diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 390916e..0000000 --- a/Dockerfile +++ /dev/null @@ -1,5 +0,0 @@ -FROM openjdk:8-jdk-alpine -WORKDIR /workspace/app -COPY . . -RUN ./rpserver/gradlew bootJar -RUN ./server/gradlew dockerBuild \ No newline at end of file diff --git a/README.md b/README.md index c5c5050..aa756c6 100644 --- a/README.md +++ b/README.md @@ -4,183 +4,213 @@ ![Repo Size](https://img.shields.io/github/repo-size/line/line-fido2-server) ![License Apache-2.0](https://img.shields.io/github/license/line/line-fido2-server) ![Top Language](https://img.shields.io/github/languages/top/line/line-fido2-server) -![Spring Boot](https://img.shields.io/badge/Spring%20Boot-2.4.3-green) -![Java version](https://img.shields.io/badge/Java-1.8-green) -![Data base](https://img.shields.io/badge/DataBase-MySQL%2FH2%2FRedis-blue) +![Spring Boot](https://img.shields.io/badge/Spring%20Boot-2.7.12-green) +![Java version](https://img.shields.io/badge/Java-11-green) +![Data base](https://img.shields.io/badge/Storage-MySQL%2FH2%2FRedis-blue) ![Last Commit](https://img.shields.io/github/last-commit/line/line-fido2-server) + > **FIDO2(WebAuthn) Server officially certified by FIDO Alliance** - +FIDO2 Certificate ## Overview +FIDO (Fast IDentity Online) is an open standard for online authentication, aiming to eliminate the vulnerabilities of +passwords. FIDO uses public-key cryptography instead of symmetric credentials like passwords or PINs. +In essence, the user's device generates a key pair, storing the private key securely and sharing the public key with the +server. During both registration and authentication, the server challenges the device, and the device responds with a +digital signature using the private key. The server then verifies this signature with the stored public key. This +challenge-response protocol helps prevent replay attacks. -FIDO (Fast IDentity Online) is an open standard for online authentication. It is designed to solve the password problems stemming from a lot of security problems as we are suffering today. - -Rather than relying on symmetric credentials (like passwords or PINs, typically which is a knowledge-based factor), FIDO is based on a public-key cryptography algorithm that is based on asymmetric credentials. +### What is FIDO2? -Simply, the device generates the key pair and stores the private key within the secure area, and sends the corresponding public key (as the name implies it is okay to be public) to the server. +FIDO2 is an enhancement of the FIDO standard for web and other platforms, supported by major web browsers and operating +systems. It encompasses two primary operations: Registration and Authentication. -Then, if the authentication is needed, the server sends challenges to the device and the device generates the digital signature with the private key and sends it to the server. - -Finally, the server can validate the signature with the registered public key. +#### Registration -### What is FIDO2 -FIDO2 is an improved standard for use on the web and other platforms as well as mobile. Various web browsers and OS platforms currently support the FIDO2 standard API. +- The user selects a FIDO authenticator that meets the service’s acceptance policy. +- The user unlocks the authenticator via fingerprint, PIN, or another method. +- A public/private key pair is generated; the public key is sent to the service and associated with the user’s account, + while the private key remains on the device. +- The service challenges the device, which then creates a response using the private key to finish the registration + process. -Basically, FIDO2 has the following operations - Registration, Authentication. +#### Authentication -#### Registration -- The user is prompted to choose an available FIDO authenticator that matches the online service’s acceptance policy. -- User unlocks the FIDO authenticator using a fingerprint reader, a button on a second–factor device, securely–entered PIN, or other methods. -- The user’s device creates a new public/private key pair unique for the local device, online service, and user’s account. -- The public key is sent to the online service and associated with the user’s account. The private key and any information about the local authentication method (such as biometric measurements or templates) never leave the local device. +- The service challenges the user to log in with a previously registered device. +- The user unlocks the authenticator using the same method as during registration. +- The device signs the service’s challenge and sends it back to the service. +- The service verifies the signature with the stored public key and grants access. -#### Authentication -- Online service challenges the user to log in with a previously registered device that matches the service’s acceptance policy. -- User unlocks the FIDO authenticator using the same method as at Registration time. -- The device uses the user’s account identifier provided by the service to select the correct key and sign the service’s challenge. -- The client device sends the signed challenge back to the service, which verifies it with the stored public key and lets the user log in. +### Challenge-Response Protocol +Both the registration and authentication processes utilize a challenge-response protocol to prevent replay attacks. +During registration, a challenge is sent from the server to the device and the device responds using its private key. +Similarly, during authentication, another challenge is sent to verify the user's identity. This ensures that each +attempt is unique and secure. ## Screenshots -### Chrome on Mac with TouchId -registration_flow -### Chrome on Mac with Secret Key (2FA) -registration_flow +### Chrome on Mac with Touch ID -### Chrome on Android with Fingerprint (Reg) -registration_flow - -### Chrome on Android with Fingerprint (Auth) -registration_flow +Registration Flow ## Modules -- server: The FIDO2 server implementation conforming to the FIDO2 standard -- common: FIDO2 related common models -- rp-server: The sample application with a FIDO2 RP implementation -- spring-boot-stater: The spring-boot-starter version of the LINE FIDO2 server application that can be easily integrated into a Spring Boot environment + +- **rp-server**: + - RP Server Demo + - Depends on **common** +- **common**: + - Message classes that are commonly referenced by both the FIDO2 Server and the RP Server +- **core**: + - Contains the core domain logic of FIDO + - If the FIDO2 server being implemented does not interact with an RDB, this module alone should be used + - Depends on **common** +- **base**: + - Contains classes that depend on Spring JPA + - Service Implement classes, Repository interfaces, Entity classes + - Depends on **core** +- **demo**: + - FIDO2 server demo application + - Depends on **base** ## Features -- Supported attestation types - - Basic - - Self - - Attestation CA (a.k.a Privacy CA) - - None - - Anonymization CA -- Supported attestation formats - - Packed (FIDO2) - - Tpm (Windows10 devices) - - Android key attestation - - Android SafetyNet (Any Android devices running 7+) - - FIDO U2F (Legacy U2F authenticators) - - Apple Anonymous - - None -- Metadata service integration - - FIDO MDSv2 - -## How to run -You need to run the FIDO2 server and RP Server first. - -If you want to integrate your own RP Server, please implement APIs by referring to the sample codes. Regarding client sides, you may implement the web app for communicating with the RP server. - -We also provide our server in the form of a spring boot starter. -Check out the spring-boot-starter directory. - -### Manual + +- Supported attestation types: + - Basic + - Self + - Attestation CA (Privacy CA) + - None + - Anonymization CA +- Supported attestation formats: + - Packed + - TPM + - Android Key Attestation + - Android SafetyNet + - FIDO U2F + - Apple Anonymous + - None +- Metadata service integration: + - FIDO MDSv3 + +## How to Run + +### Manual Run + +Start the RP Server and FIDO2 Server: ```bash # Start RP Server cd rpserver ./gradlew bootRun -# Start FIDO2 Server or Line-fido2-spring-boot Demo -cd server -./gradlew bootRun - -cd spring-boot-starter/line-fido2-spring-boot-demo +# Start FIDO2 Server +cd fido2-demo/demo ./gradlew bootRun ``` + ### Docker for demo -If the [Docker environment is configured](https://docs.docker.com/get-started/), You can easily run applications with docker-compose. + +If you have Docker configured, you can use docker-compose. ```bash # Start both RP Server and FIDO2 Server docker-compose up ``` -After running the applications, you can open the test page at the link below. +Once the applications are running, access the test page at: -**http://localhost:8080/** +- http://localhost:8080/ ### Local DB -FIDO2 Server running on local environments uses h2 as an embedded DB. This needs to be replaced with commercial standalone DB for other environments such as staging, beta or real. - -In the case of the local environment, you can use the h2 console. Add the following path /h2-console to the fido server URL to access the h2 web console. -e.g., http://localhost:8081/h2-console +The FIDO2 Server uses H2 as an embedded DB in a local environment, which should be replaced with a standalone DB (like +MySQL) for staging, beta, or production environments. Access the H2 web console at: - -If the below error occurs while logging in to h2-console, -``` -No suitable driver found for 08001/0 -``` -try to remove or comment out *logbook-spring-boot-starter* from build.gradle. - -``` -implementation('org.zalando:logbook-spring-boot-starter:1.8.1') -``` - -### Lombok -This project utilizes Lombok to reduce implementing getter/setter/constructors. You need the Lombok plugin to build with IntelliJ and Eclipse. -See the following web pages to get information. - -https://projectlombok.org/ +- http://localhost:8081/h2-console ### Issues + - If data.sql doesn't work well in an IntelliJ environment, try commenting on this part in build.gradle. + ```groovy jar { - processResources { - exclude("**/*.sql") - } -} -``` -- If Fido2StarterDemoApplication doesn't work well, try commenting on this part in build.gradle. -```groovy -task dockerBuild() { - jar.enabled = false - dependsOn(bootJar) + processResources { + exclude("**/*.sql") + } } ``` + ## API Guides -After running the applications, you can view API guide documents at the link below. ### Spring REST Docs + +To view the API documentation, follow these steps: + +1. Execute the following commands: + ```bash + cd fido2-demo/demo + ./gradlew makeRestDocs + ./gradlew bootRun + ``` +2. Access the API documentation at the following path: + - server: http://localhost:8081/docs/api-guide.html ### Swagger UI + +After running the applications, you can view API guide documents at the link below. + - rpserver: http://localhost:8080/swagger-ui.html - server: http://localhost:8081/swagger-ui.html +## LINE WebAuthn Android and iOS + +We are also providing Client SDK for Android/iOS applications. Please see below. + +- [Introducing Fido2 Client SDK open source](https://techblog.lycorp.co.jp/ko/introducing-fido2-client-sdk-open-source) +- [LINE Webauthn Demo Kotlin](https://github.com/line/webauthndemo-kotlin) +- [LINE Webauthn Demo Swift](https://github.com/line/webauthndemo-swift) + +### checkOrigin Configuration + +The `checkOrigin` method validates the origin of requests from LINE's Android and iOS applications. It ensures security +by checking that the request's origin matches a pre-configured list of allowed origins. + +How to Configure +To use the `checkOrigin` method, set up the allowed origins in the `application.yml` file. Here is an example +configuration: + +```yaml +app: + origins: + - android:aaa-bbb + - ios:aaa-bbb +``` + +**Note:** Replace `aaa-bbb` with the appropriate values for your application. + +**Important:** This configuration is optional and only necessary when integrating with LINE WebAuthn for Android and iOS +applications. + ## References -`LINE Engineering Blogs` + +`LY Engineering Blogs` + - [FIDO at LINE: A First Step to a World Without Passwords](https://engineering.linecorp.com/en/blog/fido-at-line/) - [FIDO at LINE: FIDO2 server as an open-source project](https://engineering.linecorp.com/en/blog/fido-at-line-fido2-server-opensource/) +- [Introducing Fido2 Client SDK open source](https://techblog.lycorp.co.jp/ko/introducing-fido2-client-sdk-open-source) + +`LY Tech Videos` -`LINE DevDay Videos` - [Open source contribution Starting with LINE FIDO2 Server](https://youtu.be/xKzXi5ic4Do) - [Strong customer authentication & biometrics using FIDO](https://youtu.be/S1y9wFh7_dc) - [Cross Platform Mobile Security At LINE](https://youtu.be/4288h-EamTU) - [Secure LINE login with biometric key replacing password](https://youtu.be/vCAu-y-iwyw) `Internal` -- [Sequence Diagram](https://github.com/line/line-fido2-server/wiki/Sequence-diagrams) -`External` -- [FIDO2: WebAuthn & CTAP](https://fidoalliance.org/fido2/) -- [WebAuthn Level 2](https://www.w3.org/TR/2021/REC-webauthn-2-20210408/) -- [CTAP v2.1](https://fidoalliance.org/specs/fido-v2.1-ps-20210615/fido-client-to-authenticator-protocol-v2.1-ps-20210615.html) +- [Sequence Diagram](https://github.com/line/line-fido2-server/wiki/Sequence-diagrams) diff --git a/build.gradle b/build.gradle index 0d7ad4a..c5fb934 100644 --- a/build.gradle +++ b/build.gradle @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,5 +14,21 @@ * under the License. */ -group 'com.linecorp.line.auth.fido.fido2' -version '1.0-SNAPSHOT' \ No newline at end of file +subprojects { + apply plugin: 'java' + apply plugin: 'maven-publish' + + sourceCompatibility = '11' + targetCompatibility = '11' + + group = 'com.linecorp.line.auth.fido.fido2' + version = '1.0.0-SNAPSHOT' + + repositories { + mavenCentral() + maven { + url "https://plugins.gradle.org/m2/" + } + google() + } +} diff --git a/common/build.gradle b/common/build.gradle index 4b474c5..88b8f14 100644 --- a/common/build.gradle +++ b/common/build.gradle @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,20 +14,6 @@ * under the License. */ -plugins { - id 'java' -} - -apply plugin: 'maven' -group 'com.linecorp.line.auth.fido.fido2' -version '1.1.1-SNAPSHOT' - -sourceCompatibility = 1.8 - -repositories { - mavenCentral() -} - test { useJUnitPlatform() } diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/AttestationConveyancePreference.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/AttestationConveyancePreference.java index cee7650..6c8110b 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/AttestationConveyancePreference.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/AttestationConveyancePreference.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/AuthenticatorAttachment.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/AuthenticatorAttachment.java index 30a1ac2..3e91135 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/AuthenticatorAttachment.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/AuthenticatorAttachment.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/AuthenticatorSelectionCriteria.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/AuthenticatorSelectionCriteria.java index 24c853e..5138d45 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/AuthenticatorSelectionCriteria.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/AuthenticatorSelectionCriteria.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/AuthenticatorTransport.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/AuthenticatorTransport.java index 0acf3d5..a738e31 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/AuthenticatorTransport.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/AuthenticatorTransport.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/COSEAlgorithmIdentifier.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/COSEAlgorithmIdentifier.java index f470f4c..416c1c2 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/COSEAlgorithmIdentifier.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/COSEAlgorithmIdentifier.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/Credential.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/Credential.java index 44248d4..aa6f672 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/Credential.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/Credential.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/Extension.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/Extension.java index 04b582a..42f1941 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/Extension.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/Extension.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialEntity.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialEntity.java index f307196..e59488f 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialEntity.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialEntity.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialParameters.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialParameters.java index f60b94b..637416e 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialParameters.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialParameters.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialRpEntity.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialRpEntity.java index b1a9c19..1b0c799 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialRpEntity.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialRpEntity.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialType.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialType.java index 312814d..cd27148 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialType.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialType.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialUserEntity.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialUserEntity.java index f00f730..2c97602 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialUserEntity.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/PublicKeyCredentialUserEntity.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/TokenBinding.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/TokenBinding.java index 583f213..d285076 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/TokenBinding.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/TokenBinding.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/TokenBindingStatus.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/TokenBindingStatus.java index 990a639..cabdf40 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/TokenBindingStatus.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/TokenBindingStatus.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/UserVerificationRequirement.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/UserVerificationRequirement.java index 954cc76..c6b8e03 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/UserVerificationRequirement.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/UserVerificationRequirement.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/crypto/Digests.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/crypto/Digests.java index 8aad606..adf784e 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/crypto/Digests.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/crypto/Digests.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/AuthenticationExtensionsClientInputs.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/AuthenticationExtensionsClientInputs.java index c09b6dc..2d324f0 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/AuthenticationExtensionsClientInputs.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/AuthenticationExtensionsClientInputs.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/AuthenticationExtensionsClientOutputs.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/AuthenticationExtensionsClientOutputs.java index cb42842..d36a51c 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/AuthenticationExtensionsClientOutputs.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/AuthenticationExtensionsClientOutputs.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/AuthenticatorBiometricPerfBounds.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/AuthenticatorBiometricPerfBounds.java index ac0df70..218d06e 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/AuthenticatorBiometricPerfBounds.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/AuthenticatorBiometricPerfBounds.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/Coordinates.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/Coordinates.java index ee86cbb..40c3dca 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/Coordinates.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/Coordinates.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/CredProtect.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/CredProtect.java index aa59c98..460ba09 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/CredProtect.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/CredProtect.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/CredentialPropertiesOutput.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/CredentialPropertiesOutput.java index 58d18c9..4565935 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/CredentialPropertiesOutput.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/CredentialPropertiesOutput.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/CredentialProtectionPolicy.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/CredentialProtectionPolicy.java index 3c65c99..69ab42d 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/CredentialProtectionPolicy.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/CredentialProtectionPolicy.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/KeyProtectionType.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/KeyProtectionType.java index 9b96cd1..0489beb 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/KeyProtectionType.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/KeyProtectionType.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/MatcherProtectionType.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/MatcherProtectionType.java index b45e1c5..ea39636 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/MatcherProtectionType.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/MatcherProtectionType.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/SupportedExtensions.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/SupportedExtensions.java index 6a01cfa..57acd14 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/SupportedExtensions.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/SupportedExtensions.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/TxAuthGenericAlg.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/TxAuthGenericAlg.java index 52e9a36..98be855 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/TxAuthGenericAlg.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/TxAuthGenericAlg.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/UserVerificationMethod.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/UserVerificationMethod.java index 33490aa..0e71682 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/UserVerificationMethod.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/extension/UserVerificationMethod.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/AuthenticatorGetInfo.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/AuthenticatorGetInfo.java index c9a5340..bafe1b8 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/AuthenticatorGetInfo.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/AuthenticatorGetInfo.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/AuthenticatorStatus.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/AuthenticatorStatus.java index 9d17289..3a8334e 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/AuthenticatorStatus.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/AuthenticatorStatus.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/MetadataBLOBPayload.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/MetadataBLOBPayload.java index 0fece7a..0c83645 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/MetadataBLOBPayload.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/MetadataBLOBPayload.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/MetadataBLOBPayloadEntry.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/MetadataBLOBPayloadEntry.java index a190ef7..b318b77 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/MetadataBLOBPayloadEntry.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/MetadataBLOBPayloadEntry.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/StatusReport.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/StatusReport.java index 393499a..6625b08 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/StatusReport.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/StatusReport.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/BiometricAccuracyDescriptor.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/BiometricAccuracyDescriptor.java index 96d2a6a..02d22b3 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/BiometricAccuracyDescriptor.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/BiometricAccuracyDescriptor.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/BiometricStatusReport.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/BiometricStatusReport.java index aaa50e1..13b860d 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/BiometricStatusReport.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/BiometricStatusReport.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/CodeAccuracyDescriptor.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/CodeAccuracyDescriptor.java index eedd6e4..7e4c6ff 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/CodeAccuracyDescriptor.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/CodeAccuracyDescriptor.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/DisplayPNGCharacteristicsDescriptor.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/DisplayPNGCharacteristicsDescriptor.java index 6df734f..cbedcde 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/DisplayPNGCharacteristicsDescriptor.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/DisplayPNGCharacteristicsDescriptor.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/EcdaaTrustAnchor.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/EcdaaTrustAnchor.java index 91657e2..9461f49 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/EcdaaTrustAnchor.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/EcdaaTrustAnchor.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/ExtensionDescriptor.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/ExtensionDescriptor.java index 8f5de0f..95bd7b6 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/ExtensionDescriptor.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/ExtensionDescriptor.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/MetadataStatement.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/MetadataStatement.java index 89e602a..6f37704 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/MetadataStatement.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/MetadataStatement.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/PatternAccuracyDescriptor.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/PatternAccuracyDescriptor.java index 0bf2df3..eec7fd6 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/PatternAccuracyDescriptor.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/PatternAccuracyDescriptor.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/RgbPaletteEntry.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/RgbPaletteEntry.java index a054e66..6dbee59 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/RgbPaletteEntry.