Examples with DeviceRegistration io.jans.entry.DeviceRegistration used on opensource projects

Search in sources :

Example 1 with DeviceRegistration

use of io.jans.entry.DeviceRegistration in project jans by JanssenProject.

the class AssertionService method prepareAllowedCredentials.

private Pair<ArrayNode, String> prepareAllowedCredentials(String documentDomain, String username) {
    // TODO: Add property to enable/disable U2F -> Fido2 migration
    List<DeviceRegistration> existingFidoRegistrations = deviceRegistrationService.findAllRegisteredByUsername(username, documentDomain);
    if (existingFidoRegistrations.size() > 0) {
        deviceRegistrationService.migrateToFido2(existingFidoRegistrations, documentDomain, username);
    }
    List<Fido2RegistrationEntry> existingFido2Registrations = registrationPersistenceService.findAllRegisteredByUsername(username);
    List<Fido2RegistrationEntry> allowedFido2Registrations = existingFido2Registrations.parallelStream().filter(f -> StringHelper.equals(documentDomain, f.getRegistrationData().getDomain())).filter(f -> StringHelper.isNotEmpty(f.getRegistrationData().getPublicKeyId())).collect(Collectors.toList());
    allowedFido2Registrations.forEach((value) -> {
        log.debug("attestation request:" + value.getRegistrationData().getAttenstationRequest());
    });
    List<JsonNode> allowedFido2Keys = allowedFido2Registrations.parallelStream().map(f -> dataMapperService.convertValue(new PublicKeyCredentialDescriptor(f.getRegistrationData().getType(), (f.getRegistrationData().getAttestationType().equalsIgnoreCase(AttestationFormat.apple.getFmt()) || f.getRegistrationData().getAttenstationRequest().contains(AuthenticatorAttachment.PLATFORM.getAttachment())) ? new String[] { "internal" } : new String[] { "usb", "ble", "nfc" }, f.getRegistrationData().getPublicKeyId()), JsonNode.class)).collect(Collectors.toList());
    Optional<Fido2RegistrationEntry> fidoRegistration = allowedFido2Registrations.parallelStream().filter(f -> StringUtils.isNotEmpty(f.getRegistrationData().getApplicationId())).findAny();
    String applicationId = null;
    if (fidoRegistration.isPresent()) {
        applicationId = fidoRegistration.get().getRegistrationData().getApplicationId();
    }
    ArrayNode allowedCredentials = dataMapperService.createArrayNode();
    allowedCredentials.addAll(allowedFido2Keys);
    return Pair.of(allowedCredentials, applicationId);
}
Also used : Fido2RegistrationEntry(io.jans.fido2.model.entry.Fido2RegistrationEntry) Fido2RegistrationStatus(io.jans.fido2.model.entry.Fido2RegistrationStatus) StringUtils(org.apache.commons.lang.StringUtils) UserVerification(io.jans.fido2.ctap.UserVerification) Fido2RegistrationData(io.jans.fido2.model.entry.Fido2RegistrationData) DeviceRegistrationService(io.jans.u2f.service.persist.DeviceRegistrationService) AuthenticatorAttachment(io.jans.fido2.ctap.AuthenticatorAttachment) Fido2RegistrationEntry(io.jans.fido2.model.entry.Fido2RegistrationEntry) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) Inject(javax.inject.Inject) Fido2RuntimeException(io.jans.fido2.exception.Fido2RuntimeException) Pair(org.apache.commons.lang3.tuple.Pair) Fido2AuthenticationStatus(io.jans.fido2.model.entry.Fido2AuthenticationStatus) DataMapperService(io.jans.fido2.service.DataMapperService) DeviceRegistration(io.jans.entry.DeviceRegistration) JsonNode(com.fasterxml.jackson.databind.JsonNode) StringHelper(io.jans.util.StringHelper) AttestationFormat(io.jans.fido2.ctap.AttestationFormat) AppConfiguration(io.jans.fido2.model.conf.AppConfiguration) Fido2AuthenticationData(io.jans.fido2.model.entry.Fido2AuthenticationData) Logger(org.slf4j.Logger) Fido2CompromisedDevice(io.jans.fido2.exception.Fido2CompromisedDevice) Fido2AuthenticationEntry(io.jans.fido2.model.entry.Fido2AuthenticationEntry) ChallengeGenerator(io.jans.fido2.service.ChallengeGenerator) AuthenticationPersistenceService(io.jans.fido2.service.persist.AuthenticationPersistenceService) Collectors(java.util.stream.Collectors) PublicKeyCredentialDescriptor(io.jans.fido2.model.auth.PublicKeyCredentialDescriptor) CommonVerifiers(io.jans.fido2.service.verifier.CommonVerifiers) ArrayNode(com.fasterxml.jackson.databind.node.ArrayNode) List(java.util.List) RegistrationPersistenceService(io.jans.fido2.service.persist.RegistrationPersistenceService) AssertionVerifier(io.jans.fido2.service.verifier.AssertionVerifier) Optional(java.util.Optional) ApplicationScoped(javax.enterprise.context.ApplicationScoped) DomainVerifier(io.jans.fido2.service.verifier.DomainVerifier) NetworkService(io.jans.service.net.NetworkService) PublicKeyCredentialDescriptor(io.jans.fido2.model.auth.PublicKeyCredentialDescriptor) DeviceRegistration(io.jans.entry.DeviceRegistration) JsonNode(com.fasterxml.jackson.databind.JsonNode) ArrayNode(com.fasterxml.jackson.databind.node.ArrayNode)

