com.webauthn4j.authenticator.AuthenticatorImpl Java Examples
The following examples show how to use
com.webauthn4j.authenticator.AuthenticatorImpl.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: WebAuthnAuthenticationProviderTest.java From webauthn4j-spring-security with Apache License 2.0 | 6 votes |
|
@Test(expected = DisabledException.class)
public void userDetailsChecker_check_with_disabled_userDetails_test() {
GrantedAuthority grantedAuthority = new SimpleGrantedAuthority("ROLE_ADMIN");
Authenticator authenticator = new AuthenticatorImpl(null, null, 0);
WebAuthnUserDetailsImpl userDetails = new WebAuthnUserDetailsImpl(
new byte[0],
"dummy",
"dummy",
Collections.singletonList(authenticator),
true,
false,
true,
true,
true,
Collections.singletonList(grantedAuthority));
authenticationProvider.getPreAuthenticationChecks().check(userDetails);
}
Example #2
| Source File: WebAuthnAuthenticationProviderTest.java From webauthn4j-spring-security with Apache License 2.0 | 6 votes |
|
@Test(expected = AccountExpiredException.class)
public void userDetailsChecker_check_with_expired_userDetails_test() {
GrantedAuthority grantedAuthority = new SimpleGrantedAuthority("ROLE_ADMIN");
Authenticator authenticator = new AuthenticatorImpl(null, null, 0);
WebAuthnUserDetailsImpl userDetails = new WebAuthnUserDetailsImpl(
new byte[0],
"dummy",
"dummy",
Collections.singletonList(authenticator),
true,
true,
false,
true,
true,
Collections.singletonList(grantedAuthority));
authenticationProvider.getPreAuthenticationChecks().check(userDetails);
}
Example #3
| Source File: WebAuthnAuthenticationProviderTest.java From webauthn4j-spring-security with Apache License 2.0 | 6 votes |
|
@Test(expected = CredentialsExpiredException.class)
public void userDetailsChecker_check_with_credentials_expired_userDetails_test() {
GrantedAuthority grantedAuthority = new SimpleGrantedAuthority("ROLE_ADMIN");
Authenticator authenticator = new AuthenticatorImpl(null, null, 0);
WebAuthnUserDetailsImpl userDetails = new WebAuthnUserDetailsImpl(
new byte[0],
"dummy",
"dummy",
Collections.singletonList(authenticator),
true,
true,
true,
false,
true,
Collections.singletonList(grantedAuthority));
authenticationProvider.getPostAuthenticationChecks().check(userDetails);
}
Example #4
| Source File: WebAuthnAuthenticationProviderTest.java From webauthn4j-spring-security with Apache License 2.0 | 6 votes |
|
@Test(expected = LockedException.class)
public void userDetailsChecker_check_with_locked_userDetails_test() {
GrantedAuthority grantedAuthority = new SimpleGrantedAuthority("ROLE_ADMIN");
Authenticator authenticator = new AuthenticatorImpl(null, null, 0);
WebAuthnUserDetailsImpl userDetails = new WebAuthnUserDetailsImpl(
new byte[0],
"dummy",
"dummy",
Collections.singletonList(authenticator),
true,
true,
true,
true,
false,
Collections.singletonList(grantedAuthority));
authenticationProvider.getPreAuthenticationChecks().check(userDetails);
}
Example #5
| Source File: WebAuthnUserDetailsImplTest.java From webauthn4j-spring-security with Apache License 2.0 | 6 votes |
|
@Test
public void getter_setter_test() {
GrantedAuthority grantedAuthority = new SimpleGrantedAuthority("ROLE_ADMIN");
Authenticator authenticator = new AuthenticatorImpl(null, null, 0);
WebAuthnUserDetailsImpl userDetails = new WebAuthnUserDetailsImpl(
new byte[32],
"dummy",
"dummy",
Collections.singletonList(authenticator),
Collections.singletonList(grantedAuthority));
userDetails.setSingleFactorAuthenticationAllowed(true);
assertThat(userDetails.getUserHandle()).isEqualTo(new byte[32]);
assertThat(userDetails.isSingleFactorAuthenticationAllowed()).isTrue();
assertThat(userDetails.getAuthenticators()).isEqualTo(Collections.singletonList(authenticator));
}
Example #6
| Source File: WebAuthnAuthenticationProviderTest.java From webauthn4j-spring-security with Apache License 2.0 | 5 votes |
|
@Test
public void userDetailsChecker_check_test() {
GrantedAuthority grantedAuthority = new SimpleGrantedAuthority("ROLE_ADMIN");
Authenticator authenticator = new AuthenticatorImpl(null, null, 0);
WebAuthnUserDetailsImpl userDetails = new WebAuthnUserDetailsImpl(
new byte[0],
"dummy",
"dummy",
Collections.singletonList(authenticator),
Collections.singletonList(grantedAuthority));
authenticationProvider.getPreAuthenticationChecks().check(userDetails);
}
Example #7
| Source File: WebAuthnCredentialProvider.java From keycloak-webauthn-authenticator with Apache License 2.0 | 4 votes |
|
@Override
public boolean isValid(RealmModel realm, UserModel user, CredentialInput input) {
if (!WebAuthnCredentialModel.class.isInstance(input)) return false;
WebAuthnCredentialModel context = WebAuthnCredentialModel.class.cast(input);
List<WebAuthnCredentialModel> auths = getWebAuthnCredentialModelList(realm, user);
WebAuthnAuthenticationContextValidator webAuthnAuthenticationContextValidator =
new WebAuthnAuthenticationContextValidator();
try {
for (WebAuthnCredentialModel auth : auths) {
byte[] credentialId = auth.getAttestedCredentialData().getCredentialId();
if (Arrays.equals(credentialId, context.getAuthenticationContext().getCredentialId())) {
Authenticator authenticator = new AuthenticatorImpl(
auth.getAttestedCredentialData(),
auth.getAttestationStatement(),
auth.getCount()
);
WebAuthnAuthenticationContextValidationResponse response =