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/RgbPaletteEntry.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/VerificationMethodDescriptor.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/VerificationMethodDescriptor.java index 185d817..4a4c44c 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/VerificationMethodDescriptor.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/metadata/VerificationMethodDescriptor.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/protocol/Version.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/protocol/Version.java index 4f0f6a3..6c9dd1a 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/protocol/Version.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/mdsv3/protocol/Version.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/AttestationType.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/AttestationType.java index ba24e33..92eb7d0 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/AttestationType.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/AttestationType.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/AuthOptionRequest.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/AuthOptionRequest.java index df1de03..3012236 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/AuthOptionRequest.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/AuthOptionRequest.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/AuthOptionResponse.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/AuthOptionResponse.java index 3c66843..4c226c2 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/AuthOptionResponse.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/AuthOptionResponse.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/Base64Encoded.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/Base64Encoded.java index 3a2dd66..5fe87c8 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/Base64Encoded.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/Base64Encoded.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/Base64EncodedValidator.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/Base64EncodedValidator.java index dfd805f..590d9b1 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/Base64EncodedValidator.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/Base64EncodedValidator.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/BaseResponse.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/BaseResponse.java index de34d7e..cc3837e 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/BaseResponse.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/BaseResponse.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/COSEAlgorithm.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/COSEAlgorithm.java index 18d44b6..bff45b4 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/COSEAlgorithm.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/COSEAlgorithm.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/GetCredentialResult.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/GetCredentialResult.java index 49874b2..ffca439 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/GetCredentialResult.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/GetCredentialResult.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/GetCredentialsResult.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/GetCredentialsResult.java index d9d7171..06017b9 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/GetCredentialsResult.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/GetCredentialsResult.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/GetU2FCredentialResult.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/GetU2FCredentialResult.java index 87795f6..97c39d3 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/GetU2FCredentialResult.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/GetU2FCredentialResult.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/GetU2FCredentialsResult.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/GetU2FCredentialsResult.java index 5f44ae9..6772f27 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/GetU2FCredentialsResult.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/GetU2FCredentialsResult.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/RegOptionRequest.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/RegOptionRequest.java index 7e920d3..39a011e 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/RegOptionRequest.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/RegOptionRequest.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/RegOptionResponse.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/RegOptionResponse.java index 82b7ffb..2a65744 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/RegOptionResponse.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/RegOptionResponse.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/RegisterCredential.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/RegisterCredential.java index 6f0d923..0c1d649 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/RegisterCredential.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/RegisterCredential.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/RegisterCredentialResult.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/RegisterCredentialResult.java index f570d05..4ec4b5b 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/RegisterCredentialResult.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/RegisterCredentialResult.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAPIResult.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAPIResult.java index 58de6a6..8761d09 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAPIResult.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAPIResult.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAuthPublicKeyCredential.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAuthPublicKeyCredential.java index e59ef11..9edae0b 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAuthPublicKeyCredential.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAuthPublicKeyCredential.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAuthenticatorAssertionResponse.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAuthenticatorAssertionResponse.java index 383c9d3..6d828ee 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAuthenticatorAssertionResponse.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAuthenticatorAssertionResponse.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAuthenticatorAttestationResponse.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAuthenticatorAttestationResponse.java index 2320f9f..39d78aa 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAuthenticatorAttestationResponse.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAuthenticatorAttestationResponse.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAuthenticatorResponse.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAuthenticatorResponse.java index fe0bcdf..f4953b8 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAuthenticatorResponse.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerAuthenticatorResponse.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerPublicKeyCredentialDescriptor.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerPublicKeyCredentialDescriptor.java index f559b45..99d96ce 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerPublicKeyCredentialDescriptor.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerPublicKeyCredentialDescriptor.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerPublicKeyCredentialUserEntity.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerPublicKeyCredentialUserEntity.java index 41825f7..7b4acfc 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerPublicKeyCredentialUserEntity.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerPublicKeyCredentialUserEntity.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerRegPublicKeyCredential.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerRegPublicKeyCredential.java index 7e6a30e..0aa24ea 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerRegPublicKeyCredential.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerRegPublicKeyCredential.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerResponse.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerResponse.java index 134f729..106fd80 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerResponse.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerResponse.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerU2FUserKey.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerU2FUserKey.java index 5c4875e..5b2e4d2 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerU2FUserKey.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerU2FUserKey.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerUserKey.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerUserKey.java index 58e9ca2..d280745 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerUserKey.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/ServerUserKey.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/VerifyCredential.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/VerifyCredential.java index b40fe13..91e7415 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/VerifyCredential.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/VerifyCredential.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/VerifyCredentialResult.java b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/VerifyCredentialResult.java index 5b8e3bc..8597183 100644 --- a/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/VerifyCredentialResult.java +++ b/common/src/main/java/com/linecorp/line/auth/fido/fido2/common/server/VerifyCredentialResult.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/AuthOptionRequestBeanValidationTest.java b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/AuthOptionRequestBeanValidationTest.java index 46428f2..6e6a288 100644 --- a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/AuthOptionRequestBeanValidationTest.java +++ b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/AuthOptionRequestBeanValidationTest.java @@ -1,3 +1,19 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + package com.linecorp.line.auth.fido.fido2.common.server.bean.validation; import com.linecorp.line.auth.fido.fido2.common.server.AuthOptionRequest; @@ -44,4 +60,4 @@ void validateIncompleteRequestWithBlank() { assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) .containsOnly(MUST_NOT_BE_BLANK); } -} \ No newline at end of file +} diff --git a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/BeanValidationTestSupport.java b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/BeanValidationTestSupport.java index 939284e..ca766c9 100644 --- a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/BeanValidationTestSupport.java +++ b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/BeanValidationTestSupport.java @@ -1,3 +1,19 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + package com.linecorp.line.auth.fido.fido2.common.server.bean.validation; import com.fasterxml.jackson.databind.ObjectMapper; diff --git a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/RegOptionRequestBeanValidationTest.java b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/RegOptionRequestBeanValidationTest.java index b872969..0b4d138 100644 --- a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/RegOptionRequestBeanValidationTest.java +++ b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/RegOptionRequestBeanValidationTest.java @@ -1,3 +1,19 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + package com.linecorp.line.auth.fido.fido2.common.server.bean.validation; import com.linecorp.line.auth.fido.fido2.common.server.RegOptionRequest; @@ -45,4 +61,4 @@ void validateIncompleteRequestWithNull() { assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) .containsOnly(MUST_NOT_BE_NULL); } -} \ No newline at end of file +} diff --git a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/RegisterCredentialBeanValidationTest.java b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/RegisterCredentialBeanValidationTest.java index 69d812c..7e05d02 100644 --- a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/RegisterCredentialBeanValidationTest.java +++ b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/RegisterCredentialBeanValidationTest.java @@ -1,3 +1,19 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + package com.linecorp.line.auth.fido.fido2.common.server.bean.validation; import com.linecorp.line.auth.fido.fido2.common.server.RegisterCredential; @@ -58,4 +74,4 @@ void validateIncompleteRequestWithBlank() { assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) .containsOnly(MUST_NOT_BE_BLANK); } -} \ No newline at end of file +} diff --git a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerAuthPublicKeyCredentialBeanValidationTest.java b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerAuthPublicKeyCredentialBeanValidationTest.java index d01df14..cd54894 100644 --- a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerAuthPublicKeyCredentialBeanValidationTest.java +++ b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerAuthPublicKeyCredentialBeanValidationTest.java @@ -1,3 +1,19 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + package com.linecorp.line.auth.fido.fido2.common.server.bean.validation; import com.linecorp.line.auth.fido.fido2.common.server.ServerAuthPublicKeyCredential; @@ -71,4 +87,4 @@ void validateIncompleteRequestWithInvalidBase64Url() { assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) .containsOnly(MUST_BE_A_WELL_FORMED_BASE_64); } -} \ No newline at end of file +} diff --git a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerAuthenticatorAssertionResponseBeanValidationTest.java b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerAuthenticatorAssertionResponseBeanValidationTest.java index f7926ea..cd53492 100644 --- a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerAuthenticatorAssertionResponseBeanValidationTest.java +++ b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerAuthenticatorAssertionResponseBeanValidationTest.java @@ -1,3 +1,19 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + package com.linecorp.line.auth.fido.fido2.common.server.bean.validation; import com.linecorp.line.auth.fido.fido2.common.server.ServerAuthenticatorAssertionResponse; @@ -65,4 +81,4 @@ void validateIncompleteRequestWithInvalidBase64Url() { assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) .containsOnly(MUST_BE_A_WELL_FORMED_BASE_64); } -} \ No newline at end of file +} diff --git a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerAuthenticatorAttestationResponseBeanValidationTest.java b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerAuthenticatorAttestationResponseBeanValidationTest.java index 3b90032..b9e3b23 100644 --- a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerAuthenticatorAttestationResponseBeanValidationTest.java +++ b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerAuthenticatorAttestationResponseBeanValidationTest.java @@ -1,3 +1,19 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + package com.linecorp.line.auth.fido.fido2.common.server.bean.validation; import com.linecorp.line.auth.fido.fido2.common.server.RegisterCredential; @@ -63,4 +79,4 @@ void validateIncompleteRequestWithInvalidBase64Url() { assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) .containsOnly(MUST_BE_A_WELL_FORMED_BASE_64); } -} \ No newline at end of file +} diff --git a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerPublicKeyCredentialUserEntityBeanValidationTest.java b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerPublicKeyCredentialUserEntityBeanValidationTest.java index be8f493..eed1426 100644 --- a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerPublicKeyCredentialUserEntityBeanValidationTest.java +++ b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerPublicKeyCredentialUserEntityBeanValidationTest.java @@ -1,3 +1,19 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + package com.linecorp.line.auth.fido.fido2.common.server.bean.validation; import com.linecorp.line.auth.fido.fido2.common.server.RegOptionRequest; @@ -56,4 +72,4 @@ void validateIncompleteRequestWithTooShortId() { assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) .containsOnly(LENGTH_MUST_BE_BETWEEN_1_AND_64); } -} \ No newline at end of file +} diff --git a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerRegPublicKeyCredentialBeanValidationTest.java b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerRegPublicKeyCredentialBeanValidationTest.java index b5460bc..ba597cd 100644 --- a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerRegPublicKeyCredentialBeanValidationTest.java +++ b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/ServerRegPublicKeyCredentialBeanValidationTest.java @@ -1,3 +1,19 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + package com.linecorp.line.auth.fido.fido2.common.server.bean.validation; import com.linecorp.line.auth.fido.fido2.common.server.RegisterCredential; @@ -46,4 +62,4 @@ void validateIncompleteRequestWithNull() { assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) .containsOnly(MUST_NOT_BE_NULL); } -} \ No newline at end of file +} diff --git a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/VerifyCredentialBeanValidationTest.java b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/VerifyCredentialBeanValidationTest.java index 5752bb8..f9d18ee 100644 --- a/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/VerifyCredentialBeanValidationTest.java +++ b/common/src/test/java/com/linecorp/line/auth/fido/fido2/common/server/bean/validation/VerifyCredentialBeanValidationTest.java @@ -1,3 +1,19 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + package com.linecorp.line.auth.fido.fido2.common.server.bean.validation; import com.linecorp.line.auth.fido.fido2.common.server.VerifyCredential; @@ -46,4 +62,4 @@ void validateIncompleteRequestWithBlank() { assertThat(constraintViolations).extracting(ConstraintViolation::getMessage) .containsOnly(MUST_NOT_BE_BLANK); } -} \ No newline at end of file +} diff --git a/docker-compose.yml b/docker-compose.yml index 98ea5dd..a44a76e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,14 +1,8 @@ version : "3.8" services: - build: - container_name: build-image - image: build-image:latest - build: - context: . - dockerfile: ./Dockerfile rp: container_name: rp-server - image: rp:latest + image: rp-opensource:latest build: context: . dockerfile: ./rpserver/Dockerfile @@ -16,11 +10,11 @@ services: - "8080:8080" restart: always fido2: - container_name: fido2-server - image: fido2:latest + container_name: fido2-demo + image: fido2-opensource:latest build: context: . - dockerfile: ./server/Dockerfile + dockerfile: ./fido2-demo/demo/Dockerfile ports: - "8081:8081" restart: always diff --git a/server/.gitignore b/fido2-core/.gitignore similarity index 100% rename from server/.gitignore rename to fido2-core/.gitignore diff --git a/fido2-core/Dockerfile b/fido2-core/Dockerfile new file mode 100644 index 0000000..8937679 --- /dev/null +++ b/fido2-core/Dockerfile @@ -0,0 +1,13 @@ +FROM gradle:6.8.3-jdk11 AS builder +ENV OPEN_SOURCE_BUILD=true + +USER root +WORKDIR /workspace/app +COPY . . +RUN ./server/gradlew dockerBuild + +FROM openjdk:11-jre-slim-buster +EXPOSE 8081 +COPY --from=builder /workspace/app/server/build/libs/server*.jar server.jar + +ENTRYPOINT ["java","-jar","-Dspring.profiles.active=local","/server.jar"] diff --git a/fido2-core/build.gradle b/fido2-core/build.gradle new file mode 100644 index 0000000..71c63b6 --- /dev/null +++ b/fido2-core/build.gradle @@ -0,0 +1,57 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +plugins { + id 'java-library' + id 'org.springframework.boot' + id 'io.spring.dependency-management' +} + +jar.enabled = true +bootJar.enabled = false + +dependencies { + implementation project(':common') + + implementation('org.springframework.boot:spring-boot-starter-data-jpa') + implementation('org.springframework.boot:spring-boot-starter-web') + implementation('com.fasterxml.jackson.dataformat:jackson-dataformat-cbor') + + implementation('org.springframework.boot:spring-boot-starter-logging') + implementation('org.springframework.boot:spring-boot-starter-validation') + implementation("org.springframework.boot:spring-boot-starter-cache") + + //jwt + implementation('com.auth0:java-jwt:3.4.0') + + //bouncy castle + implementation('org.bouncycastle:bcprov-jdk15on:1.60') + + //eddsa library + implementation('net.i2p.crypto:eddsa:0.3.0') + + //retrofit + implementation('com.squareup.retrofit2:retrofit:2.4.0') + implementation('com.squareup.retrofit2:converter-jackson:2.4.0') + + compileOnly('org.projectlombok:lombok') + annotationProcessor 'org.projectlombok:lombok' + + implementation 'commons-codec:commons-codec:1.15' + + //cache + implementation("com.github.ben-manes.caffeine:caffeine") + +} diff --git a/server/gradle/wrapper/gradle-wrapper.jar b/fido2-core/gradle/wrapper/gradle-wrapper.jar similarity index 100% rename from server/gradle/wrapper/gradle-wrapper.jar rename to fido2-core/gradle/wrapper/gradle-wrapper.jar diff --git a/server/gradle/wrapper/gradle-wrapper.properties b/fido2-core/gradle/wrapper/gradle-wrapper.properties similarity index 100% rename from server/gradle/wrapper/gradle-wrapper.properties rename to fido2-core/gradle/wrapper/gradle-wrapper.properties diff --git a/server/gradlew b/fido2-core/gradlew similarity index 100% rename from server/gradlew rename to fido2-core/gradlew diff --git a/server/gradlew.bat b/fido2-core/gradlew.bat similarity index 100% rename from server/gradlew.bat rename to fido2-core/gradlew.bat diff --git a/server/src/docs/asciidoc/api-guide.adoc b/fido2-core/src/docs/asciidoc/api-guide.adoc similarity index 100% rename from server/src/docs/asciidoc/api-guide.adoc rename to fido2-core/src/docs/asciidoc/api-guide.adoc diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/ServerConstant.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/ServerConstant.java similarity index 86% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/ServerConstant.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/ServerConstant.java index f352301..c6cacb6 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/ServerConstant.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/ServerConstant.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerificationResult.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerificationResult.java similarity index 91% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerificationResult.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerificationResult.java index 65b7620..cc7ad55 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerificationResult.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerificationResult.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerifier.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerifier.java similarity index 90% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerifier.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerifier.java index 7b57764..b72bc39 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerifier.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerifier.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerifierFactory.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerifierFactory.java similarity index 93% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerifierFactory.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerifierFactory.java index 12e2b9a..daf35e5 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerifierFactory.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerifierFactory.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AdditionalRevokeChecker.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AdditionalRevokeChecker.java similarity index 50% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AdditionalRevokeChecker.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AdditionalRevokeChecker.java index 1b185f0..9663ba2 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AdditionalRevokeChecker.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AdditionalRevokeChecker.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -16,38 +16,35 @@ package com.linecorp.line.auth.fido.fido2.server.attestation.android.keyattestation; -import com.fasterxml.jackson.databind.JsonNode; -import com.fasterxml.jackson.databind.ObjectMapper; import com.linecorp.line.auth.fido.fido2.server.error.InternalErrorCode; import com.linecorp.line.auth.fido.fido2.server.exception.FIDO2ServerRuntimeException; -import okhttp3.ResponseBody; import retrofit2.Response; -import java.io.IOException; import java.security.cert.Certificate; import java.security.cert.X509Certificate; import java.util.List; public class AdditionalRevokeChecker { - public static boolean hasAndroidKeyAttestationRevokedCert(RevokeCheckerClient client, List trustPath) throws IOException { - Response bodyResponse = client.fetchAndroidKeyAttestationRevokeList("attestation/status"); + public static void checkAndroidKeyAttestationRevokedCert(RevokeCheckerClient client, List trustPath) { + if (trustPath == null || trustPath.isEmpty()) { + throw new FIDO2ServerRuntimeException(InternalErrorCode.ANDROID_KEY_ATTESTATION_CERTIFICATE_REVOKED_CHECK_FAILED, "Trust path is null or empty."); + } - if (bodyResponse.isSuccessful()) { - ObjectMapper objectMapper = new ObjectMapper(); - JsonNode node; - if (bodyResponse.body() != null) { - node = objectMapper.readTree(bodyResponse.body().string()).get("entries"); - } else { - throw new FIDO2ServerRuntimeException(InternalErrorCode.ANDROID_KEY_ATTESTATION_CERTIFICATE_REVOKED_CHECK_FAILED); - } - return trustPath.stream().anyMatch(certificate -> { - X509Certificate cert = (X509Certificate) certificate; - String serialNum = cert.getSerialNumber().toString(16).toLowerCase(); - return node.has(serialNum); - }); - } else { - throw new FIDO2ServerRuntimeException(InternalErrorCode.ANDROID_KEY_ATTESTATION_CERTIFICATE_REVOKED_CHECK_FAILED); + Response response = client.fetchAndroidKeyAttestationRevokeList("attestation/status"); + + if (!response.isSuccessful() || response.body() == null || response.body().getEntries() == null) { + throw new FIDO2ServerRuntimeException(InternalErrorCode.ANDROID_KEY_ATTESTATION_CERTIFICATE_REVOKED_CHECK_FAILED, "Failed to fetch revoke list or revoked entries is null."); } + + RevokedEntries revokedEntries = response.body(); + + trustPath.forEach(certificate -> { + X509Certificate cert = (X509Certificate) certificate; + String serialNum = cert.getSerialNumber().toString(16).toLowerCase(); + if (revokedEntries.getEntries().containsKey(serialNum)) { + throw new FIDO2ServerRuntimeException(InternalErrorCode.ANDROID_KEY_ATTESTATION_CERTIFICATE_REVOKED_CHECK_FAILED, "Certificate is revoked: " + serialNum); + } + }); } } diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AndroidKeyAttestationStatement.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AndroidKeyAttestationStatement.java similarity index 89% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AndroidKeyAttestationStatement.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AndroidKeyAttestationStatement.java index fb2f5d7..1443649 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AndroidKeyAttestationStatement.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AndroidKeyAttestationStatement.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AndroidKeyAttestationVerifier.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AndroidKeyAttestationVerifier.java similarity index 99% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AndroidKeyAttestationVerifier.