Examples with WebAuthnAuthenticationRequest com.webauthn4j.springframework.security.WebAuthnAuthenticationRequest used on opensource projects

Search in sources :

Example 1 with WebAuthnAuthenticationRequest

use of com.webauthn4j.springframework.security.WebAuthnAuthenticationRequest in project webauthn4j-spring-security by webauthn4j.

the class FidoServerAssertionResultEndpointFilter method attemptAuthentication.

@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) {
    InputStream inputStream;
    try {
        inputStream = request.getInputStream();
    } catch (IOException e) {
        throw new UncheckedIOException(e);
    }
    try {
        ServerPublicKeyCredential<ServerAuthenticatorAssertionResponse> credential = jsonConverter.readValue(inputStream, credentialTypeRef);
        serverPublicKeyCredentialValidator.validate(credential);
        ServerAuthenticatorAssertionResponse assertionResponse = credential.getResponse();
        ServerProperty serverProperty = serverPropertyProvider.provide(request);
        CollectedClientData collectedClientData = collectedClientDataConverter.convert(assertionResponse.getClientDataJSON());
        UserVerificationRequirement userVerificationRequirement = serverEndpointFilterUtil.decodeUserVerification(collectedClientData.getChallenge());
        WebAuthnAuthenticationRequest webAuthnAuthenticationRequest = new WebAuthnAuthenticationRequest(credential.getRawId() == null ? null : Base64UrlUtil.decode(credential.getRawId()), assertionResponse.getClientDataJSON() == null ? null : Base64UrlUtil.decode(assertionResponse.getClientDataJSON()), assertionResponse.getAuthenticatorData() == null ? null : Base64UrlUtil.decode(assertionResponse.getAuthenticatorData()), assertionResponse.getSignature() == null ? null : Base64UrlUtil.decode(assertionResponse.getSignature()), credential.getClientExtensionResults());
        WebAuthnAuthenticationParameters webAuthnAuthenticationParameters = new WebAuthnAuthenticationParameters(serverProperty, userVerificationRequirement == UserVerificationRequirement.REQUIRED, false);
        WebAuthnAssertionAuthenticationToken webAuthnAssertionAuthenticationToken = new WebAuthnAssertionAuthenticationToken(webAuthnAuthenticationRequest, webAuthnAuthenticationParameters, Collections.emptyList());
        setDetails(request, webAuthnAssertionAuthenticationToken);
        return this.getAuthenticationManager().authenticate(webAuthnAssertionAuthenticationToken);
    } catch (DataConversionException e) {
        throw new com.webauthn4j.springframework.security.exception.DataConversionException("Failed to convert data", e);
    }
}
Also used : WebAuthnAuthenticationRequest(com.webauthn4j.springframework.security.WebAuthnAuthenticationRequest) UserVerificationRequirement(com.webauthn4j.data.UserVerificationRequirement) ServerProperty(com.webauthn4j.server.ServerProperty) InputStream(java.io.InputStream) UncheckedIOException(java.io.UncheckedIOException) IOException(java.io.IOException) UncheckedIOException(java.io.UncheckedIOException) WebAuthnAssertionAuthenticationToken(com.webauthn4j.springframework.security.WebAuthnAssertionAuthenticationToken) CollectedClientData(com.webauthn4j.data.client.CollectedClientData) WebAuthnAuthenticationParameters(com.webauthn4j.springframework.security.WebAuthnAuthenticationParameters) DataConversionException(com.webauthn4j.converter.exception.DataConversionException)

Example 2 with WebAuthnAuthenticationRequest

use of com.webauthn4j.springframework.security.WebAuthnAuthenticationRequest in project webauthn4j-spring-security by webauthn4j.

the class WithMockWebAuthnUserSecurityContextFactory method createSecurityContext.

