com.webauthn4j.server.ServerProperty Java Examples
The following examples show how to use
com.webauthn4j.server.ServerProperty.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: RegistrationObject.java From webauthn4j with Apache License 2.0 | 6 votes |
|
@SuppressWarnings("squid:S00107")
public RegistrationObject(
AttestationObject attestationObject,
byte[] attestationObjectBytes,
CollectedClientData collectedClientData,
byte[] collectedClientDataBytes,
AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput<?>> clientExtensions,
Set<AuthenticatorTransport> transports,
ServerProperty serverProperty,
LocalDateTime timestamp) {
this.attestationObject = attestationObject;
this.attestationObjectBytes = ArrayUtil.clone(attestationObjectBytes);
this.collectedClientData = collectedClientData;
this.collectedClientDataBytes = ArrayUtil.clone(collectedClientDataBytes);
this.clientExtensions = clientExtensions;
this.transports = CollectionUtil.unmodifiableSet(transports);
this.serverProperty = serverProperty;
this.timestamp = timestamp;
}
Example #2
| Source File: WebAuthnCredentialProviderTest.java From keycloak-webauthn-authenticator with Apache License 2.0 | 6 votes |
|
private WebAuthnCredentialModel getValidWebAuthnCredentialModel() {
// mimic valid model created on Registration
byte[] clientDataJSON = Base64.getUrlDecoder().decode("eyJjaGFsbGVuZ2UiOiJxOGJfc25BcFFCR0RTbEhLclVQWERBIiwib3JpZ2luIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwIiwidHlwZSI6IndlYmF1dGhuLmNyZWF0ZSJ9");
byte[] attestationObject = Base64.getUrlDecoder().decode("o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YVjESZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNl5cq57gFloyTRaRzspkmVtaFjseFuas8LzmCa9_M40tZHwnOxuDFLj__IQkmCi9bwtXfxGU8L3IbXoJf-R1v6lAQIDJiABIVggHRj3_pRuFc4STvzzqO3WgO9cnj7u9R4OogbtOc4qA5kiWCAniOpK656_61Qnmx4hkWffohlH4JDbuytCpCtf9jrruA");
Origin origin = new Origin("http://localhost:8080");
Challenge challenge = new DefaultChallenge("q8b_snApQBGDSlHKrUPXDA");
ServerProperty serverProperty = new ServerProperty(origin, "localhost", challenge, null);
WebAuthnRegistrationContext registrationContext = new WebAuthnRegistrationContext(clientDataJSON, attestationObject, serverProperty, false);
WebAuthnRegistrationContextValidator webAuthnRegistrationContextValidator = WebAuthnRegistrationContextValidator.createNonStrictRegistrationContextValidator();
WebAuthnRegistrationContextValidationResponse response = webAuthnRegistrationContextValidator.validate(registrationContext);
WebAuthnCredentialModel credential = new WebAuthnCredentialModel();
credential.setAttestedCredentialData(response.getAttestationObject().getAuthenticatorData().getAttestedCredentialData());
credential.setAttestationStatement(response.getAttestationObject().getAttestationStatement());
credential.setCount(response.getAttestationObject().getAuthenticatorData().getSignCount());
return credential;
}
Example #3
| Source File: AuthenticationObject.java From webauthn4j with Apache License 2.0 | 6 votes |
|
@SuppressWarnings("squid:S00107")
public AuthenticationObject(
byte[] credentialId,
AuthenticatorData<AuthenticationExtensionAuthenticatorOutput<?>> authenticatorData,
byte[] authenticatorDataBytes,
CollectedClientData collectedClientData,
byte[] collectedClientDataBytes,
AuthenticationExtensionsClientOutputs<AuthenticationExtensionClientOutput<?>> clientExtensions,
ServerProperty serverProperty,
Authenticator authenticator) {
this.credentialId = ArrayUtil.clone(credentialId);
this.authenticatorData = authenticatorData;
this.authenticatorDataBytes = ArrayUtil.clone(authenticatorDataBytes);
this.collectedClientData = collectedClientData;
this.collectedClientDataBytes = ArrayUtil.clone(collectedClientDataBytes);
this.clientExtensions = clientExtensions;
this.serverProperty = serverProperty;
this.authenticator = authenticator;
}
Example #4
| Source File: WebAuthnAuthenticationRequest.java From webauthn4j-spring-security with Apache License 2.0 | 6 votes |
