ServerProperty(com.webauthn4j.server.ServerProperty) Challenge(com.webauthn4j.data.client.challenge.Challenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) AuthenticationExtensionClientOutput(com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput) AttestationObject(com.webauthn4j.data.attestation.AttestationObject) Authenticator(com.webauthn4j.authenticator.Authenticator) Test(org.junit.jupiter.api.Test)

Aggregations

AuthenticationExtensionClientOutput (com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput)26 Test (org.junit.jupiter.api.Test)24 Authenticator (com.webauthn4j.authenticator.Authenticator)22 ServerProperty (com.webauthn4j.server.ServerProperty)22 AttestationObject (com.webauthn4j.data.attestation.AttestationObject)19 Challenge (com.webauthn4j.data.client.challenge.Challenge)19 DefaultChallenge (com.webauthn4j.data.client.challenge.DefaultChallenge)19 CollectedClientData (com.webauthn4j.data.client.CollectedClientData)11 FIDOU2FAuthenticator (com.webauthn4j.test.authenticator.u2f.FIDOU2FAuthenticator)9 AuthenticationExtensionAuthenticatorOutput (com.webauthn4j.data.extension.authenticator.AuthenticationExtensionAuthenticatorOutput)8 AuthenticatorDataConverter (com.webauthn4j.converter.AuthenticatorDataConverter)2 CollectedClientDataConverter (com.webauthn4j.converter.CollectedClientDataConverter)2 Origin (com.webauthn4j.data.client.Origin)2 AuthenticationExtensionsClientOutputs (com.webauthn4j.data.extension.client.AuthenticationExtensionsClientOutputs)2 AuthenticationData (com.webauthn4j.data.AuthenticationData)1 FIDOU2FAuthenticatorAdaptor (com.webauthn4j.test.authenticator.u2f.FIDOU2FAuthenticatorAdaptor)1 ClientPlatform (com.webauthn4j.test.client.ClientPlatform)1 NonNull (org.checkerframework.checker.nullness.qual.NonNull)1