webauthn4j-extras

WebAuthn4J Extras library

License

License

The Apache Software License, Version 2.0
GroupId

GroupId

com.webauthn4j
ArtifactId

ArtifactId

webauthn4j-extras
Last Version

Last Version

0.7.0.RELEASE
Release Date

Release Date

Type

Type

jar
Description

Description

webauthn4j-extras
WebAuthn4J Extras library
Project URL

Project URL

https://github.com/webauthn4j/webauthn4j
Source Code Management

Source Code Management

https://github.com/webauthn4j/webauthn4j

Download webauthn4j-extras

How to add to project

<!-- https://jarcasting.com/artifacts/com.webauthn4j/webauthn4j-extras/ -->
<dependency>
    <groupId>com.webauthn4j</groupId>
    <artifactId>webauthn4j-extras</artifactId>
    <version>0.7.0.RELEASE</version>
</dependency>
// https://jarcasting.com/artifacts/com.webauthn4j/webauthn4j-extras/
implementation 'com.webauthn4j:webauthn4j-extras:0.7.0.RELEASE'
// https://jarcasting.com/artifacts/com.webauthn4j/webauthn4j-extras/
implementation ("com.webauthn4j:webauthn4j-extras:0.7.0.RELEASE")
'com.webauthn4j:webauthn4j-extras:jar:0.7.0.RELEASE'
<dependency org="com.webauthn4j" name="webauthn4j-extras" rev="0.7.0.RELEASE">
  <artifact name="webauthn4j-extras" type="jar" />
</dependency>
@Grapes(
@Grab(group='com.webauthn4j', module='webauthn4j-extras', version='0.7.0.RELEASE')
)
libraryDependencies += "com.webauthn4j" % "webauthn4j-extras" % "0.7.0.RELEASE"
[com.webauthn4j/webauthn4j-extras "0.7.0.RELEASE"]

Dependencies

compile (2)

Group / Artifact Type Version
com.webauthn4j : webauthn4j-core jar 0.7.0.RELEASE
com.fasterxml.jackson.datatype : jackson-datatype-jsr310 jar

Project Modules

There are no modules declared in this project.

WebAuthn4J

WebAuthn4J

Build Status Coverage Build Status license

A portable Java library for WebAuthn and Apple App Attest server side verification

Conformance

All mandatory test cases and optional Android Key attestation test cases of FIDO2 Test Tools provided by FIDO Alliance are passed.

Supported Attestation statement format

All attestation statement formats are supported.

  • Packed attestation
  • FIDO U2F attestation
  • Android Key attestation
  • Android SafetyNet attestation
  • TPM attestation
  • Apple Anonymous attestation
  • None attestation
  • Apple App Attest attestation

Projects using WebAuthn4J

Documentation

You can find out more details from the reference.

Getting from Maven Central

If you are using Maven, just add the webauthn4j as a dependency:

<properties>
  ...
  <!-- Use the latest version whenever possible. -->
  <webauthn4j.version>0.14.0.RELEASE</webauthn4j.version>
  ...
</properties>

<dependencies>
  ...
  <dependency>
    <groupId>com.webauthn4j</groupId>
    <artifactId>webauthn4j-core</artifactId>
    <version>${webauthn4j.version}</version>
  </dependency>
  ...
</dependencies>

Build from source

WebAuthn4J uses a Gradle based build system. In the instructions below, gradlew is invoked from the root of the source tree and serves as a cross-platform, self-contained bootstrap mechanism for the build.

Prerequisites

  • Java8 or later

Checkout sources

git clone https://github.com/webauthn4j/webauthn4j

Build all jars

./gradlew build

How to use

Parse and Validation on WebAuthn registration

If your would like to validate Apple App Attest, please see the reference.