|
@SuppressWarnings("squid:S00107")
public WebAuthnAuthenticationRequest(byte[] credentialId,
byte[] clientDataJSON,
byte[] authenticatorData,
byte[] signature,
String clientExtensionsJSON,
ServerProperty serverProperty,
boolean userVerificationRequired,
boolean userPresenceRequired,
List<String> expectedAuthenticationExtensionIds) {
this.credentialId = credentialId;
this.clientDataJSON = clientDataJSON;
this.authenticatorData = authenticatorData;
this.signature = signature;
this.clientExtensionsJSON = clientExtensionsJSON;
this.serverProperty = serverProperty;
this.userVerificationRequired = userVerificationRequired;
this.userPresenceRequired = userPresenceRequired;
this.expectedAuthenticationExtensionIds = expectedAuthenticationExtensionIds;
}
Example #5
| Source File: WebAuthnAuthenticationRequest.java From webauthn4j-spring-security with Apache License 2.0 | 6 votes |
|
@SuppressWarnings("squid:S00107")
public WebAuthnAuthenticationRequest(byte[] credentialId,
byte[] clientDataJSON,
byte[] authenticatorData,
byte[] signature,
String clientExtensionsJSON,
ServerProperty serverProperty,
boolean userVerificationRequired,
List<String> expectedAuthenticationExtensionIds) {
this(
credentialId,
clientDataJSON,
authenticatorData,
signature,
clientExtensionsJSON,
serverProperty,
userVerificationRequired,
true,
expectedAuthenticationExtensionIds
);
}
Example #6
| Source File: PackedAttestationStatementValidatorTest.java From webauthn4j with Apache License 2.0 | 6 votes |
|
private void validate(byte[] clientDataBytes, AttestationObject attestationObject) {
byte[] attestationObjectBytes = new AttestationObjectConverter(objectConverter).convertToBytes(attestationObject);
Origin origin = new Origin(originUrl);
Challenge challenge = (Challenge) () -> Base64UrlUtil.decode(challengeString);
CollectedClientData collectedClientData = new CollectedClientDataConverter(objectConverter).convert(clientDataBytes);
Set<AuthenticatorTransport> transports = Collections.emptySet();
AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput<?>> authenticationExtensionsClientOutputs = new AuthenticationExtensionsClientOutputs<>();
RegistrationObject registrationObject = new RegistrationObject(
attestationObject,
attestationObjectBytes,
collectedClientData,
clientDataBytes,
authenticationExtensionsClientOutputs,
transports,
new ServerProperty(origin, rpId, challenge, tokenBindingId)
);
validator.validate(registrationObject);
}
Example #7
| Source File: OriginValidatorTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void test_with_not_equal_origins() {
Origin originA = new Origin("https://example.com:14443");
Origin originB = new Origin("http://example.com");
CollectedClientData collectedClientData = new CollectedClientData(ClientDataType.CREATE, TestDataUtil.createChallenge(), originA, null);
ServerProperty serverProperty = new ServerProperty(originB, "example.com", TestDataUtil.createChallenge(), null);
assertThrows(BadOriginException.class,
() -> target.validate(collectedClientData, serverProperty)
);
}
Example #8
| Source File: ChallengeValidator.java From webauthn4j with Apache License 2.0 | 5 votes |
|
public void validate(CollectedClientData collectedClientData, ServerProperty serverProperty) {
AssertUtil.notNull(collectedClientData, "collectedClientData must not be null");
AssertUtil.notNull(serverProperty, "serverProperty must not be null");
Challenge savedChallenge = serverProperty.getChallenge();
Challenge collectedChallenge = collectedClientData.getChallenge();
if (savedChallenge == null) {
throw new MissingChallengeException("The server doesn't have a challenge. The client must request the server to issue the challenge before WebAuthn operations.");
}
// Verify that the challenge member of the collectedClientData matches the challenge that was sent to
// the authenticator in the PublicKeyCredentialRequestOptions passed to the get() call.
