use of com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput in project webauthn4j by webauthn4j.
the class FIDOU2FAuthenticatorRegistrationValidationTest method validate_with_direct_attestation_conveyance_preference_test.
@Test
void validate_with_direct_attestation_conveyance_preference_test() {
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
AuthenticatorSelectionCriteria authenticatorSelectionCriteria = new AuthenticatorSelectionCriteria(AuthenticatorAttachment.CROSS_PLATFORM, true, UserVerificationRequirement.REQUIRED);
AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> extensions = new AuthenticationExtensionsClientInputs<>();
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(new PublicKeyCredentialRpEntity(rpId, "example.com"), new PublicKeyCredentialUserEntity(new byte[32], "username", "displayName"), challenge, Collections.singletonList(publicKeyCredentialParameters), null, Collections.emptyList(), authenticatorSelectionCriteria, AttestationConveyancePreference.DIRECT, extensions);
PublicKeyCredential<AuthenticatorAttestationResponse, RegistrationExtensionClientOutput> credential = clientPlatform.create(credentialCreationOptions);
AuthenticatorAttestationResponse authenticatorAttestationResponse = credential.getAuthenticatorResponse();
Set<String> transports = authenticatorTransportConverter.convertSetToStringSet(authenticatorAttestationResponse.getTransports());
AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput> clientExtensionResults = credential.getClientExtensionResults();
String clientExtensionJSON = authenticationExtensionsClientOutputsConverter.convertToString(clientExtensionResults);
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
RegistrationRequest registrationRequest = new RegistrationRequest(authenticatorAttestationResponse.getAttestationObject(), authenticatorAttestationResponse.getClientDataJSON(), clientExtensionJSON, transports);
RegistrationParameters registrationParameters = new RegistrationParameters(serverProperty, null, false, true);
RegistrationData response = target.validate(registrationRequest, registrationParameters);
assertAll(() -> assertThat(response.getCollectedClientData()).isNotNull(), () -> assertThat(response.getAttestationObject()).isNotNull(), () -> assertThat(response.getClientExtensions()).isNotNull());
}
use of com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput in project webauthn4j by webauthn4j.
the class CustomOriginValidatorTest method registration_test.
@Test
void registration_test() {
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
AuthenticatorSelectionCriteria authenticatorSelectionCriteria = new AuthenticatorSelectionCriteria(AuthenticatorAttachment.CROSS_PLATFORM, true, UserVerificationRequirement.REQUIRED);
PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity(new byte[32], "username", "displayName");
AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> extensions = new AuthenticationExtensionsClientInputs<>();
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(new PublicKeyCredentialRpEntity(rpId, "example.com"), publicKeyCredentialUserEntity, challenge, Collections.singletonList(publicKeyCredentialParameters), null, Collections.emptyList(), authenticatorSelectionCriteria, AttestationConveyancePreference.NONE, extensions);
PublicKeyCredential<AuthenticatorAttestationResponse, RegistrationExtensionClientOutput> credential = clientPlatform.create(credentialCreationOptions);
AuthenticatorAttestationResponse registrationRequest = credential.getAuthenticatorResponse();
AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput> clientExtensionResults = credential.getClientExtensionResults();
Set<String> transports = Collections.emptySet();
String clientExtensionJSON = authenticationExtensionsClientOutputsConverter.convertToString(clientExtensionResults);
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
RegistrationRequest webAuthnRegistrationRequest = new RegistrationRequest(registrationRequest.getAttestationObject(), registrationRequest.getClientDataJSON(), clientExtensionJSON, transports);
RegistrationParameters registrationParameters = new RegistrationParameters(serverProperty, null, false);
RegistrationData registrationData = target.parse(webAuthnRegistrationRequest);
assertThatThrownBy(() -> target.validate(registrationData, registrationParameters)).isInstanceOf(BadOriginException.class);
}
use of com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput in project webauthn4j by webauthn4j.
the class FIDOAuthenticatorCoreRegistrationValidationTest method validate_RegistrationRequest_with_packed_attestation_statement_test.
@Test
void validate_RegistrationRequest_with_packed_attestation_statement_test() {
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
AuthenticatorSelectionCriteria authenticatorSelectionCriteria = new AuthenticatorSelectionCriteria(AuthenticatorAttachment.CROSS_PLATFORM, true, UserVerificationRequirement.REQUIRED);
PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity(new byte[32], "username", "displayName");
AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> extensions = new AuthenticationExtensionsClientInputs<>();
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(new PublicKeyCredentialRpEntity(rpId, "example.com"), publicKeyCredentialUserEntity, challenge, Collections.singletonList(publicKeyCredentialParameters), null, Collections.emptyList(), authenticatorSelectionCriteria, AttestationConveyancePreference.DIRECT, extensions);
PublicKeyCredential<AuthenticatorAttestationResponse, RegistrationExtensionClientOutput> credential = clientPlatform.create(credentialCreationOptions);
AuthenticatorAttestationResponse registrationRequest = credential.getAuthenticatorResponse();
AttestationObject attestationObject = attestationObjectConverter.convert(registrationRequest.getAttestationObject());
Set<AuthenticatorTransport> transports = Collections.emptySet();
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
CoreRegistrationData coreRegistrationData = new CoreRegistrationData(attestationObject, registrationRequest.getAttestationObject(), MessageDigestUtil.createSHA256().digest(registrationRequest.getClientDataJSON()));
CoreRegistrationParameters coreRegistrationParameters = new CoreRegistrationParameters(serverProperty, null, false);
target.validate(coreRegistrationData, coreRegistrationParameters);
}
use of com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput in project webauthn4j by webauthn4j.