Example 2 with DeviceRegistration

use of io.jans.entry.DeviceRegistration in project jans by JanssenProject.

the class DeviceRegistrationService method findAllRegisteredByUsername.

public List<DeviceRegistration> findAllRegisteredByUsername(String username, String domain, String... returnAttributes) {
    String userInum = userService.getUserInum(username);
    if (userInum == null) {
        return Collections.emptyList();
    }
    String baseDn = getBaseDnForU2fUserDevices(userInum);
    if (persistenceEntryManager.hasBranchesSupport(baseDn)) {
        if (!containsBranch(baseDn)) {
            return Collections.emptyList();
        }
    }
    Filter resultFilter = Filter.createEqualityFilter("jansStatus", DeviceRegistrationStatus.ACTIVE.getValue());
    List<DeviceRegistration> fidoRegistrations = persistenceEntryManager.findEntries(baseDn, DeviceRegistration.class, resultFilter, returnAttributes);
    fidoRegistrations = fidoRegistrations.parallelStream().filter(f -> StringHelper.equals(domain, networkService.getHost(f.getApplication()))).filter(f -> (f.getDeviceData() == null)).collect(Collectors.toList());
    return fidoRegistrations;
}
Also used : Fido2RegistrationStatus(io.jans.fido2.model.entry.Fido2RegistrationStatus) Base64Service(io.jans.fido2.service.Base64Service) Fido2RegistrationData(io.jans.fido2.model.entry.Fido2RegistrationData) Date(java.util.Date) CoseEC2Algorithm(io.jans.fido2.ctap.CoseEC2Algorithm) Filter(io.jans.orm.search.filter.Filter) Fido2RegistrationEntry(io.jans.fido2.model.entry.Fido2RegistrationEntry) Inject(javax.inject.Inject) CoseService(io.jans.fido2.service.CoseService) DataMapperService(io.jans.fido2.service.DataMapperService) DeviceRegistration(io.jans.entry.DeviceRegistration) JsonNode(com.fasterxml.jackson.databind.JsonNode) StringHelper(io.jans.util.StringHelper) AttestationFormat(io.jans.fido2.ctap.AttestationFormat) SimpleBranch(io.jans.orm.model.base.SimpleBranch) Logger(org.slf4j.Logger) DeviceRegistrationStatus(io.jans.entry.DeviceRegistrationStatus) IOException(java.io.IOException) Collectors(java.util.stream.Collectors) PersistenceEntryManager(io.jans.orm.PersistenceEntryManager) List(java.util.List) StaticConfiguration(io.jans.as.model.config.StaticConfiguration) RegistrationPersistenceService(io.jans.fido2.service.persist.RegistrationPersistenceService) UserService(io.jans.as.common.service.common.UserService) ApplicationScoped(javax.enterprise.context.ApplicationScoped) Collections(java.util.Collections) NetworkService(io.jans.service.net.NetworkService) Filter(io.jans.orm.search.filter.Filter) DeviceRegistration(io.jans.entry.DeviceRegistration)