validate(savedChallenge, collectedChallenge);
}
Example #9
| Source File: RpIdHashValidatorTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void verifyRpIdHash_test_with_relyingParty_rpId_null() {
String rpIdA = "example.com";
String rpIdB = "example.com";
byte[] rpIdBytesA = rpIdA.getBytes(StandardCharsets.UTF_8);
byte[] rpIdHashA = MessageDigestUtil.createSHA256().digest(rpIdBytesA);
ServerProperty serverProperty = new ServerProperty(null, null, null, null);
//When
assertThrows(IllegalArgumentException.class,
() -> target.validate(rpIdHashA, serverProperty)
);
}
Example #10
| Source File: RpIdHashValidatorTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void verifyRpIdHash_test() {
String rpIdA = "example.com";
String rpIdB = "example.com";
byte[] rpIdBytesA = rpIdA.getBytes(StandardCharsets.UTF_8);
byte[] rpIdHashA = MessageDigestUtil.createSHA256().digest(rpIdBytesA);
ServerProperty serverProperty = new ServerProperty(null, rpIdB, null, null);
//When
target.validate(rpIdHashA, serverProperty);
}
Example #11
| Source File: BeanAssertUtil.java From webauthn4j with Apache License 2.0 | 5 votes |
|
public static void validate(ServerProperty serverProperty) {
if (serverProperty == null) {
throw new ConstraintViolationException("serverProperty must not be null");
}
if (serverProperty.getRpId() == null) {
throw new ConstraintViolationException("rpId must not be null");
}
if (serverProperty.getChallenge() == null) {
throw new ConstraintViolationException("challenge must not be null");
}
if (serverProperty.getOrigin() == null) {
throw new ConstraintViolationException("origin must not be null");
}
}
Example #12
| Source File: WebAuthnAuthenticationRequestTest.java From webauthn4j-spring-security with Apache License 2.0 | 5 votes |
|
@Test
public void equals_hashCode_test() {
Challenge challenge = new DefaultChallenge();
byte[] clientDataJSON = TestDataUtil.createClientDataJSON(ClientDataType.GET);
byte[] authenticatorData = new AuthenticatorDataConverter(objectConverter).convert(TestDataUtil.createAuthenticatorData());
WebAuthnAuthenticationRequest requestA = new WebAuthnAuthenticationRequest(
new byte[]{0x01, 0x23},
clientDataJSON,
authenticatorData,
new byte[]{0x45, 0x56},
"",
new ServerProperty(
new Origin("https://example.com"),
"example.com",
challenge,
new byte[]{0x43, 0x21}
),
true,
Collections.singletonList("uvi")
);
WebAuthnAuthenticationRequest requestB = new WebAuthnAuthenticationRequest(
new byte[]{0x01, 0x23},
clientDataJSON,
authenticatorData,
new byte[]{0x45, 0x56},
"",
new ServerProperty(
new Origin("https://example.com"),
"example.com",
challenge,
new byte[]{0x43, 0x21}
),
true,
Collections.singletonList("uvi")
);
assertThat(requestA).isEqualTo(requestB);
assertThat(requestA).hasSameHashCodeAs(requestB);
}
Example #13
| Source File: WebAuthnRegistrationRequestValidator.java From webauthn4j-spring-security with Apache License 2.0 | 5 votes |
|
RegistrationParameters createRegistrationParameters(HttpServletRequest request) {
ServerProperty serverProperty = serverPropertyProvider.provide(request);
return new RegistrationParameters(
serverProperty,
false,
false,
expectedRegistrationExtensionIds
);
}
Example #14
| Source File: AbstractWebAuthnContext.java From webauthn4j with Apache License 2.0 | 5 votes |
|
AbstractWebAuthnContext(
byte[] clientDataJSON,
String clientExtensionsJSON,
ServerProperty serverProperty,
boolean userVerificationRequired,
boolean userPresenceRequired,
List<String> expectedExtensionIds) {
this.clientDataJSON = clientDataJSON;
this.clientExtensionsJSON = clientExtensionsJSON;
this.serverProperty = serverProperty;
this.userVerificationRequired = userVerificationRequired;
this.userPresenceRequired = userPresenceRequired;
