Examples with WebAuthnDataWrapper org.keycloak.testsuite.webauthn.utils.WebAuthnDataWrapper used on opensource projects

Example 1 with WebAuthnDataWrapper

use of org.keycloak.testsuite.webauthn.utils.WebAuthnDataWrapper in project keycloak by keycloak.

the class WebAuthnOtherSettingsTest method defaultValues.

@Test
public void defaultValues() {
    registerDefaultUser("webauthn");
    WaitUtils.waitForPageToLoad();
    appPage.assertCurrent();
    final String userId = Optional.ofNullable(userResource().toRepresentation()).map(UserRepresentation::getId).orElse(null);
    assertThat(userId, notNullValue());
    events.expectRequiredAction(EventType.CUSTOM_REQUIRED_ACTION).user(userId).detail(Details.CUSTOM_REQUIRED_ACTION, isPasswordless() ? WebAuthnPasswordlessRegisterFactory.PROVIDER_ID : WebAuthnRegisterFactory.PROVIDER_ID).detail(WebAuthnConstants.PUBKEY_CRED_LABEL_ATTR, "webauthn").detail(WebAuthnConstants.PUBKEY_CRED_AAGUID_ATTR, ALL_ZERO_AAGUID).assertEvent();
    final String credentialType = getCredentialType();
    // Soft token in Firefox does not increment counter
    long credentialCount = isDriverFirefox(driver) ? 0 : 1L;
    getTestingClient().server(TEST_REALM_NAME).run(session -> {
        final WebAuthnDataWrapper dataWrapper = new WebAuthnDataWrapper(session, USERNAME, credentialType);
        assertThat(dataWrapper, notNullValue());
        final WebAuthnCredentialData data = dataWrapper.getWebAuthnData();
        assertThat(data, notNullValue());
        assertThat(data.getCredentialId(), notNullValue());
        assertThat(data.getAaguid(), is(ALL_ZERO_AAGUID));
        assertThat(data.getAttestationStatement(), nullValue());
        assertThat(data.getCredentialPublicKey(), notNullValue());
        assertThat(data.getCounter(), is(credentialCount));
        assertThat(data.getAttestationStatementFormat(), is(AttestationConveyancePreference.NONE.getValue()));
        final COSEKey pubKey = dataWrapper.getKey();
        assertThat(pubKey, notNullValue());
        assertThat(pubKey.getAlgorithm(), notNullValue());
        assertThat(pubKey.getAlgorithm().getValue(), is(COSEAlgorithmIdentifier.ES256.getValue()));
        assertThat(pubKey.getKeyType(), is(COSEKeyType.EC2));
        assertThat(pubKey.hasPublicKey(), is(true));
    });
}

Example 2 with WebAuthnDataWrapper

use of org.keycloak.testsuite.webauthn.utils.WebAuthnDataWrapper in project keycloak by keycloak.

the class AttestationConveyanceRegisterTest method attestationDefaultValue.

@Test
public void attestationDefaultValue() {
    WebAuthnRealmData realmData = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
    assertThat(realmData.getAttestationConveyancePreference(), is(DEFAULT_WEBAUTHN_POLICY_NOT_SPECIFIED));
    registerDefaultUser();
    displayErrorMessageIfPresent();
    final String credentialType = getCredentialType();
    getTestingClient().server(TEST_REALM_NAME).run(session -> {
        final WebAuthnDataWrapper dataWrapper = new WebAuthnDataWrapper(session, USERNAME, credentialType);
        assertThat(dataWrapper, notNullValue());
        final WebAuthnCredentialData data = dataWrapper.getWebAuthnData();
        assertThat(data, notNullValue());
        assertThat(data.getAttestationStatementFormat(), is(AttestationConveyancePreference.NONE.getValue()));
    });
}

Example 3 with WebAuthnDataWrapper

use of org.keycloak.testsuite.webauthn.utils.WebAuthnDataWrapper in project keycloak by keycloak.

the class AttestationConveyanceRegisterTest method assertAttestationConveyance.

protected void assertAttestationConveyance(boolean shouldSuccess, AttestationConveyancePreference attestation) {
    Credential credential = getDefaultResidentKeyCredential();
    getVirtualAuthManager().useAuthenticator(getDefaultAuthenticatorOptions().setHasResidentKey(true));
    getVirtualAuthManager().getCurrent().getAuthenticator().addCredential(credential);
    try (AbstractWebAuthnRealmUpdater updater = getWebAuthnRealmUpdater().setWebAuthnPolicyAttestationConveyancePreference(attestation.getValue()).update()) {
        WebAuthnRealmData realmData = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
        assertThat(realmData.getAttestationConveyancePreference(), is(attestation.getValue()));
        registerDefaultUser(shouldSuccess);
        displayErrorMessageIfPresent();
        final boolean isErrorCurrent = webAuthnErrorPage.isCurrent();
        assertThat(isErrorCurrent, is(!shouldSuccess));
        final String credentialType = getCredentialType();
        getTestingClient().server(TEST_REALM_NAME).run(session -> {
            final WebAuthnDataWrapper dataWrapper = new WebAuthnDataWrapper(session, USERNAME, credentialType);
            assertThat(dataWrapper, notNullValue());
            final WebAuthnCredentialData data = dataWrapper.getWebAuthnData();
            assertThat(data, notNullValue());
            assertThat(data.getAttestationStatementFormat(), is(attestation.getValue()));
        });
    } catch (IOException e) {
        throw new RuntimeException(e);
    }
}

Example 4 with WebAuthnDataWrapper

use of org.keycloak.testsuite.webauthn.utils.WebAuthnDataWrapper in project keycloak by keycloak.

the class PubKeySignRegisterTest method assertPublicKeyAlgorithms.

private void assertPublicKeyAlgorithms(boolean shouldSuccess, COSEAlgorithmIdentifier selectedAlgorithm, List<String> algorithms) {
    assertThat(algorithms, notNullValue());
    try (Closeable u = getWebAuthnRealmUpdater().setWebAuthnPolicySignatureAlgorithms(algorithms).update()) {
        if (!algorithms.isEmpty()) {
            WebAuthnRealmData realmData = new WebAuthnRealmData(testRealm().toRepresentation(), isPasswordless());
            assertThat(realmData.getSignatureAlgorithms(), is(algorithms));
        }
        registerDefaultUser(shouldSuccess);
        assertThat(webAuthnErrorPage.isCurrent(), is(!shouldSuccess));
        if (!shouldSuccess) {
            final String expectedMessage = getExpectedMessageByDriver("NotSupportedError: Operation is not supported", "The operation either timed out or was not allowed");
            assertThat(webAuthnErrorPage.getError(), containsString(expectedMessage));
            return;
        }
        final String credentialType = getCredentialType();
        getTestingClient().server(TEST_REALM_NAME).run(session -> {
            final WebAuthnDataWrapper dataWrapper = new WebAuthnDataWrapper(session, USERNAME, credentialType);
            assertThat(dataWrapper, notNullValue());
            final WebAuthnCredentialData data = dataWrapper.getWebAuthnData();
            assertThat(data, notNullValue());
            final COSEKey pubKey = dataWrapper.getKey();
            assertThat(pubKey, notNullValue());
            assertThat(pubKey.getAlgorithm(), notNullValue());
            assertThat(pubKey.getAlgorithm().getValue(), is(selectedAlgorithm.getValue()));
            assertThat(pubKey.hasPublicKey(), is(true));
        });
    } catch (IOException e) {
        throw new RuntimeException(e.getCause());
    }
}