Search in sources :

Example 1 with WebAuthnRegistrationRequestValidationResponse

use of com.webauthn4j.springframework.security.WebAuthnRegistrationRequestValidationResponse in project webauthn4j-spring-security by webauthn4j.

the class RegistrationValidationTest method validate_test.

@Test
public void validate_test() {
    ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
    when(serverPropertyProvider.provide(any())).thenReturn(serverProperty);
    AuthenticatorSelectionCriteria authenticatorSelectionCriteria = new AuthenticatorSelectionCriteria(AuthenticatorAttachment.CROSS_PLATFORM, true, UserVerificationRequirement.REQUIRED);
    PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
    PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity(new byte[32], "name", "displayName");
    PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(new PublicKeyCredentialRpEntity(rpId, "example.com"), publicKeyCredentialUserEntity, challenge, Collections.singletonList(publicKeyCredentialParameters), null, null, authenticatorSelectionCriteria, AttestationConveyancePreference.NONE, null);
    AuthenticatorAttestationResponse registrationRequest = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
    MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
    mockHttpServletRequest.setScheme("https");
    mockHttpServletRequest.setServerName("example.com");
    mockHttpServletRequest.setServerPort(443);
    String clientDataBase64 = Base64UrlUtil.encodeToString(registrationRequest.getClientDataJSON());
    String attestationObjectBase64 = Base64UrlUtil.encodeToString(registrationRequest.getAttestationObject());
    Set<String> transports = Collections.emptySet();
    String clientExtensionsJSON = null;
    WebAuthnRegistrationRequestValidationResponse response = target.validate(mockHttpServletRequest, clientDataBase64, attestationObjectBase64, transports, clientExtensionsJSON);
    assertThat(response.getAttestationObject()).isNotNull();
    assertThat(response.getCollectedClientData()).isNotNull();
    assertThat(response.getRegistrationExtensionsClientOutputs()).isNull();
}
Also used : ServerProperty(com.webauthn4j.server.ServerProperty) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) WebAuthnRegistrationRequestValidationResponse(com.webauthn4j.springframework.security.WebAuthnRegistrationRequestValidationResponse) Test(org.junit.Test)

Example 2 with WebAuthnRegistrationRequestValidationResponse

use of com.webauthn4j.springframework.security.WebAuthnRegistrationRequestValidationResponse in project webauthn4j-spring-security by webauthn4j.

the class WebAuthnSampleController method create.

@PostMapping(value = "/signup")
public String create(HttpServletRequest request, @Valid @ModelAttribute("userForm") UserCreateForm userCreateForm, BindingResult result, Model model, RedirectAttributes redirectAttributes) {
    try {
        if (result.hasErrors()) {
            model.addAttribute("errorMessage", "Your input needs correction.");
            logger.debug("User input validation failed.");
            return VIEW_SIGNUP_SIGNUP;
        }
        WebAuthnRegistrationRequestValidationResponse registrationRequestValidationResponse;
        try {
            registrationRequestValidationResponse = registrationRequestValidator.validate(request, userCreateForm.getAuthenticator().getClientDataJSON(), userCreateForm.getAuthenticator().getAttestationObject(), userCreateForm.getAuthenticator().getTransports(), userCreateForm.getAuthenticator().getClientExtensions());
        } catch (WebAuthnException | WebAuthnAuthenticationException e) {
            model.addAttribute("errorMessage", "Authenticator registration request validation failed. Please try again.");
            logger.debug("WebAuthn registration request validation failed.", e);
            return VIEW_SIGNUP_SIGNUP;
        }
        String username = userCreateForm.getUsername();
        String password = passwordEncoder.encode(userCreateForm.getPassword());
        boolean singleFactorAuthenticationAllowed = userCreateForm.isSingleFactorAuthenticationAllowed();
        List<GrantedAuthority> authorities;
        if (singleFactorAuthenticationAllowed) {
            authorities = Collections.singletonList(new SimpleGrantedAuthority("SINGLE_FACTOR_AUTHN_ALLOWED"));
        } else {
            authorities = Collections.emptyList();
        }
        User user = new User(username, password, authorities);
        WebAuthnAuthenticator authenticator = new WebAuthnAuthenticatorImpl("authenticator", user.getUsername(), registrationRequestValidationResponse.getAttestationObject().getAuthenticatorData().getAttestedCredentialData(), registrationRequestValidationResponse.getAttestationObject().getAttestationStatement(), registrationRequestValidationResponse.getAttestationObject().getAuthenticatorData().getSignCount(), registrationRequestValidationResponse.getTransports(), registrationRequestValidationResponse.getRegistrationExtensionsClientOutputs(), registrationRequestValidationResponse.getAttestationObject().getAuthenticatorData().getExtensions());
        try {
            userDetailsManager.createUser(user);
            webAuthnAuthenticatorManager.createAuthenticator(authenticator);
        } catch (IllegalArgumentException ex) {
            model.addAttribute("errorMessage", "Registration failed. The user may already be registered.");
            logger.debug("Registration failed.", ex);
            return VIEW_SIGNUP_SIGNUP;
        }
    } catch (RuntimeException ex) {
        model.addAttribute("errorMessage", "Registration failed by unexpected error.");
        logger.debug("Registration failed.", ex);
        return VIEW_SIGNUP_SIGNUP;
    }
    redirectAttributes.addFlashAttribute("successMessage", "User registration finished.");
    return REDIRECT_LOGIN;
}
Also used : WebAuthnAuthenticationException(com.webauthn4j.springframework.security.exception.WebAuthnAuthenticationException) User(org.springframework.security.core.userdetails.User) WebAuthnAuthenticatorImpl(com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorImpl) WebAuthnRegistrationRequestValidationResponse(com.webauthn4j.springframework.security.WebAuthnRegistrationRequestValidationResponse) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) WebAuthnAuthenticator(com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticator) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) WebAuthnException(com.webauthn4j.util.exception.WebAuthnException) PostMapping(org.springframework.web.bind.annotation.PostMapping)

Aggregations

WebAuthnRegistrationRequestValidationResponse (com.webauthn4j.springframework.security.WebAuthnRegistrationRequestValidationResponse)2 ServerProperty (com.webauthn4j.server.ServerProperty)1 WebAuthnAuthenticator (com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticator)1 WebAuthnAuthenticatorImpl (com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorImpl)1 WebAuthnAuthenticationException (com.webauthn4j.springframework.security.exception.WebAuthnAuthenticationException)1 WebAuthnException (com.webauthn4j.util.exception.WebAuthnException)1 Test (org.junit.Test)1 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)1 GrantedAuthority (org.springframework.security.core.GrantedAuthority)1 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)1 User (org.springframework.security.core.userdetails.User)1 PostMapping (org.springframework.web.bind.annotation.PostMapping)1