this.expectedExtensionIds = CollectionUtil.unmodifiableList(expectedExtensionIds);
}
Example #15
| Source File: ChallengeValidatorTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void verifyChallenge_test_without_saved_challenge() {
Challenge challengeA = new DefaultChallenge(new byte[]{0x00});
Challenge challengeB = null;
CollectedClientData collectedClientData = new CollectedClientData(ClientDataType.CREATE, challengeA, null, null);
ServerProperty serverProperty = new ServerProperty(null, null, challengeB, null);
//When
assertThrows(MissingChallengeException.class,
() -> target.validate(collectedClientData, serverProperty)
);
}
Example #16
| Source File: ChallengeValidatorTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void verifyChallenge_test_with_different_challenge() {
Challenge challengeA = new DefaultChallenge(new byte[]{0x00});
Challenge challengeB = new DefaultChallenge(new byte[]{0x01});
CollectedClientData collectedClientData = new CollectedClientData(ClientDataType.CREATE, challengeA, null, null);
ServerProperty serverProperty = new ServerProperty(null, null, challengeB, null);
//When
assertThrows(BadChallengeException.class,
() -> target.validate(collectedClientData, serverProperty)
);
}
Example #17
| Source File: WebAuthnProcessingFilterTest.java From webauthn4j-spring-security with Apache License 2.0 | 5 votes |
|
@Test
public void attemptAuthentication_test_with_get_method() {
String credentialId = "AAhdofeLeQWG6Y6gwwytZKNCDFB1WaIgqDsOwVYR5UavKQhAti4ic9_Dz-_CQEPpN0To6hiDRSCvmFHXaG6HK5yvvhm4DJRVJXzSvZiq5NefbXSYIr2uUaKbsoBe1lulhNdL9dRt6Dkkp38uq02YIR5CDaoxD-HQgMsS667aWlhHVKE884Sq0d1VVgGTDb1ds-Py_H7CDqk9SDErb8-XtQ9L";
String clientDataJSON = "eyJjaGFsbGVuZ2UiOiJGT3JHWklmSFJfeURaSklydTVPdXBBIiwiaGFzaEFsZyI6IlMyNTYiLCJvcmlnaW4iOiJsb2NhbGhvc3QifQ";
String authenticatorData = "SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MBAAABaQ";
String signature = "MEUCIGBYMUVg2KkMG7V7UEsGxUeKVaO8x587JyVoZkk6FmsgAiEA5XRKxlYe2Vpwn-JYEJhcEVJ3-0nYFG-JfheOk4rA3dc";
String clientExtensionsJSON = "";
ServerProperty serverProperty = mock(ServerProperty.class);
//Given
target.setPostOnly(false);
mockHttpServletRequest.setMethod("GET");
mockHttpServletRequest.setServerName("example.com");
mockHttpServletRequest.setParameter("credentialId", credentialId);
mockHttpServletRequest.setParameter("clientDataJSON", clientDataJSON);
mockHttpServletRequest.setParameter("authenticatorData", authenticatorData);
mockHttpServletRequest.setParameter("signature", signature);
mockHttpServletRequest.setParameter("clientExtensionsJSON", clientExtensionsJSON);
when(authenticationManager.authenticate(captor.capture())).thenReturn(null);
when(serverPropertyProvider.provide(any())).thenReturn(serverProperty);
//When
target.attemptAuthentication(mockHttpServletRequest, mockHttpServletResponse);
//Then
WebAuthnAssertionAuthenticationToken authenticationToken = (WebAuthnAssertionAuthenticationToken) captor.getValue();
verify(serverPropertyProvider).provide(mockHttpServletRequest);
assertThat(authenticationToken.getPrincipal()).isNull();
assertThat(authenticationToken.getCredentials()).isInstanceOf(WebAuthnAuthenticationRequest.class);
assertThat(authenticationToken.getCredentials().getCredentialId()).isEqualTo(Base64UrlUtil.decode(credentialId));
assertThat(authenticationToken.getCredentials().getClientDataJSON()).isEqualTo(Base64UrlUtil.decode(clientDataJSON));
assertThat(authenticationToken.getCredentials().getAuthenticatorData()).isEqualTo(Base64UrlUtil.decode(authenticatorData));
assertThat(authenticationToken.getCredentials().getSignature()).isEqualTo(Base64UrlUtil.decode(signature));
assertThat(authenticationToken.getCredentials().getClientExtensionsJSON()).isEqualTo(clientExtensionsJSON);
