Examples with AuthenticationExtensionClientOutput com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput used on opensource projects

Search in sources :

Example 21 with AuthenticationExtensionClientOutput

use of com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput in project webauthn4j by webauthn4j.

the class FIDOU2FAuthenticatorAuthenticationValidationTest method validate_assertion_with_bad_origin_test.

@Test
void validate_assertion_with_bad_origin_test() {
    String rpId = "example.com";
    long timeout = 0;
    Challenge challenge = new DefaultChallenge();
    // create
    AttestationObject attestationObject = createAttestationObject(rpId, challenge);
    byte[] credentialId = attestationObject.getAuthenticatorData().getAttestedCredentialData().getCredentialId();
    // get
    PublicKeyCredentialRequestOptions credentialRequestOptions = new PublicKeyCredentialRequestOptions(challenge, timeout, rpId, Collections.singletonList(new PublicKeyCredentialDescriptor(PublicKeyCredentialType.PUBLIC_KEY, attestationObject.getAuthenticatorData().getAttestedCredentialData().getCredentialId(), CollectionUtil.unmodifiableSet(AuthenticatorTransport.USB, AuthenticatorTransport.NFC, AuthenticatorTransport.BLE))), UserVerificationRequirement.DISCOURAGED, null);
    // bad origin
    clientPlatform.setOrigin(new Origin("https://bad.origin.example.com"));
    PublicKeyCredential<AuthenticatorAssertionResponse, AuthenticationExtensionClientOutput> credential = clientPlatform.get(credentialRequestOptions);
    AuthenticatorAssertionResponse authenticatorAssertionResponse = credential.getAuthenticatorResponse();
    ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
    Authenticator authenticator = TestDataUtil.createAuthenticator(attestationObject);
    AuthenticationRequest authenticationRequest = new AuthenticationRequest(credential.getRawId(), authenticatorAssertionResponse.getAuthenticatorData(), authenticatorAssertionResponse.getClientDataJSON(), authenticatorAssertionResponse.getSignature());
    AuthenticationParameters authenticationParameters = new AuthenticationParameters(serverProperty, authenticator, Collections.singletonList(credentialId), false);
    assertThrows(BadOriginException.class, () -> target.validate(authenticationRequest, authenticationParameters));
}
Also used : Origin(com.webauthn4j.data.client.Origin) ServerProperty(com.webauthn4j.server.ServerProperty) Challenge(com.webauthn4j.data.client.challenge.Challenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) AuthenticationExtensionClientOutput(com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput) AttestationObject(com.webauthn4j.data.attestation.AttestationObject) Authenticator(com.webauthn4j.authenticator.Authenticator) FIDOU2FAuthenticator(com.webauthn4j.test.authenticator.u2f.FIDOU2FAuthenticator) Test(org.junit.jupiter.api.Test)

Example 22 with AuthenticationExtensionClientOutput

use of com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput in project webauthn4j by webauthn4j.

the class FIDOU2FAuthenticatorAuthenticationValidationTest method validate_assertion_with_bad_challenge_test.

@Test
void validate_assertion_with_bad_challenge_test() {
    String rpId = "example.com";
    long timeout = 0;
    Challenge challenge = new DefaultChallenge();
    Challenge badChallenge = new DefaultChallenge();
    // create
    AttestationObject attestationObject = createAttestationObject(rpId, challenge);
    byte[] credentialId = attestationObject.getAuthenticatorData().getAttestedCredentialData().getCredentialId();
    // get
    PublicKeyCredentialRequestOptions credentialRequestOptions = new PublicKeyCredentialRequestOptions(// bad challenge
    badChallenge, timeout, rpId, Collections.singletonList(new PublicKeyCredentialDescriptor(PublicKeyCredentialType.PUBLIC_KEY, attestationObject.getAuthenticatorData().getAttestedCredentialData().getCredentialId(), CollectionUtil.unmodifiableSet(AuthenticatorTransport.USB, AuthenticatorTransport.NFC, AuthenticatorTransport.BLE))), UserVerificationRequirement.DISCOURAGED, null);
    PublicKeyCredential<AuthenticatorAssertionResponse, AuthenticationExtensionClientOutput> credential = clientPlatform.get(credentialRequestOptions);
    AuthenticatorAssertionResponse authenticationRequest = credential.getAuthenticatorResponse();
    ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
    Authenticator authenticator = TestDataUtil.createAuthenticator(attestationObject);
    AuthenticationRequest webAuthnAuthenticationRequest = new AuthenticationRequest(credential.getRawId(), authenticationRequest.getAuthenticatorData(), authenticationRequest.getClientDataJSON(), authenticationRequest.getSignature());
    AuthenticationParameters webAuthnAuthenticationParameters = new AuthenticationParameters(serverProperty, authenticator, Collections.singletonList(credentialId), false);
    assertThrows(BadChallengeException.class, () -> target.validate(webAuthnAuthenticationRequest, webAuthnAuthenticationParameters));
}
Also used : ServerProperty(com.webauthn4j.server.ServerProperty) Challenge(com.webauthn4j.data.client.challenge.Challenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) AuthenticationExtensionClientOutput(com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput) AttestationObject(com.webauthn4j.data.attestation.AttestationObject) Authenticator(com.webauthn4j.authenticator.Authenticator) FIDOU2FAuthenticator(com.webauthn4j.test.authenticator.u2f.FIDOU2FAuthenticator) Test(org.junit.jupiter.api.Test)