// Client properties
byte[] attestationObject = null /* set attestationObject */;
byte[] clientDataJSON = null /* set clientDataJSON */;
String clientExtensionJSON = null;  /* set clientExtensionJSON */;
Set<String> transports = null /* set transports */;

// Server properties
Origin origin = null /* set origin */;
String rpId = null /* set rpId */;
Challenge challenge = null /* set challenge */;
byte[] tokenBindingId = null /* set tokenBindingId */;
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, tokenBindingId);

// expectations
boolean userVerificationRequired = false;
boolean userPresenceRequired = true;
List<String> expectedExtensionIds = Collections.emptyList();

RegistrationRequest registrationRequest = new RegistrationRequest(attestationObject, clientDataJSON, clientExtensionJSON, transports);
RegistrationParameters registrationParameters = new RegistrationParameters(serverProperty, userVerificationRequired, userPresenceRequired, expectedExtensionIds);
RegistrationData registrationData;
try{
    registrationData = webAuthnManager.parse(registrationRequest);
}
catch (DataConversionException e){
    // If you would like to handle WebAuthn data structure parse error, please catch DataConversionException
    throw e;
}
try{
    webAuthnManager.validate(registrationData, registrationParameters);
}
catch (ValidationException e){
    // If you would like to handle WebAuthn data validation error, please catch ValidationException
    throw e;
}

// please persist Authenticator object, which will be used in the authentication process.
Authenticator authenticator =
        new AuthenticatorImpl( // You may create your own Authenticator implementation to save friendly authenticator name
                registrationData.getAttestationObject().getAuthenticatorData().getAttestedCredentialData(),
                registrationData.getAttestationObject().getAttestationStatement(),
                registrationData.getAttestationObject().getAuthenticatorData().getSignCount()
        );
save(authenticator); // please persist authenticator in your manner

Parse and Validation on authentication

// Client properties
byte[] credentialId = null /* set credentialId */;
byte[] userHandle = null /* set userHandle */;
byte[] authenticatorData = null /* set authenticatorData */;
byte[] clientDataJSON = null /* set clientDataJSON */;
String clientExtensionJSON = null /* set clientExtensionJSON */;
byte[] signature = null /* set signature */;

// Server properties
Origin origin = null /* set origin */;
String rpId = null /* set rpId */;
Challenge challenge = null /* set challenge */;
byte[] tokenBindingId = null /* set tokenBindingId */;
ServerProperty serverProperty = new ServerProperty(origin, rpId, challenge, tokenBindingId);

// expectations
boolean userVerificationRequired = true;
boolean userPresenceRequired = true;
List<String> expectedExtensionIds = Collections.emptyList();

Authenticator authenticator = load(credentialId); // please load authenticator object persisted in the registration process in your manner

AuthenticationRequest authenticationRequest =
        new AuthenticationRequest(
                credentialId,
                userHandle,
                authenticatorData,
                clientDataJSON,
                clientExtensionJSON,
                signature
        );
AuthenticationParameters authenticationParameters =
        new AuthenticationParameters(
                serverProperty,
                authenticator,
                userVerificationRequired,
                userPresenceRequired,
                expectedExtensionIds
        );

AuthenticationData authenticationData;
try{
    authenticationData = webAuthnManager.parse(authenticationRequest);
}
catch (DataConversionException e){
    // If you would like to handle WebAuthn data structure parse error, please catch DataConversionException
    throw e;
}
try{
    webAuthnManager.validate(authenticationData, authenticationParameters);
}
catch (ValidationException e){
    // If you would like to handle WebAuthn data validation error, please catch ValidationException
    throw e;
}
// please update the counter of the authenticator record
updateCounter(
        authenticationData.getCredentialId(),
        authenticationData.getAuthenticatorData().getSignCount()
);

Sample application

WebAuthn4J Spring Security is built on the top of WebAuthn4J, and its sample application demonstrates WebAuthn4J feature well. Please see WebAuthn4J Spring Security sample application.

License

WebAuthn4J is Open Source software released under the Apache 2.0 license.

Contributing

Interested in helping out with WebAuthn4J? Great! Your participation in the community is much appreciated! Please feel free to open issues and send pull-requests.

com.webauthn4j

WebAuthn4J

Versions

Version
0.7.0.RELEASE
0.6.6.RELEASE