Example 3 with DeviceRegistration

use of io.jans.entry.DeviceRegistration in project jans by JanssenProject.

the class DeviceRegistrationService method migrateToFido2.

public void migrateToFido2(List<DeviceRegistration> fidoRegistrations, String documentDomain, String username) {
    for (DeviceRegistration fidoRegistration : fidoRegistrations) {
        Fido2RegistrationData fido2RegistrationData;
        try {
            fido2RegistrationData = convertToFido2RegistrationData(documentDomain, username, fidoRegistration);
        } catch (IOException ex) {
            log.error("Faield to migrate Fido to Fido2 device: {}", fidoRegistration.getId());
            continue;
        }
        // Save converted Fido2 entry
        Date enrollmentDate = fidoRegistration.getCreationDate();
        Fido2RegistrationEntry fido2RegistrationEntry = registrationPersistenceService.buildFido2RegistrationEntry(fido2RegistrationData);
        // Restore dates modified by buildFido2RegistrationEntry
        fido2RegistrationEntry.getRegistrationData().setCreatedDate(enrollmentDate);
        fido2RegistrationEntry.setCreationDate(enrollmentDate);
        fido2RegistrationEntry.setDisplayName(fidoRegistration.getDisplayName());
        fido2RegistrationEntry.setPublicKeyId(fido2RegistrationData.getPublicKeyId());
        persistenceEntryManager.persist(fido2RegistrationEntry);
        // Testing code
        // JsonNode uncompressedECPointNode;
        // try {
        // uncompressedECPointNode = dataMapperService.cborReadTree(base64Service.urlDecode(fido2RegistrationData.getUncompressedECPoint()));
        // PublicKey publicKey = coseService.createUncompressedPointFromCOSEPublicKey(uncompressedECPointNode);
        // } catch (IOException e) {
        // e.printStackTrace();
        // }
        // Mark Fido registration entry as migrated
        fidoRegistration.setStatus(DeviceRegistrationStatus.MIGRATED);
        fidoRegistration.setDeletable(false);
        persistenceEntryManager.merge(fidoRegistration);
    }
}
Also used : Fido2RegistrationEntry(io.jans.fido2.model.entry.Fido2RegistrationEntry) Fido2RegistrationData(io.jans.fido2.model.entry.Fido2RegistrationData) DeviceRegistration(io.jans.entry.DeviceRegistration) IOException(java.io.IOException) Date(java.util.Date)

Aggregations

DeviceRegistration (io.jans.entry.DeviceRegistration)3 Fido2RegistrationData (io.jans.fido2.model.entry.Fido2RegistrationData)3 Fido2RegistrationEntry (io.jans.fido2.model.entry.Fido2RegistrationEntry)3 JsonNode (com.fasterxml.jackson.databind.JsonNode)2 AttestationFormat (io.jans.fido2.ctap.AttestationFormat)2 Fido2RegistrationStatus (io.jans.fido2.model.entry.Fido2RegistrationStatus)2 DataMapperService (io.jans.fido2.service.DataMapperService)2 RegistrationPersistenceService (io.jans.fido2.service.persist.RegistrationPersistenceService)2 NetworkService (io.jans.service.net.NetworkService)2 StringHelper (io.jans.util.StringHelper)2 List (java.util.List)2 Collectors (java.util.stream.Collectors)2 ApplicationScoped (javax.enterprise.context.ApplicationScoped)2 Inject (javax.inject.Inject)2 Logger (org.slf4j.Logger)2 ArrayNode (com.fasterxml.jackson.databind.node.ArrayNode)1 ObjectNode (com.fasterxml.jackson.databind.node.ObjectNode)1 UserService (io.jans.as.common.service.common.UserService)1 StaticConfiguration (io.jans.as.model.config.StaticConfiguration)1 DeviceRegistrationStatus (io.jans.entry.DeviceRegistrationStatus)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial