Search in sources :

Example 6 with RegistrationExtensionClientInput

use of com.webauthn4j.data.extension.client.RegistrationExtensionClientInput in project webauthn4j by webauthn4j.

the class CustomOriginValidatorTest method registration_test.

@Test
void registration_test() {
    String rpId = "example.com";
    Challenge challenge = new DefaultChallenge();
    AuthenticatorSelectionCriteria authenticatorSelectionCriteria = new AuthenticatorSelectionCriteria(AuthenticatorAttachment.CROSS_PLATFORM, true, UserVerificationRequirement.REQUIRED);
    PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
    PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity(new byte[32], "username", "displayName");
    AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> extensions = new AuthenticationExtensionsClientInputs<>();
    PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(new PublicKeyCredentialRpEntity(rpId, "example.com"), publicKeyCredentialUserEntity, challenge, Collections.singletonList(publicKeyCredentialParameters), null, Collections.emptyList(), authenticatorSelectionCriteria, AttestationConveyancePreference.NONE, extensions);
    PublicKeyCredential<AuthenticatorAttestationResponse, RegistrationExtensionClientOutput> credential = clientPlatform.create(credentialCreationOptions);
    AuthenticatorAttestationResponse registrationRequest = credential.getAuthenticatorResponse();
    AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput> clientExtensionResults = credential.getClientExtensionResults();
    Set<String> transports = Collections.emptySet();
    String clientExtensionJSON = authenticationExtensionsClientOutputsConverter.convertToString(clientExtensionResults);
    ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
    RegistrationRequest webAuthnRegistrationRequest = new RegistrationRequest(registrationRequest.getAttestationObject(), registrationRequest.getClientDataJSON(), clientExtensionJSON, transports);
    RegistrationParameters registrationParameters = new RegistrationParameters(serverProperty, null, false);
    RegistrationData registrationData = target.parse(webAuthnRegistrationRequest);
    assertThatThrownBy(() -> target.validate(registrationData, registrationParameters)).isInstanceOf(BadOriginException.class);
}
Also used : ServerProperty(com.webauthn4j.server.ServerProperty) RegistrationExtensionClientOutput(com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput) Challenge(com.webauthn4j.data.client.challenge.Challenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) AuthenticationExtensionsClientInputs(com.webauthn4j.data.extension.client.AuthenticationExtensionsClientInputs) RegistrationExtensionClientInput(com.webauthn4j.data.extension.client.RegistrationExtensionClientInput) Test(org.junit.jupiter.api.Test)

Example 7 with RegistrationExtensionClientInput

use of com.webauthn4j.data.extension.client.RegistrationExtensionClientInput in project webauthn4j by webauthn4j.

the class NullAttestationStatementValidatorTest method validate_RegistrationRequest_with_packed_attestation_statement_test.

@Test
void validate_RegistrationRequest_with_packed_attestation_statement_test() {
    WebAuthnAuthenticatorAdaptor webAuthnAuthenticatorAdaptor = new WebAuthnAuthenticatorAdaptor(EmulatorUtil.PACKED_AUTHENTICATOR);
    ClientPlatform clientPlatform = new ClientPlatform(origin, webAuthnAuthenticatorAdaptor);
    String rpId = "example.com";
    Challenge challenge = new DefaultChallenge();
    AuthenticatorSelectionCriteria authenticatorSelectionCriteria = new AuthenticatorSelectionCriteria(AuthenticatorAttachment.CROSS_PLATFORM, true, UserVerificationRequirement.REQUIRED);
    PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
    PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity(new byte[32], "username", "displayName");
    AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> extensions = new AuthenticationExtensionsClientInputs<>();
    PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(new PublicKeyCredentialRpEntity(rpId, "valid.site.example.com"), publicKeyCredentialUserEntity, challenge, Collections.singletonList(publicKeyCredentialParameters), null, Collections.emptyList(), authenticatorSelectionCriteria, AttestationConveyancePreference.DIRECT, extensions);
    AuthenticatorAttestationResponse registrationRequest = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
    Set<String> transports = authenticatorTransportConverter.convertSetToStringSet(registrationRequest.getTransports());
    ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
    RegistrationRequest webAuthnRegistrationRequest = new RegistrationRequest(registrationRequest.getAttestationObject(), registrationRequest.getClientDataJSON(), transports);
    RegistrationParameters registrationParameters = new RegistrationParameters(serverProperty, null, false);
    target.validate(webAuthnRegistrationRequest, registrationParameters);
}
Also used : ServerProperty(com.webauthn4j.server.ServerProperty) ClientPlatform(com.webauthn4j.test.client.ClientPlatform) Challenge(com.webauthn4j.data.client.challenge.Challenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) WebAuthnAuthenticatorAdaptor(com.webauthn4j.test.authenticator.webauthn.WebAuthnAuthenticatorAdaptor) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) AuthenticationExtensionsClientInputs(com.webauthn4j.data.extension.client.AuthenticationExtensionsClientInputs) RegistrationExtensionClientInput(com.webauthn4j.data.extension.client.RegistrationExtensionClientInput) Test(org.junit.jupiter.api.Test)