assertThat(authenticationToken.getCredentials().getServerProperty()).isEqualTo(serverProperty);
}
Example #18
| Source File: WebAuthnProcessingFilterTest.java From webauthn4j-spring-security with Apache License 2.0 | 5 votes |
|
@Test
public void attemptAuthentication_test_with_credential() {
String credentialId = "AAhdofeLeQWG6Y6gwwytZKNCDFB1WaIgqDsOwVYR5UavKQhAti4ic9_Dz-_CQEPpN0To6hiDRSCvmFHXaG6HK5yvvhm4DJRVJXzSvZiq5NefbXSYIr2uUaKbsoBe1lulhNdL9dRt6Dkkp38uq02YIR5CDaoxD-HQgMsS667aWlhHVKE884Sq0d1VVgGTDb1ds-Py_H7CDqk9SDErb8-XtQ9L";
String clientDataJSON = "eyJjaGFsbGVuZ2UiOiJGT3JHWklmSFJfeURaSklydTVPdXBBIiwiaGFzaEFsZyI6IlMyNTYiLCJvcmlnaW4iOiJsb2NhbGhvc3QifQ";
String authenticatorData = "SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MBAAABaQ";
String signature = "MEUCIGBYMUVg2KkMG7V7UEsGxUeKVaO8x587JyVoZkk6FmsgAiEA5XRKxlYe2Vpwn-JYEJhcEVJ3-0nYFG-JfheOk4rA3dc";
String clientExtensionsJSON = "";
ServerProperty serverProperty = mock(ServerProperty.class);
//Given
mockHttpServletRequest.setMethod("POST");
mockHttpServletRequest.setServerName("example.com");
mockHttpServletRequest.setParameter("credentialId", credentialId);
mockHttpServletRequest.setParameter("clientDataJSON", clientDataJSON);
mockHttpServletRequest.setParameter("authenticatorData", authenticatorData);
mockHttpServletRequest.setParameter("signature", signature);
mockHttpServletRequest.setParameter("clientExtensionsJSON", clientExtensionsJSON);
when(authenticationManager.authenticate(captor.capture())).thenReturn(null);
when(serverPropertyProvider.provide(any())).thenReturn(serverProperty);
//When
target.attemptAuthentication(mockHttpServletRequest, mockHttpServletResponse);
//Then
WebAuthnAssertionAuthenticationToken authenticationToken = (WebAuthnAssertionAuthenticationToken) captor.getValue();
verify(serverPropertyProvider).provide(mockHttpServletRequest);
assertThat(authenticationToken.getPrincipal()).isNull();
assertThat(authenticationToken.getCredentials()).isInstanceOf(WebAuthnAuthenticationRequest.class);
assertThat(authenticationToken.getCredentials().getCredentialId()).isEqualTo(Base64UrlUtil.decode(credentialId));
assertThat(authenticationToken.getCredentials().getClientDataJSON()).isEqualTo(Base64UrlUtil.decode(clientDataJSON));
assertThat(authenticationToken.getCredentials().getAuthenticatorData()).isEqualTo(Base64UrlUtil.decode(authenticatorData));
assertThat(authenticationToken.getCredentials().getSignature()).isEqualTo(Base64UrlUtil.decode(signature));
assertThat(authenticationToken.getCredentials().getClientExtensionsJSON()).isEqualTo(clientExtensionsJSON);
assertThat(authenticationToken.getCredentials().getServerProperty()).isEqualTo(serverProperty);
}
Example #19
| Source File: RegistrationObject.java From webauthn4j with Apache License 2.0 | 5 votes |
|
public RegistrationObject(
AttestationObject attestationObject,
byte[] attestationObjectBytes,
CollectedClientData collectedClientData,
byte[] collectedClientDataBytes,
AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput<?>> clientExtensions,
Set<AuthenticatorTransport> transports,
ServerProperty serverProperty) {
this(attestationObject, attestationObjectBytes, collectedClientData, collectedClientDataBytes, clientExtensions, transports, serverProperty, LocalDateTime.now(Clock.systemUTC()));
}
Example #20
| Source File: AuthenticationObjectTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void equals_hashCode_test() {
byte[] credentialId = new byte[32];
CollectedClientData clientData = TestDataUtil.createClientData(ClientDataType.CREATE);
byte[] clientDataBytes = new CollectedClientDataConverter(objectConverter).convertToBytes(clientData);
AuthenticatorData<AuthenticationExtensionAuthenticatorOutput<?>> authenticatorData = TestDataUtil.createAuthenticatorData();