the class AndroidKeyAuthenticatorRegistrationValidationTest method validate_RegistrationContext_with_android_key_attestation_statement_test.
@Test
void validate_RegistrationContext_with_android_key_attestation_statement_test() {
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
AuthenticatorSelectionCriteria authenticatorSelectionCriteria = new AuthenticatorSelectionCriteria(AuthenticatorAttachment.CROSS_PLATFORM, true, UserVerificationRequirement.REQUIRED);
PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity(new byte[32], "username", "displayName");
AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> extensions = new AuthenticationExtensionsClientInputs<>();
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(new PublicKeyCredentialRpEntity(rpId, "example.com"), publicKeyCredentialUserEntity, challenge, Collections.singletonList(publicKeyCredentialParameters), null, Collections.emptyList(), authenticatorSelectionCriteria, AttestationConveyancePreference.DIRECT, extensions);
PublicKeyCredential<AuthenticatorAttestationResponse, RegistrationExtensionClientOutput> credential = clientPlatform.create(credentialCreationOptions);
AuthenticatorAttestationResponse registrationRequest = credential.getAuthenticatorResponse();
AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput> clientExtensionResults = credential.getClientExtensionResults();
Set<String> transports = Collections.emptySet();
String clientExtensionJSON = authenticationExtensionsClientOutputsConverter.convertToString(clientExtensionResults);
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
RegistrationRequest webAuthnRegistrationRequest = new RegistrationRequest(registrationRequest.getAttestationObject(), registrationRequest.getClientDataJSON(), clientExtensionJSON, transports);
RegistrationParameters webAuthnRegistrationParameters = new RegistrationParameters(serverProperty, null, false, true);
RegistrationData response = target.validate(webAuthnRegistrationRequest, webAuthnRegistrationParameters);
assertAll(() -> assertThat(response.getCollectedClientData()).isNotNull(), () -> assertThat(response.getAttestationObject()).isNotNull(), () -> assertThat(response.getClientExtensions()).isNotNull());
}
use of com.webauthn4j.data.extension.client.RegistrationExtensionClientOutput in project webauthn4j by webauthn4j.
the class AndroidSafetyNetAuthenticatorRegistrationValidationTest method validate_RegistrationContext_with_android_safety_net_attestation_statement_test.
@Test
void validate_RegistrationContext_with_android_safety_net_attestation_statement_test() {
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
AuthenticatorSelectionCriteria authenticatorSelectionCriteria = new AuthenticatorSelectionCriteria(AuthenticatorAttachment.CROSS_PLATFORM, true, UserVerificationRequirement.REQUIRED);
PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity(new byte[32], "username", "displayName");
AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput> extensions = new AuthenticationExtensionsClientInputs<>();
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(new PublicKeyCredentialRpEntity(rpId, "example.com"), publicKeyCredentialUserEntity, challenge, Collections.singletonList(publicKeyCredentialParameters), null, Collections.emptyList(), authenticatorSelectionCriteria, AttestationConveyancePreference.DIRECT, extensions);
PublicKeyCredential<AuthenticatorAttestationResponse, RegistrationExtensionClientOutput> credential = clientPlatform.create(credentialCreationOptions);
AuthenticatorAttestationResponse authenticatorAttestationResponse = credential.getAuthenticatorResponse();
AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput> clientExtensionResults = credential.getClientExtensionResults();
Set<String> transports = Collections.emptySet();
String clientExtensionJSON = authenticationExtensionsClientOutputsConverter.convertToString(clientExtensionResults);
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
RegistrationRequest registrationRequest = new RegistrationRequest(authenticatorAttestationResponse.getAttestationObject(), authenticatorAttestationResponse.getClientDataJSON(), clientExtensionJSON, transports);
RegistrationParameters registrationParameters = new RegistrationParameters(serverProperty, null, false, true);
RegistrationData response = target.validate(registrationRequest, registrationParameters);
assertAll(() -> assertThat(response.getCollectedClientData()).isNotNull(), () -> assertThat(response.getAttestationObject()).isNotNull(), () -> assertThat(response.getClientExtensions()).isNotNull());
}
Aggregations