Example 1 with PrincipalNotFoundException
use of com.webauthn4j.springframework.security.exception.PrincipalNotFoundException in project webauthn4j-spring-security by webauthn4j.
the class AttestationOptionsProviderImplTest method getAttestationOptions_with_non_existing_principal_test.
@Test
public void getAttestationOptions_with_non_existing_principal_test() {
Challenge challenge = new DefaultChallenge();
RpIdProviderImpl rpIdProvider = new RpIdProviderImpl();
WebAuthnAuthenticatorService authenticatorService = mock(WebAuthnAuthenticatorService.class);
ChallengeRepository challengeRepository = mock(ChallengeRepository.class);
MockHttpServletRequest mockRequest = new MockHttpServletRequest();
mockRequest.setServerName("example.com");
when(authenticatorService.loadAuthenticatorsByUserPrincipal(any())).thenThrow(new PrincipalNotFoundException("dummy"));
when(challengeRepository.loadOrGenerateChallenge(mockRequest)).thenReturn(challenge);
AttestationOptionsProviderImpl optionsProvider = new AttestationOptionsProviderImpl(rpIdProvider, authenticatorService, challengeRepository);
optionsProvider.setRpName("rpName");
optionsProvider.setPubKeyCredParams(Collections.singletonList(new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256)));
optionsProvider.setRegistrationTimeout(10000L);
optionsProvider.setRegistrationExtensions(new AuthenticationExtensionsClientInputs<>());
AttestationOptions attestationOptions = optionsProvider.getAttestationOptions(mockRequest, new UsernamePasswordAuthenticationToken("username", null));
assertThat(attestationOptions.getRp().getId()).isEqualTo("example.com");
assertThat(attestationOptions.getRp().getName()).isEqualTo("rpName");
assertThat(attestationOptions.getUser()).isEqualTo(new PublicKeyCredentialUserEntity("username".getBytes(), "username", "username"));
assertThat(attestationOptions.getChallenge()).isEqualTo(challenge);
assertThat(attestationOptions.getPubKeyCredParams()).isEqualTo(Collections.singletonList(new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256)));
assertThat(attestationOptions.getTimeout()).isEqualTo(10000L);
assertThat(attestationOptions.getExcludeCredentials()).isEmpty();
assertThat(attestationOptions.getExtensions()).isEqualTo(new AuthenticationExtensionsClientInputs<>());
}
Also used :
ChallengeRepository(com.webauthn4j.springframework.security.challenge.ChallengeRepository)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Challenge(com.webauthn4j.data.client.challenge.Challenge)
DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge)
DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge)
PrincipalNotFoundException(com.webauthn4j.springframework.security.exception.PrincipalNotFoundException)
WebAuthnAuthenticatorService(com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorService)
Test(org.junit.Test)
Example 2 with PrincipalNotFoundException
use of com.webauthn4j.springframework.security.exception.PrincipalNotFoundException in project webauthn4j-spring-security by webauthn4j.
the class WebAuthnSampleController method getCredentialIds.