byte[] authenticatorDataBytes = new AuthenticatorDataConverter(objectConverter).convert(authenticatorData);
AuthenticationExtensionsClientOutputs<AuthenticationExtensionClientOutput<?>> clientExtensions = new AuthenticationExtensionsClientOutputs<>();
ServerProperty serverProperty = TestDataUtil.createServerProperty();
Authenticator authenticator = TestDataUtil.createAuthenticator();
AuthenticationObject instanceA = new AuthenticationObject(
credentialId,
authenticatorData,
authenticatorDataBytes,
clientData,
clientDataBytes,
clientExtensions,
serverProperty,
authenticator
);
AuthenticationObject instanceB = new AuthenticationObject(
credentialId,
authenticatorData,
authenticatorDataBytes,
clientData,
clientDataBytes,
clientExtensions,
serverProperty,
authenticator
);
assertAll(
() -> assertThat(instanceA).isEqualTo(instanceB),
() -> assertThat(instanceA).hasSameHashCodeAs(instanceB)
);
}
Example #21
| Source File: AuthenticationParameters.java From webauthn4j with Apache License 2.0 | 5 votes |
|
public AuthenticationParameters(
ServerProperty serverProperty,
Authenticator authenticator,
boolean userVerificationRequired,
boolean userPresenceRequired,
List<String> expectedExtensionIds) {
this.serverProperty = serverProperty;
this.authenticator = authenticator;
this.userVerificationRequired = userVerificationRequired;
this.userPresenceRequired = userPresenceRequired;
this.expectedExtensionIds = CollectionUtil.unmodifiableList(expectedExtensionIds);
}
Example #22
| Source File: AuthenticationParameters.java From webauthn4j with Apache License 2.0 | 5 votes |
|
public AuthenticationParameters(
ServerProperty serverProperty,
Authenticator authenticator,
boolean userVerificationRequired,
boolean userPresenceRequired) {
this(
serverProperty,
authenticator,
userVerificationRequired,
userPresenceRequired,
null
);
}
Example #23
| Source File: AuthenticationParametersTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void equals_hashCode_test() {
// Server properties
Origin origin = null /* set origin */;
String rpId = null /* set rpId */;
Challenge challenge = null /* set challenge */;
byte[] tokenBindingId = null /* set tokenBindingId */;
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, tokenBindingId);
Authenticator authenticator = null;
// expectations
boolean userVerificationRequired = true;
boolean userPresenceRequired = true;
List<String> expectedExtensionIds = Collections.emptyList();
AuthenticationParameters instanceA =
new AuthenticationParameters(
serverProperty,
authenticator,
userVerificationRequired,
userPresenceRequired,
expectedExtensionIds
);
AuthenticationParameters instanceB =
new AuthenticationParameters(
serverProperty,
authenticator,
userVerificationRequired,
userPresenceRequired,
expectedExtensionIds
);
assertThat(instanceA).isEqualTo(instanceB);
assertThat(instanceA).hasSameHashCodeAs(instanceB);
}
Example #24
| Source File: FIDOU2FAuthenticatorRegistrationValidationTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void validate_with_bad_challenge_test() {
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
Challenge badChallenge = new DefaultChallenge();
PublicKeyCredentialParameters publicKeyCredentialParameters
= new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "example.com"),
new PublicKeyCredentialUserEntity(),
badChallenge,
Collections.singletonList(publicKeyCredentialParameters)
);
AuthenticatorAttestationResponse authenticatorAttestationResponse = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
Set<String> transports = authenticatorTransportConverter.convertSetToStringSet(authenticatorAttestationResponse.getTransports());
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
RegistrationRequest registrationRequest