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AndroidKeyAttestationVerifier.java index d1acaa4..d0a19e7 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AndroidKeyAttestationVerifier.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AndroidKeyAttestationVerifier.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AuthorizationList.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AuthorizationList.java similarity index 96% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AuthorizationList.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AuthorizationList.java index 3321280..dca7c21 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AuthorizationList.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AuthorizationList.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AuthorizationListTags.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AuthorizationListTags.java similarity index 94% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AuthorizationListTags.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AuthorizationListTags.java index 2a45a36..155b4a0 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AuthorizationListTags.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/AuthorizationListTags.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/KeyDescription.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/KeyDescription.java similarity index 90% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/KeyDescription.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/KeyDescription.java index b5f4fd5..2174e11 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/KeyDescription.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/KeyDescription.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/KeyDescriptionIndex.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/KeyDescriptionIndex.java similarity index 90% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/KeyDescriptionIndex.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/KeyDescriptionIndex.java index ec93278..17329ac 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/KeyDescriptionIndex.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/KeyDescriptionIndex.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RevokeCheckerClient.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RevokeCheckerClient.java similarity index 63% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RevokeCheckerClient.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RevokeCheckerClient.java index 2f295f2..b29634d 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RevokeCheckerClient.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RevokeCheckerClient.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -16,7 +16,8 @@ package com.linecorp.line.auth.fido.fido2.server.attestation.android.keyattestation; -import okhttp3.ResponseBody; +import com.linecorp.line.auth.fido.fido2.server.error.InternalErrorCode; +import com.linecorp.line.auth.fido.fido2.server.exception.FIDO2ServerRuntimeException; import org.springframework.cache.annotation.Cacheable; import retrofit2.Response; import retrofit2.Retrofit; @@ -26,13 +27,17 @@ public class RevokeCheckerClient { @Cacheable("androidKeyAttestationRevokeList") - public Response fetchAndroidKeyAttestationRevokeList(String url) throws IOException { + public Response fetchAndroidKeyAttestationRevokeList(String url) { Retrofit retrofit = new Retrofit .Builder() .baseUrl("https://android.googleapis.com/") .addConverterFactory(JacksonConverterFactory.create()) .build(); - return retrofit.create(RevokeCheckerService.class).fetchRevokeList(url).execute(); + try { + return retrofit.create(RevokeCheckerService.class).fetchRevokeList(url).execute(); + } catch (IOException e) { + throw new FIDO2ServerRuntimeException(InternalErrorCode.ANDROID_KEY_ATTESTATION_CERTIFICATE_REVOKED_CHECK_FAILED, "Failed to fetch revoke list."); + } } } diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RevokeCheckerService.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RevokeCheckerService.java similarity index 79% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RevokeCheckerService.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RevokeCheckerService.java index dd7c9ec..e64f3d8 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RevokeCheckerService.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RevokeCheckerService.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -16,13 +16,12 @@ package com.linecorp.line.auth.fido.fido2.server.attestation.android.keyattestation; -import okhttp3.ResponseBody; import retrofit2.Call; import retrofit2.http.GET; import retrofit2.http.Url; public interface RevokeCheckerService { @GET - Call fetchRevokeList(@Url String url); + Call fetchRevokeList(@Url String url); } diff --git a/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RevokedEntries.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RevokedEntries.java new file mode 100644 index 0000000..b0ebe27 --- /dev/null +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RevokedEntries.java @@ -0,0 +1,35 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + +package com.linecorp.line.auth.fido.fido2.server.attestation.android.keyattestation; + +import lombok.Data; + +import java.util.Map; + +@Data +public class RevokedEntries { + + private Map entries; + + @Data + public static class Entry { + + private String status; + + private String reason; + } +} diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RootOfTrust.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RootOfTrust.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RootOfTrust.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RootOfTrust.java index 015d17d..49d91d7 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RootOfTrust.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/RootOfTrust.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/SecurityLevel.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/SecurityLevel.java similarity index 86% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/SecurityLevel.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/SecurityLevel.java index 86d8889..36ec904 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/SecurityLevel.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/SecurityLevel.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -19,7 +19,7 @@ import java.util.Arrays; public enum SecurityLevel { - SOFTWARE(0), TRUSTED_ENVIRONMENT(1); + SOFTWARE(0), TRUSTED_ENVIRONMENT(1), STRONGBOX(2); private final int value; diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/VerifiedBootState.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/VerifiedBootState.java similarity index 91% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/VerifiedBootState.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/VerifiedBootState.java index 42dd759..f79aaf7 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/VerifiedBootState.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/VerifiedBootState.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AndroidSafetyNetAttestationStatement.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AndroidSafetyNetAttestationStatement.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AndroidSafetyNetAttestationStatement.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AndroidSafetyNetAttestationStatement.java index d82a8a0..887995e 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AndroidSafetyNetAttestationStatement.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AndroidSafetyNetAttestationStatement.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AndroidSafetyNetAttestationVerifier.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AndroidSafetyNetAttestationVerifier.java similarity index 98% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AndroidSafetyNetAttestationVerifier.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AndroidSafetyNetAttestationVerifier.java index d03eb27..d32e86c 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AndroidSafetyNetAttestationVerifier.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AndroidSafetyNetAttestationVerifier.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AttestationStatementInfo.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AttestationStatementInfo.java similarity index 91% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AttestationStatementInfo.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AttestationStatementInfo.java index fe1624a..cd603cb 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AttestationStatementInfo.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/safetynet/AttestationStatementInfo.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/apple/AppleAnonymousAttestationStatement.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/apple/AppleAnonymousAttestationStatement.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/apple/AppleAnonymousAttestationStatement.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/apple/AppleAnonymousAttestationStatement.java index 9236cb4..42c8531 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/apple/AppleAnonymousAttestationStatement.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/apple/AppleAnonymousAttestationStatement.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -24,4 +24,4 @@ @Data public class AppleAnonymousAttestationStatement extends AttestationStatement { List x5c; -} \ No newline at end of file +} diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/apple/AppleAnonymousAttestationVerifier.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/apple/AppleAnonymousAttestationVerifier.java similarity index 98% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/apple/AppleAnonymousAttestationVerifier.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/apple/AppleAnonymousAttestationVerifier.java index cfdbb2d..849a9db 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/apple/AppleAnonymousAttestationVerifier.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/apple/AppleAnonymousAttestationVerifier.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/none/NoneAttestationStatementFormat.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/none/NoneAttestationStatementFormat.java similarity index 87% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/none/NoneAttestationStatementFormat.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/none/NoneAttestationStatementFormat.java index 2d534b4..8af9fed 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/none/NoneAttestationStatementFormat.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/none/NoneAttestationStatementFormat.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/none/NoneAttestationVerifier.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/none/NoneAttestationVerifier.java similarity index 94% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/none/NoneAttestationVerifier.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/none/NoneAttestationVerifier.java index b032490..463d82d 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/none/NoneAttestationVerifier.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/none/NoneAttestationVerifier.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/packed/PackedAttestationStatement.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/packed/PackedAttestationStatement.java similarity index 89% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/packed/PackedAttestationStatement.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/packed/PackedAttestationStatement.java index 156be64..c114b67 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/packed/PackedAttestationStatement.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/packed/PackedAttestationStatement.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/packed/PackedAttestationVerifier.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/packed/PackedAttestationVerifier.java similarity index 99% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/packed/PackedAttestationVerifier.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/packed/PackedAttestationVerifier.java index 0cf8af6..7a22a1d 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/packed/PackedAttestationVerifier.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/packed/PackedAttestationVerifier.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/AttestedName.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/AttestedName.java similarity index 87% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/AttestedName.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/AttestedName.java index e40aaa9..74f3ec7 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/AttestedName.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/AttestedName.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/CertInfo.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/CertInfo.java similarity index 89% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/CertInfo.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/CertInfo.java index c037fa8..160973f 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/CertInfo.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/CertInfo.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/ClockInfo.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/ClockInfo.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/ClockInfo.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/ClockInfo.java index a846a1c..50b8742 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/ClockInfo.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/ClockInfo.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/EccParameters.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/EccParameters.java similarity index 87% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/EccParameters.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/EccParameters.java index 6856f5c..b469bc3 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/EccParameters.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/EccParameters.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/ObjectAttributes.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/ObjectAttributes.java similarity index 90% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/ObjectAttributes.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/ObjectAttributes.java index 34ea2c6..5f16ba5 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/ObjectAttributes.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/ObjectAttributes.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/Parameters.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/Parameters.java similarity index 87% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/Parameters.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/Parameters.java index 9816550..e3b292d 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/Parameters.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/Parameters.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/PubArea.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/PubArea.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/PubArea.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/PubArea.java index c9a4d4e..4fd385c 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/PubArea.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/PubArea.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/RsaParameters.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/RsaParameters.java similarity index 86% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/RsaParameters.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/RsaParameters.java index 76cd961..7b7b8ee 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/RsaParameters.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/RsaParameters.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmAttestationStatement.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmAttestationStatement.java similarity index 90% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmAttestationStatement.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmAttestationStatement.java index 30fd9e0..209790d 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmAttestationStatement.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmAttestationStatement.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmAttestationVerifier.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmAttestationVerifier.java similarity index 99% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmAttestationVerifier.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmAttestationVerifier.java index 8fec149..3c04125 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmAttestationVerifier.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmAttestationVerifier.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmCapVendorId.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmCapVendorId.java similarity index 94% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmCapVendorId.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmCapVendorId.java index c74e04b..1c051a3 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmCapVendorId.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmCapVendorId.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmEccCurve.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmEccCurve.java similarity index 91% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmEccCurve.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmEccCurve.java index 3c17c2e..6eb9c03 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmEccCurve.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmEccCurve.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmHashAlgorithm.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmHashAlgorithm.java similarity index 93% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmHashAlgorithm.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmHashAlgorithm.java index b09dfeb..8635197 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmHashAlgorithm.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmHashAlgorithm.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmKeyAlgorithm.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmKeyAlgorithm.java similarity index 92% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmKeyAlgorithm.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmKeyAlgorithm.java index ba1e64f..6b3eaa4 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmKeyAlgorithm.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmKeyAlgorithm.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmObjectAttributeParser.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmObjectAttributeParser.java similarity index 95% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmObjectAttributeParser.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmObjectAttributeParser.java index 00ee6f7..d818c75 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmObjectAttributeParser.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmObjectAttributeParser.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmParser.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmParser.java similarity index 99% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmParser.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmParser.java index 74e2210..9684376 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmParser.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmParser.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSignatureAlgorithm.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSignatureAlgorithm.java similarity index 91% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSignatureAlgorithm.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSignatureAlgorithm.java index 2d6bd27..a7549d4 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSignatureAlgorithm.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSignatureAlgorithm.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSt.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSt.java similarity index 92% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSt.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSt.java index 04711f5..887c64d 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSt.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSt.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSubjectAlternativeName.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSubjectAlternativeName.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSubjectAlternativeName.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSubjectAlternativeName.java index ae4e058..180bde2 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSubjectAlternativeName.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/tpm/TpmSubjectAlternativeName.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/u2f/FidoU2fAttestationStatement.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/u2f/FidoU2fAttestationStatement.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/u2f/FidoU2fAttestationStatement.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/u2f/FidoU2fAttestationStatement.java index 813241f..f779313 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/u2f/FidoU2fAttestationStatement.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/u2f/FidoU2fAttestationStatement.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/u2f/FidoU2fAttestationVerifier.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/u2f/FidoU2fAttestationVerifier.java similarity index 98% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/u2f/FidoU2fAttestationVerifier.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/u2f/FidoU2fAttestationVerifier.java index f4e38ec..b397449 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/u2f/FidoU2fAttestationVerifier.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/attestation/u2f/FidoU2fAttestationVerifier.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/CacheConfiguration.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/CacheConfiguration.java new file mode 100644 index 0000000..fdacd43 --- /dev/null +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/CacheConfiguration.java @@ -0,0 +1,44 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + +package com.linecorp.line.auth.fido.fido2.server.config; + +import com.github.benmanes.caffeine.cache.Caffeine; +import org.springframework.cache.CacheManager; +import org.springframework.cache.annotation.EnableCaching; +import org.springframework.cache.caffeine.CaffeineCacheManager; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + +import java.util.concurrent.TimeUnit; + +@Configuration +@EnableCaching +public class CacheConfiguration { + + @Bean + public CacheManager cacheManager() { + CaffeineCacheManager cacheManager = new CaffeineCacheManager("androidKeyAttestationRevokeList"); + cacheManager.setCaffeine(caffeineCacheBuilder()); + return cacheManager; + } + + Caffeine caffeineCacheBuilder() { + return Caffeine.newBuilder() + .expireAfterWrite(10, TimeUnit.MINUTES) + .maximumSize(1); + } +} diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/SecurityConfig.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/ServiceConfiguration.java similarity index 56% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/SecurityConfig.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/ServiceConfiguration.java index 8940000..235e29a 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/SecurityConfig.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/ServiceConfiguration.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -16,14 +16,18 @@ package com.linecorp.line.auth.fido.fido2.server.config; -import javax.annotation.PostConstruct; - +import com.linecorp.line.auth.fido.fido2.server.service.AppOriginService; +import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; +import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @Configuration -public class SecurityConfig { - @PostConstruct - private void setEnableCRLDP() { - System.setProperty("com.sun.security.enableCRLDP", "true"); +public class ServiceConfiguration { + + @Bean + @ConditionalOnMissingBean(AppOriginService.class) + public AppOriginService defaultAppOriginService() { + return new AppOriginService() { + }; } } diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEEllipticCurve.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEEllipticCurve.java similarity index 93% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEEllipticCurve.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEEllipticCurve.java index ddf0e40..d548ace 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEEllipticCurve.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEEllipticCurve.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEKeyCommonParameter.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEKeyCommonParameter.java similarity index 86% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEKeyCommonParameter.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEKeyCommonParameter.java index 2a9fd44..502c43a 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEKeyCommonParameter.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEKeyCommonParameter.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEKeyType.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEKeyType.java similarity index 91% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEKeyType.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEKeyType.java index 5dd27e2..19357e2 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEKeyType.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/cose/COSEKeyType.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/error/InternalErrorCode.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/error/InternalErrorCode.java similarity index 97% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/error/InternalErrorCode.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/error/InternalErrorCode.java index b7b0607..e7cf880 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/error/InternalErrorCode.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/error/InternalErrorCode.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/exception/FIDO2ServerRuntimeException.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/exception/FIDO2ServerRuntimeException.java similarity index 95% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/exception/FIDO2ServerRuntimeException.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/exception/FIDO2ServerRuntimeException.java index 363a3e2..777e6ec 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/exception/FIDO2ServerRuntimeException.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/exception/FIDO2ServerRuntimeException.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/AttestationObjectDeserializer.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/AttestationObjectDeserializer.java similarity index 98% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/AttestationObjectDeserializer.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/AttestationObjectDeserializer.java index 73d3627..2a575e4 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/AttestationObjectDeserializer.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/AttestationObjectDeserializer.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/AttestationStatementHelper.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/AttestationStatementHelper.java similarity index 96% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/AttestationStatementHelper.