Catch up changes of WebAuthn4j 0.24.0

Author: ynojima

build.gradle

@@ -25,7 +25,7 @@ buildscript {
         httpBuilderVersion = '0.7.2'
 
         //Libraries
-        webauthn4jVersion = '0.23.0.RELEASE'
+        webauthn4jVersion = '0.24.0.RELEASE'
         springSecurityVersion = '6.0.2'
         hibernateValidatorVersion = '8.0.1.Final'
         thymeleafVersion = '3.0.4.RELEASE'

samples/spa/src/main/java/com/webauthn4j/springframework/security/webauthn/sample/app/util/AppSpecificMapper.java

@@ -58,6 +58,10 @@ public ProfileForm mapToProfileForm(UserEntity userEntity) {
     private AuthenticatorEntity mapForCreate(AuthenticatorForm authenticatorForm) {
         AuthenticatorEntity authenticatorEntity = new AuthenticatorEntity();
         authenticatorEntity.setName(authenticatorForm.getName());
+        authenticatorEntity.setClientData(authenticatorForm.getClientData().getCollectedClientData());
+        authenticatorEntity.setUvInitialized(authenticatorForm.getAttestationObject().getAttestationObject().getAuthenticatorData().isFlagUV());
+        authenticatorEntity.setBackupEligible(authenticatorForm.getAttestationObject().getAttestationObject().getAuthenticatorData().isFlagBE());
+        authenticatorEntity.setBackedUp(authenticatorForm.getAttestationObject().getAttestationObject().getAuthenticatorData().isFlagBS());
         authenticatorEntity.setAttestationStatement(authenticatorForm.getAttestationObject().getAttestationObject().getAttestationStatement());
         authenticatorEntity.setAttestedCredentialData(authenticatorForm.getAttestationObject().getAttestationObject().getAuthenticatorData().getAttestedCredentialData());
         return authenticatorEntity;

samples/spa/src/main/java/com/webauthn4j/springframework/security/webauthn/sample/domain/entity/AuthenticatorEntity.java

@@ -19,6 +19,7 @@
 import com.webauthn4j.data.AuthenticatorTransport;
 import com.webauthn4j.data.attestation.authenticator.AttestedCredentialData;
 import com.webauthn4j.data.attestation.statement.AttestationStatement;
+import com.webauthn4j.data.client.CollectedClientData;
 import com.webauthn4j.data.extension.authenticator.AuthenticationExtensionsAuthenticatorOutputs;
 import com.webauthn4j.data.extension.authenticator.RegistrationExtensionAuthenticatorOutput;
 import com.webauthn4j.data.extension.client.AuthenticationExtensionsClientOutputs;
@@ -48,6 +49,10 @@ public class AuthenticatorEntity implements WebAuthnAuthenticator {
 
     private long counter;
 
+    private boolean uvInitialized;
+    private boolean backupEligible;
+    private boolean backedUp;
+
     @ElementCollection(fetch = FetchType.EAGER)
     @CollectionTable(name = "m_transport", joinColumns = @JoinColumn(name = "authenticator_id"))
     @Column(name = "transport")
@@ -70,6 +75,10 @@ public class AuthenticatorEntity implements WebAuthnAuthenticator {
     @Convert(converter = AttestationStatementConverter.class)
     private AttestationStatement attestationStatement;
 