Example 23 with AuthenticationExtensionClientOutput

use of com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput in project webauthn4j by webauthn4j.

the class AuthenticationDataTest method toString_test.

@Test
void toString_test() {
    byte[] credentialId = new byte[32];
    byte[] userHandle = new byte[32];
    AuthenticatorData<AuthenticationExtensionAuthenticatorOutput> authenticatorData = null;
    byte[] authenticatorDataBytes = new byte[64];
    CollectedClientData collectedClientData = mock(CollectedClientData.class);
    byte[] collectedClientDataBytes = new byte[128];
    AuthenticationExtensionsClientOutputs<AuthenticationExtensionClientOutput> authenticationExtensionsClientOutputs = null;
    byte[] signature = new byte[32];
    AuthenticationData instance = new AuthenticationData(credentialId, userHandle, authenticatorData, authenticatorDataBytes, collectedClientData, collectedClientDataBytes, authenticationExtensionsClientOutputs, signature);
    // noinspection ResultOfMethodCallIgnored
    assertThatCode(instance::toString).doesNotThrowAnyException();
}
Also used : AuthenticationExtensionAuthenticatorOutput(com.webauthn4j.data.extension.authenticator.AuthenticationExtensionAuthenticatorOutput) CollectedClientData(com.webauthn4j.data.client.CollectedClientData) AuthenticationExtensionClientOutput(com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput) Test(org.junit.jupiter.api.Test)

Example 24 with AuthenticationExtensionClientOutput

use of com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput in project webauthn4j by webauthn4j.

the class WebAuthnAuthenticationManager method parse.

@SuppressWarnings("squid:S1130")
@NonNull
public AuthenticationData parse(@NonNull AuthenticationRequest authenticationRequest) throws DataConversionException {
    AssertUtil.notNull(authenticationRequest, "authenticationRequest must not be null");
    byte[] credentialId = authenticationRequest.getCredentialId();
    byte[] signature = authenticationRequest.getSignature();
    byte[] userHandle = authenticationRequest.getUserHandle();
    byte[] clientDataBytes = authenticationRequest.getClientDataJSON();
    CollectedClientData collectedClientData = clientDataBytes == null ? null : collectedClientDataConverter.convert(clientDataBytes);
    byte[] authenticatorDataBytes = authenticationRequest.getAuthenticatorData();
    AuthenticatorData<AuthenticationExtensionAuthenticatorOutput> authenticatorData = authenticatorDataBytes == null ? null : authenticatorDataConverter.convert(authenticatorDataBytes);
    AuthenticationExtensionsClientOutputs<AuthenticationExtensionClientOutput> clientExtensions = authenticationRequest.getClientExtensionsJSON() == null ? null : authenticationExtensionsClientOutputsConverter.convert(authenticationRequest.getClientExtensionsJSON());
    return new AuthenticationData(credentialId, userHandle, authenticatorData, authenticatorDataBytes, collectedClientData, clientDataBytes, clientExtensions, signature);
}
Also used : CollectedClientData(com.webauthn4j.data.client.CollectedClientData) AuthenticationExtensionAuthenticatorOutput(com.webauthn4j.data.extension.authenticator.AuthenticationExtensionAuthenticatorOutput) AuthenticationData(com.webauthn4j.data.AuthenticationData) AuthenticationExtensionClientOutput(com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput) NonNull(org.checkerframework.checker.nullness.qual.NonNull)

Example 25 with AuthenticationExtensionClientOutput

use of com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput in project webauthn4j by webauthn4j.

the class AuthenticationObjectTest method equals_hashCode_test.