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/AttestationStatementHelper.java index 28c93e5..004705f 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/AttestationStatementHelper.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/AttestationStatementHelper.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/CredentialPublicKeyHelper.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/CredentialPublicKeyHelper.java similarity index 96% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/CredentialPublicKeyHelper.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/CredentialPublicKeyHelper.java index 2f7329b..5eae4c6 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/CredentialPublicKeyHelper.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/CredentialPublicKeyHelper.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/ExtensionHelper.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/ExtensionHelper.java similarity index 94% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/ExtensionHelper.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/ExtensionHelper.java index cbc7e11..b4c6d62 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/ExtensionHelper.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/ExtensionHelper.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/SignatureHelper.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/SignatureHelper.java similarity index 96% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/SignatureHelper.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/SignatureHelper.java index e81400a..1b19eaa 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/SignatureHelper.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/SignatureHelper.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/vendor/YubicoSelectorDeserializer.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/vendor/YubicoSelectorDeserializer.java similarity index 96% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/vendor/YubicoSelectorDeserializer.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/vendor/YubicoSelectorDeserializer.java index 2c2a3ba..bfb9210 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/vendor/YubicoSelectorDeserializer.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/vendor/YubicoSelectorDeserializer.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/MdsConfig.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsConfig.java similarity index 83% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/MdsConfig.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsConfig.java index 5aa5b08..97c0e75 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/MdsConfig.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsConfig.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,14 +14,13 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.config; - -import java.util.List; +package com.linecorp.line.auth.fido.fido2.server.mds; +import lombok.Data; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.stereotype.Component; -import lombok.Data; +import java.util.List; @Component @ConfigurationProperties(prefix = "mds") diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsFetchTask.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsFetchTask.java similarity index 84% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsFetchTask.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsFetchTask.java index 680de0d..e375982 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsFetchTask.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsFetchTask.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -16,11 +16,7 @@ package com.linecorp.line.auth.fido.fido2.server.mds; -import com.linecorp.line.auth.fido.fido2.server.config.MdsConfig; -import com.linecorp.line.auth.fido.fido2.server.config.MdsInfo; -import com.linecorp.line.auth.fido.fido2.server.exception.MdsV3MetadataException; -import com.linecorp.line.auth.fido.fido2.server.helper.MdsV3MetadataHelper; -import com.linecorp.line.auth.fido.fido2.server.mds.service.MdsProtocolClient; +import com.linecorp.line.auth.fido.fido2.server.mds.network.MdsProtocolClient; import lombok.extern.slf4j.Slf4j; import okhttp3.ResponseBody; import org.springframework.beans.factory.annotation.Autowired; @@ -42,16 +38,16 @@ public class MdsFetchTask implements ApplicationListener private final MdsProtocolClient mdsProtocolClient; - private final MdsV3MetadataHelper mdsV3MetadataHelper; + private final MdsService mdsService; private final Queue metadataSourceQueue = new LinkedList<>(); private final boolean enableMds; @Autowired - public MdsFetchTask(MdsConfig mdsConfig, MdsV3MetadataHelper mdsV3MetadataHelper) { + public MdsFetchTask(MdsConfig mdsConfig, MdsService mdsService) { this.enableMds = mdsConfig.isEnableMds(); - this.mdsV3MetadataHelper = mdsV3MetadataHelper; + this.mdsService = mdsService; mdsProtocolClient = new MdsProtocolClient(mdsConfig.getSources().get(0).getEndpoint()); @@ -104,7 +100,7 @@ public void onFailure(Call call, Throwable t) { private MetadataTOCResult handleMetadataToc(String metadataToc, MdsInfo mdsInfo) throws CertificateException, MdsV3MetadataException { log.info("Start handling Metadata TOC"); - return mdsV3MetadataHelper.handle(metadataToc, mdsInfo); + return mdsService.handle(metadataToc, mdsInfo); } @Override diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/MdsInfo.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsInfo.java similarity index 81% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/MdsInfo.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsInfo.java index d7238f6..f14997b 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/MdsInfo.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsInfo.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,12 +14,12 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.config; - -import java.util.List; +package com.linecorp.line.auth.fido.fido2.server.mds; import lombok.Data; +import java.util.List; + @Data public class MdsInfo { private String name; diff --git a/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsService.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsService.java new file mode 100644 index 0000000..3c00cd6 --- /dev/null +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsService.java @@ -0,0 +1,23 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + +package com.linecorp.line.auth.fido.fido2.server.mds; + +import java.security.cert.CertificateException; + +public interface MdsService { + MetadataTOCResult handle(String metadataToc, MdsInfo mdsInfo) throws CertificateException, MdsV3MetadataException; +} diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/MdsV3MetadataCertificateUtil.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsV3MetadataCertificateUtil.java similarity index 95% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/MdsV3MetadataCertificateUtil.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsV3MetadataCertificateUtil.java index 0802042..3d23c80 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/MdsV3MetadataCertificateUtil.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsV3MetadataCertificateUtil.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -13,7 +13,7 @@ * License for the specific language governing permissions and limitations * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.util; +package com.linecorp.line.auth.fido.fido2.server.mds; import com.auth0.jwt.JWT; import com.auth0.jwt.JWTVerifier; @@ -25,9 +25,8 @@ import com.auth0.jwt.interfaces.Claim; import com.auth0.jwt.interfaces.DecodedJWT; import com.linecorp.line.auth.fido.fido2.common.mdsv3.MetadataBLOBPayload; -import com.linecorp.line.auth.fido.fido2.server.config.MdsInfo; -import com.linecorp.line.auth.fido.fido2.server.exception.MdsV3MetadataException; -import com.linecorp.line.auth.fido.fido2.server.mds.MetadataTOCResult; +import com.linecorp.line.auth.fido.fido2.server.util.CertPathUtil; +import com.linecorp.line.auth.fido.fido2.server.util.CertificateUtil; import java.security.GeneralSecurityException; import java.security.PublicKey; diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/exception/MdsV3MetadataException.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsV3MetadataException.java similarity index 77% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/exception/MdsV3MetadataException.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsV3MetadataException.java index e1ce83a..555d208 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/exception/MdsV3MetadataException.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MdsV3MetadataException.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -13,9 +13,8 @@ * License for the specific language governing permissions and limitations * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.exception; +package com.linecorp.line.auth.fido.fido2.server.mds; -import com.linecorp.line.auth.fido.fido2.server.mds.MetadataTOCResult; import lombok.Getter; @Getter diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MetadataTOCResult.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MetadataTOCResult.java similarity index 89% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MetadataTOCResult.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MetadataTOCResult.java index 48eba4f..7578a5a 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MetadataTOCResult.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/MetadataTOCResult.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/service/MdsProtocolClient.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/network/MdsProtocolClient.java similarity index 91% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/service/MdsProtocolClient.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/network/MdsProtocolClient.java index 43889d0..159569c 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/service/MdsProtocolClient.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/network/MdsProtocolClient.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,7 +14,7 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.mds.service; +package com.linecorp.line.auth.fido.fido2.server.mds.network; import java.io.IOException; diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/service/MdsProtocolService.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/network/MdsProtocolService.java similarity index 82% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/service/MdsProtocolService.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/network/MdsProtocolService.java index b729eb3..0fd8151 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/service/MdsProtocolService.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/mds/network/MdsProtocolService.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,7 +14,7 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.mds.service; +package com.linecorp.line.auth.fido.fido2.server.mds.network; import okhttp3.ResponseBody; import retrofit2.Call; diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationObject.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationObject.java similarity index 90% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationObject.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationObject.java index bc16dfd..438a4c3 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationObject.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationObject.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationStatement.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationStatement.java similarity index 85% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationStatement.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationStatement.java index cc68ca4..0292206 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationStatement.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationStatement.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationStatementFormatIdentifier.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationStatementFormatIdentifier.java similarity index 92% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationStatementFormatIdentifier.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationStatementFormatIdentifier.java index 4d780e1..12af96a 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationStatementFormatIdentifier.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestationStatementFormatIdentifier.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestedCredentialData.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestedCredentialData.java similarity index 87% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestedCredentialData.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestedCredentialData.java index 271ab33..4125ff3 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestedCredentialData.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AttestedCredentialData.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorData.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorData.java similarity index 97% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorData.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorData.java index e91d7aa..6aa6705 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorData.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorData.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorExtension.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorExtension.java similarity index 95% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorExtension.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorExtension.java index edcea82..6a20794 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorExtension.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorExtension.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorVendor.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorVendor.java similarity index 91% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorVendor.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorVendor.java index 3293ca6..ceded8c 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorVendor.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/AuthenticatorVendor.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/CollectedClientData.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/CollectedClientData.java similarity index 90% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/CollectedClientData.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/CollectedClientData.java index 8effa2c..62cf875 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/CollectedClientData.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/CollectedClientData.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/CredentialPublicKey.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/CredentialPublicKey.java similarity index 98% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/CredentialPublicKey.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/CredentialPublicKey.java index 0762cfb..143a14c 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/CredentialPublicKey.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/CredentialPublicKey.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/ECCKey.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/ECCKey.java similarity index 95% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/ECCKey.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/ECCKey.java index 816d9a1..7536e9e 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/ECCKey.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/ECCKey.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/FIDOServerErrorResponse.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/FIDOServerErrorResponse.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/FIDOServerErrorResponse.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/FIDOServerErrorResponse.java index 62c5edc..1bdf8e5 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/FIDOServerErrorResponse.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/FIDOServerErrorResponse.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/OctetKey.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/OctetKey.java similarity index 94% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/OctetKey.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/OctetKey.java index 4ce889d..5001a4c 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/OctetKey.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/OctetKey.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/RSAKey.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/RSAKey.java similarity index 94% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/RSAKey.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/RSAKey.java index 5844b00..8136053 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/RSAKey.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/RSAKey.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/Session.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/Session.java similarity index 90% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/Session.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/Session.java index ee086a4..646bef6 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/Session.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/Session.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/UserKey.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/UserKey.java similarity index 94% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/UserKey.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/UserKey.java index cffabc4..5a32b98 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/UserKey.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/UserKey.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/DeviceInfo.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/DeviceInfo.java similarity index 92% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/DeviceInfo.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/DeviceInfo.java index 1706368..8ab629b 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/DeviceInfo.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/DeviceInfo.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/FingerprintParameters.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/FingerprintParameters.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/FingerprintParameters.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/FingerprintParameters.java index 022ce75..71c6f70 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/FingerprintParameters.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/FingerprintParameters.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/MetadataObject.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/MetadataObject.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/MetadataObject.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/MetadataObject.java index a828885..3f84a03 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/MetadataObject.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/MetadataObject.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Parameters.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Parameters.java similarity index 85% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Parameters.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Parameters.java index 5a71a29..951f349 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Parameters.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Parameters.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Selector.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Selector.java similarity index 89% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Selector.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Selector.java index 5d4f255..9cf08ae 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Selector.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Selector.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/SelectorType.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/SelectorType.java similarity index 92% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/SelectorType.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/SelectorType.java index d4b0846..e5ed405 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/SelectorType.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/SelectorType.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Transports.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Transports.java similarity index 91% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Transports.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Transports.java index 45ba09f..52a6beb 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Transports.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/Transports.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/VendorInfo.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/VendorInfo.java similarity index 87% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/VendorInfo.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/VendorInfo.java index 5498dd9..773131d 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/VendorInfo.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/VendorInfo.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/X509ExtensionParameters.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/X509ExtensionParameters.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/X509ExtensionParameters.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/X509ExtensionParameters.java index 124aa02..2968349 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/X509ExtensionParameters.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/model/metadata/yubico/X509ExtensionParameters.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/SessionRepository.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/SessionRepository.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/SessionRepository.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/SessionRepository.java index 8a057aa..c09f114 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/SessionRepository.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/SessionRepository.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -20,6 +20,8 @@ public interface SessionRepository { Session getSession(String id); + void save(Session session); + void update(Session session); } diff --git a/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/AppOriginService.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/AppOriginService.java new file mode 100644 index 0000000..5f9347c --- /dev/null +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/AppOriginService.java @@ -0,0 +1,25 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + +package com.linecorp.line.auth.fido.fido2.server.service; + +import java.util.List; + +public interface AppOriginService { + default List getOrigins(String rpId) { + throw new UnsupportedOperationException("AppOriginService is not implemented"); + } +} diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/AttestationService.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/AttestationService.java similarity index 93% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/AttestationService.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/AttestationService.java index 0dafc59..6ce01a7 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/AttestationService.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/AttestationService.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/AttestationServiceImpl.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/AttestationServiceImpl.java similarity index 91% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/AttestationServiceImpl.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/AttestationServiceImpl.java index 092ea86..f644f64 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/AttestationServiceImpl.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/AttestationServiceImpl.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -21,6 +21,7 @@ import com.linecorp.line.auth.fido.fido2.common.AuthenticatorSelectionCriteria; import com.linecorp.line.auth.fido.fido2.common.UserVerificationRequirement; import com.linecorp.line.auth.fido.fido2.common.crypto.Digests; +import com.linecorp.line.auth.fido.fido2.common.mdsv3.metadata.MetadataStatement; import com.linecorp.line.auth.fido.fido2.common.server.AttestationType; import com.linecorp.line.auth.fido.fido2.common.server.ServerAuthenticatorAttestationResponse; import com.linecorp.line.auth.fido.fido2.server.attestation.AttestationVerificationResult; @@ -34,7 +35,6 @@ import com.linecorp.line.auth.fido.fido2.server.util.AaguidUtil; import com.linecorp.line.auth.fido.fido2.server.util.CertPathUtil; import com.linecorp.line.auth.fido.fido2.server.util.CertificateUtil; -import com.linecorp.line.auth.fido.fido2.common.mdsv3.metadata.MetadataStatement; import lombok.extern.slf4j.Slf4j; import org.bouncycastle.asn1.x509.CRLDistPoint; import org.bouncycastle.asn1.x509.Extension; @@ -179,25 +179,18 @@ private void verifyCertificateChainOfTrust(AttestationObject attestationObject, try { Set trustAnchors = CertificateUtil.getTrustAnchors(attestationRootCertificates); - boolean matched = isTopIntermediateCertificateSameWithRootCertificates(attestationVerificationResult, trustAnchors, attestationVerificationResult.getTrustPath().size()); + boolean isTopCertMatched = isTopIntermediateCertificateSameWithRootCertificates(attestationVerificationResult, trustAnchors, attestationVerificationResult.getTrustPath().size()); - if (isSelfSignedAttestation(matched, attestationVerificationResult.getType() + if (isSelfSignedAttestation(isTopCertMatched, attestationVerificationResult.getType() == AttestationType.BASIC, attestationVerificationResult.getTrustPath().size() == 1)) { //Doesn't need to verify cert chain for Self Signed Attestation. return; } - if (matched) { - throw new FIDO2ServerRuntimeException(InternalErrorCode.CERTIFICATE_PATH_VALIDATION_FAIL, - "Top intermediate certificate includes one of attestation root certificates"); - } - boolean enableRevocation = hasCRLDistPointForRevokeCheck(attestationVerificationResult); if (attestationObject.getFmt() == AttestationStatementFormatIdentifier.ANDROID_KEY) { - if (AdditionalRevokeChecker.hasAndroidKeyAttestationRevokedCert(revokeCheckerClient,attestationVerificationResult.getTrustPath())) { - throw new FIDO2ServerRuntimeException(InternalErrorCode.CERTIFICATE_PATH_VALIDATION_FAIL); - } + AdditionalRevokeChecker.checkAndroidKeyAttestationRevokedCert(revokeCheckerClient, attestationVerificationResult.getTrustPath()); } boolean result = CertPathUtil.validate(attestationVerificationResult.getTrustPath(), @@ -249,7 +242,7 @@ private boolean isTopIntermediateCertificateSameWithRootCertificates(Attestation return matched; } - private boolean isSelfSignedAttestation(boolean matched, boolean isBasicAttestationType, boolean hasOnlyOneTrustPath) { - return matched && isBasicAttestationType && hasOnlyOneTrustPath; + private boolean isSelfSignedAttestation(boolean isTopCertMatched, boolean isBasicAttestationType, boolean hasOnlyOneTrustPath) { + return isTopCertMatched && isBasicAttestationType && hasOnlyOneTrustPath; } } diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ChallengeService.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ChallengeService.java similarity index 90% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ChallengeService.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ChallengeService.java index 0f0bafe..1f7d9df 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ChallengeService.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ChallengeService.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ChallengeServiceImpl.