use of com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorService in project webauthn4j-spring-security by webauthn4j.
the class WebAuthnConfigurerUtil method getWebAuthnAuthenticatorServiceOrThrowException.
/**
* Get {@link RpIdProvider} from SharedObject or ApplicationContext. if nothing hit, throw exception
*/
static <H extends HttpSecurityBuilder<H>> WebAuthnAuthenticatorService getWebAuthnAuthenticatorServiceOrThrowException(H http) {
WebAuthnAuthenticatorService webAuthnAuthenticatorService = http.getSharedObject(WebAuthnAuthenticatorService.class);
if (webAuthnAuthenticatorService != null) {
return webAuthnAuthenticatorService;
}
ApplicationContext applicationContext = http.getSharedObject(ApplicationContext.class);
// WebAuthnAuthenticatorService must be provided manually. If not, let it throw exception.
return applicationContext.getBean(WebAuthnAuthenticatorService.class);
}
use of com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorService in project webauthn4j-spring-security by webauthn4j.
the class AssertionOptionsProviderImplTest method getAssertionOptions_test.
@Test
public void getAssertionOptions_test() {
Challenge challenge = new DefaultChallenge();
byte[] credentialId = new byte[] { 0x01, 0x23, 0x45 };
Set<AuthenticatorTransport> transports = Collections.singleton(AuthenticatorTransport.INTERNAL);
RpIdProvider rpIdProvider = new RpIdProviderImpl();
WebAuthnAuthenticatorService authenticatorService = mock(WebAuthnAuthenticatorService.class);
WebAuthnAuthenticator authenticator = mock(WebAuthnAuthenticator.class, RETURNS_DEEP_STUBS);
when(authenticator.getTransports()).thenReturn(transports);
List<WebAuthnAuthenticator> authenticators = Collections.singletonList(authenticator);
ChallengeRepository challengeRepository = mock(ChallengeRepository.class);
MockHttpServletRequest mockRequest = new MockHttpServletRequest();
when(authenticatorService.loadAuthenticatorsByUserPrincipal(any())).thenReturn(authenticators);
when(authenticator.getAttestedCredentialData().getCredentialId()).thenReturn(credentialId);
when(challengeRepository.loadOrGenerateChallenge(mockRequest)).thenReturn(challenge);
AssertionOptionsProviderImpl assertionOptionsProvider = new AssertionOptionsProviderImpl(rpIdProvider, authenticatorService, challengeRepository);
assertionOptionsProvider.setRpId("example.com");
assertionOptionsProvider.setAuthenticationTimeout(10000L);
assertionOptionsProvider.setAuthenticationUserVerification(UserVerificationRequirement.REQUIRED);
assertionOptionsProvider.setAuthenticationExtensions(new AuthenticationExtensionsClientInputs<>());
AssertionOptions assertionOptions = assertionOptionsProvider.getAssertionOptions(mockRequest, new UsernamePasswordAuthenticationToken("username", null));
assertThat(assertionOptions.getChallenge()).isEqualTo(challenge);
assertThat(assertionOptions.getTimeout()).isEqualTo(10000L);
assertThat(assertionOptions.getRpId()).isEqualTo("example.com");
assertThat(assertionOptions.getAllowCredentials()).containsExactly(new PublicKeyCredentialDescriptor(PublicKeyCredentialType.PUBLIC_KEY, credentialId, transports));
assertThat(assertionOptions.getUserVerification()).isEqualTo(UserVerificationRequirement.REQUIRED);
assertThat(assertionOptions.getExtensions()).isEqualTo(new AuthenticationExtensionsClientInputs<>());
}
use of com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorService in project webauthn4j-spring-security by webauthn4j.
the class AttestationOptionsProviderImplTest method getter_setter_test.
@Test
public void getter_setter_test() {
WebAuthnAuthenticatorService authenticatorService = mock(WebAuthnAuthenticatorService.class);
ChallengeRepository challengeRepository = mock(ChallengeRepository.class);
AttestationOptionsProviderImpl optionsProvider = new AttestationOptionsProviderImpl(authenticatorService, challengeRepository);
optionsProvider.setRpId("example.com");
assertThat(optionsProvider.getRpId()).isEqualTo("example.com");
optionsProvider.setRpName("example");
assertThat(optionsProvider.getRpName()).isEqualTo("example");
List<PublicKeyCredentialParameters> publicKeyCredParams = Lists.newArrayList();
optionsProvider.setPubKeyCredParams(publicKeyCredParams);
assertThat(optionsProvider.getPubKeyCredParams()).isEqualTo(publicKeyCredParams);
optionsProvider.setRegistrationTimeout(10000L);
assertThat(optionsProvider.getRegistrationTimeout()).isEqualTo(10000L);
optionsProvider.setRegistrationExtensions(new AuthenticationExtensionsClientInputs<>());
assertThat(optionsProvider.getRegistrationExtensions()).isEqualTo(new AuthenticationExtensionsClientInputs<>());
RpIdProvider rpIdProvider = mock(RpIdProvider.class);
optionsProvider.setRpIdProvider(rpIdProvider);
assertThat(optionsProvider.getRpIdProvider()).isEqualTo(rpIdProvider);
PublicKeyCredentialUserEntityProvider publicKeyCredentialUserEntityProvider = new AttestationOptionsProviderImpl.DefaultPublicKeyCredentialUserEntityProvider();
optionsProvider.setPublicKeyCredentialUserEntityProvider(publicKeyCredentialUserEntityProvider);
assertThat(optionsProvider.getPublicKeyCredentialUserEntityProvider()).isEqualTo(publicKeyCredentialUserEntityProvider);
}
use of com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorService in project webauthn4j-spring-security by webauthn4j.
the class AssertionOptionsProviderImplTest method getter_setter_test.
@Test
public void getter_setter_test() {
RpIdProvider rpIdProvider = mock(RpIdProvider.class);
WebAuthnAuthenticatorService authenticatorService = mock(WebAuthnAuthenticatorService.class);
ChallengeRepository challengeRepository = mock(ChallengeRepository.class);
AssertionOptionsProviderImpl optionsProvider = new AssertionOptionsProviderImpl(null, authenticatorService, challengeRepository);
optionsProvider.setRpId("example.com");
assertThat(optionsProvider.getRpId()).isEqualTo("example.com");
optionsProvider.setRpIdProvider(rpIdProvider);
assertThat(optionsProvider.getRpIdProvider()).isEqualTo(rpIdProvider);
optionsProvider.setAuthenticationTimeout(20000L);
assertThat(optionsProvider.getAuthenticationTimeout()).isEqualTo(20000L);
optionsProvider.setAuthenticationExtensions(new AuthenticationExtensionsClientInputs<>());
assertThat(optionsProvider.getAuthenticationExtensions()).isEqualTo(new AuthenticationExtensionsClientInputs<>());
}
use of com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorService in project webauthn4j-spring-security by webauthn4j.
the class AssertionOptionsProviderImplTest method getRpId_with_static_rpId.
@Test
public void getRpId_with_static_rpId() {
WebAuthnAuthenticatorService authenticatorService = mock(WebAuthnAuthenticatorService.class);
ChallengeRepository challengeRepository = mock(ChallengeRepository.class);
AssertionOptionsProviderImpl optionsProvider = new AssertionOptionsProviderImpl(authenticatorService, challengeRepository);
optionsProvider.setRpId("example.com");
MockHttpServletRequest request = new MockHttpServletRequest();
assertThat(optionsProvider.getRpId(request)).isEqualTo("example.com");
}
Aggregations