Example 1 with AssertionRequestWrapper
use of demo.webauthn.data.AssertionRequestWrapper in project java-webauthn-server by Yubico.
the class WebAuthnServer method finishAuthentication.
public Either<List<String>, SuccessfulAuthenticationResult> finishAuthentication(String responseJson) {
logger.trace("finishAuthentication responseJson: {}", responseJson);
final AssertionResponse response;
try {
response = jsonMapper.readValue(responseJson, AssertionResponse.class);
} catch (IOException e) {
logger.debug("Failed to decode response object", e);
return Either.left(Arrays.asList("Assertion failed!", "Failed to decode response object.", e.getMessage()));
}
AssertionRequestWrapper request = assertRequestStorage.getIfPresent(response.getRequestId());
assertRequestStorage.invalidate(response.getRequestId());
if (request == null) {
return Either.left(Arrays.asList("Assertion failed!", "No such assertion in progress."));
} else {
try {
AssertionResult result = rp.finishAssertion(FinishAssertionOptions.builder().request(request.getRequest()).response(response.getCredential()).build());
if (result.isSuccess()) {
try {
userStorage.updateSignatureCount(result);
} catch (Exception e) {
logger.error("Failed to update signature count for user \"{}\", credential \"{}\"", result.getUsername(), response.getCredential().getId(), e);
}
return Either.right(new SuccessfulAuthenticationResult(request, response, userStorage.getRegistrationsByUsername(result.getUsername()), result.getUsername(), sessions.createSession(result.getUserHandle())));
} else {
return Either.left(Collections.singletonList("Assertion failed: Invalid assertion."));
}
} catch (AssertionFailedException e) {
logger.debug("Assertion failed", e);
return Either.left(Arrays.asList("Assertion failed!", e.getMessage()));
} catch (Exception e) {
logger.error("Assertion failed", e);
return Either.left(Arrays.asList("Assertion failed unexpectedly; this is likely a bug.", e.getMessage()));
}
}
}
Also used :
AssertionRequestWrapper(demo.webauthn.data.AssertionRequestWrapper)
AssertionResult(com.yubico.webauthn.AssertionResult)
IOException(java.io.IOException)
AssertionResponse(demo.webauthn.data.AssertionResponse)
AssertionFailedException(com.yubico.webauthn.exception.AssertionFailedException)
FidoMetadataDownloaderException(com.yubico.fido.metadata.FidoMetadataDownloaderException)
DigestException(java.security.DigestException)
InvalidAppIdException(com.yubico.webauthn.extension.appid.InvalidAppIdException)
CertPathValidatorException(java.security.cert.CertPathValidatorException)
RegistrationFailedException(com.yubico.webauthn.exception.RegistrationFailedException)
SignatureException(java.security.SignatureException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
AssertionFailedException(com.yubico.webauthn.exception.AssertionFailedException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
ExecutionException(java.util.concurrent.ExecutionException)
Base64UrlException(com.yubico.webauthn.data.exception.Base64UrlException)
Example 2 with AssertionRequestWrapper
use of demo.webauthn.data.AssertionRequestWrapper in project java-webauthn-server by Yubico.
the class WebAuthnServer method startAuthentication.
public Either<List<String>, AssertionRequestWrapper> startAuthentication(Optional<String> username) {
logger.trace("startAuthentication username: {}", username);
if (username.isPresent() && !userStorage.userExists(username.get())) {
return Either.left(Collections.singletonList("The username \"" + username.get() + "\" is not registered."));
} else {
AssertionRequestWrapper request = new AssertionRequestWrapper(generateRandom(32), rp.startAssertion(StartAssertionOptions.builder().username(username).build()));
assertRequestStorage.put(request.getRequestId(), request);
return Either.right(request);
}
}
Also used :
AssertionRequestWrapper(demo.webauthn.data.AssertionRequestWrapper)
Aggregations
AssertionRequestWrapper (demo.webauthn.data.AssertionRequestWrapper)2
FidoMetadataDownloaderException (com.yubico.fido.metadata.FidoMetadataDownloaderException)1
AssertionResult (com.yubico.webauthn.AssertionResult)1
Base64UrlException (com.yubico.webauthn.data.exception.Base64UrlException)1
AssertionFailedException (com.yubico.webauthn.exception.AssertionFailedException)1
RegistrationFailedException (com.yubico.webauthn.exception.RegistrationFailedException)1
InvalidAppIdException (com.yubico.webauthn.extension.appid.InvalidAppIdException)1
AssertionResponse (demo.webauthn.data.AssertionResponse)1
IOException (java.io.IOException)1
DigestException (java.security.DigestException)1
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)1
InvalidKeyException (java.security.InvalidKeyException)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
SignatureException (java.security.SignatureException)1
CertPathValidatorException (java.security.cert.CertPathValidatorException)1
CertificateException (java.security.cert.CertificateException)1
ExecutionException (java.util.concurrent.ExecutionException)1