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ChallengeServiceImpl.java similarity index 98% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ChallengeServiceImpl.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ChallengeServiceImpl.java index 9302aa4..c98f1e7 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ChallengeServiceImpl.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ChallengeServiceImpl.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataService.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataService.java similarity index 89% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataService.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataService.java index 4a2bc8e..7a04d1a 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataService.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataService.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataYubicoService.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataYubicoService.java similarity index 87% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataYubicoService.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataYubicoService.java index 9a0ea87..2870e42 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataYubicoService.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataYubicoService.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseCommonService.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseCommonService.java similarity index 98% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseCommonService.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseCommonService.java index 724e05a..4d0d3a1 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseCommonService.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseCommonService.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseService.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseService.java similarity index 93% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseService.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseService.java index ed64048..b2c5404 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseService.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseService.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseServiceImpl.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseServiceImpl.java similarity index 92% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseServiceImpl.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseServiceImpl.java index 7fcb2ad..206de50 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseServiceImpl.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/ResponseServiceImpl.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -30,8 +30,8 @@ import com.linecorp.line.auth.fido.fido2.server.helper.SignatureHelper; import com.linecorp.line.auth.fido.fido2.server.model.*; import com.linecorp.line.auth.fido.fido2.server.util.AaguidUtil; +import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Primary; import org.springframework.stereotype.Service; import org.springframework.util.StringUtils; @@ -45,6 +45,7 @@ import java.util.List; @Slf4j +@RequiredArgsConstructor @Primary @Service public class ResponseServiceImpl extends ResponseCommonService implements ResponseService { @@ -52,29 +53,8 @@ public class ResponseServiceImpl extends ResponseCommonService implements Respon private final SessionService sessionService; private final UserKeyService userKeyService; private final AttestationService attestationService; + private final AppOriginService appOriginService; - @Autowired - public ResponseServiceImpl( - SessionService sessionService, - UserKeyService userKeyService, - AttestationService attestationService) { - this.sessionService = sessionService; - this.userKeyService = userKeyService; - this.attestationService = attestationService; - } - - /** - * Handle reg response - * Refer following: - * - https://www.w3.org/TR/2018/CR-webauthn-20180807/#registering-a-new-credential - * - * @param serverPublicKeyCredential - * @param sessionId - * @param origin - * @param rpId - * @param tokenBinding - * @return - */ @Override public RegisterCredentialResult handleAttestation(ServerRegPublicKeyCredential serverPublicKeyCredential, String sessionId, String origin, String rpId, TokenBinding tokenBinding) { @@ -167,24 +147,28 @@ protected RegisterCredentialResult createRegisterCredentialResult(AuthenticatorD @Override protected void checkOrigin(URI originFromClientData, URI originFromRp) { - if (!originFromRp.toString().equals(originFromClientData.toString())) { - throw new FIDO2ServerRuntimeException(InternalErrorCode.ORIGIN_NOT_MATCHED, - "From collected data: " + originFromClientData + ", From request param: " + originFromRp); + final String ANDROID_FACET_SCHEME = "android"; + final String IOS_FACET_SCHEME = "ios"; + + if (originFromClientData.getScheme().equals(ANDROID_FACET_SCHEME) || + originFromClientData.getScheme().equals(IOS_FACET_SCHEME)) { + //app case + List appOriginList = appOriginService.getOrigins(originFromRp.toString()); + + if (!appOriginList.contains(originFromClientData.toString())) { + throw new FIDO2ServerRuntimeException(InternalErrorCode.ORIGIN_NOT_MATCHED, + "Client facet origin: " + originFromClientData + ", App Origin List: " + appOriginList); + } + + } else { + // web case + if (!originFromRp.toString().equals(originFromClientData.toString())) { + throw new FIDO2ServerRuntimeException(InternalErrorCode.ORIGIN_NOT_MATCHED, + "From collected data: " + originFromClientData + ", From request param: " + originFromRp); + } } } - /** - * Handle auth response - * Refer following: - * - https://www.w3.org/TR/2018/CR-webauthn-20180807/#verifying-assertion - * - * @param serverPublicKeyCredential - * @param sessionId - * @param origin - * @param rpId - * @param tokenBinding - * @return - */ @Override public VerifyCredentialResult handleAssertion(ServerAuthPublicKeyCredential serverPublicKeyCredential, String sessionId, String origin, String rpId, TokenBinding tokenBinding) { diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/RpService.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/RpService.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/RpService.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/RpService.java index 97a213c..693d700 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/RpService.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/RpService.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/SessionService.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/SessionService.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/SessionService.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/SessionService.java index c6d2bfc..3527ec8 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/SessionService.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/SessionService.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/UserKeyService.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/UserKeyService.java similarity index 92% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/UserKeyService.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/UserKeyService.java index b12e7e3..d2646a0 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/UserKeyService.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/UserKeyService.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/VendorSpecificMetadataService.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/VendorSpecificMetadataService.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/VendorSpecificMetadataService.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/VendorSpecificMetadataService.java index 317f004..af194f3 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/VendorSpecificMetadataService.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/VendorSpecificMetadataService.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/VendorSpecificMetadataServiceImpl.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/VendorSpecificMetadataServiceImpl.java similarity index 99% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/VendorSpecificMetadataServiceImpl.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/VendorSpecificMetadataServiceImpl.java index 82bf019..5c75835 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/VendorSpecificMetadataServiceImpl.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/VendorSpecificMetadataServiceImpl.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/AaguidUtil.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/AaguidUtil.java similarity index 90% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/AaguidUtil.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/AaguidUtil.java index c850d66..448bc73 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/AaguidUtil.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/AaguidUtil.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/CertPathUtil.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/CertPathUtil.java similarity index 94% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/CertPathUtil.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/CertPathUtil.java index ee67453..d0f8607 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/CertPathUtil.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/CertPathUtil.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/CertificateUtil.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/CertificateUtil.java similarity index 98% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/CertificateUtil.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/CertificateUtil.java index a8df005..84042ad 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/CertificateUtil.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/CertificateUtil.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/ChallengeGenerator.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/ChallengeGenerator.java similarity index 90% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/ChallengeGenerator.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/ChallengeGenerator.java index 5a4a6e3..e3532a2 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/ChallengeGenerator.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/ChallengeGenerator.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/ECDHUtil.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/ECDHUtil.java similarity index 94% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/ECDHUtil.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/ECDHUtil.java index 5bf7461..8e41798 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/ECDHUtil.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/ECDHUtil.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/HKDFUtil.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/HKDFUtil.java similarity index 91% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/HKDFUtil.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/HKDFUtil.java index 0bcc5fd..af71681 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/HKDFUtil.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/HKDFUtil.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/HmacUtil.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/HmacUtil.java similarity index 94% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/HmacUtil.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/HmacUtil.java index ccfb75c..baa8e86 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/HmacUtil.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/HmacUtil.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/PublicKeyUtil.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/PublicKeyUtil.java similarity index 97% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/PublicKeyUtil.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/PublicKeyUtil.java index 0814631..8162624 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/PublicKeyUtil.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/PublicKeyUtil.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/SignatureUtil.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/SignatureUtil.java similarity index 98% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/SignatureUtil.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/SignatureUtil.java index d1ef09c..0beb454 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/SignatureUtil.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/SignatureUtil.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/UnsignedUtil.java b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/UnsignedUtil.java similarity index 91% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/UnsignedUtil.java rename to fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/UnsignedUtil.java index 49e5c2f..0f63f1f 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/UnsignedUtil.java +++ b/fido2-core/src/main/java/com/linecorp/line/auth/fido/fido2/server/util/UnsignedUtil.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/fido2-demo/base/build.gradle b/fido2-demo/base/build.gradle new file mode 100644 index 0000000..d90b5c2 --- /dev/null +++ b/fido2-demo/base/build.gradle @@ -0,0 +1,45 @@ +plugins { + id 'org.springframework.boot' + id 'io.spring.dependency-management' + id 'java-library' +} + +jar.enabled = true +bootJar.enabled = false + +repositories { + mavenCentral() +} + +jar { + processResources { + exclude("**/*.sql") + } +} + +dependencies { + implementation 'org.springframework.boot:spring-boot-starter' + implementation('org.springframework.boot:spring-boot-starter-web') + implementation('org.springframework.boot:spring-boot-starter-data-redis') + implementation('org.springframework.boot:spring-boot-starter-validation') + implementation('org.springframework.boot:spring-boot-starter-data-jpa') + + api project(':fido2-core') + api project(':common') + + compileOnly 'org.projectlombok:lombok:1.18.18' + annotationProcessor 'org.projectlombok:lombok:1.18.18' + + //bouncy castle + implementation('org.bouncycastle:bcprov-jdk15on:1.60') + + //eddsa library + implementation('net.i2p.crypto:eddsa:0.3.0') + + //jwt + implementation('com.auth0:java-jwt:3.4.0') + + //retrofit + implementation('com.squareup.retrofit2:retrofit:2.4.0') + implementation('com.squareup.retrofit2:converter-jackson:2.4.0') +} diff --git a/spring-boot-starter/line-fido2-spring-boot-demo/gradle/wrapper/gradle-wrapper.jar b/fido2-demo/base/gradle/wrapper/gradle-wrapper.jar similarity index 100% rename from spring-boot-starter/line-fido2-spring-boot-demo/gradle/wrapper/gradle-wrapper.jar rename to fido2-demo/base/gradle/wrapper/gradle-wrapper.jar diff --git a/spring-boot-starter/line-fido2-spring-boot-demo/gradle/wrapper/gradle-wrapper.properties b/fido2-demo/base/gradle/wrapper/gradle-wrapper.properties similarity index 100% rename from spring-boot-starter/line-fido2-spring-boot-demo/gradle/wrapper/gradle-wrapper.properties rename to fido2-demo/base/gradle/wrapper/gradle-wrapper.properties diff --git a/spring-boot-starter/line-fido2-spring-boot-demo/gradlew b/fido2-demo/base/gradlew similarity index 100% rename from spring-boot-starter/line-fido2-spring-boot-demo/gradlew rename to fido2-demo/base/gradlew diff --git a/spring-boot-starter/line-fido2-spring-boot-demo/gradlew.bat b/fido2-demo/base/gradlew.bat similarity index 100% rename from spring-boot-starter/line-fido2-spring-boot-demo/gradlew.bat rename to fido2-demo/base/gradlew.bat diff --git a/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/config/BaseAutoConfiguration.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/config/BaseAutoConfiguration.java new file mode 100644 index 0000000..0136217 --- /dev/null +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/config/BaseAutoConfiguration.java @@ -0,0 +1,54 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + +package com.linecorp.line.auth.fido.fido2.base.config; + +import com.linecorp.line.auth.fido.fido2.server.attestation.AttestationVerifierFactory; +import com.linecorp.line.auth.fido.fido2.server.attestation.android.keyattestation.RevokeCheckerClient; +import com.linecorp.line.auth.fido.fido2.server.service.*; +import org.springframework.boot.autoconfigure.domain.EntityScan; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.ComponentScan; +import org.springframework.context.annotation.Configuration; +import org.springframework.data.jpa.repository.config.EnableJpaRepositories; + +@Configuration +@EntityScan(basePackages = {"com.linecorp.line.auth.fido.fido2.base.entity"}) +@EnableJpaRepositories(basePackages = {"com.linecorp.line.auth.fido.fido2.base.repository",}) +@ComponentScan(basePackages = { + "com.linecorp.line.auth.fido.fido2.server.service", + "com.linecorp.line.auth.fido.fido2.server.attestation", + "com.linecorp.line.auth.fido.fido2.server.attestation.android.keyattestation", + "com.linecorp.line.auth.fido.fido2.server.config", + "com.linecorp.line.auth.fido.fido2.base.service", + "com.linecorp.line.auth.fido.fido2.base.config", +}) +public class BaseAutoConfiguration { + + @Bean + public ChallengeServiceImpl ChallengeService(final RpService rpService, + final UserKeyService userKeyService, + final SessionService sessionService) { + return new ChallengeServiceImpl(rpService, + userKeyService, + sessionService); + } + + @Bean + public AttestationService attestationService(final MetadataService metadataService, final VendorSpecificMetadataService vendorSpecificMetadataService, final AttestationVerifierFactory attestationVerifierFactory, final RevokeCheckerClient revokeCheckerClient) { + return new AttestationServiceImpl(metadataService, vendorSpecificMetadataService, attestationVerifierFactory, revokeCheckerClient); + } +} diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/NetworkClientConfig.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/config/NetworkClientConfiguration.java similarity index 81% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/NetworkClientConfig.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/config/NetworkClientConfiguration.java index 2a51466..b9a2722 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/NetworkClientConfig.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/config/NetworkClientConfiguration.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,14 +14,14 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.config; +package com.linecorp.line.auth.fido.fido2.base.config; import com.linecorp.line.auth.fido.fido2.server.attestation.android.keyattestation.RevokeCheckerClient; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @Configuration -public class NetworkClientConfig { +public class NetworkClientConfiguration { @Bean public RevokeCheckerClient RevokeCheckerClient(){ return new RevokeCheckerClient(); diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/BouncyCastleConfig.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/config/SecurityConfiguration.java similarity index 59% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/BouncyCastleConfig.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/config/SecurityConfiguration.java index 6b72e54..af36db2 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/BouncyCastleConfig.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/config/SecurityConfiguration.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,20 +14,29 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.config; - -import java.security.Security; - -import javax.annotation.PostConstruct; +package com.linecorp.line.auth.fido.fido2.base.config; +import net.i2p.crypto.eddsa.EdDSASecurityProvider; import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.springframework.context.annotation.Configuration; +import javax.annotation.PostConstruct; +import java.security.Security; + @Configuration -public class BouncyCastleConfig { +public class SecurityConfiguration { + @PostConstruct + private void setEnableCRLDP() { + System.setProperty("com.sun.security.enableCRLDP", "true"); + } @PostConstruct - private void setSecurityProvider() { + private void setBouncyCastleSecurityProvider() { Security.addProvider(new BouncyCastleProvider()); } + + @PostConstruct + private void setEdDSASecurityProvider() { + Security.addProvider(new EdDSASecurityProvider()); + } } diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/AuthenticatorTransportEntity.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/AuthenticatorTransportEntity.java similarity index 89% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/AuthenticatorTransportEntity.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/AuthenticatorTransportEntity.java index 01d53f5..83f9683 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/AuthenticatorTransportEntity.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/AuthenticatorTransportEntity.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,7 +14,7 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.entity; +package com.linecorp.line.auth.fido.fido2.base.entity; import javax.persistence.Column; import javax.persistence.Entity; diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/MetadataEntity.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/MetadataEntity.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/MetadataEntity.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/MetadataEntity.java index a13fa41..9fe6c7a 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/MetadataEntity.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/MetadataEntity.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,7 +14,7 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.entity; +package com.linecorp.line.auth.fido.fido2.base.entity; import javax.persistence.*; diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/MetadataTocEntity.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/MetadataTocEntity.java similarity index 89% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/MetadataTocEntity.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/MetadataTocEntity.java index cfd6138..12d89c5 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/MetadataTocEntity.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/MetadataTocEntity.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,7 +14,7 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.entity; +package com.linecorp.line.auth.fido.fido2.base.entity; import javax.persistence.Column; import javax.persistence.Entity; diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/MetadataYubicoEntity.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/MetadataYubicoEntity.java similarity index 87% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/MetadataYubicoEntity.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/MetadataYubicoEntity.java index 67d6f75..d6ee56b 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/MetadataYubicoEntity.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/MetadataYubicoEntity.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,7 +14,7 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.entity; +package com.linecorp.line.auth.fido.fido2.base.entity; import javax.persistence.Column; import javax.persistence.Entity; diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/RpEntity.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/RpEntity.java similarity index 86% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/RpEntity.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/RpEntity.java index 0297604..afa6135 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/RpEntity.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/RpEntity.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,7 +14,7 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.entity; +package com.linecorp.line.auth.fido.fido2.base.entity; import javax.persistence.Column; import javax.persistence.Entity; diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/UserKeyEntity.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/UserKeyEntity.java similarity index 93% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/UserKeyEntity.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/UserKeyEntity.java index 4f37d61..8059ba8 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/entity/UserKeyEntity.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/entity/UserKeyEntity.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,7 +14,7 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.entity; +package com.linecorp.line.auth.fido.fido2.base.entity; import com.linecorp.line.auth.fido.fido2.common.server.AttestationType; import lombok.AllArgsConstructor; diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/AuthenticatorTransportRepository.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/AuthenticatorTransportRepository.java similarity index 75% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/AuthenticatorTransportRepository.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/AuthenticatorTransportRepository.java index 44d188b..fd7f9a5 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/AuthenticatorTransportRepository.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/AuthenticatorTransportRepository.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,12 +14,12 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.repository; +package com.linecorp.line.auth.fido.fido2.base.repository; import org.springframework.data.repository.CrudRepository; import org.springframework.stereotype.Repository; -import com.linecorp.line.auth.fido.fido2.server.entity.AuthenticatorTransportEntity; +import com.linecorp.line.auth.fido.fido2.base.entity.AuthenticatorTransportEntity; @Repository public interface AuthenticatorTransportRepository extends CrudRepository { diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/MetadataRepository.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/MetadataRepository.java similarity index 78% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/MetadataRepository.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/MetadataRepository.java index 2e21a35..843fdb9 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/MetadataRepository.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/MetadataRepository.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,9 +14,9 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.repository; +package com.linecorp.line.auth.fido.fido2.base.repository; -import com.linecorp.line.auth.fido.fido2.server.entity.MetadataEntity; +import com.linecorp.line.auth.fido.fido2.base.entity.MetadataEntity; import org.springframework.data.repository.CrudRepository; import org.springframework.stereotype.Repository; diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/MetadataTocRepository.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/MetadataTocRepository.java similarity index 77% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/MetadataTocRepository.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/MetadataTocRepository.java index e199325..24d93f6 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/MetadataTocRepository.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/MetadataTocRepository.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,12 +14,12 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.repository; +package com.linecorp.line.auth.fido.fido2.base.repository; import org.springframework.data.repository.CrudRepository; import org.springframework.stereotype.Repository; -import com.linecorp.line.auth.fido.fido2.server.entity.MetadataTocEntity; +import com.linecorp.line.auth.fido.fido2.base.entity.MetadataTocEntity; @Repository public interface MetadataTocRepository extends CrudRepository { diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/MetadataYubicoRepository.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/MetadataYubicoRepository.java similarity index 76% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/MetadataYubicoRepository.