@Test
void equals_hashCode_test() {
    byte[] credentialId = new byte[32];
    CollectedClientData clientData = TestDataUtil.createClientData(ClientDataType.WEBAUTHN_CREATE);
    byte[] clientDataBytes = new CollectedClientDataConverter(objectConverter).convertToBytes(clientData);
    AuthenticatorData<AuthenticationExtensionAuthenticatorOutput> authenticatorData = TestDataUtil.createAuthenticatorData();
    byte[] authenticatorDataBytes = new AuthenticatorDataConverter(objectConverter).convert(authenticatorData);
    AuthenticationExtensionsClientOutputs<AuthenticationExtensionClientOutput> clientExtensions = new AuthenticationExtensionsClientOutputs<>();
    ServerProperty serverProperty = TestDataUtil.createServerProperty();
    Authenticator authenticator = TestDataUtil.createAuthenticator();
    AuthenticationObject instanceA = new AuthenticationObject(credentialId, authenticatorData, authenticatorDataBytes, clientData, clientDataBytes, clientExtensions, serverProperty, authenticator);
    AuthenticationObject instanceB = new AuthenticationObject(credentialId, authenticatorData, authenticatorDataBytes, clientData, clientDataBytes, clientExtensions, serverProperty, authenticator);
    assertAll(() -> assertThat(instanceA).isEqualTo(instanceB), () -> assertThat(instanceA).hasSameHashCodeAs(instanceB));
}
Also used : AuthenticatorDataConverter(com.webauthn4j.converter.AuthenticatorDataConverter) CollectedClientData(com.webauthn4j.data.client.CollectedClientData) AuthenticationExtensionAuthenticatorOutput(com.webauthn4j.data.extension.authenticator.AuthenticationExtensionAuthenticatorOutput) ServerProperty(com.webauthn4j.server.ServerProperty) AuthenticationExtensionClientOutput(com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput) AuthenticationExtensionsClientOutputs(com.webauthn4j.data.extension.client.AuthenticationExtensionsClientOutputs) CollectedClientDataConverter(com.webauthn4j.converter.CollectedClientDataConverter) Authenticator(com.webauthn4j.authenticator.Authenticator) Test(org.junit.jupiter.api.Test)

Aggregations

AuthenticationExtensionClientOutput (com.webauthn4j.data.extension.client.AuthenticationExtensionClientOutput)26 Test (org.junit.jupiter.api.Test)24 Authenticator (com.webauthn4j.authenticator.Authenticator)22 ServerProperty (com.webauthn4j.server.ServerProperty)22 AttestationObject (com.webauthn4j.data.attestation.AttestationObject)19 Challenge (com.webauthn4j.data.client.challenge.Challenge)19 DefaultChallenge (com.webauthn4j.data.client.challenge.DefaultChallenge)19 CollectedClientData (com.webauthn4j.data.client.CollectedClientData)11 FIDOU2FAuthenticator (com.webauthn4j.test.authenticator.u2f.FIDOU2FAuthenticator)9 AuthenticationExtensionAuthenticatorOutput (com.webauthn4j.data.extension.authenticator.AuthenticationExtensionAuthenticatorOutput)8 AuthenticatorDataConverter (com.webauthn4j.converter.AuthenticatorDataConverter)2 CollectedClientDataConverter (com.webauthn4j.converter.CollectedClientDataConverter)2 Origin (com.webauthn4j.data.client.Origin)2 AuthenticationExtensionsClientOutputs (com.webauthn4j.data.extension.client.AuthenticationExtensionsClientOutputs)2 AuthenticationData (com.webauthn4j.data.AuthenticationData)1 FIDOU2FAuthenticatorAdaptor (com.webauthn4j.test.authenticator.u2f.FIDOU2FAuthenticatorAdaptor)1 ClientPlatform (com.webauthn4j.test.client.ClientPlatform)1 NonNull (org.checkerframework.checker.nullness.qual.NonNull)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial