Example 1 with AssertionFailedException
use of com.yubico.webauthn.exception.AssertionFailedException in project cas by apereo.
the class WebAuthnServer method finishAuthentication.
public Either<List<String>, SuccessfulAuthenticationResult> finishAuthentication(final String responseJson) {
final AssertionResponse response;
try {
response = jsonMapper.readValue(responseJson, AssertionResponse.class);
} catch (final IOException e) {
LOGGER.debug("Failed to decode response object", e);
return Either.left(Arrays.asList("Assertion failed!", "Failed to decode response object.", e.getMessage()));
}
val request = assertRequestStorage.getIfPresent(response.getRequestId());
assertRequestStorage.invalidate(response.getRequestId());
if (request == null) {
return Either.left(Arrays.asList("Assertion failed!", "No such assertion in progress."));
} else {
try {
val result = rp.finishAssertion(FinishAssertionOptions.builder().request(request.getRequest()).response(response.getCredential()).build());
if (result.isSuccess()) {
try {
userStorage.updateSignatureCount(result);
} catch (final Exception e) {
LOGGER.error("Failed to update signature count for user \"{}\", credential \"{}\"", result.getUsername(), response.getCredential().getId(), e);
}
return Either.right(new SuccessfulAuthenticationResult(request, response, userStorage.getRegistrationsByUsername(result.getUsername()), result.getUsername(), sessions.createSession(result.getUserHandle())));
} else {
return Either.left(Collections.singletonList("Assertion failed: Invalid assertion."));
}
} catch (final AssertionFailedException e) {
LOGGER.debug("Assertion failed", e);
return Either.left(Arrays.asList("Assertion failed!", e.getMessage()));
} catch (final Exception e) {
LOGGER.error("Assertion failed", e);
return Either.left(Arrays.asList("Assertion failed unexpectedly; this is likely a bug.", e.getMessage()));
}
}
}
Also used :
lombok.val(lombok.val)
IOException(java.io.IOException)
AssertionResponse(com.yubico.data.AssertionResponse)
AssertionFailedException(com.yubico.webauthn.exception.AssertionFailedException)
RegistrationFailedException(com.yubico.webauthn.exception.RegistrationFailedException)
AssertionFailedException(com.yubico.webauthn.exception.AssertionFailedException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
ExecutionException(java.util.concurrent.ExecutionException)
Example 2 with AssertionFailedException
use of com.yubico.webauthn.exception.AssertionFailedException in project java-webauthn-server by Yubico.
the class WebAuthnServer method finishAuthentication.
public Either<List<String>, SuccessfulAuthenticationResult> finishAuthentication(String responseJson) {
logger.trace("finishAuthentication responseJson: {}", responseJson);
final AssertionResponse response;
try {
response = jsonMapper.readValue(responseJson, AssertionResponse.class);
} catch (IOException e) {
logger.debug("Failed to decode response object", e);
return Either.left(Arrays.asList("Assertion failed!", "Failed to decode response object.", e.getMessage()));
}
AssertionRequestWrapper request = assertRequestStorage.getIfPresent(response.getRequestId());
assertRequestStorage.invalidate(response.getRequestId());
if (request == null) {
return Either.left(Arrays.asList("Assertion failed!", "No such assertion in progress."));
} else {
try {
AssertionResult result = rp.finishAssertion(FinishAssertionOptions.builder().request(request.getRequest()).response(response.getCredential()).build());
if (result.isSuccess()) {
try {
userStorage.updateSignatureCount(result);
} catch (Exception e) {
logger.error("Failed to update signature count for user \"{}\", credential \"{}\"", result.getUsername(), response.getCredential().getId(), e);
}
return Either.right(new SuccessfulAuthenticationResult(request, response, userStorage.getRegistrationsByUsername(result.getUsername()), result.getUsername(), sessions.createSession(result.getUserHandle())));
} else {
return Either.left(Collections.singletonList("Assertion failed: Invalid assertion."));
}
} catch (AssertionFailedException e) {
logger.debug("Assertion failed", e);
return Either.left(Arrays.asList("Assertion failed!", e.getMessage()));
} catch (Exception e) {
logger.error("Assertion failed", e);
return Either.left(Arrays.asList("Assertion failed unexpectedly; this is likely a bug.", e.getMessage()));
}
}
}
Also used :
AssertionRequestWrapper(demo.webauthn.data.AssertionRequestWrapper)
AssertionResult(com.yubico.webauthn.AssertionResult)
IOException(java.io.IOException)
AssertionResponse(demo.webauthn.data.AssertionResponse)
AssertionFailedException(com.yubico.webauthn.exception.AssertionFailedException)
FidoMetadataDownloaderException(com.yubico.fido.metadata.FidoMetadataDownloaderException)
DigestException(java.security.DigestException)
InvalidAppIdException(com.yubico.webauthn.extension.appid.InvalidAppIdException)
CertPathValidatorException(java.security.cert.CertPathValidatorException)
RegistrationFailedException(com.yubico.webauthn.exception.RegistrationFailedException)
SignatureException(java.security.SignatureException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
AssertionFailedException(com.yubico.webauthn.exception.AssertionFailedException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
ExecutionException(java.util.concurrent.ExecutionException)
Base64UrlException(com.yubico.webauthn.data.exception.Base64UrlException)
Aggregations
AssertionFailedException (com.yubico.webauthn.exception.AssertionFailedException)2
RegistrationFailedException (com.yubico.webauthn.exception.RegistrationFailedException)2
IOException (java.io.IOException)2
CertificateException (java.security.cert.CertificateException)2
ExecutionException (java.util.concurrent.ExecutionException)2
AssertionResponse (com.yubico.data.AssertionResponse)1
FidoMetadataDownloaderException (com.yubico.fido.metadata.FidoMetadataDownloaderException)1
AssertionResult (com.yubico.webauthn.AssertionResult)1
Base64UrlException (com.yubico.webauthn.data.exception.Base64UrlException)1
InvalidAppIdException (com.yubico.webauthn.extension.appid.InvalidAppIdException)1
AssertionRequestWrapper (demo.webauthn.data.AssertionRequestWrapper)1
AssertionResponse (demo.webauthn.data.AssertionResponse)1
DigestException (java.security.DigestException)1
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)1
InvalidKeyException (java.security.InvalidKeyException)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
SignatureException (java.security.SignatureException)1
CertPathValidatorException (java.security.cert.CertPathValidatorException)1
lombok.val (lombok.val)1
