use of com.yubico.u2f.data.messages.AuthenticateRequestData in project cas by apereo.
the class U2FStartAuthenticationAction method doExecute.
@Override
protected Event doExecute(final RequestContext requestContext) throws Exception {
final Principal p = WebUtils.getAuthentication(requestContext).getPrincipal();
final AuthenticateRequestData requestData = u2f.startAuthentication(this.serverAddress, u2FDeviceRepository.getRegisteredDevices(p.getId()));
u2FDeviceRepository.requestDeviceAuthentication(requestData.getRequestId(), p.getId(), requestData.toJson());
if (!requestData.getAuthenticateRequests().isEmpty()) {
final AuthenticateRequest req = requestData.getAuthenticateRequests().iterator().next();
requestContext.getFlowScope().put("u2fAuth", new U2FAuthentication(req.getChallenge(), req.getAppId(), req.getKeyHandle()));
return success();
}
return error();
}
use of com.yubico.u2f.data.messages.AuthenticateRequestData in project cas by apereo.
the class U2FAuthenticationHandler method doAuthentication.
@Override
protected HandlerResult doAuthentication(final Credential credential) throws GeneralSecurityException, PreventedException {
final U2FTokenCredential tokenCredential = (U2FTokenCredential) credential;
final RequestContext context = RequestContextHolder.getRequestContext();
if (context == null) {
new IllegalArgumentException("No request context could be found to locate an authentication event");
}
final Authentication authentication = WebUtils.getAuthentication(context);
if (authentication == null) {
new IllegalArgumentException("Request context has no reference to an authentication event to locate a principal");
}
final Principal p = authentication.getPrincipal();
final AuthenticateResponse authenticateResponse = AuthenticateResponse.fromJson(tokenCredential.getToken());
final String authJson = u2FDeviceRepository.getDeviceAuthenticationRequest(authenticateResponse.getRequestId(), p.getId());
final AuthenticateRequestData authenticateRequest = AuthenticateRequestData.fromJson(authJson);
DeviceRegistration registration = null;
try {
registration = u2f.finishAuthentication(authenticateRequest, authenticateResponse, u2FDeviceRepository.getRegisteredDevices(p.getId()));
return createHandlerResult(tokenCredential, p, null);
} catch (final DeviceCompromisedException e) {
registration = e.getDeviceRegistration();
throw new PreventedException("Device possibly compromised and therefore blocked: " + e.getMessage(), e);
} finally {
u2FDeviceRepository.authenticateDevice(p.getId(), registration);
}
}
Aggregations