webAuthnAuthenticationContextValidator.validate(
context.getAuthenticationContext(),
authenticator);
// update authenticator counter
long count = auth.getCount();
auth.setCount(count + 1);
CredentialModel cred = createCredentialModel(auth);
session.userCredentialManager().updateCredential(realm, user, cred);
dumpCredentialModel(cred);
dumpWebAuthnCredentialModel(auth);
return true;
}
}
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
Example #8
| Source File: TestDataUtil.java From webauthn4j with Apache License 2.0 | 4 votes |
|
public static Authenticator createAuthenticator(AttestationObject attestationObject) {
AttestedCredentialData attestedCredentialData = attestationObject.getAuthenticatorData().getAttestedCredentialData();
return new AuthenticatorImpl(attestedCredentialData, attestationObject.getAttestationStatement(), attestationObject.getAuthenticatorData().getSignCount());
}
Example #9
| Source File: TestDataUtil.java From webauthn4j with Apache License 2.0 | 4 votes |
|
public static Authenticator createAuthenticator(AttestedCredentialData attestedCredentialData, AttestationStatement attestationStatement) {
return new AuthenticatorImpl(attestedCredentialData, attestationStatement, 1);
}
Example #10
| Source File: WebAuthnRegistrationContextValidatorSample.java From webauthn4j with Apache License 2.0 | 4 votes |
|
public void registrationValidationSample() {
// Client properties
byte[] clientDataJSON = null /* set clientDataJSON */;
byte[] attestationObject = null /* set attestationObject */;
Set<String> transports = null /* set transports */;
// Server properties
Origin origin = null /* set origin */;
String rpId = null /* set rpId */;
Challenge challenge = null /* set challenge */;
byte[] tokenBindingId = null /* set tokenBindingId */;
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, tokenBindingId);
boolean userVerificationRequired = false;
RegistrationRequest registrationRequest = new RegistrationRequest(
clientDataJSON,
attestationObject,
transports
);
RegistrationParameters registrationParameters = new RegistrationParameters(
serverProperty,
userVerificationRequired
);
// WebAuthnManager.createNonStrictWebAuthnManager() returns a WebAuthnManager instance
// which doesn't validate an attestation statement. It is recommended configuration for most web application.
// If you are building enterprise web application and need to validate the attestation statement, use the constructor of
// RegistrationContextValidator and provide validators you like
WebAuthnManager webAuthnManager = WebAuthnManager.createNonStrictWebAuthnManager();
RegistrationData response = webAuthnManager.validate(registrationRequest, registrationParameters);
// please persist Authenticator object, which will be used in the authentication process.
Authenticator authenticator =
new AuthenticatorImpl( // You may create your own Authenticator implementation to save friendly authenticator name
response.getAttestationObject().getAuthenticatorData().getAttestedCredentialData(),
response.getAttestationObject().getAttestationStatement(),
response.getAttestationObject().getAuthenticatorData().getSignCount()
);
save(authenticator); // please persist authenticator in your manner
}
Example #11
| Source File: WebAuthnCredentialProvider.java From keycloak with Apache License 2.0 | 4 votes |
|
@Override
public boolean isValid(RealmModel realm, UserModel user, CredentialInput input) {
if (!WebAuthnCredentialModelInput.class.isInstance(input)) return false;
WebAuthnCredentialModelInput context = WebAuthnCredentialModelInput.class.cast(input);
List<WebAuthnCredentialModelInput> auths = getWebAuthnCredentialModelList(realm, user);
WebAuthnAuthenticationManager webAuthnAuthenticationManager = new WebAuthnAuthenticationManager();
AuthenticationData authenticationData = null;
try {
for (WebAuthnCredentialModelInput auth : auths) {
byte[] credentialId = auth.getAttestedCredentialData().getCredentialId();
if (Arrays.equals(credentialId, context.getAuthenticationRequest().getCredentialId())) {
Authenticator authenticator = new AuthenticatorImpl(
auth.getAttestedCredentialData(),
auth.getAttestationStatement(),
auth.getCount()
);
// parse
authenticationData = webAuthnAuthenticationManager.parse(context.getAuthenticationRequest());
// validate
AuthenticationParameters authenticationParameters = new AuthenticationParameters(
context.getAuthenticationParameters().getServerProperty(),
authenticator,
context.getAuthenticationParameters().isUserVerificationRequired()
);
webAuthnAuthenticationManager.validate(authenticationData, authenticationParameters);
logger.debugv("response.getAuthenticatorData().getFlags() = {0}", authenticationData.getAuthenticatorData().getFlags());
// update authenticator counter
long count = auth.getCount();
CredentialModel credModel = getCredentialStore().getStoredCredentialById(realm, user, auth.getCredentialDBId());
WebAuthnCredentialModel webAuthnCredModel = getCredentialFromModel(credModel);
webAuthnCredModel.updateCounter(count + 1);
getCredentialStore().updateCredential(realm, user, webAuthnCredModel);
logger.debugf("Successfully validated WebAuthn credential for user %s", user.getUsername());
dumpCredentialModel(webAuthnCredModel, auth);
return true;
}
}
} catch (WebAuthnException wae) {
wae.printStackTrace();
throw(wae);
}
// no authenticator matched
return false;
}