/**
 * Create a {@link SecurityContext} given an Annotation.
 *
 * @param user the {@link WithMockWebAuthnUser} to create the {@link SecurityContext}
 *             from. Cannot be null.
 * @return the {@link SecurityContext} to use. Cannot be null.
 */
@Override
public SecurityContext createSecurityContext(WithMockWebAuthnUser user) {
    SecurityContext context = SecurityContextHolder.createEmptyContext();
    List<AuthorityEntity> authorities = Arrays.stream(user.authorities()).map((name) -> new AuthorityEntity(null, name)).collect(Collectors.toList());
    List<GroupEntity> groups = Arrays.stream(user.groups()).map(GroupEntity::new).collect(Collectors.toList());
    List<AuthenticatorEntity> authenticatorEntities = Arrays.stream(user.authenticators()).map((name) -> {
        AuthenticatorEntity authenticatorEntity = new AuthenticatorEntity();
        authenticatorEntity.setName(name);
        return authenticatorEntity;
    }).collect(Collectors.toList());
    UserEntity principal = new UserEntity();
    principal.setId(user.id());
    principal.setUserHandle(Base64UrlUtil.decode(user.userHandleBase64Url()));
    principal.setFirstName(user.firstName());
    principal.setLastName(user.lastName());
    principal.setEmailAddress(user.emailAddress());
    principal.setGroups(groups);
    principal.setAuthorities(authorities);
    principal.setAuthenticators(authenticatorEntities);
    principal.setLocked(user.locked());
    WebAuthnAuthenticationRequest request = mock(WebAuthnAuthenticationRequest.class);
    Authentication auth = new WebAuthnAuthenticationToken(principal, request, principal.getAuthorities());
    context.setAuthentication(auth);
    return context;
}
Also used : Arrays(java.util.Arrays) UserEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.UserEntity) GroupEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.GroupEntity) WithSecurityContextFactory(org.springframework.security.test.context.support.WithSecurityContextFactory) AuthenticatorEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthenticatorEntity) Base64UrlUtil(com.webauthn4j.util.Base64UrlUtil) Collectors(java.util.stream.Collectors) WebAuthnAuthenticationToken(com.webauthn4j.springframework.security.WebAuthnAuthenticationToken) List(java.util.List) WebAuthnAuthenticationRequest(com.webauthn4j.springframework.security.WebAuthnAuthenticationRequest) SecurityContext(org.springframework.security.core.context.SecurityContext) AuthorityEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthorityEntity) Authentication(org.springframework.security.core.Authentication) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) Mockito.mock(org.mockito.Mockito.mock) AuthenticatorEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthenticatorEntity) WebAuthnAuthenticationRequest(com.webauthn4j.springframework.security.WebAuthnAuthenticationRequest) GroupEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.GroupEntity) Authentication(org.springframework.security.core.Authentication) SecurityContext(org.springframework.security.core.context.SecurityContext) UserEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.UserEntity) WebAuthnAuthenticationToken(com.webauthn4j.springframework.security.WebAuthnAuthenticationToken) AuthorityEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthorityEntity)

Aggregations

WebAuthnAuthenticationRequest (com.webauthn4j.springframework.security.WebAuthnAuthenticationRequest)2 DataConversionException (com.webauthn4j.converter.exception.DataConversionException)1 UserVerificationRequirement (com.webauthn4j.data.UserVerificationRequirement)1 CollectedClientData (com.webauthn4j.data.client.CollectedClientData)1 ServerProperty (com.webauthn4j.server.ServerProperty)1 WebAuthnAssertionAuthenticationToken (com.webauthn4j.springframework.security.WebAuthnAssertionAuthenticationToken)1 WebAuthnAuthenticationParameters (com.webauthn4j.springframework.security.WebAuthnAuthenticationParameters)1 WebAuthnAuthenticationToken (com.webauthn4j.springframework.security.WebAuthnAuthenticationToken)1 AuthenticatorEntity (com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthenticatorEntity)1 AuthorityEntity (com.webauthn4j.springframework.security.webauthn.sample.domain.entity.AuthorityEntity)1 GroupEntity (com.webauthn4j.springframework.security.webauthn.sample.domain.entity.GroupEntity)1 UserEntity (com.webauthn4j.springframework.security.webauthn.sample.domain.entity.UserEntity)1 Base64UrlUtil (com.webauthn4j.util.Base64UrlUtil)1 IOException (java.io.IOException)1 InputStream (java.io.InputStream)1 UncheckedIOException (java.io.UncheckedIOException)1 Arrays (java.util.Arrays)1 List (java.util.List)1 Collectors (java.util.stream.Collectors)1 Mockito.mock (org.mockito.Mockito.mock)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial