Examples with WebAuthnAuthenticationException com.webauthn4j.springframework.security.exception.WebAuthnAuthenticationException used on opensource projects

Example 1 with WebAuthnAuthenticationException

use of com.webauthn4j.springframework.security.exception.WebAuthnAuthenticationException in project webauthn4j-spring-security by webauthn4j.

the class WebAuthnSampleController method create.

@PostMapping(value = "/signup")
public String create(HttpServletRequest request, @Valid @ModelAttribute("userForm") UserCreateForm userCreateForm, BindingResult result, Model model, RedirectAttributes redirectAttributes) {
    try {
        if (result.hasErrors()) {
            model.addAttribute("errorMessage", "Your input needs correction.");
            logger.debug("User input validation failed.");
            return VIEW_SIGNUP_SIGNUP;
        }
        WebAuthnRegistrationRequestValidationResponse registrationRequestValidationResponse;
        try {
            registrationRequestValidationResponse = registrationRequestValidator.validate(request, userCreateForm.getAuthenticator().getClientDataJSON(), userCreateForm.getAuthenticator().getAttestationObject(), userCreateForm.getAuthenticator().getTransports(), userCreateForm.getAuthenticator().getClientExtensions());
        } catch (WebAuthnException | WebAuthnAuthenticationException e) {
            model.addAttribute("errorMessage", "Authenticator registration request validation failed. Please try again.");
            logger.debug("WebAuthn registration request validation failed.", e);
            return VIEW_SIGNUP_SIGNUP;
        }
        String username = userCreateForm.getUsername();
        String password = passwordEncoder.encode(userCreateForm.getPassword());
        boolean singleFactorAuthenticationAllowed = userCreateForm.isSingleFactorAuthenticationAllowed();
        List<GrantedAuthority> authorities;
        if (singleFactorAuthenticationAllowed) {
            authorities = Collections.singletonList(new SimpleGrantedAuthority("SINGLE_FACTOR_AUTHN_ALLOWED"));
        } else {
            authorities = Collections.emptyList();
        }
        User user = new User(username, password, authorities);
        WebAuthnAuthenticator authenticator = new WebAuthnAuthenticatorImpl("authenticator", user.getUsername(), registrationRequestValidationResponse.getAttestationObject().getAuthenticatorData().getAttestedCredentialData(), registrationRequestValidationResponse.getAttestationObject().getAttestationStatement(), registrationRequestValidationResponse.getAttestationObject().getAuthenticatorData().getSignCount(), registrationRequestValidationResponse.getTransports(), registrationRequestValidationResponse.getRegistrationExtensionsClientOutputs(), registrationRequestValidationResponse.getAttestationObject().getAuthenticatorData().getExtensions());
        try {
            userDetailsManager.createUser(user);
            webAuthnAuthenticatorManager.createAuthenticator(authenticator);
        } catch (IllegalArgumentException ex) {
            model.addAttribute("errorMessage", "Registration failed. The user may already be registered.");
            logger.debug("Registration failed.", ex);
            return VIEW_SIGNUP_SIGNUP;
        }
    } catch (RuntimeException ex) {
        model.addAttribute("errorMessage", "Registration failed by unexpected error.");
        logger.debug("Registration failed.", ex);
        return VIEW_SIGNUP_SIGNUP;
    }
    redirectAttributes.addFlashAttribute("successMessage", "User registration finished.");
    return REDIRECT_LOGIN;
}