Example 1 with WebAuthnRegistrationRequestValidationResponse
use of com.webauthn4j.springframework.security.WebAuthnRegistrationRequestValidationResponse in project webauthn4j-spring-security by webauthn4j.
the class RegistrationValidationTest method validate_test.
@Test
public void validate_test() {
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
when(serverPropertyProvider.provide(any())).thenReturn(serverProperty);
AuthenticatorSelectionCriteria authenticatorSelectionCriteria = new AuthenticatorSelectionCriteria(AuthenticatorAttachment.CROSS_PLATFORM, true, UserVerificationRequirement.REQUIRED);
PublicKeyCredentialParameters publicKeyCredentialParameters = new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialUserEntity publicKeyCredentialUserEntity = new PublicKeyCredentialUserEntity(new byte[32], "name", "displayName");
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(new PublicKeyCredentialRpEntity(rpId, "example.com"), publicKeyCredentialUserEntity, challenge, Collections.singletonList(publicKeyCredentialParameters), null, null, authenticatorSelectionCriteria, AttestationConveyancePreference.NONE, null);
AuthenticatorAttestationResponse registrationRequest = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
mockHttpServletRequest.setScheme("https");
mockHttpServletRequest.setServerName("example.com");
mockHttpServletRequest.setServerPort(443);
String clientDataBase64 = Base64UrlUtil.encodeToString(registrationRequest.getClientDataJSON());
String attestationObjectBase64 = Base64UrlUtil.encodeToString(registrationRequest.getAttestationObject());
Set<String> transports = Collections.emptySet();
String clientExtensionsJSON = null;
WebAuthnRegistrationRequestValidationResponse response = target.validate(mockHttpServletRequest, clientDataBase64, attestationObjectBase64, transports, clientExtensionsJSON);
assertThat(response.getAttestationObject()).isNotNull();
assertThat(response.getCollectedClientData()).isNotNull();
assertThat(response.getRegistrationExtensionsClientOutputs()).isNull();
}
Also used :
ServerProperty(com.webauthn4j.server.ServerProperty)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
WebAuthnRegistrationRequestValidationResponse(com.webauthn4j.springframework.security.WebAuthnRegistrationRequestValidationResponse)
Test(org.junit.Test)
Example 2 with WebAuthnRegistrationRequestValidationResponse
use of com.webauthn4j.springframework.security.WebAuthnRegistrationRequestValidationResponse in project webauthn4j-spring-security by webauthn4j.
the class WebAuthnSampleController method create.
@PostMapping(value = "/signup")
public String create(HttpServletRequest request, @Valid @ModelAttribute("userForm") UserCreateForm userCreateForm, BindingResult result, Model model, RedirectAttributes redirectAttributes) {
try {
if (result.hasErrors()) {
model.addAttribute("errorMessage", "Your input needs correction.");
logger.debug("User input validation failed.");
return VIEW_SIGNUP_SIGNUP;
}
WebAuthnRegistrationRequestValidationResponse registrationRequestValidationResponse;
try {
registrationRequestValidationResponse = registrationRequestValidator.validate(request, userCreateForm.getAuthenticator().getClientDataJSON(), userCreateForm.getAuthenticator().getAttestationObject(), userCreateForm.getAuthenticator().getTransports(), userCreateForm.getAuthenticator().getClientExtensions());
} catch (WebAuthnException | WebAuthnAuthenticationException e) {
model.addAttribute("errorMessage", "Authenticator registration request validation failed. Please try again.");
logger.debug("WebAuthn registration request validation failed.", e);
return VIEW_SIGNUP_SIGNUP;
}
String username = userCreateForm.getUsername();
String password = passwordEncoder.encode(userCreateForm.getPassword());
boolean singleFactorAuthenticationAllowed = userCreateForm.isSingleFactorAuthenticationAllowed();
List<GrantedAuthority> authorities;
if (singleFactorAuthenticationAllowed) {
authorities = Collections.singletonList(new SimpleGrantedAuthority("SINGLE_FACTOR_AUTHN_ALLOWED"));
} else {
authorities = Collections.emptyList();
}
User user = new User(username, password, authorities);
WebAuthnAuthenticator authenticator = new WebAuthnAuthenticatorImpl("authenticator", user.getUsername(), registrationRequestValidationResponse.getAttestationObject().getAuthenticatorData().getAttestedCredentialData(), registrationRequestValidationResponse.getAttestationObject().getAttestationStatement(), registrationRequestValidationResponse.getAttestationObject().getAuthenticatorData().getSignCount(), registrationRequestValidationResponse.getTransports(), registrationRequestValidationResponse.getRegistrationExtensionsClientOutputs(), registrationRequestValidationResponse.getAttestationObject().getAuthenticatorData().getExtensions());
try {
userDetailsManager.createUser(user);
webAuthnAuthenticatorManager.createAuthenticator(authenticator);
} catch (IllegalArgumentException ex) {
model.addAttribute("errorMessage", "Registration failed. The user may already be registered.");
logger.debug("Registration failed.", ex);
return VIEW_SIGNUP_SIGNUP;
}
} catch (RuntimeException ex) {
model.addAttribute("errorMessage", "Registration failed by unexpected error.");
logger.debug("Registration failed.", ex);
return VIEW_SIGNUP_SIGNUP;
}
redirectAttributes.addFlashAttribute("successMessage", "User registration finished.");
return REDIRECT_LOGIN;
}
Also used :
WebAuthnAuthenticationException(com.webauthn4j.springframework.security.exception.WebAuthnAuthenticationException)
User(org.springframework.security.core.userdetails.User)
WebAuthnAuthenticatorImpl(com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorImpl)
WebAuthnRegistrationRequestValidationResponse(com.webauthn4j.springframework.security.WebAuthnRegistrationRequestValidationResponse)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
WebAuthnAuthenticator(com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticator)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
WebAuthnException(com.webauthn4j.util.exception.WebAuthnException)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
Aggregations
WebAuthnRegistrationRequestValidationResponse (com.webauthn4j.springframework.security.WebAuthnRegistrationRequestValidationResponse)2
ServerProperty (com.webauthn4j.server.ServerProperty)1
WebAuthnAuthenticator (com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticator)1
WebAuthnAuthenticatorImpl (com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorImpl)1
WebAuthnAuthenticationException (com.webauthn4j.springframework.security.exception.WebAuthnAuthenticationException)1
WebAuthnException (com.webauthn4j.util.exception.WebAuthnException)1
Test (org.junit.Test)1
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)1
GrantedAuthority (org.springframework.security.core.GrantedAuthority)1
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)1
User (org.springframework.security.core.userdetails.User)1
PostMapping (org.springframework.web.bind.annotation.PostMapping)1