private List<String> getCredentialIds() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
Object principal = authentication.getPrincipal();
if (principal == null || authenticationTrustResolver.isAnonymous(authentication)) {
return Collections.emptyList();
} else {
try {
List<WebAuthnAuthenticator> webAuthnAuthenticators = webAuthnAuthenticatorManager.loadAuthenticatorsByUserPrincipal(principal);
return webAuthnAuthenticators.stream().map(webAuthnAuthenticator -> Base64UrlUtil.encodeToString(webAuthnAuthenticator.getAttestedCredentialData().getCredentialId())).collect(Collectors.toList());
} catch (PrincipalNotFoundException e) {
return Collections.emptyList();
}
}
}
Also used :
WebAuthnAuthenticator(com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticator)
Autowired(org.springframework.beans.factory.annotation.Autowired)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
User(org.springframework.security.core.userdetails.User)
BindingResult(org.springframework.validation.BindingResult)
Challenge(com.webauthn4j.data.client.challenge.Challenge)
WebAuthnRegistrationRequestValidator(com.webauthn4j.springframework.security.WebAuthnRegistrationRequestValidator)
WebAuthnException(com.webauthn4j.util.exception.WebAuthnException)
Controller(org.springframework.stereotype.Controller)
ChallengeRepository(com.webauthn4j.springframework.security.challenge.ChallengeRepository)
Base64UrlUtil(com.webauthn4j.util.Base64UrlUtil)
WebAuthnAuthenticationException(com.webauthn4j.springframework.security.exception.WebAuthnAuthenticationException)
Valid(javax.validation.Valid)
WebAuthnAuthenticatorImpl(com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorImpl)
Model(org.springframework.ui.Model)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ModelAttribute(org.springframework.web.bind.annotation.ModelAttribute)
UUIDUtil(com.webauthn4j.util.UUIDUtil)
GetMapping(org.springframework.web.bind.annotation.GetMapping)
WebAuthnRegistrationRequestValidationResponse(com.webauthn4j.springframework.security.WebAuthnRegistrationRequestValidationResponse)
SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder)
RedirectAttributes(org.springframework.web.servlet.mvc.support.RedirectAttributes)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
UserDetailsManager(org.springframework.security.provisioning.UserDetailsManager)
UUID(java.util.UUID)
WebAuthnAuthenticatorManager(com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorManager)
Collectors(java.util.stream.Collectors)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
AuthenticationTrustResolver(org.springframework.security.authentication.AuthenticationTrustResolver)
List(java.util.List)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
WebAuthnAuthenticator(com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticator)
Log(org.apache.commons.logging.Log)
LogFactory(org.apache.commons.logging.LogFactory)
AuthenticationTrustResolverImpl(org.springframework.security.authentication.AuthenticationTrustResolverImpl)
PrincipalNotFoundException(com.webauthn4j.springframework.security.exception.PrincipalNotFoundException)
Authentication(org.springframework.security.core.Authentication)
Collections(java.util.Collections)
Authentication(org.springframework.security.core.Authentication)
PrincipalNotFoundException(com.webauthn4j.springframework.security.exception.PrincipalNotFoundException)
Example 3 with PrincipalNotFoundException
use of com.webauthn4j.springframework.security.exception.PrincipalNotFoundException in project webauthn4j-spring-security by webauthn4j.
the class UserManagerImpl method deleteUser.
/**
* {@inheritDoc}
*/
@Override
public void deleteUser(String username) {
UserEntity userEntity = userEntityRepository.findOneByEmailAddress(username).orElseThrow(() -> new PrincipalNotFoundException(String.format("UserEntity with username'%s' is not found.", username)));
userEntityRepository.delete(userEntity);
}
Also used :
PrincipalNotFoundException(com.webauthn4j.springframework.security.exception.PrincipalNotFoundException)
UserEntity(com.webauthn4j.springframework.security.webauthn.sample.domain.entity.UserEntity)
Aggregations
PrincipalNotFoundException (com.webauthn4j.springframework.security.exception.PrincipalNotFoundException)3
Challenge (com.webauthn4j.data.client.challenge.Challenge)2
ChallengeRepository (com.webauthn4j.springframework.security.challenge.ChallengeRepository)2
DefaultChallenge (com.webauthn4j.data.client.challenge.DefaultChallenge)1
WebAuthnRegistrationRequestValidationResponse (com.webauthn4j.springframework.security.WebAuthnRegistrationRequestValidationResponse)1
WebAuthnRegistrationRequestValidator (com.webauthn4j.springframework.security.WebAuthnRegistrationRequestValidator)1
WebAuthnAuthenticator (com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticator)1
WebAuthnAuthenticatorImpl (com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorImpl)1
WebAuthnAuthenticatorManager (com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorManager)1
WebAuthnAuthenticatorService (com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorService)1
WebAuthnAuthenticationException (com.webauthn4j.springframework.security.exception.WebAuthnAuthenticationException)1
UserEntity (com.webauthn4j.springframework.security.webauthn.sample.domain.entity.UserEntity)1
Base64UrlUtil (com.webauthn4j.util.Base64UrlUtil)1
UUIDUtil (com.webauthn4j.util.UUIDUtil)1
WebAuthnException (com.webauthn4j.util.exception.WebAuthnException)1
Collections (java.util.Collections)1
List (java.util.List)1
UUID (java.util.UUID)1
Collectors (java.util.stream.Collectors)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
