use of demo.webauthn.data.U2fRegistrationResponse in project java-webauthn-server by Yubico.
the class WebAuthnServer method finishU2fRegistration.
public Either<List<String>, SuccessfulU2fRegistrationResult> finishU2fRegistration(String responseJson) throws ExecutionException {
logger.trace("finishU2fRegistration responseJson: {}", responseJson);
U2fRegistrationResponse response = null;
try {
response = jsonMapper.readValue(responseJson, U2fRegistrationResponse.class);
} catch (IOException e) {
logger.error("JSON error in finishU2fRegistration; responseJson: {}", responseJson, e);
return Either.left(Arrays.asList("Registration failed!", "Failed to decode response object.", e.getMessage()));
}
RegistrationRequest request = registerRequestStorage.getIfPresent(response.getRequestId());
registerRequestStorage.invalidate(response.getRequestId());
if (request == null) {
logger.debug("fail finishU2fRegistration responseJson: {}", responseJson);
return Either.left(Arrays.asList("Registration failed!", "No such registration in progress."));
} else {
try {
ExceptionUtil.assure(U2fVerifier.verify(rp.getAppId().get(), request, response), "Failed to verify signature.");
} catch (Exception e) {
logger.debug("Failed to verify U2F signature.", e);
return Either.left(Arrays.asList("Failed to verify signature.", e.getMessage()));
}
X509Certificate attestationCert = null;
try {
attestationCert = CertificateParser.parseDer(response.getCredential().getU2fResponse().getAttestationCertAndSignature().getBytes());
} catch (CertificateException e) {
logger.error("Failed to parse attestation certificate: {}", response.getCredential().getU2fResponse().getAttestationCertAndSignature(), e);
}
Optional<Attestation> attestation = metadataService.findMetadata(attestationCert);
final U2fRegistrationResult result = U2fRegistrationResult.builder().keyId(PublicKeyCredentialDescriptor.builder().id(response.getCredential().getU2fResponse().getKeyHandle()).build()).attestationTrusted(attestation.isPresent()).publicKeyCose(rawEcdaKeyToCose(response.getCredential().getU2fResponse().getPublicKey())).attestationMetadata(attestation).build();
return Either.right(new SuccessfulU2fRegistrationResult(request, response, addRegistration(request.getPublicKeyCredentialCreationOptions().getUser(), request.getCredentialNickname(), 0, result), result.isAttestationTrusted(), Optional.of(new AttestationCertInfo(response.getCredential().getU2fResponse().getAttestationCertAndSignature())), request.getUsername(), sessions.createSession(request.getPublicKeyCredentialCreationOptions().getUser().getId())));
}
}
Aggregations