Example 6 with ValidationException
use of com.webauthn4j.validator.exception.ValidationException in project webauthn4j by webauthn4j.
the class WebAuthnManagerSample method registrationValidationSample.
public void registrationValidationSample() {
// Client properties
byte[] attestationObject = null;
byte[] clientDataJSON = null;
String clientExtensionJSON = null;
/* set clientExtensionJSON */
Set<String> transports = null;
// Server properties
Origin origin = null;
String rpId = null;
Challenge challenge = null;
byte[] tokenBindingId = null;
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, tokenBindingId);
// expectations
List<PublicKeyCredentialParameters> pubKeyCredParams = null;
boolean userVerificationRequired = false;
boolean userPresenceRequired = true;
RegistrationRequest registrationRequest = new RegistrationRequest(attestationObject, clientDataJSON, clientExtensionJSON, transports);
RegistrationParameters registrationParameters = new RegistrationParameters(serverProperty, pubKeyCredParams, userVerificationRequired, userPresenceRequired);
RegistrationData registrationData;
try {
registrationData = webAuthnManager.parse(registrationRequest);
} catch (DataConversionException e) {
// If you would like to handle WebAuthn data structure parse error, please catch DataConversionException
throw e;
}
try {
webAuthnManager.validate(registrationData, registrationParameters);
} catch (ValidationException e) {
// If you would like to handle WebAuthn data validation error, please catch ValidationException
throw e;
}
// please persist Authenticator object, which will be used in the authentication process.
Authenticator authenticator = new // You may create your own Authenticator implementation to save friendly authenticator name
AuthenticatorImpl(registrationData.getAttestationObject().getAuthenticatorData().getAttestedCredentialData(), registrationData.getAttestationObject().getAttestationStatement(), registrationData.getAttestationObject().getAuthenticatorData().getSignCount());
// please persist authenticator in your manner
save(authenticator);
}
Also used :
Origin(com.webauthn4j.data.client.Origin)
ServerProperty(com.webauthn4j.server.ServerProperty)
ValidationException(com.webauthn4j.validator.exception.ValidationException)
Challenge(com.webauthn4j.data.client.challenge.Challenge)
AuthenticatorImpl(com.webauthn4j.authenticator.AuthenticatorImpl)
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
Authenticator(com.webauthn4j.authenticator.Authenticator)
Example 7 with ValidationException
use of com.webauthn4j.validator.exception.ValidationException in project webauthn4j by webauthn4j.
the class DeviceCheckManagerSample method authenticationValidationSample.
public void authenticationValidationSample() {
// Client properties
byte[] keyId = null;
byte[] assertion = null;
byte[] clientDataHash = null;
// Server properties
String teamIdentifier = null;
String cfBundleIdentifier = null;
byte[] challenge = null;
DCServerProperty dcServerProperty = new DCServerProperty(teamIdentifier, cfBundleIdentifier, new DefaultChallenge(challenge));
// please load authenticator object persisted in the attestation process in your manner
DCAppleDevice dcAppleDevice = load(keyId);
DCAssertionRequest dcAssertionRequest = new DCAssertionRequest(keyId, assertion, clientDataHash);
DCAssertionParameters dcAssertionParameters = new DCAssertionParameters(dcServerProperty, dcAppleDevice);
DCAssertionData dcAssertionData;
try {
dcAssertionData = deviceCheckManager.parse(dcAssertionRequest);
} catch (DataConversionException e) {
// If you would like to handle Apple App Attest data structure parse error, please catch DataConversionException
throw e;
}
try {
deviceCheckManager.validate(dcAssertionData, dcAssertionParameters);
} catch (ValidationException e) {
// If you would like to handle Apple App Attest data validation error, please catch ValidationException
throw e;
}
// please update the counter of the authenticator record
updateCounter(dcAssertionData.getCredentialId(), dcAssertionData.getAuthenticatorData().getSignCount());
}
Also used :
DCServerProperty(com.webauthn4j.appattest.server.DCServerProperty)
DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge)
DCAppleDevice(com.webauthn4j.appattest.authenticator.DCAppleDevice)
ValidationException(com.webauthn4j.validator.exception.ValidationException)
DataConversionException(com.webauthn4j.converter.exception.DataConversionException)
Aggregations
ValidationException (com.webauthn4j.validator.exception.ValidationException)7
DataConversionException (com.webauthn4j.converter.exception.DataConversionException)6
ServerProperty (com.webauthn4j.server.ServerProperty)4
Authenticator (com.webauthn4j.authenticator.Authenticator)3
WebAuthnUserData (com.tremolosecurity.proxy.auth.webauthn.WebAuthnUserData)2
WebAuthnManager (com.webauthn4j.WebAuthnManager)2
DCAppleDevice (com.webauthn4j.appattest.authenticator.DCAppleDevice)2
DCServerProperty (com.webauthn4j.appattest.server.DCServerProperty)2
Origin (com.webauthn4j.data.client.Origin)2
Challenge (com.webauthn4j.data.client.challenge.Challenge)2
DefaultChallenge (com.webauthn4j.data.client.challenge.DefaultChallenge)2
ByteArrayInputStream (java.io.ByteArrayInputStream)2
IOException (java.io.IOException)2
ObjectInputStream (java.io.ObjectInputStream)2
ServletException (javax.servlet.ServletException)2
JSONObject (org.json.simple.JSONObject)2
JSONParser (org.json.simple.parser.JSONParser)2
ParseException (org.json.simple.parser.ParseException)2
UrlHolder (com.tremolosecurity.config.util.UrlHolder)1
AuthChainType (com.tremolosecurity.config.xml.AuthChainType)1