= new RegistrationRequest(
authenticatorAttestationResponse.getAttestationObject(),
authenticatorAttestationResponse.getClientDataJSON(),
transports
);
RegistrationParameters registrationParameters
= new RegistrationParameters(
serverProperty,
false,
true,
Collections.emptyList()
);
assertThrows(BadChallengeException.class,
() -> target.validate(registrationRequest, registrationParameters)
);
}
Example #25
| Source File: ChallengeValidatorTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void verifyChallenge_test1() {
Challenge challengeA = new DefaultChallenge(new byte[]{0x00});
Challenge challengeB = new DefaultChallenge(new byte[]{0x00});
CollectedClientData collectedClientData = new CollectedClientData(ClientDataType.CREATE, challengeA, null, null);
ServerProperty serverProperty = new ServerProperty(null, null, challengeB, null);
//When
target.validate(collectedClientData, serverProperty);
}
Example #26
| Source File: FIDOU2FAuthenticatorRegistrationValidationTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void validate_with_bad_rpId_test() {
String rpId = "example.com";
String badRpId = "example.net";
Challenge challenge = new DefaultChallenge();
PublicKeyCredentialParameters publicKeyCredentialParameters
= new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(badRpId, "example.com"),
new PublicKeyCredentialUserEntity(),
challenge,
Collections.singletonList(publicKeyCredentialParameters)
);
AuthenticatorAttestationResponse authenticatorAttestationResponse = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
Set<String> transports = authenticatorTransportConverter.convertSetToStringSet(authenticatorAttestationResponse.getTransports());
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
RegistrationRequest registrationRequest
= new RegistrationRequest(
authenticatorAttestationResponse.getAttestationObject(),
authenticatorAttestationResponse.getClientDataJSON(),
transports
);
RegistrationParameters registrationParameters
= new RegistrationParameters(
serverProperty,
false,
true,
Collections.emptyList()
);
assertThrows(BadRpIdException.class,
() -> target.validate(registrationRequest, registrationParameters)
);
}
Example #27
| Source File: FIDOU2FAuthenticatorRegistrationValidationTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void validate_with_bad_attestationStatement_test() {
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
PublicKeyCredentialParameters publicKeyCredentialParameters
= new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "example.com"),
new PublicKeyCredentialUserEntity(),
challenge,
Collections.singletonList(publicKeyCredentialParameters)
);
AuthenticatorAttestationResponse authenticatorAttestationResponse = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
Set<String> transports = authenticatorTransportConverter.convertSetToStringSet(authenticatorAttestationResponse.getTransports());
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
RegistrationRequest registrationRequest
= new RegistrationRequest(
authenticatorAttestationResponse.getAttestationObject(),
authenticatorAttestationResponse.getClientDataJSON(),
transports
);
RegistrationParameters registrationParameters
= new RegistrationParameters(
serverProperty,
false,
true,
Collections.emptyList()
);
WebAuthnManager target = new WebAuthnManager(
Collections.singletonList(fidoU2FAttestationStatementValidator),
new TrustAnchorCertPathTrustworthinessValidator(mock(TrustAnchorsResolver.class)),
new DefaultSelfAttestationTrustworthinessValidator()
);
assertThrows(BadAttestationStatementException.class,
() -> target.validate(registrationRequest, registrationParameters)
);
}
Example #28
| Source File: RegistrationObjectTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void equals_hashCode_test() {