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/MetadataYubicoRepository.java index b3c1eb5..9ffdb8f 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/MetadataYubicoRepository.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/MetadataYubicoRepository.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,12 +14,12 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.repository; +package com.linecorp.line.auth.fido.fido2.base.repository; import org.springframework.data.repository.CrudRepository; import org.springframework.stereotype.Repository; -import com.linecorp.line.auth.fido.fido2.server.entity.MetadataYubicoEntity; +import com.linecorp.line.auth.fido.fido2.base.entity.MetadataYubicoEntity; @Repository public interface MetadataYubicoRepository extends CrudRepository { diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/RpRepository.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/RpRepository.java similarity index 75% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/RpRepository.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/RpRepository.java index efbaa8c..78586d3 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/RpRepository.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/RpRepository.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,12 +14,12 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.repository; +package com.linecorp.line.auth.fido.fido2.base.repository; import org.springframework.data.repository.CrudRepository; import org.springframework.stereotype.Repository; -import com.linecorp.line.auth.fido.fido2.server.entity.RpEntity; +import com.linecorp.line.auth.fido.fido2.base.entity.RpEntity; @Repository public interface RpRepository extends CrudRepository { diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/UserKeyRepository.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/UserKeyRepository.java similarity index 79% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/UserKeyRepository.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/UserKeyRepository.java index 8508b71..3c6fb5f 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/UserKeyRepository.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/repository/UserKeyRepository.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,13 +14,12 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.repository; +package com.linecorp.line.auth.fido.fido2.base.repository; +import com.linecorp.line.auth.fido.fido2.base.entity.UserKeyEntity; import org.springframework.data.repository.CrudRepository; import org.springframework.stereotype.Repository; -import com.linecorp.line.auth.fido.fido2.server.entity.UserKeyEntity; - import java.util.List; @Repository diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/MdsV3MetadataHelper.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/MdsV3ServiceImpl.java similarity index 91% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/MdsV3MetadataHelper.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/MdsV3ServiceImpl.java index 9cc21df..9a505d4 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/helper/MdsV3MetadataHelper.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/MdsV3ServiceImpl.java @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,26 +14,23 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.helper; +package com.linecorp.line.auth.fido.fido2.base.service; import com.auth0.jwt.JWT; import com.auth0.jwt.interfaces.DecodedJWT; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.DeserializationFeature; import com.fasterxml.jackson.databind.ObjectMapper; +import com.linecorp.line.auth.fido.fido2.base.entity.MetadataEntity; +import com.linecorp.line.auth.fido.fido2.base.repository.MetadataRepository; +import com.linecorp.line.auth.fido.fido2.base.repository.MetadataTocRepository; import com.linecorp.line.auth.fido.fido2.common.mdsv3.AuthenticatorStatus; import com.linecorp.line.auth.fido.fido2.common.mdsv3.MetadataBLOBPayload; import com.linecorp.line.auth.fido.fido2.common.mdsv3.MetadataBLOBPayloadEntry; -import com.linecorp.line.auth.fido.fido2.server.config.MdsInfo; -import com.linecorp.line.auth.fido.fido2.server.entity.MetadataEntity; -import com.linecorp.line.auth.fido.fido2.server.entity.MetadataTocEntity; +import com.linecorp.line.auth.fido.fido2.base.entity.MetadataTocEntity; import com.linecorp.line.auth.fido.fido2.server.error.InternalErrorCode; import com.linecorp.line.auth.fido.fido2.server.exception.FIDO2ServerRuntimeException; -import com.linecorp.line.auth.fido.fido2.server.exception.MdsV3MetadataException; -import com.linecorp.line.auth.fido.fido2.server.mds.MetadataTOCResult; -import com.linecorp.line.auth.fido.fido2.server.repository.MetadataRepository; -import com.linecorp.line.auth.fido.fido2.server.repository.MetadataTocRepository; -import com.linecorp.line.auth.fido.fido2.server.util.MdsV3MetadataCertificateUtil; +import com.linecorp.line.auth.fido.fido2.server.mds.*; import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Component; import org.springframework.util.ObjectUtils; @@ -44,17 +41,18 @@ @Slf4j @Component -public class MdsV3MetadataHelper { +public class MdsV3ServiceImpl implements MdsService { private final MetadataRepository metadataRepository; private final MetadataTocRepository metadataTocRepository; - public MdsV3MetadataHelper(MetadataRepository metadataRepository, MetadataTocRepository metadataTocRepository) { + public MdsV3ServiceImpl(MetadataRepository metadataRepository, MetadataTocRepository metadataTocRepository) { this.metadataRepository = metadataRepository; this.metadataTocRepository = metadataTocRepository; } + @Override public MetadataTOCResult handle(String metadataToc, MdsInfo mdsInfo) throws CertificateException, MdsV3MetadataException { MetadataBLOBPayload metadataBLOBPayload = createMetadataBLOBPayload(metadataToc); diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataServiceImpl.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/MetadataServiceImpl.java similarity index 89% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataServiceImpl.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/MetadataServiceImpl.java index ba37c7f..59a4b13 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataServiceImpl.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/MetadataServiceImpl.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,22 +14,21 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.service; - -import java.io.IOException; -import java.util.ArrayList; -import java.util.List; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; +package com.linecorp.line.auth.fido.fido2.base.service; import com.fasterxml.jackson.databind.ObjectMapper; - -import com.linecorp.line.auth.fido.fido2.server.entity.MetadataEntity; +import com.linecorp.line.auth.fido.fido2.base.entity.MetadataEntity; +import com.linecorp.line.auth.fido.fido2.base.repository.MetadataRepository; +import com.linecorp.line.auth.fido.fido2.common.mdsv3.metadata.MetadataStatement; import com.linecorp.line.auth.fido.fido2.server.error.InternalErrorCode; import com.linecorp.line.auth.fido.fido2.server.exception.FIDO2ServerRuntimeException; -import com.linecorp.line.auth.fido.fido2.server.repository.MetadataRepository; -import com.linecorp.line.auth.fido.fido2.common.mdsv3.metadata.MetadataStatement; +import com.linecorp.line.auth.fido.fido2.server.service.MetadataService; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; @Service public class MetadataServiceImpl implements MetadataService { diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataYubicoServiceImpl.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/MetadataYubicoServiceImpl.java similarity index 82% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataYubicoServiceImpl.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/MetadataYubicoServiceImpl.java index b680a32..48eb086 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/MetadataYubicoServiceImpl.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/MetadataYubicoServiceImpl.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,12 +14,13 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.service; +package com.linecorp.line.auth.fido.fido2.base.service; import com.fasterxml.jackson.databind.ObjectMapper; -import com.linecorp.line.auth.fido.fido2.server.entity.MetadataYubicoEntity; +import com.linecorp.line.auth.fido.fido2.base.repository.MetadataYubicoRepository; +import com.linecorp.line.auth.fido.fido2.base.entity.MetadataYubicoEntity; import com.linecorp.line.auth.fido.fido2.server.model.metadata.yubico.MetadataObject; -import com.linecorp.line.auth.fido.fido2.server.repository.MetadataYubicoRepository; +import com.linecorp.line.auth.fido.fido2.server.service.MetadataYubicoService; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/RpServiceImpl.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/RpServiceImpl.java similarity index 84% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/RpServiceImpl.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/RpServiceImpl.java index eb65da4..b905cab 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/RpServiceImpl.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/RpServiceImpl.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,18 +14,18 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.service; - -import java.util.ArrayList; -import java.util.List; -import java.util.Optional; +package com.linecorp.line.auth.fido.fido2.base.service; +import com.linecorp.line.auth.fido.fido2.base.repository.RpRepository; +import com.linecorp.line.auth.fido.fido2.common.PublicKeyCredentialRpEntity; +import com.linecorp.line.auth.fido.fido2.base.entity.RpEntity; +import com.linecorp.line.auth.fido.fido2.server.service.RpService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import com.linecorp.line.auth.fido.fido2.common.PublicKeyCredentialRpEntity; -import com.linecorp.line.auth.fido.fido2.server.entity.RpEntity; -import com.linecorp.line.auth.fido.fido2.server.repository.RpRepository; +import java.util.ArrayList; +import java.util.List; +import java.util.Optional; @Service public class RpServiceImpl implements RpService { diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/SessionServiceImpl.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/SessionServiceImpl.java similarity index 90% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/SessionServiceImpl.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/SessionServiceImpl.java index 86634aa..9e1a56d 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/SessionServiceImpl.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/SessionServiceImpl.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,24 +14,22 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.service; - -import java.security.NoSuchAlgorithmException; -import java.util.Base64; -import java.util.UUID; - -import javax.crypto.SecretKey; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; +package com.linecorp.line.auth.fido.fido2.base.service; import com.linecorp.line.auth.fido.fido2.server.error.InternalErrorCode; import com.linecorp.line.auth.fido.fido2.server.exception.FIDO2ServerRuntimeException; import com.linecorp.line.auth.fido.fido2.server.model.Session; import com.linecorp.line.auth.fido.fido2.server.repository.SessionRepository; +import com.linecorp.line.auth.fido.fido2.server.service.SessionService; import com.linecorp.line.auth.fido.fido2.server.util.HmacUtil; - import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import javax.crypto.SecretKey; +import java.security.NoSuchAlgorithmException; +import java.util.Base64; +import java.util.UUID; @Slf4j @Service @@ -52,7 +50,7 @@ public Session createSessionData() { hmacKey = HmacUtil.generateHmacKey(); } catch (NoSuchAlgorithmException e) { throw new FIDO2ServerRuntimeException(InternalErrorCode.CRYPTO_OPERATION_EXCEPTION, - "Exception during generating hmac key", e); + "Exception during generating hmac key", e); } String hmacKeyString = Base64.getUrlEncoder().withoutPadding().encodeToString(hmacKey.getEncoded()); session.setId(sessionId); diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/UserKeyServiceImpl.java b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/UserKeyServiceImpl.java similarity index 92% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/UserKeyServiceImpl.java rename to fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/UserKeyServiceImpl.java index fbbb677..b0712c9 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/service/UserKeyServiceImpl.java +++ b/fido2-demo/base/src/main/java/com/linecorp/line/auth/fido/fido2/base/service/UserKeyServiceImpl.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,19 +14,20 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.service; +package com.linecorp.line.auth.fido.fido2.base.service; +import com.linecorp.line.auth.fido.fido2.base.entity.AuthenticatorTransportEntity; +import com.linecorp.line.auth.fido.fido2.base.entity.RpEntity; +import com.linecorp.line.auth.fido.fido2.base.entity.UserKeyEntity; +import com.linecorp.line.auth.fido.fido2.base.repository.RpRepository; +import com.linecorp.line.auth.fido.fido2.base.repository.UserKeyRepository; import com.linecorp.line.auth.fido.fido2.common.AuthenticatorTransport; import com.linecorp.line.auth.fido.fido2.common.extension.CredentialProtectionPolicy; import com.linecorp.line.auth.fido.fido2.common.server.COSEAlgorithm; -import com.linecorp.line.auth.fido.fido2.server.entity.AuthenticatorTransportEntity; -import com.linecorp.line.auth.fido.fido2.server.entity.RpEntity; -import com.linecorp.line.auth.fido.fido2.server.entity.UserKeyEntity; import com.linecorp.line.auth.fido.fido2.server.error.InternalErrorCode; import com.linecorp.line.auth.fido.fido2.server.exception.FIDO2ServerRuntimeException; import com.linecorp.line.auth.fido.fido2.server.model.UserKey; -import com.linecorp.line.auth.fido.fido2.server.repository.RpRepository; -import com.linecorp.line.auth.fido.fido2.server.repository.UserKeyRepository; +import com.linecorp.line.auth.fido.fido2.server.service.UserKeyService; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; @@ -73,8 +74,7 @@ public UserKey createUser(UserKey user) { @Override public boolean isRegistered(String rpId, String userId) { List userKeyEntities = userKeyRepository.findAllByRpEntityIdAndUserId(rpId, userId); - return userKeyEntities != null && - !userKeyEntities.isEmpty(); + return userKeyEntities != null && !userKeyEntities.isEmpty(); } @Override @@ -117,8 +117,7 @@ public void update(UserKey user) { @Override public void deleteWithUserId(String rpId, String userId) { List userKeyEntities = userKeyRepository.findAllByRpEntityIdAndUserId(rpId, userId); - if (userKeyEntities == null || - userKeyEntities.isEmpty()) { + if (userKeyEntities == null || userKeyEntities.isEmpty()) { throw FIDO2ServerRuntimeException.makeCredNotFoundUser(rpId, userId); } userKeyEntities.forEach(userKeyRepository::delete); diff --git a/fido2-demo/base/src/main/resources/META-INF/spring.factories b/fido2-demo/base/src/main/resources/META-INF/spring.factories new file mode 100644 index 0000000..3349b3c --- /dev/null +++ b/fido2-demo/base/src/main/resources/META-INF/spring.factories @@ -0,0 +1,3 @@ +org.springframework.boot.autoconfigure.EnableAutoConfiguration=\ + com.linecorp.line.auth.fido.fido2.base.config.BaseAutoConfiguration + diff --git a/fido2-demo/demo/Dockerfile b/fido2-demo/demo/Dockerfile new file mode 100644 index 0000000..b36d765 --- /dev/null +++ b/fido2-demo/demo/Dockerfile @@ -0,0 +1,12 @@ +FROM gradle:6.8.3-jdk11 AS builder +ENV OPEN_SOURCE_BUILD=true + +USER root +WORKDIR /workspace/app +COPY . . +RUN ./fido2-demo/demo/gradlew dockerBuild + +FROM openjdk:11-jre-slim-buster +EXPOSE 8081 +COPY --from=builder /workspace/app/fido2-demo/demo/build/libs/demo*.jar demo.jar +ENTRYPOINT ["java","-jar","/demo.jar"] diff --git a/fido2-demo/demo/build.gradle b/fido2-demo/demo/build.gradle new file mode 100644 index 0000000..ef3002f --- /dev/null +++ b/fido2-demo/demo/build.gradle @@ -0,0 +1,120 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + +plugins { + id 'org.springframework.boot' + id 'io.spring.dependency-management' + id 'application' + id 'java-library' + id 'org.asciidoctor.jvm.convert' version '3.3.2' +} + +ext { + snippetsDir = file('build/generated-snippets') +} + +test { + useJUnitPlatform() + outputs.dir snippetsDir +} +configurations { + asciidoctorExtensions +} + +asciidoctor.doFirst { + delete file('src/main/resources/static/docs') +} + +asciidoctor { + configurations "asciidoctorExtensions" + inputs.dir snippetsDir + dependsOn test +} + +task makeRestDocs(type: Copy) { + dependsOn asciidoctor + + from file("${asciidoctor.outputDir}") + into file('src/main/resources/static/docs') +} + +bootRun { + mainClassName = 'com.linecorp.line.auth.fido.fido2.demo.Fido2StarterDemoApplication' +} + +repositories { + mavenCentral() +} + +tasks.register('dockerBuild') { + doFirst { + jar.enabled = System.getenv("OPEN_SOURCE_BUILD") != "true" + } + dependsOn(bootJar) +} + + +dependencies { + implementation project(':base') + implementation project(':common') + + implementation 'org.springframework.boot:spring-boot-starter' + implementation('org.springframework.boot:spring-boot-starter-web') + implementation('org.springframework.boot:spring-boot-starter-data-redis') + implementation('com.fasterxml.jackson.dataformat:jackson-dataformat-cbor') + implementation('org.springframework.boot:spring-boot-starter-data-jpa') + + compileOnly 'org.projectlombok:lombok:1.18.18' + annotationProcessor 'org.projectlombok:lombok:1.18.18' + + //local redis + if (System.getProperty('os.arch').toLowerCase().contains('aarch64')) { + // Apple Silicon + implementation('com.github.codemonstur:embedded-redis:1.4.3') + } else { + implementation('com.github.kstyrc:embedded-redis:0.6') + } + + //local db + runtimeOnly('com.h2database:h2') + + //redis client + implementation('redis.clients:jedis') + + //eddsa library + implementation('net.i2p.crypto:eddsa:0.3.0') + + // Test + testImplementation('org.springframework.boot:spring-boot-starter-test') + testImplementation('org.junit.jupiter:junit-jupiter-api:5.8.1') + testRuntimeOnly('org.junit.jupiter:junit-jupiter-engine:5.8.1') + testImplementation("org.mockito:mockito-core") + + //bouncy castle + testImplementation('org.bouncycastle:bcprov-jdk15on:1.60') + + //retrofit + testImplementation('com.squareup.retrofit2:retrofit:2.4.0') + testImplementation('com.squareup.retrofit2:converter-jackson:2.4.0') + + //springdoc + implementation 'org.springdoc:springdoc-openapi-ui:1.6.15' + + //Spring Rest Doc + implementation("org.springframework.boot:spring-boot-starter-actuator") + testImplementation("org.springframework.restdocs:spring-restdocs-mockmvc") + asciidoctorExtensions 'org.springframework.restdocs:spring-restdocs-asciidoctor' +} diff --git a/fido2-demo/demo/gradle/wrapper/gradle-wrapper.jar b/fido2-demo/demo/gradle/wrapper/gradle-wrapper.jar new file mode 100644 index 0000000..1ce6e58 Binary files /dev/null and b/fido2-demo/demo/gradle/wrapper/gradle-wrapper.jar differ diff --git a/fido2-demo/demo/gradle/wrapper/gradle-wrapper.properties b/fido2-demo/demo/gradle/wrapper/gradle-wrapper.properties new file mode 100644 index 0000000..94f0d28 --- /dev/null +++ b/fido2-demo/demo/gradle/wrapper/gradle-wrapper.properties @@ -0,0 +1,6 @@ +#Tue Aug 14 19:05:16 JST 2018 +distributionBase=GRADLE_USER_HOME +distributionPath=wrapper/dists +zipStoreBase=GRADLE_USER_HOME +zipStorePath=wrapper/dists +distributionUrl=https\://services.gradle.org/distributions/gradle-6.8.3-all.zip diff --git a/fido2-demo/demo/gradlew b/fido2-demo/demo/gradlew new file mode 100755 index 0000000..4453cce --- /dev/null +++ b/fido2-demo/demo/gradlew @@ -0,0 +1,172 @@ +#!/usr/bin/env sh + +############################################################################## +## +## Gradle start up script for UN*X +## +############################################################################## + +# Attempt to set APP_HOME +# Resolve links: $0 may be a link +PRG="$0" +# Need this for relative symlinks. +while [ -h "$PRG" ] ; do + ls=`ls -ld "$PRG"` + link=`expr "$ls" : '.*-> \(.*\)$'` + if expr "$link" : '/.*' > /dev/null; then + PRG="$link" + else + PRG=`dirname "$PRG"`"/$link" + fi +done +SAVED="`pwd`" +cd "`dirname \"$PRG\"`/" >/dev/null +APP_HOME="`pwd -P`" +cd "$SAVED" >/dev/null + +APP_NAME="Gradle" +APP_BASE_NAME=`basename "$0"` + +# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +DEFAULT_JVM_OPTS="" + +# Use the maximum available, or set MAX_FD != -1 to use that value. +MAX_FD="maximum" + +warn ( ) { + echo "$*" +} + +die ( ) { + echo + echo "$*" + echo + exit 1 +} + +# OS specific support (must be 'true' or 'false'). +cygwin=false +msys=false +darwin=false +nonstop=false +case "`uname`" in + CYGWIN* ) + cygwin=true + ;; + Darwin* ) + darwin=true + ;; + MINGW* ) + msys=true + ;; + NONSTOP* ) + nonstop=true + ;; +esac + +CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar + +# Determine the Java command to use to start the JVM. +if [ -n "$JAVA_HOME" ] ; then + if [ -x "$JAVA_HOME/jre/sh/java" ] ; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD="$JAVA_HOME/jre/sh/java" + else + JAVACMD="$JAVA_HOME/bin/java" + fi + if [ ! -x "$JAVACMD" ] ; then + die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +else + JAVACMD="java" + which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." +fi + +# Increase the maximum file descriptors if we can. +if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then + MAX_FD_LIMIT=`ulimit -H -n` + if [ $? -eq 0 ] ; then + if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then + MAX_FD="$MAX_FD_LIMIT" + fi + ulimit -n $MAX_FD + if [ $? -ne 0 ] ; then + warn "Could not set maximum file descriptor limit: $MAX_FD" + fi + else + warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" + fi +fi + +# For Darwin, add options to specify how the application appears in the dock +if $darwin; then + GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" +fi + +# For Cygwin, switch paths to Windows format before running java +if $cygwin ; then + APP_HOME=`cygpath --path --mixed "$APP_HOME"` + CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` + JAVACMD=`cygpath --unix "$JAVACMD"` + + # We build the pattern for arguments to be converted via cygpath + ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null` + SEP="" + for dir in $ROOTDIRSRAW ; do + ROOTDIRS="$ROOTDIRS$SEP$dir" + SEP="|" + done + OURCYGPATTERN="(^($ROOTDIRS))" + # Add a user-defined pattern to the cygpath arguments + if [ "$GRADLE_CYGPATTERN" != "" ] ; then + OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" + fi + # Now convert the arguments - kludge to limit ourselves to /bin/sh + i=0 + for arg in "$@" ; do + CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -` + CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option + + if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition + eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"` + else + eval `echo args$i`="\"$arg\"" + fi + i=$((i+1)) + done + case $i in + (0) set -- ;; + (1) set -- "$args0" ;; + (2) set -- "$args0" "$args1" ;; + (3) set -- "$args0" "$args1" "$args2" ;; + (4) set -- "$args0" "$args1" "$args2" "$args3" ;; + (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; + (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; + (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; + (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; + (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; + esac +fi + +# Escape application args +save ( ) { + for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done + echo " " +} +APP_ARGS=$(save "$@") + +# Collect all arguments for the java command, following the shell quoting and substitution rules +eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" + +# by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong +if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then + cd "$(dirname "$0")" +fi + +exec "$JAVACMD" "$@" diff --git a/fido2-demo/demo/gradlew.bat b/fido2-demo/demo/gradlew.bat new file mode 100644 index 0000000..f955316 --- /dev/null +++ b/fido2-demo/demo/gradlew.bat @@ -0,0 +1,84 @@ +@if "%DEBUG%" == "" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%" == "" set DIRNAME=. +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS= + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if "%ERRORLEVEL%" == "0" goto init + +echo. +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto init + +echo. +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:init +@rem Get command-line arguments, handling Windows variants + +if not "%OS%" == "Windows_NT" goto win9xME_args + +:win9xME_args +@rem Slurp the command line arguments. +set CMD_LINE_ARGS= +set _SKIP=2 + +:win9xME_args_slurp +if "x%~1" == "x" goto execute + +set CMD_LINE_ARGS=%* + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% + +:end +@rem End local scope for the variables with windows NT shell +if "%ERRORLEVEL%"=="0" goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 +exit /b 1 + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/fido2-demo/demo/src/docs/asciidoc/api-guide.adoc b/fido2-demo/demo/src/docs/asciidoc/api-guide.adoc new file mode 100644 index 0000000..e25254b --- /dev/null +++ b/fido2-demo/demo/src/docs/asciidoc/api-guide.adoc @@ -0,0 +1,88 @@ += LINE FIDO2 SERVER API Guide +LINE Corp; +:doctype: book +:icons: font +:source-highlighter: highlightjs +:toc: left +:toclevels: 4 +:sectlinks: + +[[introduction]] += Introduction + +This document is about the APIs of the LINE FIDO2 Server application that has been released as open-source. + +These define the messages exchanged between the RP server and LINE FIDO2 server. + +For more information, please see README.md at the link below. + +https://github.com/line/line-fido2-server + + + +If you want to know the details of the WebAuthn standard, you can also refer to the official documentation. + +https://www.w3.org/TR/webauthn-2/ + + + +Basically, FIDO2 has the following operations - Registration, Authentication. + +Example APIs worked like this: + +- Work with server-side credentials. +(https://www.w3.org/TR/webauthn/#server-side-credential) + +- Use the platform authenticator in the Chrome browser on Mac OS. + +- Attestation Type is "NONE". + + + +=== Registration + +Registration consists of two APIs: an API for requesting a challenge, and an API for delivering the results of the client's registration. + +==== Get Reg Challenge + +operation::challenge-controller-test/get-reg-challenge_success[snippets='http-request,http-response'] + +==== Send Reg Response + +operation::response-controller-test/send-reg-response_success[snippets='http-request,http-response'] + +=== Authentication + +Authentication consists of two APIs: an API for requesting a challenge and an API for delivering the client's authentication result. + +==== Get Auth Challenge + +operation::challenge-controller-test/get-auth-challenge_success[snippets='http-request,http-response'] + +==== Send Auth Response + +operation::response-controller-test/send-auth-response_success[snippets='http-request,http-response'] + +=== Credential API + +NOTE: These are not within the scope of the WebAuthn specification but its own APIs. + +==== Get Credential by CredentialId +operation::credential-controller-test/get-credential-with-credential-id-and-rp-id_success[snippets='http-request,path-parameters,request-parameters,http-response'] + +==== Get Credential by UserId +operation::credential-controller-test/get-credentials-with-user-id-and-rp-id_success[snippets='http-request,request-parameters,http-response'] + +==== Delete Credential by CredentialId +operation::credential-controller-test/delete-credential-with-credential-id-and-rp-id_success[snippets='http-request,path-parameters,request-parameters,http-response'] + +==== Delete Credential by UserId +operation::credential-controller-test/delete-credential-with-user-id-id-and-rp-id_success[snippets='http-request,request-parameters,http-response'] + + +=== Health Check + +NOTE: This is not within the scope of the WebAuthn specification but its own API. + +=== Get Health Check Status +operation::health-check-controller-test/health-check_success[snippets='http-request,http-response'] diff --git a/spring-boot-starter/line-fido2-spring-boot-demo/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/Fido2StarterDemoApplication.java b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/Fido2StarterDemoApplication.java similarity index 78% rename from spring-boot-starter/line-fido2-spring-boot-demo/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/Fido2StarterDemoApplication.java rename to fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/Fido2StarterDemoApplication.java index b098f5d..5876063 100644 --- a/spring-boot-starter/line-fido2-spring-boot-demo/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/Fido2StarterDemoApplication.java +++ b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/Fido2StarterDemoApplication.