Example 1 with WebAuthnCredential
use of org.apereo.cas.webauthn.WebAuthnCredential in project cas by apereo.
the class WebAuthnAuthenticationWebflowActionTests method verifyFailsNoReg.
@Test
public void verifyFailsNoReg() throws Exception {
val context = getRequestContext();
RequestContextHolder.setRequestContext(context);
ExternalContextHolder.setExternalContext(context.getExternalContext());
val authn = RegisteredServiceTestUtils.getAuthentication("casuser");
WebUtils.putAuthentication(authn, context);
WebUtils.putCredential(context, new WebAuthnCredential(EncodingUtils.encodeBase64(RandomUtils.randomAlphabetic(8))));
val result = webAuthnAuthenticationWebflowAction.execute(context);
assertEquals(CasWebflowConstants.TRANSITION_ID_ERROR, result.getId());
}
Also used :
lombok.val(lombok.val)
WebAuthnCredential(org.apereo.cas.webauthn.WebAuthnCredential)
Test(org.junit.jupiter.api.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Example 2 with WebAuthnCredential
use of org.apereo.cas.webauthn.WebAuthnCredential in project cas by apereo.
the class WebAuthnValidateSessionCredentialTokenAction method doExecute.
@Override
protected Event doExecute(final RequestContext requestContext) {
val request = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
val token = request.getParameter("token");
if (StringUtils.isBlank(token)) {
LOGGER.warn("Missing web authn token from the request");
return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_AUTHENTICATION_FAILURE);
}
LOGGER.debug("Received web authn token [{}]", token);
val credential = new WebAuthnCredential(token);
WebUtils.putCredential(requestContext, credential);
val session = sessionManager.getSession(WebAuthnCredential.from(credential));
if (session.isEmpty()) {
LOGGER.warn("Unable to locate existing session from the current token [{}]", token);
return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_AUTHENTICATION_FAILURE);
}
val result = webAuthnCredentialRepository.getUsernameForUserHandle(session.get());
if (result.isEmpty()) {
LOGGER.warn("Unable to locate user based on the given user handle");
return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_AUTHENTICATION_FAILURE);
}
val username = result.get();
val authentication = DefaultAuthenticationBuilder.newInstance().addCredential(credential).setPrincipal(principalFactory.createPrincipal(username)).build();
LOGGER.warn("Finalized authentication attempt based on [{}]", authentication);
WebUtils.putAuthentication(authentication, requestContext);
return new EventFactorySupport().event(this, CasWebflowConstants.TRANSITION_ID_FINALIZE);
}
Also used :
lombok.val(lombok.val)
EventFactorySupport(org.springframework.webflow.action.EventFactorySupport)
WebAuthnCredential(org.apereo.cas.webauthn.WebAuthnCredential)
Example 3 with WebAuthnCredential
use of org.apereo.cas.webauthn.WebAuthnCredential in project cas by apereo.
the class WebAuthnAuthenticationWebflowActionTests method verifyToken.
@Test
public void verifyToken() throws Exception {
val context = getRequestContext();
RequestContextHolder.setRequestContext(context);
ExternalContextHolder.setExternalContext(context.getExternalContext());
val authn = RegisteredServiceTestUtils.getAuthentication("casuser");
WebUtils.putAuthentication(authn, context);
WebUtils.putCredential(context, new WebAuthnCredential(EncodingUtils.encodeBase64(RandomUtils.randomAlphabetic(8))));
webAuthnCredentialRepository.addRegistrationByUsername(authn.getPrincipal().getId(), CredentialRegistration.builder().credential(RegisteredCredential.builder().credentialId(ByteArray.fromBase64Url(authn.getPrincipal().getId())).userHandle(ByteArray.fromBase64Url(RandomUtils.randomAlphabetic(8))).publicKeyCose(ByteArray.fromBase64Url(RandomUtils.randomAlphabetic(8))).build()).build());
var result = webAuthnAuthenticationWebflowAction.execute(context);
assertEquals(CasWebflowConstants.TRANSITION_ID_ERROR, result.getId());
val token = EncodingUtils.encodeBase64(RandomUtils.randomAlphabetic(8));
val sessionId = webAuthnSessionManager.createSession(ByteArray.fromBase64(token));
val builder = mock(AuthenticationResultBuilder.class);
when(builder.getInitialAuthentication()).thenReturn(Optional.of(authn));
when(builder.collect(any(Authentication.class))).thenReturn(builder);
WebUtils.putAuthenticationResultBuilder(builder, context);
WebUtils.putCredential(context, new WebAuthnCredential(sessionId.toJsonString()));
result = webAuthnAuthenticationWebflowAction.execute(context);
assertEquals(CasWebflowConstants.TRANSITION_ID_SUCCESS, result.getId());
}
Also used :
lombok.val(lombok.val)
Authentication(org.apereo.cas.authentication.Authentication)
WebAuthnCredential(org.apereo.cas.webauthn.WebAuthnCredential)
Test(org.junit.jupiter.api.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Example 4 with WebAuthnCredential
use of org.apereo.cas.webauthn.WebAuthnCredential in project cas by apereo.
the class WebAuthnAuthenticationWebflowActionTests method verifyFailsNoAuthn.
@Test
public void verifyFailsNoAuthn() throws Exception {
val context = getRequestContext();
WebUtils.putCredential(context, new WebAuthnCredential(EncodingUtils.encodeBase64(RandomUtils.randomAlphabetic(8))));
RequestContextHolder.setRequestContext(context);
ExternalContextHolder.setExternalContext(context.getExternalContext());
val result = webAuthnAuthenticationWebflowAction.execute(context);
assertEquals(CasWebflowConstants.TRANSITION_ID_ERROR, result.getId());
}
Also used :
lombok.val(lombok.val)
WebAuthnCredential(org.apereo.cas.webauthn.WebAuthnCredential)
Test(org.junit.jupiter.api.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Aggregations
lombok.val (lombok.val)4
WebAuthnCredential (org.apereo.cas.webauthn.WebAuthnCredential)4
Test (org.junit.jupiter.api.Test)3
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)3
Authentication (org.apereo.cas.authentication.Authentication)1
EventFactorySupport (org.springframework.webflow.action.EventFactorySupport)1