CollectedClientData clientData = TestDataUtil.createClientData(ClientDataType.CREATE);
byte[] clientDataBytes = new CollectedClientDataConverter(objectConverter).convertToBytes(clientData);
AttestationObject attestationObject = TestDataUtil.createAttestationObjectWithFIDOU2FAttestationStatement();
byte[] attestationObjectBytes = new AttestationObjectConverter(objectConverter).convertToBytes(attestationObject);
Set<AuthenticatorTransport> transports = Collections.emptySet();
AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput<?>> clientExtensions = new AuthenticationExtensionsClientOutputs<>();
ServerProperty serverProperty = TestDataUtil.createServerProperty();
LocalDateTime timestamp = LocalDateTime.now();
RegistrationObject instanceA = new RegistrationObject(
attestationObject,
attestationObjectBytes,
clientData,
clientDataBytes,
clientExtensions,
transports,
serverProperty,
timestamp
);
RegistrationObject instanceB = new RegistrationObject(
attestationObject,
attestationObjectBytes,
clientData,
clientDataBytes,
clientExtensions,
transports,
serverProperty,
timestamp
);
assertAll(
() -> assertThat(instanceA).isEqualTo(instanceB),
() -> assertThat(instanceA).hasSameHashCodeAs(instanceB)
);
}
Example #29
| Source File: NullAttestationStatementValidatorTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void validate_RegistrationRequest_with_fido_u2f_attestation_statement_test() {
FIDOU2FAuthenticatorAdaptor fidou2FAuthenticatorAdaptor = new FIDOU2FAuthenticatorAdaptor();
ClientPlatform clientPlatform = new ClientPlatform(origin, fidou2FAuthenticatorAdaptor);
String rpId = "example.com";
Challenge challenge = new DefaultChallenge();
PublicKeyCredentialParameters publicKeyCredentialParameters
= new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256);
AuthenticatorSelectionCriteria authenticatorSelectionCriteria =
new AuthenticatorSelectionCriteria(
AuthenticatorAttachment.CROSS_PLATFORM,
true,
UserVerificationRequirement.REQUIRED);
AuthenticationExtensionsClientInputs<RegistrationExtensionClientInput<?>> extensions = new AuthenticationExtensionsClientInputs<>();
PublicKeyCredentialCreationOptions credentialCreationOptions = new PublicKeyCredentialCreationOptions(
new PublicKeyCredentialRpEntity(rpId, "valid.site.example.com"),
new PublicKeyCredentialUserEntity(),
challenge,
Collections.singletonList(publicKeyCredentialParameters),
null,
Collections.emptyList(),
authenticatorSelectionCriteria,
AttestationConveyancePreference.DIRECT,
extensions
);
AuthenticatorAttestationResponse registrationRequest = clientPlatform.create(credentialCreationOptions).getAuthenticatorResponse();
Set<String> transports = authenticatorTransportConverter.convertSetToStringSet(registrationRequest.getTransports());
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, null);
RegistrationRequest webAuthnRegistrationRequest =
new RegistrationRequest(
registrationRequest.getAttestationObject(),
registrationRequest.getClientDataJSON(),
transports);
RegistrationParameters registrationParameters =
new RegistrationParameters(serverProperty, false);
target.validate(webAuthnRegistrationRequest, registrationParameters);
}
Example #30
| Source File: OriginValidatorTest.java From webauthn4j with Apache License 2.0 | 5 votes |
|
@Test
void test() {
Origin originA = new Origin("https://example.com:14443");
Origin originB = new Origin("https://example.com:14443");
CollectedClientData collectedClientData = new CollectedClientData(ClientDataType.CREATE, TestDataUtil.createChallenge(), originA, null);
ServerProperty serverProperty = new ServerProperty(originB, "example.com", TestDataUtil.createChallenge(), null);
target.validate(collectedClientData, serverProperty);
}