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,13 +14,11 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.springboot; +package com.linecorp.line.auth.fido.fido2.demo; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; -import org.springframework.cache.annotation.EnableCaching; -@EnableCaching @SpringBootApplication public class Fido2StarterDemoApplication { diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/advice/RestExceptionHandler.java b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/advice/RestExceptionHandler.java similarity index 96% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/advice/RestExceptionHandler.java rename to fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/advice/RestExceptionHandler.java index 1f0801b..7a00887 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/advice/RestExceptionHandler.java +++ b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/advice/RestExceptionHandler.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,14 +14,13 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.advice; +package com.linecorp.line.auth.fido.fido2.demo.advice; import com.linecorp.line.auth.fido.fido2.common.server.ServerResponse; import com.linecorp.line.auth.fido.fido2.server.error.InternalErrorCode; import com.linecorp.line.auth.fido.fido2.server.exception.FIDO2ServerRuntimeException; import com.linecorp.line.auth.fido.fido2.server.model.FIDOServerErrorResponse; import lombok.extern.slf4j.Slf4j; - import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/EmbeddedRedisServerConfig.java b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/config/EmbeddedRedisServerConfiguration.java similarity index 90% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/EmbeddedRedisServerConfig.java rename to fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/config/EmbeddedRedisServerConfiguration.java index 2b76996..4c792bb 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/EmbeddedRedisServerConfig.java +++ b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/config/EmbeddedRedisServerConfiguration.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,25 +14,23 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.config; - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStreamReader; - -import javax.annotation.PostConstruct; -import javax.annotation.PreDestroy; +package com.linecorp.line.auth.fido.fido2.demo.config; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Profile; import org.springframework.stereotype.Component; - import org.springframework.util.StringUtils; import redis.embedded.RedisServer; +import javax.annotation.PostConstruct; +import javax.annotation.PreDestroy; +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStreamReader; + @Component @Profile("!prod") -public class EmbeddedRedisServerConfig { +public class EmbeddedRedisServerConfiguration { @Value("${redis.port}") private int redisPort; @@ -46,7 +44,7 @@ public void startRedis() throws IOException { } @PreDestroy - public void stopRedis() { + public void stopRedis() throws IOException { redisServer.stop(); } diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/RedisClusterConfig.java b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/config/RedisClusterConfiguration.java similarity index 82% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/RedisClusterConfig.java rename to fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/config/RedisClusterConfiguration.java index 8c80129..b1e264b 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/RedisClusterConfig.java +++ b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/config/RedisClusterConfiguration.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,8 +14,9 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.config; +package com.linecorp.line.auth.fido.fido2.demo.config; +import com.linecorp.line.auth.fido.fido2.demo.redis.RedisProps; import lombok.RequiredArgsConstructor; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; @@ -23,7 +24,6 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Profile; -import org.springframework.data.redis.connection.RedisClusterConfiguration; import org.springframework.data.redis.connection.RedisConnectionFactory; import org.springframework.data.redis.connection.RedisPassword; import org.springframework.data.redis.connection.jedis.JedisConnectionFactory; @@ -34,7 +34,7 @@ @Profile("prod") @RequiredArgsConstructor @EnableConfigurationProperties(value = {RedisProps.class}) -public class RedisClusterConfig { +public class RedisClusterConfiguration { @Autowired private RedisProps redisProps; @@ -44,7 +44,7 @@ public class RedisClusterConfig { @Bean public RedisConnectionFactory redisConnectionFactory() { - RedisClusterConfiguration redisConfig = new RedisClusterConfiguration(redisProps.getNodes()); + org.springframework.data.redis.connection.RedisClusterConfiguration redisConfig = new org.springframework.data.redis.connection.RedisClusterConfiguration(redisProps.getNodes()); redisConfig.setMaxRedirects(redisProps.getMaxRedirects()); RedisPassword password = RedisPassword.of(redisPassword); redisConfig.setPassword(password); diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/RedisConfig.java b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/config/RedisConfiguration.java similarity index 92% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/RedisConfig.java rename to fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/config/RedisConfiguration.java index 18b5d22..0ee19b7 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/RedisConfig.java +++ b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/config/RedisConfiguration.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,7 +14,7 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.config; +package com.linecorp.line.auth.fido.fido2.demo.config; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; @@ -29,7 +29,7 @@ @Configuration @Profile("!prod") -public class RedisConfig { +public class RedisConfiguration { @Value("${redis.host}") private String redisHostName; @Value("${redis.port}") diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/controller/ChallengeController.java b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/controller/ChallengeController.java similarity index 82% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/controller/ChallengeController.java rename to fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/controller/ChallengeController.java index d6d4ead..27ba200 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/controller/ChallengeController.java +++ b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/controller/ChallengeController.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,30 +14,27 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.controller; - -import javax.validation.Valid; +package com.linecorp.line.auth.fido.fido2.demo.controller; import com.linecorp.line.auth.fido.fido2.common.server.AuthOptionRequest; import com.linecorp.line.auth.fido.fido2.common.server.AuthOptionResponse; import com.linecorp.line.auth.fido.fido2.common.server.RegOptionRequest; import com.linecorp.line.auth.fido.fido2.common.server.RegOptionResponse; import com.linecorp.line.auth.fido.fido2.server.service.ChallengeService; +import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; +import javax.validation.Valid; + @Slf4j @RestController +@RequiredArgsConstructor public class ChallengeController { - private final ChallengeService challengeService; - @Autowired - public ChallengeController(ChallengeService challengeService) { - this.challengeService = challengeService; - } + private final ChallengeService challengeService; @PostMapping(path = "fido2/reg/challenge") public RegOptionResponse getRegChallenge(@Valid @RequestBody RegOptionRequest regOptionRequest) { diff --git a/spring-boot-starter/line-fido2-spring-boot-demo/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/controller/CredentialController.java b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/controller/CredentialController.java similarity index 82% rename from spring-boot-starter/line-fido2-spring-boot-demo/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/controller/CredentialController.java rename to fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/controller/CredentialController.java index 96fa6b0..b459148 100644 --- a/spring-boot-starter/line-fido2-spring-boot-demo/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/controller/CredentialController.java +++ b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/controller/CredentialController.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,39 +14,26 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.springboot.controller; +package com.linecorp.line.auth.fido.fido2.demo.controller; -import java.util.ArrayList; -import java.util.Base64; -import java.util.List; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.web.bind.annotation.DeleteMapping; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; - -import com.linecorp.line.auth.fido.fido2.common.server.BaseResponse; -import com.linecorp.line.auth.fido.fido2.common.server.GetCredentialResult; -import com.linecorp.line.auth.fido.fido2.common.server.GetCredentialsResult; -import com.linecorp.line.auth.fido.fido2.common.server.ServerResponse; -import com.linecorp.line.auth.fido.fido2.common.server.ServerUserKey; +import com.linecorp.line.auth.fido.fido2.common.server.*; import com.linecorp.line.auth.fido.fido2.server.error.InternalErrorCode; import com.linecorp.line.auth.fido.fido2.server.model.UserKey; import com.linecorp.line.auth.fido.fido2.server.service.UserKeyService; - +import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; +import org.springframework.web.bind.annotation.*; + +import java.util.ArrayList; +import java.util.Base64; +import java.util.List; @Slf4j @RestController +@RequiredArgsConstructor public class CredentialController { - private final UserKeyService userKeyService; - @Autowired - public CredentialController(UserKeyService userKeyService) { - this.userKeyService = userKeyService; - } + private final UserKeyService userKeyService; @GetMapping(path = "fido2/credentials/{id}") public GetCredentialResult getCredentialWithCredentialIdAndRpId( diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/controller/HealthCheckController.java b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/controller/HealthCheckController.java similarity index 82% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/controller/HealthCheckController.java rename to fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/controller/HealthCheckController.java index 1568f40..e5f44ef 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/controller/HealthCheckController.java +++ b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/controller/HealthCheckController.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,7 +14,7 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.controller; +package com.linecorp.line.auth.fido.fido2.demo.controller; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RestController; diff --git a/spring-boot-starter/line-fido2-spring-boot-demo/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/controller/ResponseController.java b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/controller/ResponseController.java similarity index 84% rename from spring-boot-starter/line-fido2-spring-boot-demo/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/controller/ResponseController.java rename to fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/controller/ResponseController.java index 0e1f38e..a664d2e 100644 --- a/spring-boot-starter/line-fido2-spring-boot-demo/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/controller/ResponseController.java +++ b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/controller/ResponseController.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,31 +14,27 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.springboot.controller; - -import javax.validation.Valid; +package com.linecorp.line.auth.fido.fido2.demo.controller; import com.linecorp.line.auth.fido.fido2.common.server.RegisterCredential; import com.linecorp.line.auth.fido.fido2.common.server.RegisterCredentialResult; import com.linecorp.line.auth.fido.fido2.common.server.VerifyCredential; import com.linecorp.line.auth.fido.fido2.common.server.VerifyCredentialResult; import com.linecorp.line.auth.fido.fido2.server.service.ResponseService; +import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; +import javax.validation.Valid; + @Slf4j @RestController +@RequiredArgsConstructor public class ResponseController { private final ResponseService responseService; - @Autowired - public ResponseController(ResponseService responseService) { - this.responseService = responseService; - } - @PostMapping(path = "fido2/reg/response") public RegisterCredentialResult sendRegResponse(@Valid @RequestBody RegisterCredential registerCredential) { return responseService.handleAttestation(registerCredential.getServerPublicKeyCredential(), registerCredential.getSessionId(), diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/RedisProps.java b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/redis/RedisProps.java similarity index 83% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/RedisProps.java rename to fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/redis/RedisProps.java index ee9b1aa..470f93d 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/RedisProps.java +++ b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/redis/RedisProps.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,7 +14,7 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.config; +package com.linecorp.line.auth.fido.fido2.demo.redis; import lombok.Data; import org.springframework.boot.context.properties.ConfigurationProperties; @@ -28,4 +28,4 @@ public class RedisProps { private List nodes; private int maxRedirects; -} \ No newline at end of file +} diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/SessionRepositoryImp.java b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/repository/SessionRepositoryImp.java similarity index 88% rename from server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/SessionRepositoryImp.java rename to fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/repository/SessionRepositoryImp.java index 5d50e07..898c4dd 100644 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/repository/SessionRepositoryImp.java +++ b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/repository/SessionRepositoryImp.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,19 +14,18 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.repository; - -import java.util.concurrent.TimeUnit; - -import javax.annotation.PostConstruct; +package com.linecorp.line.auth.fido.fido2.demo.repository; +import com.linecorp.line.auth.fido.fido2.server.model.Session; +import com.linecorp.line.auth.fido.fido2.server.repository.SessionRepository; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.data.redis.core.ValueOperations; import org.springframework.stereotype.Repository; -import com.linecorp.line.auth.fido.fido2.server.model.Session; +import javax.annotation.PostConstruct; +import java.util.concurrent.TimeUnit; @Repository public class SessionRepositoryImp implements SessionRepository { @@ -38,12 +37,12 @@ public class SessionRepositoryImp implements SessionRepository { private long sessionTtlMillis; @Autowired - public SessionRepositoryImp(RedisTemplate redisTemplate){ + public SessionRepositoryImp(RedisTemplate redisTemplate) { this.redisTemplate = redisTemplate; } @PostConstruct - private void init(){ + private void init() { valueOperations = redisTemplate.opsForValue(); } diff --git a/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/service/AppOriginServiceImpl.java b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/service/AppOriginServiceImpl.java new file mode 100644 index 0000000..1bd408a --- /dev/null +++ b/fido2-demo/demo/src/main/java/com/linecorp/line/auth/fido/fido2/demo/service/AppOriginServiceImpl.java @@ -0,0 +1,41 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + +package com.linecorp.line.auth.fido.fido2.demo.service; + +import com.linecorp.line.auth.fido.fido2.server.service.AppOriginService; +import lombok.Getter; +import lombok.RequiredArgsConstructor; +import lombok.Setter; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.stereotype.Service; + +import java.util.List; + +@ConfigurationProperties(prefix = "app") +@Service +@RequiredArgsConstructor +@Getter +@Setter +public class AppOriginServiceImpl implements AppOriginService { + + private List origins; + + @Override + public List getOrigins(String rpId) { + return origins; + } +} diff --git a/spring-boot-starter/line-fido2-spring-boot-demo/src/main/resources/application-local.yml b/fido2-demo/demo/src/main/resources/application-local.yml similarity index 72% rename from spring-boot-starter/line-fido2-spring-boot-demo/src/main/resources/application-local.yml rename to fido2-demo/demo/src/main/resources/application-local.yml index 5c5f090..c9bcbad 100644 --- a/spring-boot-starter/line-fido2-spring-boot-demo/src/main/resources/application-local.yml +++ b/fido2-demo/demo/src/main/resources/application-local.yml @@ -11,6 +11,8 @@ spring: url: jdbc:h2:mem:userdb; username: sa password: + jpa: + defer-datasource-initialization: true server: port: 8081 redis: @@ -22,4 +24,9 @@ logging: com.linecorp.line: DEBUG org.springframework.web: DEBUG org.hibernate: DEBUG +app: + origins: # This item does not need to be applied for web cases. + - android:aaa-bbb + - ios:aaa-bbb + diff --git a/server/src/main/resources/application.yml b/fido2-demo/demo/src/main/resources/application.yml similarity index 86% rename from server/src/main/resources/application.yml rename to fido2-demo/demo/src/main/resources/application.yml index 7b92e68..757d742 100644 --- a/server/src/main/resources/application.yml +++ b/fido2-demo/demo/src/main/resources/application.yml @@ -3,9 +3,6 @@ spring: active: local config: use-legacy-processing: true - cache: - jcache: - config: classpath:ehcache.xml server: port: 8081 fido: @@ -20,19 +17,6 @@ fido: session-ttl-millis: 180000 accept-unregistered-authenticators: true -logbook: - write: - level: INFO - category: http.wire-log - obfuscate: - headers: - - host - - origin - - referer - - user-agent - - accept-encoding - exclude: - - /health mds: enable-mds : false sources: diff --git a/fido2-demo/demo/src/main/resources/data.sql b/fido2-demo/demo/src/main/resources/data.sql new file mode 100644 index 0000000..88aa01a --- /dev/null +++ b/fido2-demo/demo/src/main/resources/data.sql @@ -0,0 +1,3 @@ +-- test rp +insert into rp (id, name, description) +values ('localhost', 'example1', 'example1'); diff --git a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/ServerApplicationTests.java b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/ServerApplicationTests.java similarity index 69% rename from server/src/test/java/com/linecorp/line/auth/fido/fido2/server/ServerApplicationTests.java rename to fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/ServerApplicationTests.java index 47de189..c77c344 100644 --- a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/ServerApplicationTests.java +++ b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/ServerApplicationTests.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,16 +14,13 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server; +package com.linecorp.line.auth.fido.fido2.demo; import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.extension.ExtendWith; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.test.context.junit.jupiter.SpringExtension; -@ExtendWith(SpringExtension.class) @SpringBootTest public class ServerApplicationTests { diff --git a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/advice/RestExceptionHandlerTest.java b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/advice/RestExceptionHandlerTest.java similarity index 96% rename from server/src/test/java/com/linecorp/line/auth/fido/fido2/server/advice/RestExceptionHandlerTest.java rename to fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/advice/RestExceptionHandlerTest.java index 1b551a6..6463c14 100644 --- a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/advice/RestExceptionHandlerTest.java +++ b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/advice/RestExceptionHandlerTest.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,7 +14,7 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.advice; +package com.linecorp.line.auth.fido.fido2.demo.advice; import com.linecorp.line.auth.fido.fido2.server.exception.FIDO2ServerRuntimeException; import org.junit.jupiter.api.BeforeEach; @@ -93,4 +93,4 @@ public void throwRuntimeException() { throw new RuntimeException(RUNTIME_EXCEPTION_MSG); } } -} \ No newline at end of file +} diff --git a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerifierFactoryTest.java b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/attestation/AttestationVerifierFactoryTest.java similarity index 98% rename from server/src/test/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerifierFactoryTest.java rename to fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/attestation/AttestationVerifierFactoryTest.java index 51f4757..934facf 100644 --- a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/attestation/AttestationVerifierFactoryTest.java +++ b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/attestation/AttestationVerifierFactoryTest.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,20 +14,20 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.attestation; +package com.linecorp.line.auth.fido.fido2.demo.attestation; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.dataformat.cbor.CBORFactory; import com.linecorp.line.auth.fido.fido2.common.crypto.Digests; import com.linecorp.line.auth.fido.fido2.common.server.AttestationType; +import com.linecorp.line.auth.fido.fido2.server.attestation.AttestationVerificationResult; +import com.linecorp.line.auth.fido.fido2.server.attestation.AttestationVerifierFactory; import com.linecorp.line.auth.fido.fido2.server.model.AttestationObject; import com.linecorp.line.auth.fido.fido2.server.model.AttestationStatementFormatIdentifier; import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.extension.ExtendWith; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.test.context.junit.jupiter.SpringExtension; import java.io.IOException; import java.security.NoSuchAlgorithmException; @@ -35,7 +35,6 @@ import static org.assertj.core.api.Assertions.assertThat; -@ExtendWith(SpringExtension.class) @SpringBootTest public class AttestationVerifierFactoryTest { @Autowired diff --git a/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/attestation/android/keyattestation/CertRevokeCheckerCacheTest.java b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/attestation/android/keyattestation/CertRevokeCheckerCacheTest.java new file mode 100644 index 0000000..64495bd --- /dev/null +++ b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/attestation/android/keyattestation/CertRevokeCheckerCacheTest.java @@ -0,0 +1,52 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + +package com.linecorp.line.auth.fido.fido2.demo.attestation.android.keyattestation; + +import com.linecorp.line.auth.fido.fido2.server.attestation.android.keyattestation.RevokeCheckerClient; +import com.linecorp.line.auth.fido.fido2.server.attestation.android.keyattestation.RevokedEntries; +import org.junit.jupiter.api.Test; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.boot.test.mock.mockito.SpyBean; +import retrofit2.Response; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.ArgumentMatchers.anyString; +import static org.mockito.Mockito.times; +import static org.mockito.Mockito.verify; + +@SpringBootTest +class CertRevokeCheckerCacheTest { + + private static final String REVOKE_STATUS_URL = "attestation/status"; + + @SpyBean + private RevokeCheckerClient revokeCheckerClient; + + @Test + void verify_fetch_android_key_attestation_revoke_list_caching() throws Exception { + + Response response1 = revokeCheckerClient.fetchAndroidKeyAttestationRevokeList(REVOKE_STATUS_URL); + assertThat(response1.body()).isNotNull(); + assertThat(response1.body().getEntries()).isNotEmpty(); + + Response response2 = revokeCheckerClient.fetchAndroidKeyAttestationRevokeList(REVOKE_STATUS_URL); + assertThat(response2.body()).isNotNull(); + assertThat(response2.body().getEntries()).isNotEmpty(); + + verify(revokeCheckerClient, times(1)).fetchAndroidKeyAttestationRevokeList(anyString()); + } +} diff --git a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/controller/ChallengeControllerTest.java b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/controller/ChallengeControllerTest.java similarity index 83% rename from server/src/test/java/com/linecorp/line/auth/fido/fido2/server/controller/ChallengeControllerTest.java rename to fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/controller/ChallengeControllerTest.java index 9f848b3..16b1646 100644 --- a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/controller/ChallengeControllerTest.java +++ b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/controller/ChallengeControllerTest.java @@ -1,12 +1,28 @@ -package com.linecorp.line.auth.fido.fido2.server.controller; +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + +package com.linecorp.line.auth.fido.fido2.demo.controller; import com.linecorp.line.auth.fido.fido2.common.server.AuthOptionRequest; import com.linecorp.line.auth.fido.fido2.common.server.AuthOptionResponse; import com.linecorp.line.auth.fido.fido2.common.server.RegOptionRequest; import com.linecorp.line.auth.fido.fido2.common.server.RegOptionResponse; -import com.linecorp.line.auth.fido.fido2.server.entity.UserKeyEntity; -import com.linecorp.line.auth.fido.fido2.server.repository.UserKeyRepository; -import com.linecorp.line.auth.fido.fido2.server.support.restdocs.TestSupportForSpringRestDocs; +import com.linecorp.line.auth.fido.fido2.base.entity.UserKeyEntity; +import com.linecorp.line.auth.fido.fido2.base.repository.UserKeyRepository; +import com.linecorp.line.auth.fido.fido2.demo.support.restdocs.TestSupportForSpringRestDocs; import org.junit.jupiter.api.Test; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.MediaType; @@ -88,4 +104,4 @@ void validateIncompleteAuthRequestShouldReturnMethodArgumentNotValidException() .andExpect(result -> assertTrue(result.getResolvedException() instanceof MethodArgumentNotValidException)) .andExpect(status().isBadRequest()); } -} \ No newline