Examples with WebAuthnAuthenticatorImpl com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorImpl used on opensource projects

Example 1 with WebAuthnAuthenticatorImpl

use of com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorImpl in project webauthn4j-spring-security by webauthn4j.

the class WebAuthnAuthenticationProviderTest method authenticate_with_BadChallengeException_from_authenticationContextValidator_test.

/**
 * Verifies that validation fails if ValidationException is thrown from authenticationContextValidator
 */
@Test(expected = BadChallengeException.class)
public void authenticate_with_BadChallengeException_from_authenticationContextValidator_test() {
    // Given
    byte[] credentialId = new byte[32];
    WebAuthnAuthenticatorImpl authenticator = mock(WebAuthnAuthenticatorImpl.class, RETURNS_DEEP_STUBS);
    WebAuthnAuthenticator webAuthnAuthenticator = mock(WebAuthnAuthenticator.class);
    when(authenticator.getAttestedCredentialData().getCredentialId()).thenReturn(credentialId);
    when(webAuthnAuthenticator.getAttestedCredentialData()).thenReturn(mock(AttestedCredentialData.class));
    when(webAuthnAuthenticator.getAttestationStatement()).thenReturn(mock(AttestationStatement.class));
    doThrow(com.webauthn4j.validator.exception.BadChallengeException.class).when(webAuthnManager).validate((AuthenticationRequest) any(), any());
    // When
    WebAuthnAuthenticationRequest request = mock(WebAuthnAuthenticationRequest.class);
    WebAuthnAuthenticationParameters parameters = mock(WebAuthnAuthenticationParameters.class);
    when(request.getCredentialId()).thenReturn(credentialId);
    when(authenticatorService.loadAuthenticatorByCredentialId(credentialId)).thenReturn(webAuthnAuthenticator);
    when(parameters.getServerProperty()).thenReturn(mock(ServerProperty.class));
    Authentication token = new WebAuthnAssertionAuthenticationToken(request, parameters, null);
    authenticationProvider.authenticate(token);
}

Example 2 with WebAuthnAuthenticatorImpl

use of com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorImpl in project webauthn4j-spring-security by webauthn4j.

the class FidoServerAttestationResultEndpointFilter method processRequest.

@Override
protected ServerResponse processRequest(HttpServletRequest request) {
    InputStream inputStream;
    try {
        inputStream = request.getInputStream();
    } catch (IOException e) {
        throw new UncheckedIOException(e);
    }
    try {
        ServerPublicKeyCredential<ServerAuthenticatorAttestationResponse> credential = this.objectConverter.getJsonConverter().readValue(inputStream, credentialTypeRef);
        serverPublicKeyCredentialValidator.validate(credential);
        ServerAuthenticatorAttestationResponse response = credential.getResponse();
        CollectedClientData collectedClientData = collectedClientDataConverter.convert(response.getClientDataJSON());
        AttestationObject attestationObject = attestationObjectConverter.convert(response.getAttestationObject());
        Set<String> transports = Collections.emptySet();
        webAuthnRegistrationRequestValidator.validate(request, response.getClientDataJSON(), response.getAttestationObject(), transports, credential.getClientExtensionResults());
        String loginUsername = serverEndpointFilterUtil.decodeUsername(collectedClientData.getChallenge());
        try {
            userDetailsService.loadUserByUsername(loginUsername);
        } catch (UsernameNotFoundException e) {
            usernameNotFoundHandler.onUsernameNotFound(loginUsername);
        }
        UserDetails userDetails = userDetailsService.loadUserByUsername(loginUsername);
        WebAuthnAuthenticatorImpl webAuthnAuthenticator = new WebAuthnAuthenticatorImpl("Authenticator", loginUsername, attestationObject.getAuthenticatorData().getAttestedCredentialData(), attestationObject.getAttestationStatement(), attestationObject.getAuthenticatorData().getSignCount());
        webAuthnAuthenticatorManager.createAuthenticator(webAuthnAuthenticator);
        return new AttestationResultSuccessResponse();
    } catch (DataConversionException e) {
        throw new com.webauthn4j.springframework.security.exception.DataConversionException("Failed to convert data", e);
    }
}

Example 3 with WebAuthnAuthenticatorImpl

use of com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorImpl in project webauthn4j-spring-security by webauthn4j.

the class WebAuthnSampleController method create.

@PostMapping(value = "/signup")
public String create(HttpServletRequest request, @Valid @ModelAttribute("userForm") UserCreateForm userCreateForm, BindingResult result, Model model, RedirectAttributes redirectAttributes) {
    try {
        if (result.hasErrors()) {
            model.addAttribute("errorMessage", "Your input needs correction.");
            logger.debug("User input validation failed.");
            return VIEW_SIGNUP_SIGNUP;
        }
        WebAuthnRegistrationRequestValidationResponse registrationRequestValidationResponse;
        try {
            registrationRequestValidationResponse = registrationRequestValidator.validate(request, userCreateForm.getAuthenticator().getClientDataJSON(), userCreateForm.getAuthenticator().getAttestationObject(), userCreateForm.getAuthenticator().getTransports(), userCreateForm.getAuthenticator().getClientExtensions());
        } catch (WebAuthnException | WebAuthnAuthenticationException e) {
            model.addAttribute("errorMessage", "Authenticator registration request validation failed. Please try again.");
            logger.debug("WebAuthn registration request validation failed.", e);
            return VIEW_SIGNUP_SIGNUP;
        }
        String username = userCreateForm.getUsername();
        String password = passwordEncoder.encode(userCreateForm.getPassword());
        boolean singleFactorAuthenticationAllowed = userCreateForm.isSingleFactorAuthenticationAllowed();
        List<GrantedAuthority> authorities;
        if (singleFactorAuthenticationAllowed) {
            authorities = Collections.singletonList(new SimpleGrantedAuthority("SINGLE_FACTOR_AUTHN_ALLOWED"));
        } else {
            authorities = Collections.emptyList();
        }
        User user = new User(username, password, authorities);
        WebAuthnAuthenticator authenticator = new WebAuthnAuthenticatorImpl("authenticator", user.getUsername(), registrationRequestValidationResponse.getAttestationObject().getAuthenticatorData().getAttestedCredentialData(), registrationRequestValidationResponse.getAttestationObject().getAttestationStatement(), registrationRequestValidationResponse.getAttestationObject().getAuthenticatorData().getSignCount(), registrationRequestValidationResponse.getTransports(), registrationRequestValidationResponse.getRegistrationExtensionsClientOutputs(), registrationRequestValidationResponse.getAttestationObject().getAuthenticatorData().getExtensions());
        try {
            userDetailsManager.createUser(user);
            webAuthnAuthenticatorManager.createAuthenticator(authenticator);
        } catch (IllegalArgumentException ex) {
            model.addAttribute("errorMessage", "Registration failed. The user may already be registered.");
            logger.debug("Registration failed.", ex);
            return VIEW_SIGNUP_SIGNUP;
        }
    } catch (RuntimeException ex) {
        model.addAttribute("errorMessage", "Registration failed by unexpected error.");
        logger.debug("Registration failed.", ex);
        return VIEW_SIGNUP_SIGNUP;
    }
    redirectAttributes.addFlashAttribute("successMessage", "User registration finished.");
    return REDIRECT_LOGIN;
}