Skip to content

Commit

Permalink
Update MPA sample
Browse files Browse the repository at this point in the history
  • Loading branch information
@ynojima
ynojima committed Dec 31, 2023
1 parent e3ace97 commit 558c84b
Show file tree
Hide file tree
Showing 7 changed files with 26 additions and 129 deletions.
16 changes: 14 additions & 2 deletions ...com/webauthn4j/springframework/security/webauthn/sample/app/config/WebSecurityConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
import com.webauthn4j.data.AttestationConveyancePreference;
import com.webauthn4j.data.PublicKeyCredentialParameters;
import com.webauthn4j.data.PublicKeyCredentialType;
import com.webauthn4j.data.ResidentKeyRequirement;
import com.webauthn4j.data.attestation.statement.COSEAlgorithmIdentifier;
import com.webauthn4j.springframework.security.WebAuthnAuthenticationProvider;
import com.webauthn4j.springframework.security.authenticator.WebAuthnAuthenticatorService;
Expand All @@ -32,9 +33,12 @@
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.access.expression.DefaultHttpSecurityExpressionHandler;
import org.springframework.security.web.access.expression.WebExpressionAuthorizationManager;
Expand All @@ -54,6 +58,14 @@ public WebAuthnAuthenticationProvider webAuthnAuthenticationProvider(WebAuthnAut
return new WebAuthnAuthenticationProvider(authenticatorService, webAuthnManager);
}

@Bean
public DaoAuthenticationProvider daoAuthenticationProvider(PasswordEncoder passwordEncoder, UserDetailsService userDetailsService){
DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
daoAuthenticationProvider.setPasswordEncoder(passwordEncoder);
daoAuthenticationProvider.setUserDetailsService(userDetailsService);
return daoAuthenticationProvider;
}

@Bean
public AuthenticationManager authenticationManager(List<AuthenticationProvider> providers){
return new ProviderManager(providers);
Expand All @@ -79,13 +91,13 @@ public SecurityFilterChain filterChain(HttpSecurity http, AuthenticationManager
.failureUrl("/login")
.attestationOptionsEndpoint()
.rp()
.name("WebAuthn4J Spring Security Sample MPA")
.name("WebAuthn4J Spring Security Sample")
.and()
.pubKeyCredParams(
new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.ES256),
new PublicKeyCredentialParameters(PublicKeyCredentialType.PUBLIC_KEY, COSEAlgorithmIdentifier.RS1)
)
.attestation(AttestationConveyancePreference.DIRECT)
.attestation(AttestationConveyancePreference.NONE)
.extensions()
.uvm(true)
.credProps(true)
Expand Down
8 changes: 2 additions & 6 deletions samples/mpa/src/main/resources/static/css/tiny.css
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,14 +22,10 @@
}

.login-form input#username {
margin-bottom: -1px;
border-bottom-right-radius: 0;
border-bottom-left-radius: 0;
margin-bottom: 1em;
}
.login-form input#password {
margin-bottom: 10px;
border-top-left-radius: 0;
border-top-right-radius: 0;
margin-bottom: 1em;
}

.signup-form input#username {
Expand Down
26 changes: 5 additions & 21 deletions samples/mpa/src/main/resources/static/js/webauthn.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@

function createCredential(residentKeyRequirement){
function createCredential(){

let username = $("#username").val();
let userHandle = $("#userHandle").val();
Expand All @@ -25,7 +25,8 @@ function createCredential(residentKeyRequirement){
}
}),
authenticatorSelection: {
requireResidentKey: residentKeyRequirement
requireResidentKey: true,
residentKey: "preferred"
},
attestation: options.attestation,
extensions: options.extensions
Expand Down Expand Up @@ -65,36 +66,19 @@ function getCredential(userVerification){

$(document).ready(function() {

let dialog = $("#resident-key-requirement-dialog");

let onResidentKeyRequirementDialogClosing = function(residentKeyRequirement){
createCredential(residentKeyRequirement).then(function (credential) {
$('#authenticator').click(function(){
createCredential().then(function (credential) {
console.log(credential);
$('#clientDataJSON').val(base64url.encodeBase64url(credential.response.clientDataJSON));
$('#attestationObject').val(base64url.encodeBase64url(credential.response.attestationObject));
$('#clientExtensions').val(JSON.stringify(credential.getClientExtensionResults()));
$('#authenticator').text('Authenticator registered');
$('#authenticator').prop('disabled', true);
$('#submit').prop('disabled', false);
dialog.modal('hide');
}).catch(function (e) {
console.error("Error:%s, Message:%s", e.name, e.message);
dialog.modal('hide');
});
};

$('#resident-key-requirement-dialog-yes').click(function () {
onResidentKeyRequirementDialogClosing(true);
});
$('#resident-key-requirement-dialog-no').click(function () {
onResidentKeyRequirementDialogClosing(false);
});
$('#resident-key-requirement-dialog-close').click(function () {
dialog.modal('hide');
});

$('#authenticator').click(function(){
dialog.modal('show');
});

$('#fast-login').click(function(){
Expand Down
2 changes: 1 addition & 1 deletion samples/mpa/src/main/resources/templates/dashboard/dashboard.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
</head>
<body class="hold-transition login-page" id="login-login-view">
<div class="content-wrapper">
<h1 href="/" class="h3 font-weight-normal text-center">WebAuthn4J Spring Security Sample MPA</h1>
<h1 href="/" class="h3 font-weight-normal text-center">WebAuthn4J Spring Security Sample</h1>