+    @Lob
+    @Convert(converter = CollectedClientDataConverter.class)
+    private CollectedClientData clientData;
+
     @Lob
     @Convert(converter = ClientExtensionsConverter.class)
     private AuthenticationExtensionsClientOutputs<RegistrationExtensionClientOutput>  clientExtensions;
@@ -162,4 +171,43 @@ public AuthenticationExtensionsAuthenticatorOutputs<RegistrationExtensionAuthent
     public void setAuthenticatorExtensions(AuthenticationExtensionsAuthenticatorOutputs<RegistrationExtensionAuthenticatorOutput>  authenticatorExtensions) {
         this.authenticatorExtensions = authenticatorExtensions;
     }
+
+    @Override
+    public CollectedClientData getClientData() {
+        return this.clientData;
+    }
+
+    public void setClientData(CollectedClientData clientData) {
+        this.clientData = clientData;
+    }
+
+    @Override
+    public Boolean isUvInitialized() {
+        return this.uvInitialized;
+    }
+
+    @Override
+    public void setUvInitialized(boolean value) {
+        this.uvInitialized = value;
+    }
+
+    @Override
+    public  Boolean isBackupEligible() {
+        return this.backupEligible;
+    }
+
+    @Override
+    public void setBackupEligible(boolean value) {
+        this.backupEligible = value;
+    }
+
+    @Override
+    public Boolean isBackedUp() {
+        return this.backedUp;
+    }
+
+    @Override
+    public void setBackedUp(boolean value) {
+        this.backedUp = value;
+    }
 }

samples/spa/src/main/java/com/webauthn4j/springframework/security/webauthn/sample/infrastructure/util/jpa/converter/CollectedClientDataConverter.java

@@ -0,0 +1,26 @@
+package com.webauthn4j.springframework.security.webauthn.sample.infrastructure.util.jpa.converter;
+
+import com.webauthn4j.converter.util.ObjectConverter;
+import com.webauthn4j.data.client.CollectedClientData;
+import jakarta.persistence.AttributeConverter;
+
+public class CollectedClientDataConverter implements AttributeConverter<CollectedClientData, String> {
+
+    private final com.webauthn4j.converter.CollectedClientDataConverter converter;
+
+    public CollectedClientDataConverter(ObjectConverter objectConverter) {
+        this.converter = new com.webauthn4j.converter.CollectedClientDataConverter(objectConverter);
+    }
+
+    @Override
+    public String convertToDatabaseColumn(CollectedClientData attribute) {
+        if (attribute == null) return null;
+        return converter.convertToBase64UrlString(attribute);
+    }
+
+    @Override
+    public CollectedClientData convertToEntityAttribute(String dbData) {
+        if (dbData == null) return null;
+        return converter.convert(dbData);
+    }
+}

samples/spa/src/main/resources/db/migration/h2/V0_0_0__create_tables.sql

@@ -30,10 +30,14 @@ CREATE TABLE m_authenticator(
   name                   VARCHAR(32)   NOT NULL,
   user_id                INTEGER       NOT NULL  REFERENCES m_user(id),
   counter                BIGINT         NOT NULL,
+  uv_initialized            BOOLEAN         NOT NULL,
+  backup_eligible            BOOLEAN         NOT NULL,
+  backed_up            BOOLEAN         NOT NULL,
   aaguid                VARBINARY(16)           NOT NULL,
   credential_id          VARBINARY(1024)           NOT NULL,
   cose_key  VARBINARY(1024)    NOT NULL,
   attestation_statement  CLOB NOT NULL,
+  client_data        CLOB NOT NULL,
   client_extensions  CLOB NOT NULL,
   authenticator_extensions  CLOB NOT NULL,
   primary key(id)

…rtFileResourcesTrustAnchorsProvider.java …tFileResourcesTrustAnchorRepository.javawebauthn4j-spring-security-core/src/main/java/com/webauthn4j/springframework/security/anchor/CertFileResourcesTrustAnchorsProvider.java renamed to webauthn4j-spring-security-core/src/main/java/com/webauthn4j/springframework/security/anchor/CertFileResourcesTrustAnchorRepository.java webauthn4j-spring-security-core/src/main/java/com/webauthn4j/springframework/security/anchor/CertFileResourcesTrustAnchorsProvider.java renamed to webauthn4j-spring-security-core/src/main/java/com/webauthn4j/springframework/security/anchor/CertFileResourcesTrustAnchorRepository.java

@@ -16,6 +16,7 @@
 
 package com.webauthn4j.springframework.security.anchor;
 
