use of com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticator in project webauthn4j-spring-security by webauthn4j.
the class AttestationOptionsProviderImplTest method getAttestationOptions_test.
@Test
public void getAttestationOptions_test() {
Challenge challenge = new DefaultChallenge();
byte[] credentialId = new byte[] { 0x01, 0x23, 0x45 };
Set<AuthenticatorTransport> transports = Collections.singleton(AuthenticatorTransport.INTERNAL);
RpIdProviderImpl rpIdProvider = new RpIdProviderImpl();
WebAuthnAuthenticatorService authenticatorService = mock(WebAuthnAuthenticatorService.class);
WebAuthnAuthenticator authenticator = mock(WebAuthnAuthenticator.class, RETURNS_DEEP_STUBS);
when(authenticator.getTransports()).thenReturn(transports);
List<WebAuthnAuthenticator> authenticators = Collections.singletonList(authenticator);
ChallengeRepository challengeRepository = mock(ChallengeRepository.class);
MockHttpServletRequest mockRequest = new MockHttpServletRequest();
mockRequest.setServerName("example.com");
when(authenticatorService.loadAuthenticatorsByUserPrincipal(any())).thenReturn(authenticators);
when(authenticator.getAttestedCredentialData().getCredentialId()).thenReturn(credentialId);
when(challengeRepository.loadOrGenerateChallenge(mockRequest)).thenReturn(challenge);
AttestationOptionsProviderImpl optionsProvider = new AttestationOptionsProviderImpl(rpIdProvider, authenticatorService, challengeRepository);
optionsProvider.setRpName("rpName");
optionsProvider.setPubKeyCredParams(Collections.singletonList(new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256)));
optionsProvider.setRegistrationTimeout(10000L);
optionsProvider.setRegistrationExtensions(new AuthenticationExtensionsClientInputs<>());
AttestationOptions attestationOptions = optionsProvider.getAttestationOptions(mockRequest, new UsernamePasswordAuthenticationToken("username", null));
assertThat(attestationOptions.getRp().getId()).isEqualTo("example.com");
assertThat(attestationOptions.getRp().getName()).isEqualTo("rpName");
assertThat(attestationOptions.getUser()).isEqualTo(new PublicKeyCredentialUserEntity("username".getBytes(), "username", "username"));
assertThat(attestationOptions.getChallenge()).isEqualTo(challenge);
assertThat(attestationOptions.getPubKeyCredParams()).isEqualTo(Collections.singletonList(new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256)));
assertThat(attestationOptions.getTimeout()).isEqualTo(10000L);
assertThat(attestationOptions.getExcludeCredentials()).containsExactly(new PublicKeyCredentialDescriptor(PublicKeyCredentialType.PUBLIC_KEY, credentialId, transports));
assertThat(attestationOptions.getExtensions()).isEqualTo(new AuthenticationExtensionsClientInputs<>());
}
use of com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticator in project webauthn4j-spring-security by webauthn4j.
the class WebAuthnSampleController method getCredentialIds.
private List<String> getCredentialIds() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
Object principal = authentication.getPrincipal();
if (principal == null || authenticationTrustResolver.isAnonymous(authentication)) {
return Collections.emptyList();
} else {
try {
List<WebAuthnAuthenticator> webAuthnAuthenticators = webAuthnAuthenticatorManager.loadAuthenticatorsByUserPrincipal(principal);
return webAuthnAuthenticators.stream().map(webAuthnAuthenticator -> Base64UrlUtil.encodeToString(webAuthnAuthenticator.getAttestedCredentialData().getCredentialId())).collect(Collectors.toList());
} catch (PrincipalNotFoundException e) {
return Collections.emptyList();
}
}
}
use of com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticator in project webauthn4j-spring-security by webauthn4j.
the class WebAuthnAuthenticationProvider method authenticate.
// ~ Methods
// ========================================================================================================
/**
* {@inheritDoc}
*/
@Override
public Authentication authenticate(Authentication authentication) {
if (!supports(authentication.getClass())) {
throw new IllegalArgumentException("Only WebAuthnAssertionAuthenticationToken is supported, " + authentication.getClass() + " was attempted");
}
WebAuthnAssertionAuthenticationToken authenticationToken = (WebAuthnAssertionAuthenticationToken) authentication;
WebAuthnAuthenticationRequest credentials = authenticationToken.getCredentials();
if (credentials == null) {
logger.debug("Authentication failed: no credentials provided");
throw new BadCredentialsException(messages.getMessage("WebAuthnAuthenticationProvider.badCredentials", "Bad credentials"));
}
byte[] credentialId = credentials.getCredentialId();
WebAuthnAuthenticator webAuthnAuthenticator = retrieveAuthenticator(credentialId);
doAuthenticate(authenticationToken, webAuthnAuthenticator);
authenticatorService.updateCounter(credentialId, webAuthnAuthenticator.getCounter());
return createSuccessAuthentication(authenticationToken, webAuthnAuthenticator);
}
Aggregations