use of com.yubico.u2f.data.messages.AuthenticateResponse in project cas by apereo.
the class U2FAuthenticationHandler method doAuthentication.
@Override
protected HandlerResult doAuthentication(final Credential credential) throws GeneralSecurityException, PreventedException {
final U2FTokenCredential tokenCredential = (U2FTokenCredential) credential;
final RequestContext context = RequestContextHolder.getRequestContext();
if (context == null) {
new IllegalArgumentException("No request context could be found to locate an authentication event");
}
final Authentication authentication = WebUtils.getAuthentication(context);
if (authentication == null) {
new IllegalArgumentException("Request context has no reference to an authentication event to locate a principal");
}
final Principal p = authentication.getPrincipal();
final AuthenticateResponse authenticateResponse = AuthenticateResponse.fromJson(tokenCredential.getToken());
final String authJson = u2FDeviceRepository.getDeviceAuthenticationRequest(authenticateResponse.getRequestId(), p.getId());
final AuthenticateRequestData authenticateRequest = AuthenticateRequestData.fromJson(authJson);
DeviceRegistration registration = null;
try {
registration = u2f.finishAuthentication(authenticateRequest, authenticateResponse, u2FDeviceRepository.getRegisteredDevices(p.getId()));
return createHandlerResult(tokenCredential, p, null);
} catch (final DeviceCompromisedException e) {
registration = e.getDeviceRegistration();
throw new PreventedException("Device possibly compromised and therefore blocked: " + e.getMessage(), e);
} finally {
u2FDeviceRepository.authenticateDevice(p.getId(), registration);
}
}
Aggregations