Example 8 with RegistrationExtensionClientInput

use of com.webauthn4j.data.extension.client.RegistrationExtensionClientInput in project webauthn4j by webauthn4j.

the class FIDOAuthenticatorCoreAuthenticationValidationTest method createAttestationObject.

private AttestationObject createAttestationObject(String rpId, Challenge challenge) {
    AuthenticatorSelectionCriteria authenticatorSelectionCriteria = new AuthenticatorSelectionCriteria(AuthenticatorAttachment.CROSS_PLATFORM, true, UserVerificationRequirement.REQUIRED);
    PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
    PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity(new byte[32], "username", "displayName");
    AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> extensions = new AuthenticationExtensionsClientInputs<>();
    PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(new PublicKeyCredentialRpEntity(rpId, "example.com"), publicKeyCredentialUserEntity, challenge, Collections.singletonList(publicKeyCredentialParameters), null, Collections.emptyList(), authenticatorSelectionCriteria, AttestationConveyancePreference.NONE, extensions);
    AuthenticatorAttestationResponse registrationRequest = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
    AttestationObjectConverter attestationObjectConverter = new AttestationObjectConverter(objectConverter);
    return attestationObjectConverter.convert(registrationRequest.getAttestationObject());
}
Also used : AttestationObjectConverter(com.webauthn4j.converter.AttestationObjectConverter) AuthenticationExtensionsClientInputs(com.webauthn4j.data.extension.client.AuthenticationExtensionsClientInputs) RegistrationExtensionClientInput(com.webauthn4j.data.extension.client.RegistrationExtensionClientInput)

Example 9 with RegistrationExtensionClientInput

use of com.webauthn4j.data.extension.client.RegistrationExtensionClientInput in project webauthn4j by webauthn4j.

the class FIDOAuthenticatorCoreRegistrationValidationTest method validate_RegistrationRequest_with_packed_attestation_statement_test.

@Test
void validate_RegistrationRequest_with_packed_attestation_statement_test() {
    String rpId = "example.com";
    Challenge challenge = new DefaultChallenge();
    AuthenticatorSelectionCriteria authenticatorSelectionCriteria = new AuthenticatorSelectionCriteria(AuthenticatorAttachment.CROSS_PLATFORM, true, UserVerificationRequirement.REQUIRED);
    PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
    PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity(new byte[32], "username", "displayName");
    AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> extensions = new AuthenticationExtensionsClientInputs<>();
    PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(new PublicKeyCredentialRpEntity(rpId, "example.com"), publicKeyCredentialUserEntity, challenge, Collections.singletonList(publicKeyCredentialParameters), null, Collections.emptyList(), authenticatorSelectionCriteria, AttestationConveyancePreference.DIRECT, extensions);
    PublicKeyCredential<AuthenticatorAttestationResponse, RegistrationExtensionClientOutput> credential = clientPlatform.create(credentialCreationOptions);
    AuthenticatorAttestationResponse registrationRequest = credential.getAuthenticatorResponse();
    AttestationObject attestationObject = attestationObjectConverter.convert(registrationRequest.getAttestationObject());
    Set<AuthenticatorTransport> transports = Collections.emptySet();
    ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
    CoreRegistrationData coreRegistrationData = new CoreRegistrationData(attestationObject, registrationRequest.getAttestationObject(), MessageDigestUtil.createSHA256().digest(registrationRequest.getClientDataJSON()));
    CoreRegistrationParameters coreRegistrationParameters = new CoreRegistrationParameters(serverProperty, null, false);
    target.validate(coreRegistrationData, coreRegistrationParameters);
}
Also used : ServerProperty(com.webauthn4j.server.ServerProperty) RegistrationExtensionClientOutput(com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput) Challenge(com.webauthn4j.data.client.challenge.Challenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) AuthenticationExtensionsClientInputs(com.webauthn4j.data.extension.client.AuthenticationExtensionsClientInputs) RegistrationExtensionClientInput(com.webauthn4j.data.extension.client.RegistrationExtensionClientInput) AttestationObject(com.webauthn4j.data.attestation.AttestationObject) Test(org.junit.jupiter.api.Test)

Example 10 with RegistrationExtensionClientInput

use of com.webauthn4j.data.extension.client.RegistrationExtensionClientInput in project webauthn4j by webauthn4j.

the class AndroidKeyAuthenticatorRegistrationValidationTest method validate_RegistrationContext_with_android_key_attestation_statement_test.