+import com.webauthn4j.anchor.TrustAnchorRepository;
 import com.webauthn4j.data.attestation.authenticator.AAGUID;
 import com.webauthn4j.util.AssertUtil;
 import com.webauthn4j.util.CertificateUtil;
@@ -26,19 +27,14 @@
 import java.io.UncheckedIOException;
 import java.security.cert.TrustAnchor;
 import java.security.cert.X509Certificate;
-import java.util.Collections;
 import java.util.List;
-import java.util.Map;
 import java.util.Set;
 import java.util.stream.Collectors;
 
 /**
- * An implementation of {@link com.webauthn4j.anchor.TrustAnchorsProvider} that loads {@link TrustAnchor}(s) from X.509 certificate file in Spring {@link Resource}
- * @deprecated
+ * An implementation of {@link com.webauthn4j.anchor.TrustAnchorRepository} that loads {@link TrustAnchor}(s) from X.509 certificate file in Spring {@link Resource}
  */
-@Deprecated
-@SuppressWarnings("deprecation")
-public class CertFileResourcesTrustAnchorsProvider extends com.webauthn4j.anchor.CachingTrustAnchorsProviderBase implements InitializingBean {
+public class CertFileResourcesTrustAnchorRepository implements TrustAnchorRepository, InitializingBean {
 
     // ~ Instance fields
     // ================================================================================================
@@ -48,10 +44,10 @@ public class CertFileResourcesTrustAnchorsProvider extends com.webauthn4j.anchor
     // ~ Constructor
     // ========================================================================================================
 
-    public CertFileResourcesTrustAnchorsProvider() {
+    public CertFileResourcesTrustAnchorRepository() {
     }
 
-    public CertFileResourcesTrustAnchorsProvider(List<Resource> certificates) {
+    public CertFileResourcesTrustAnchorRepository(List<Resource> certificates) {
         this.certificates = certificates;
     }
 
@@ -67,19 +63,21 @@ private void checkConfig() {
         AssertUtil.notNull(certificates, "certificates must not be null");
     }
 
-    /**
-     * Retrieves {@link TrustAnchor}s from {@link Resource}s.
-     *
-     * @return null key {@link TrustAnchor} {@link Set} value {@link Map}
-     */
     @Override
-    protected Map<AAGUID, Set<TrustAnchor>> loadTrustAnchors() {
+    public Set<TrustAnchor> find(AAGUID aaguid) {
         checkConfig();
-        Set<TrustAnchor> trustAnchors = certificates.stream().map(this::loadTrustAnchor).collect(Collectors.toSet());
-        return Collections.singletonMap(AAGUID.NULL, trustAnchors);
+        return certificates.stream().map(this::loadTrustAnchor).collect(Collectors.toSet());
     }
 
+    @Override
+    public Set<TrustAnchor> find(byte[] bytes) {
+        checkConfig();
+        return certificates.stream().map(this::loadTrustAnchor).collect(Collectors.toSet());
+    }
+
+
     public List<Resource> getCertificates() {
+        checkConfig();
         return certificates;
     }
 
@@ -95,4 +93,5 @@ TrustAnchor loadTrustAnchor(Resource certificate) {
             throw new UncheckedIOException(e);
         }
     }
+
 }

webauthn4j-spring-security-core/src/main/java/com/webauthn4j/springframework/security/anchor/KeyStoreResourceTrustAnchorProvider.java

@@ -16,14 +16,14 @@
 
 package com.webauthn4j.springframework.security.authenticator;
 
-import com.webauthn4j.authenticator.Authenticator;
+import com.webauthn4j.credential.CredentialRecord;
 
 /**
  * Models core authenticator information retrieved by a {@link WebAuthnAuthenticatorService}
  *
  * @see WebAuthnAuthenticatorService
  */
-public interface WebAuthnAuthenticator extends Authenticator {
+public interface WebAuthnAuthenticator extends CredentialRecord {
 
     /**
      * Return a principal that represents user