<h3 href="/" class="h4 font-weight-normal text-center">Login success</h3>

Expand Down
2 changes: 1 addition & 1 deletion samples/mpa/src/main/resources/templates/login/authenticator-login.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
</head>
<body class="hold-transition login-page" id="login-authenticator-login-view">
<div class="content-wrapper">
<h1 href="/" class="h3 font-weight-normal text-center">WebAuthn4J Spring Security Sample MPA</h1>
<h1 href="/" class="h3 font-weight-normal text-center">WebAuthn4J Spring Security Sample</h1>

<h2 href="/" class="h4 font-weight-normal text-center">Login</h2>

Expand Down
52 changes: 2 additions & 50 deletions samples/mpa/src/main/resources/templates/login/login.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
</head>
<body class="hold-transition login-page" id="login-login-view">
<div class="content-wrapper">
<h1 href="/" class="h3 font-weight-normal text-center">WebAuthn4J Spring Security Sample MPA</h1>
<h1 href="/" class="h3 font-weight-normal text-center">WebAuthn4J Spring Security Sample</h1>

<h2 href="/" class="h4 font-weight-normal text-center">Login</h2>

Expand All @@ -43,7 +43,7 @@ <h2 href="/" class="h4 font-weight-normal text-center">Login</h2>
<p class="mt-1 mb-1 text-muted text-center">OR</p>
<button id="fast-login" class="btn btn-primary btn-block" type="button"
data-toggle="tooltip" data-placement="bottom"
title="Fast(id&password-less) Login">Fast Login</button>
title="Passkey Login">Passkey Login</button>
</div>

<input id="credentialId" name="credentialId" type="hidden" />
Expand All @@ -58,54 +58,6 @@ <h2 href="/" class="h4 font-weight-normal text-center">Login</h2>
</p>

<div class="alert alert-info" role="alert">
<p>
Fast Login means username & password-less login here. Only following combinations are supported for Fast Login as of 2020-08-01.
</p>
<p>
<table class="mt-3 mb-3">
<tbody class="align-top">
<tr>
<th>OS</th><th>Browser</th><th>Authenticator</th>
</tr>
<tr>
<td rowspan="6">Windows 10</td><td rowspan="2">Edge</td><td>FIDO2 Security Key</td>
</tr>
<tr>
<td>Windows Hello</td>
</tr>
<tr>
<td rowspan="2">Chrome</td><td>FIDO2 Security Key</td>
</tr>
<tr>
<td>Windows Hello</td>
</tr>
<tr>
<td rowspan="2">Firefox</td><td>FIDO2 Security Key</td>
</tr>
<tr>
<td>Windows Hello</td>
</tr>
<tr>
<td rowspan="4">MacOS</td><td rowspan="2">Chrome</td><td>FIDO2 Security Key</td>
</tr>
<tr>
<td>Touch ID</td>
</tr>
<tr>
<td rowspan="2">Safari</td><td>FIDO2 Security Key</td>
</tr>
<tr>
<td>Touch ID</td>
</tr>
<tr>
<td rowspan="4">iOS</td><td rowspan="2">Safari</td><td>FIDO2 Security Key</td>
</tr>
<tr>
<td>Touch ID/Face ID</td>
</tr>
</tbody>
</table>
</p>
<p>
If you would like to test two-step authentication with password and security key combination, fill username and password, then press "Login".
</p>
Expand Down
49 changes: 1 addition & 48 deletions samples/mpa/src/main/resources/templates/signup/signup.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
</head>
<body class="hold-transition login-page" id="signup-signup-view">
<div class="content-wrapper">
<h1 href="/" class="h3 font-weight-normal text-center">WebAuthn4J Spring Security Sample MPA</h1>
<h1 href="/" class="h3 font-weight-normal text-center">WebAuthn4J Spring Security Sample</h1>

<h2 href="/" class="h4 font-weight-normal text-center">Sign up</h2>

Expand Down Expand Up @@ -85,53 +85,6 @@ <h5 class="modal-title">Spring Security WebAuthn Sample</h5>
<div class="modal-body">
<p>Would you like to store your ID in your authenticator for Fast Login? <br/>If yes, only capable authenticators will be activated.
</p>
<div class="alert alert-info" role="alert">
Storing ID is only supported by following combinations.

<table class="mt-3 mb-3">
<tbody class="align-top">
<tr>
<th>OS</th><th>Browser</th><th>Authenticator</th>
</tr>
<tr>
<td rowspan="6">Windows 10</td><td rowspan="2">Edge</td><td>FIDO2 Security Key</td>
</tr>
<tr>
<td>Windows Hello</td>
</tr>
<tr>
<td rowspan="2">Chrome</td><td>FIDO2 Security Key</td>
</tr>
<tr>
<td>Windows Hello</td>
</tr>
<tr>
<td rowspan="2">Firefox</td><td>FIDO2 Security Key</td>
</tr>
<tr>
<td>Windows Hello</td>
</tr>
<tr>
<td rowspan="4">MacOS</td><td rowspan="2">Chrome</td><td>FIDO2 Security Key</td>
</tr>
<tr>
<td>Touch ID</td>
</tr>
<tr>
<td rowspan="2">Safari</td><td>FIDO2 Security Key</td>
</tr>
<tr>
<td>Touch ID</td>
</tr>
<tr>
<td rowspan="4">iOS</td><td rowspan="2">Safari</td><td>FIDO2 Security Key</td>
</tr>
<tr>
<td>Touch ID/Face ID</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="modal-footer">
<button type="button" id="resident-key-requirement-dialog-yes" class="btn btn-primary" >Yes</button>
Expand Down

0 comments on commit 558c84b

Please sign in to comment.