@Test
void validate_RegistrationContext_with_android_key_attestation_statement_test() {
    String rpId = "example.com";
    Challenge challenge = new DefaultChallenge();
    AuthenticatorSelectionCriteria authenticatorSelectionCriteria = new AuthenticatorSelectionCriteria(AuthenticatorAttachment.CROSS_PLATFORM, true, UserVerificationRequirement.REQUIRED);
    PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
    PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity(new byte[32], "username", "displayName");
    AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> extensions = new AuthenticationExtensionsClientInputs<>();
    PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(new PublicKeyCredentialRpEntity(rpId, "example.com"), publicKeyCredentialUserEntity, challenge, Collections.singletonList(publicKeyCredentialParameters), null, Collections.emptyList(), authenticatorSelectionCriteria, AttestationConveyancePreference.DIRECT, extensions);
    PublicKeyCredential<AuthenticatorAttestationResponse, RegistrationExtensionClientOutput> credential = clientPlatform.create(credentialCreationOptions);
    AuthenticatorAttestationResponse registrationRequest = credential.getAuthenticatorResponse();
    AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput> clientExtensionResults = credential.getClientExtensionResults();
    Set<String> transports = Collections.emptySet();
    String clientExtensionJSON = authenticationExtensionsClientOutputsConverter.convertToString(clientExtensionResults);
    ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
    RegistrationRequest webAuthnRegistrationRequest = new RegistrationRequest(registrationRequest.getAttestationObject(), registrationRequest.getClientDataJSON(), clientExtensionJSON, transports);
    RegistrationParameters webAuthnRegistrationParameters = new RegistrationParameters(serverProperty, null, false, true);
    RegistrationData response = target.validate(webAuthnRegistrationRequest, webAuthnRegistrationParameters);
    assertAll(() -> assertThat(response.getCollectedClientData()).isNotNull(), () -> assertThat(response.getAttestationObject()).isNotNull(), () -> assertThat(response.getClientExtensions()).isNotNull());
}
Also used : ServerProperty(com.webauthn4j.server.ServerProperty) RegistrationExtensionClientOutput(com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput) Challenge(com.webauthn4j.data.client.challenge.Challenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) AuthenticationExtensionsClientInputs(com.webauthn4j.data.extension.client.AuthenticationExtensionsClientInputs) RegistrationExtensionClientInput(com.webauthn4j.data.extension.client.RegistrationExtensionClientInput) Test(org.junit.jupiter.api.Test)

Aggregations

AuthenticationExtensionsClientInputs (com.webauthn4j.data.extension.client.AuthenticationExtensionsClientInputs)20 RegistrationExtensionClientInput (com.webauthn4j.data.extension.client.RegistrationExtensionClientInput)20 Challenge (com.webauthn4j.data.client.challenge.Challenge)18 DefaultChallenge (com.webauthn4j.data.client.challenge.DefaultChallenge)18 Test (org.junit.jupiter.api.Test)15 ServerProperty (com.webauthn4j.server.ServerProperty)13 RegistrationExtensionClientOutput (com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput)10 ClientPlatform (com.webauthn4j.test.client.ClientPlatform)3 AttestationObjectConverter (com.webauthn4j.converter.AttestationObjectConverter)2 ObjectConverter (com.webauthn4j.converter.util.ObjectConverter)2 Origin (com.webauthn4j.data.client.Origin)2 FIDOU2FAuthenticatorAdaptor (com.webauthn4j.test.authenticator.u2f.FIDOU2FAuthenticatorAdaptor)2 IOException (java.io.IOException)2 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 AuthController (com.tremolosecurity.proxy.auth.AuthController)1 AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)1 WebAuthnUserData (com.tremolosecurity.proxy.auth.webauthn.WebAuthnUserData)1 CollectedClientDataConverter (com.webauthn4j.converter.CollectedClientDataConverter)1 DataConversionException (com.webauthn4j.converter.exception.DataConversionException)1 CborConverter (com.webauthn4j.converter.util.CborConverter)1