at end of file +} diff --git a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/controller/CredentialControllerTest.java b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/controller/CredentialControllerTest.java similarity index 85% rename from server/src/test/java/com/linecorp/line/auth/fido/fido2/server/controller/CredentialControllerTest.java rename to fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/controller/CredentialControllerTest.java index a274a39..766be4b 100644 --- a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/controller/CredentialControllerTest.java +++ b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/controller/CredentialControllerTest.java @@ -1,9 +1,25 @@ -package com.linecorp.line.auth.fido.fido2.server.controller; +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + +package com.linecorp.line.auth.fido.fido2.demo.controller; import com.fasterxml.jackson.databind.ObjectMapper; -import com.linecorp.line.auth.fido.fido2.server.entity.UserKeyEntity; -import com.linecorp.line.auth.fido.fido2.server.repository.UserKeyRepository; -import com.linecorp.line.auth.fido.fido2.server.support.restdocs.TestSupportForSpringRestDocs; +import com.linecorp.line.auth.fido.fido2.base.entity.UserKeyEntity; +import com.linecorp.line.auth.fido.fido2.base.repository.UserKeyRepository; +import com.linecorp.line.auth.fido.fido2.demo.support.restdocs.TestSupportForSpringRestDocs; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.springframework.beans.factory.annotation.Autowired; @@ -114,4 +130,4 @@ void deleteCredentialWithUserIdIdAndRpId_success() throws Exception { final List userListAfter = userKeyRepository.findAllByRpEntityIdAndUserId(userKeyEntity.getRpEntity().getId(), userKeyEntity.getUserId()); assertThat(userListAfter).isEmpty(); } -} \ No newline at end of file +} diff --git a/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/controller/HealthCheckControllerTest.java b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/controller/HealthCheckControllerTest.java new file mode 100644 index 0000000..8de3552 --- /dev/null +++ b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/controller/HealthCheckControllerTest.java @@ -0,0 +1,34 @@ +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + +package com.linecorp.line.auth.fido.fido2.demo.controller; + +import com.linecorp.line.auth.fido.fido2.demo.support.restdocs.TestSupportForSpringRestDocs; +import org.junit.jupiter.api.Test; +import org.springframework.test.web.servlet.result.MockMvcResultMatchers; + +import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.get; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; + +class HealthCheckControllerTest extends TestSupportForSpringRestDocs { + + @Test + void healthCheck_success() throws Exception { + mockMvc.perform(get("/health")) + .andExpect(MockMvcResultMatchers.content().string("OK")) + .andExpect(status().isOk()); + } +} diff --git a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/controller/ResponseControllerTest.java b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/controller/ResponseControllerTest.java similarity index 83% rename from server/src/test/java/com/linecorp/line/auth/fido/fido2/server/controller/ResponseControllerTest.java rename to fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/controller/ResponseControllerTest.java index 28f6b7f..d1c235d 100644 --- a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/controller/ResponseControllerTest.java +++ b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/controller/ResponseControllerTest.java @@ -1,14 +1,30 @@ -package com.linecorp.line.auth.fido.fido2.server.controller; +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + +package com.linecorp.line.auth.fido.fido2.demo.controller; import com.linecorp.line.auth.fido.fido2.common.server.AuthOptionResponse; import com.linecorp.line.auth.fido.fido2.common.server.RegOptionResponse; import com.linecorp.line.auth.fido.fido2.common.server.RegisterCredential; import com.linecorp.line.auth.fido.fido2.common.server.VerifyCredential; -import com.linecorp.line.auth.fido.fido2.server.entity.UserKeyEntity; +import com.linecorp.line.auth.fido.fido2.base.entity.UserKeyEntity; import com.linecorp.line.auth.fido.fido2.server.model.Session; -import com.linecorp.line.auth.fido.fido2.server.repository.UserKeyRepository; +import com.linecorp.line.auth.fido.fido2.base.repository.UserKeyRepository; import com.linecorp.line.auth.fido.fido2.server.service.SessionService; -import com.linecorp.line.auth.fido.fido2.server.support.restdocs.TestSupportForSpringRestDocs; +import com.linecorp.line.auth.fido.fido2.demo.support.restdocs.TestSupportForSpringRestDocs; import org.junit.jupiter.api.Test; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.MediaType; @@ -99,4 +115,4 @@ void validateIncompleteAuthRequestShouldReturnMethodArgumentNotValidException() .andExpect(result -> assertTrue(result.getResolvedException() instanceof MethodArgumentNotValidException)) .andExpect(status().isBadRequest()); } -} \ No newline at end of file +} diff --git a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/helper/AttestationObjectDeserializerTest.java b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/helper/AttestationObjectDeserializerTest.java similarity index 98% rename from server/src/test/java/com/linecorp/line/auth/fido/fido2/server/helper/AttestationObjectDeserializerTest.java rename to fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/helper/AttestationObjectDeserializerTest.java index 5b9a2a5..dc21730 100644 --- a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/helper/AttestationObjectDeserializerTest.java +++ b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/helper/AttestationObjectDeserializerTest.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,17 +14,19 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.helper; +package com.linecorp.line.auth.fido.fido2.demo.helper; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.dataformat.cbor.CBORFactory; import com.linecorp.line.auth.fido.fido2.common.server.COSEAlgorithm; +import com.linecorp.line.auth.fido.fido2.server.helper.SignatureHelper; import com.linecorp.line.auth.fido.fido2.server.model.AttestationObject; import com.linecorp.line.auth.fido.fido2.server.util.PublicKeyUtil; import org.bouncycastle.util.encoders.Hex; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit.jupiter.SpringExtension; import java.io.IOException; @@ -102,4 +104,4 @@ public void verify_eddsa_signature() throws Exception { assertThat(result); } -} \ No newline at end of file +} diff --git a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/helper/MdsV3MetadataHelperTest.java b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/helper/MdsV3ServiceTest.java similarity index 62% rename from server/src/test/java/com/linecorp/line/auth/fido/fido2/server/helper/MdsV3MetadataHelperTest.java rename to fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/helper/MdsV3ServiceTest.java index 0e9da27..f73b661 100644 --- a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/helper/MdsV3MetadataHelperTest.java +++ b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/helper/MdsV3ServiceTest.java @@ -1,13 +1,30 @@ -package com.linecorp.line.auth.fido.fido2.server.helper; - -import com.linecorp.line.auth.fido.fido2.server.config.MdsConfig; -import com.linecorp.line.auth.fido.fido2.server.config.MdsInfo; -import com.linecorp.line.auth.fido.fido2.server.entity.MetadataEntity; -import com.linecorp.line.auth.fido.fido2.server.exception.MdsV3MetadataException; -import com.linecorp.line.auth.fido.fido2.server.repository.MetadataRepository; -import org.apache.commons.io.IOUtils; +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + +package com.linecorp.line.auth.fido.fido2.demo.helper; + +import com.linecorp.line.auth.fido.fido2.base.entity.MetadataEntity; +import com.linecorp.line.auth.fido.fido2.base.repository.MetadataRepository; +import com.linecorp.line.auth.fido.fido2.server.mds.MdsConfig; +import com.linecorp.line.auth.fido.fido2.server.mds.MdsInfo; +import com.linecorp.line.auth.fido.fido2.server.mds.MdsService; +import com.linecorp.line.auth.fido.fido2.server.mds.MdsV3MetadataException; import org.junit.jupiter.api.Assertions; import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.context.SpringBootTest; @@ -15,7 +32,8 @@ import javax.transaction.Transactional; import java.io.File; -import java.nio.charset.StandardCharsets; +import java.nio.file.Files; +import java.nio.file.Paths; import java.security.cert.CertificateException; import java.util.Collections; import java.util.List; @@ -23,13 +41,12 @@ @Transactional @Rollback @SpringBootTest -class MdsV3MetadataHelperTest { +class MdsV3ServiceTest { public static final int EXPECTED_METADATA_SIZE = 73; @Autowired - private MdsV3MetadataHelper mdsV3MetadataHelper; + private MdsService mdsService; - @Autowired private MdsConfig mdsConfig; private String metadataToc; @@ -46,24 +63,17 @@ void setUp() throws Exception { //This is a file that was actually downloaded from https://mds3.fidoalliance.org/ on October 28, 2022. File file = new File(classLoader.getResource("file/test_encoded_mds_v3_bob_data_.jwt").getFile()); - metadataToc = IOUtils.toString(file.toURI(), StandardCharsets.UTF_8); - mdsEndPointUrl = mdsConfig.getSources().get(0).getEndpoint(); - } - - @Test - void handleTest() throws CertificateException { - - //given - Assertions.assertNotNull(metadataToc); - Assertions.assertNotNull(mdsEndPointUrl); + metadataToc = new String(Files.readAllBytes(Paths.get(file.getPath()))); - //when - mdsV3MetadataHelper.handle(metadataToc, mdsConfig.getSources().get(0)); + MdsInfo mdsInfo = new MdsInfo(); + mdsInfo.setEndpoint("https://mds3.fidoalliance.org"); + mdsInfo.setName("FIDO Metadata Service"); + mdsInfo.setEnabled(true); + mdsInfo.setRootCertificates(Collections.emptyList()); - //then - Iterable metadataEntityIterable = metadataRepository.findAll(); - List metadataEntityList = (List) metadataEntityIterable; - Assertions.assertEquals(EXPECTED_METADATA_SIZE, metadataEntityList.size()); + mdsConfig = new MdsConfig(); + mdsConfig.setSources(Collections.singletonList(mdsInfo)); + mdsEndPointUrl = mdsConfig.getSources().get(0).getEndpoint(); } @Test @@ -85,7 +95,24 @@ void handleTestWithWrongRootCertificates() { //then Assertions.assertThrows(MdsV3MetadataException.class, () -> { //when - mdsV3MetadataHelper.handle(metadataToc, wrongMdsInfo); + mdsService.handle(metadataToc, wrongMdsInfo); }); } + + @Disabled("Due to expiration issue of the test certificates") + @Test + void handleTest() throws CertificateException { + + //given + Assertions.assertNotNull(metadataToc); + Assertions.assertNotNull(mdsEndPointUrl); + + //when + mdsService.handle(metadataToc, mdsConfig.getSources().get(0)); + + //then + Iterable metadataEntityIterable = metadataRepository.findAll(); + List metadataEntityList = (List) metadataEntityIterable; + Assertions.assertEquals(EXPECTED_METADATA_SIZE, metadataEntityList.size()); + } } diff --git a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/service/AttestationServiceTest.java b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/service/AttestationServiceTest.java similarity index 98% rename from server/src/test/java/com/linecorp/line/auth/fido/fido2/server/service/AttestationServiceTest.java rename to fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/service/AttestationServiceTest.java index 3b0edd1..0e0e22e 100644 --- a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/service/AttestationServiceTest.java +++ b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/service/AttestationServiceTest.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,28 +14,27 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.service; +package com.linecorp.line.auth.fido.fido2.demo.service; import com.linecorp.line.auth.fido.fido2.common.server.ServerAuthenticatorAttestationResponse; import com.linecorp.line.auth.fido.fido2.server.attestation.AttestationVerificationResult; import com.linecorp.line.auth.fido.fido2.server.exception.FIDO2ServerRuntimeException; import com.linecorp.line.auth.fido.fido2.server.model.AttestationObject; import com.linecorp.line.auth.fido.fido2.server.model.AttestationStatementFormatIdentifier; -import org.junit.Test; +import com.linecorp.line.auth.fido.fido2.server.service.AttestationService; import org.junit.jupiter.api.Assertions; -import org.junit.runner.RunWith; +import org.junit.jupiter.api.Test; import org.mockito.Mock; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.test.context.junit4.SpringRunner; import java.util.Base64; +import static org.junit.jupiter.api.Assertions.assertThrows; import static org.mockito.Mockito.when; -@RunWith(SpringRunner.class) @SpringBootTest -public class AttestationServiceTest { +class AttestationServiceTest { @Autowired private AttestationService attestationService; @@ -46,7 +45,7 @@ public class AttestationServiceTest { private final String ClientDataJSON = "eyJvcmlnaW4iOiJodHRwOi8vbmV0b20uaXB0aW1lLm9yZyIsImNoYWxsZW5nZSI6InhrWEFMbElwYWc5MVVWODVNRGduMTU2ZE93Z0JfYThiQVlselJuYlVRUnpqeG9HalhfTmFtVDJBVHFCd01RcGNaRlpVUjhiOUFZX0t2Vkc4bFJIcC1nIiwidHlwZSI6IndlYmF1dGhuLmNyZWF0ZSJ9"; @Test - public void getAttestationObjectForPacked1() { + void getAttestationObjectForPacked1() { final String expectedAuthData = "AuthenticatorData(rpIdHash=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24], userPresent=true, userVerified=false, atIncluded=true, edIncluded=false, signCount=85, attestedCredentialData=AttestedCredentialData(aaguid=[50, 106, -36, -16, 12, -17, 70, -48, -109, -110, -104, -42, -60, -88, 74, 114], credentialId=[-15, -47, -76, 75, -97, 98, 71, -84, -81, -95, -36, -61, 12, 27, -52, 71, -40, 107, 79, -7, -20, -84, -74, -106, -71, 106, -93, -66, 44, -52, 20, -70], credentialPublicKey=ECCKey(algorithm=ES256, curve=P256, x=[92, 121, -16, 87, 68, 36, -36, -63, 115, 36, 38, 64, -62, 0, 53, -31, -37, 27, -89, 97, 60, -117, 117, 65, 37, 98, 94, 104, 38, 36, 32, 28], y=[-72, -98, 118, -103, -58, 16, -16, -103, 43, 19, 37, 43, 34, -29, -99, -108, 77, -41, 117, 76, 58, 67, 76, 99, -55, 6, 99, 20, 75, 18, 25, -36])), extensions=null, bytes=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24, 65, 0, 0, 0, 85, 50, 106, -36, -16, 12, -17, 70, -48, -109, -110, -104, -42, -60, -88, 74, 114, 0, 32, -15, -47, -76, 75, -97, 98, 71, -84, -81, -95, -36, -61, 12, 27, -52, 71, -40, 107, 79, -7, -20, -84, -74, -106, -71, 106, -93, -66, 44, -52, 20, -70, -91, 1, 2, 3, 38, 32, 1, 33, 88, 32, 92, 121, -16, 87, 68, 36, -36, -63, 115, 36, 38, 64, -62, 0, 53, -31, -37, 27, -89, 97, 60, -117, 117, 65, 37, 98, 94, 104, 38, 36, 32, 28, 34, 88, 32, -72, -98, 118, -103, -58, 16, -16, -103, 43, 19, 37, 43, 34, -29, -99, -108, 77, -41, 117, 76, 58, 67, 76, 99, -55, 6, 99, 20, 75, 18, 25, -36])"; final byte[] clientDataHsh = Base64.getUrlDecoder().decode("BcVV9rFAAlPisVSD9PIN74H_QaV2VDU0ROmy4NdFXrQ"); @@ -67,7 +66,7 @@ public void getAttestationObjectForPacked1() { } @Test - public void getAttestationObjectForPacked2() { + void getAttestationObjectForPacked2() { final String expectedAuthData = "AuthenticatorData(rpIdHash=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24], userPresent=true, userVerified=false, atIncluded=true, edIncluded=false, signCount=87, attestedCredentialData=AttestedCredentialData(aaguid=[50, 106, -36, -16, 12, -17, 70, -48, -109, -110, -104, -42, -60, -88, 74, 114], credentialId=[-6, 13, -88, -54, -119, 43, 46, 112, 116, -88, 69, -51, 98, -3, -76, -119, -9, 110, -60, 93, -110, -95, -103, -64, 19, 125, -10, 52, -61, -48, -57, -34], credentialPublicKey=ECCKey(algorithm=ES256, curve=P256, x=[50, 73, 82, -97, -85, 58, -113, -71, -110, 66, 14, 40, 1, -96, -27, -70, -79, 42, -34, -62, -70, 86, 45, 114, -4, -127, 19, -100, -127, -111, -27, -114], y=[52, 8, -10, -123, -100, -112, 58, 53, -30, -106, -10, -119, -45, -70, 39, -90, 37, 82, -30, 95, -87, -35, -97, 87, 91, -79, 88, -76, -76, 71, -68, 27])), extensions=null, bytes=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24, 65, 0, 0, 0, 87, 50, 106, -36, -16, 12, -17, 70, -48, -109, -110, -104, -42, -60, -88, 74, 114, 0, 32, -6, 13, -88, -54, -119, 43, 46, 112, 116, -88, 69, -51, 98, -3, -76, -119, -9, 110, -60, 93, -110, -95, -103, -64, 19, 125, -10, 52, -61, -48, -57, -34, -91, 1, 2, 3, 38, 32, 1, 33, 88, 32, 50, 73, 82, -97, -85, 58, -113, -71, -110, 66, 14, 40, 1, -96, -27, -70, -79, 42, -34, -62, -70, 86, 45, 114, -4, -127, 19, -100, -127, -111, -27, -114, 34, 88, 32, 52, 8, -10, -123, -100, -112, 58, 53, -30, -106, -10, -119, -45, -70, 39, -90, 37, 82, -30, 95, -87, -35, -97, 87, 91, -79, 88, -76, -76, 71, -68, 27])"; final byte[] clientDataHsh = Base64.getUrlDecoder().decode("cXsl61muzD1AphDaOveCLlg9AwLRQxQaZZlyWauDk3M"); @@ -88,7 +87,7 @@ public void getAttestationObjectForPacked2() { } @Test - public void getAttestationObjectForPacked1_NegativeClientHashIsNotMatch() { + void getAttestationObjectForPacked1_NegativeClientHashIsNotMatch() { final String expectedAuthData = "AuthenticatorData(rpIdHash=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24], userPresent=true, userVerified=false, atIncluded=true, edIncluded=false, signCount=87, attestedCredentialData=AttestedCredentialData(aaguid=[50, 106, -36, -16, 12, -17, 70, -48, -109, -110, -104, -42, -60, -88, 74, 114], credentialId=[-6, 13, -88, -54, -119, 43, 46, 112, 116, -88, 69, -51, 98, -3, -76, -119, -9, 110, -60, 93, -110, -95, -103, -64, 19, 125, -10, 52, -61, -48, -57, -34], credentialPublicKey=ECCKey(algorithm=ES256, curve=P256, x=[50, 73, 82, -97, -85, 58, -113, -71, -110, 66, 14, 40, 1, -96, -27, -70, -79, 42, -34, -62, -70, 86, 45, 114, -4, -127, 19, -100, -127, -111, -27, -114], y=[52, 8, -10, -123, -100, -112, 58, 53, -30, -106, -10, -119, -45, -70, 39, -90, 37, 82, -30, 95, -87, -35, -97, 87, 91, -79, 88, -76, -76, 71, -68, 27])), extensions=null, bytes=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24, 65, 0, 0, 0, 87, 50, 106, -36, -16, 12, -17, 70, -48, -109, -110, -104, -42, -60, -88, 74, 114, 0, 32, -6, 13, -88, -54, -119, 43, 46, 112, 116, -88, 69, -51, 98, -3, -76, -119, -9, 110, -60, 93, -110, -95, -103, -64, 19, 125, -10, 52, -61, -48, -57, -34, -91, 1, 2, 3, 38, 32, 1, 33, 88, 32, 50, 73, 82, -97, -85, 58, -113, -71, -110, 66, 14, 40, 1, -96, -27, -70, -79, 42, -34, -62, -70, 86, 45, 114, -4, -127, 19, -100, -127, -111, -27, -114, 34, 88, 32, 52, 8, -10, -123, -100, -112, 58, 53, -30, -106, -10, -119, -45, -70, 39, -90, 37, 82, -30, 95, -87, -35, -97, 87, 91, -79, 88, -76, -76, 71, -68, 27])"; final byte[] clientDataHsh = Base64.getUrlDecoder().decode("cXsl61muzD1AphDaOveCLlg9AwLRQxQaZZlyWauDk5A"); @@ -109,7 +108,7 @@ public void getAttestationObjectForPacked1_NegativeClientHashIsNotMatch() { } @Test - public void getAttestationObjectForPacked2_NegativeClientHashIsNotMatch() { + void getAttestationObjectForPacked2_NegativeClientHashIsNotMatch() { final String expectedAuthData = "AuthenticatorData(rpIdHash=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24], userPresent=true, userVerified=false, atIncluded=true, edIncluded=false, signCount=85, attestedCredentialData=AttestedCredentialData(aaguid=[50, 106, -36, -16, 12, -17, 70, -48, -109, -110, -104, -42, -60, -88, 74, 114], credentialId=[-15, -47, -76, 75, -97, 98, 71, -84, -81, -95, -36, -61, 12, 27, -52, 71, -40, 107, 79, -7, -20, -84, -74, -106, -71, 106, -93, -66, 44, -52, 20, -70], credentialPublicKey=ECCKey(algorithm=ES256, curve=P256, x=[92, 121, -16, 87, 68, 36, -36, -63, 115, 36, 38, 64, -62, 0, 53, -31, -37, 27, -89, 97, 60, -117, 117, 65, 37, 98, 94, 104, 38, 36, 32, 28], y=[-72, -98, 118, -103, -58, 16, -16, -103, 43, 19, 37, 43, 34, -29, -99, -108, 77, -41, 117, 76, 58, 67, 76, 99, -55, 6, 99, 20, 75, 18, 25, -36])), extensions=null, bytes=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24, 65, 0, 0, 0, 85, 50, 106, -36, -16, 12, -17, 70, -48, -109, -110, -104, -42, -60, -88, 74, 114, 0, 32, -15, -47, -76, 75, -97, 98, 71, -84, -81, -95, -36, -61, 12, 27, -52, 71, -40, 107, 79, -7, -20, -84, -74, -106, -71, 106, -93, -66, 44, -52, 20, -70, -91, 1, 2, 3, 38, 32, 1, 33, 88, 32, 92, 121, -16, 87, 68, 36, -36, -63, 115, 36, 38, 64, -62, 0, 53, -31, -37, 27, -89, 97, 60, -117, 117, 65, 37, 98, 94, 104, 38, 36, 32, 28, 34, 88, 32, -72, -98, 118, -103, -58, 16, -16, -103, 43, 19, 37, 43, 34, -29, -99, -108, 77, -41, 117, 76, 58, 67, 76, 99, -55, 6, 99, 20, 75, 18, 25, -36])"; final byte[] clientDataHsh = Base64.getUrlDecoder().decode("BcVV9rFAAlPisVSD9PIN74H_QaV2VDU0ROmy4NdFXeQ"); @@ -130,7 +129,7 @@ public void getAttestationObjectForPacked2_NegativeClientHashIsNotMatch() { } @Test - public void getAttestationObjectForNONE() { + void getAttestationObjectForNONE() { final String expectedAuthData = "AuthenticatorData(rpIdHash=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24], userPresent=true, userVerified=false, atIncluded=true, edIncluded=false, signCount=103, attestedCredentialData=AttestedCredentialData(aaguid=[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0], credentialId=[119, -3, 102, -27, 88, -103, -38, 4, 96, 59, 75, -15, 90, 55, -45, 47, 26, -80, 46, -60, -76, 118, 30, -112, -61, 0, -12, 57, -66, 32, 91, -4], credentialPublicKey=ECCKey(algorithm=ES256, curve=P256, x=[-15, 22, 70, 113, 127, 120, 67, 76, -46, -10, -59, 57, 108, -32, 88, 33, -128, -54, -114, -35, -15, -53, 60, -114, -16, -69, 12, -9, -110, 119, 108, -90], y=[1, 61, -36, 19, -128, -25, -14, -51, 0, 53, 118, 127, -68, -119, -65, -105, -102, 66, -39, 26, -121, -87, 96, -88, -55, -73, 35, 15, -69, 17, 96, 57])), extensions=null, bytes=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24, 65, 0, 0, 0, 103, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 32, 119, -3, 102, -27, 88, -103, -38, 4, 96, 59, 75, -15, 90, 55, -45, 47, 26, -80, 46, -60, -76, 118, 30, -112, -61, 0, -12, 57, -66, 32, 91, -4, -91, 1, 2, 3, 38, 32, 1, 33, 88, 32, -15, 22, 70, 113, 127, 120, 67, 76, -46, -10, -59, 57, 108, -32, 88, 33, -128, -54, -114, -35, -15, -53, 60, -114, -16, -69, 12, -9, -110, 119, 108, -90, 34, 88, 32, 1, 61, -36, 19, -128, -25, -14, -51, 0, 53, 118, 127, -68, -119, -65, -105, -102, 66, -39, 26, -121, -87, 96, -88, -55, -73, 35, 15, -69, 17, 96, 57])"; //given @@ -147,7 +146,7 @@ public void getAttestationObjectForNONE() { } @Test - public void getAttestationObjectForU2F() { + void getAttestationObjectForU2F() { final String expectedAuthData = "AuthenticatorData(rpIdHash=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24], userPresent=true, userVerified=false, atIncluded=true, edIncluded=false, signCount=2, attestedCredentialData=AttestedCredentialData(aaguid=[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0], credentialId=[-68, -29, 15, 76, 95, -107, -57, -37, -1, -67, 106, 64, -45, -71, 24, 41, -98, 32, 8, -118, -13, -19, -107, 61, 43, 87, 59, 89, 84, -127, -89, 33], credentialPublicKey=ECCKey(algorithm=ES256, curve=P256, x=[-52, -118, -92, -22, 43, 7, -76, -44, -33, 16, 43, -104, -93, 113, 8, -114, 87, -65, -98, 56, 72, -43, 36, -128, -67, 51, -87, -24, -119, -39, -89, 49], y=[-71, 8, -81, -7, -92, 6, 35, 127, -35, -90, -59, 60, 46, 37, -21, 93, -71, 49, -79, 108, -100, -35, -7, 125, -64, -93, 27, -29, -69, -37, -34, -22])), extensions=null, bytes=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24, 65, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 32, -68, -29, 15, 76, 95, -107, -57, -37, -1, -67, 106, 64, -45, -71, 24, 41, -98, 32, 8, -118, -13, -19, -107, 61, 43, 87, 59, 89, 84, -127, -89, 33, -91, 1, 2, 3, 38, 32, 1, 33, 88, 32, -52, -118, -92, -22, 43, 7, -76, -44, -33, 16, 43, -104, -93, 113, 8, -114, 87, -65, -98, 56, 72, -43, 36, -128, -67, 51, -87, -24, -119, -39, -89, 49, 34, 88, 32, -71, 8, -81, -7, -92, 6, 35, 127, -35, -90, -59, 60, 46, 37, -21, 93, -71, 49, -79, 108, -100, -35, -7, 125, -64, -93, 27, -29, -69, -37, -34, -22])"; final byte[] clientDataHsh = Base64.getUrlDecoder().decode("JnzhL1GZzqi07J9txHjG_jlp9YjgKYp0491-ii6oZfU"); @@ -168,7 +167,7 @@ public void getAttestationObjectForU2F() { } @Test - public void getAttestationObjectForU2F_NegativeClientHashIsNotMatch() { + void getAttestationObjectForU2F_NegativeClientHashIsNotMatch() { final String expectedAuthData = "AuthenticatorData(rpIdHash=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24], userPresent=true, userVerified=false, atIncluded=true, edIncluded=false, signCount=2, attestedCredentialData=AttestedCredentialData(aaguid=[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0], credentialId=[-68, -29, 15, 76, 95, -107, -57, -37, -1, -67, 106, 64, -45, -71, 24, 41, -98, 32, 8, -118, -13, -19, -107, 61, 43, 87, 59, 89, 84, -127, -89, 33], credentialPublicKey=ECCKey(algorithm=ES256, curve=P256, x=[-52, -118, -92, -22, 43, 7, -76, -44, -33, 16, 43, -104, -93, 113, 8, -114, 87, -65, -98, 56, 72, -43, 36, -128, -67, 51, -87, -24, -119, -39, -89, 49], y=[-71, 8, -81, -7, -92, 6, 35, 127, -35, -90, -59, 60, 46, 37, -21, 93, -71, 49, -79, 108, -100, -35, -7, 125, -64, -93, 27, -29, -69, -37, -34, -22])), extensions=null, bytes=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24, 65, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 32, -68, -29, 15, 76, 95, -107, -57, -37, -1, -67, 106, 64, -45, -71, 24, 41, -98, 32, 8, -118, -13, -19, -107, 61, 43, 87, 59, 89, 84, -127, -89, 33, -91, 1, 2, 3, 38, 32, 1, 33, 88, 32, -52, -118, -92, -22, 43, 7, -76, -44, -33, 16, 43, -104, -93, 113, 8, -114, 87, -65, -98, 56, 72, -43, 36, -128, -67, 51, -87, -24, -119, -39, -89, 49, 34, 88, 32, -71, 8, -81, -7, -92, 6, 35, 127, -35, -90, -59, 60, 46, 37, -21, 93, -71, 49, -79, 108, -100, -35, -7, 125, -64, -93, 27, -29, -69, -37, -34, -22])"; final byte[] clientDataHsh = Base64.getUrlDecoder().decode("JnzhL1GZzqi07J9txHjG_jlp9YjgKYp1214214"); @@ -189,7 +188,7 @@ public void getAttestationObjectForU2F_NegativeClientHashIsNotMatch() { } @Test - public void getAttestationObjectForTPM() { + void getAttestationObjectForTPM() { final String expectedAuthData = "AuthenticatorData(rpIdHash=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24], userPresent=true, userVerified=false, atIncluded=true, edIncluded=false, signCount=21, attestedCredentialData=AttestedCredentialData(aaguid=[-89, -42, -39, 58, -118, 13, 17, -24, -102, -108, -90, -49, 113, 7, 47, 115], credentialId=[-79, -113, 120, -29, 48, 20, 96, -61, 81, -72, 78, 20, -117, 117, -26, -4, 95, 85, 88, 45, 42, 101, 56, -28, 36, 106, 19, -95, -124, -109, 58, 94], credentialPublicKey=RSAKey(algorithm=RS256, n=[-77, -49, -117, -81, -108, 74, 103, -2, -91, -46, 123, -54, -110, -117, -43, -111, -82, 11, 118, -91, -69, -31, -117, -119, 117, 52, 66, 11, -84, 37, -54, -64, 47, 30, -68, 13, -82, 97, -99, -52, -98, -44, -1, -105, -28, -50, 50, -52, 40, -9, 33, -81, -48, -63, -86, -108, -40, -54, 87, 21, 43, 1, -14, 110, -120, 126, 31, 61, 10, 74, 78, 60, -39, 80, -121, 77, -102, -81, 10, 9, 97, -94, -86, 108, -27, -44, 103, -65, 99, -8, -23, 44, -46, 51, -44, -52, -119, -94, 92, -67, -21, -28, 0, 85, -19, 45, 94, -126, -115, 95, 116, 65, -69, 8, 16, 70, -57, 12, 122, -127, 58, 8, -1, 2, 33, -25, -34, -74, -71, 40, -8, -24, -78, -89, 52, -3, 50, 56, -90, 77, -96, -25, 58, -4, -107, 32, -115, -32, 100, 112, -75, -62, 23, -24, -54, 118, 97, -69, -43, 29, -50, -115, 63, 73, 28, -43, -100, 6, -58, -69, -36, -67, -46, -12, -74, -104, -11, -91, 127, 107, -120, -125, 24, -26, -122, 78, -99, -108, -9, 68, -1, -115, 70, 20, 117, 0, 99, -16, -91, -19, 75, 112, 22, 51, -68, 125, 7, 96, 64, -67, -124, -110, 54, -34, -109, -109, 84, 117, -38, 16, 23, 36, 24, -109, -11, -76, -107, -108, -4, -1, -9, 22, 84, -55, 75, -96, -98, 45, -85, 66, -87, 70, -66, 106, -8, 18, 33, 12, 15, 83, -67, 122, -71, 40, 84, -89], e=[1, 0, 1])), extensions=null, bytes=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24, 65, 0, 0, 0, 21, -89, -42, -39, 58, -118, 13, 17, -24, -102, -108, -90, -49, 113, 7, 47, 115, 0, 32, -79, -113, 120, -29, 48, 20, 96, -61, 81, -72, 78, 20, -117, 117, -26, -4, 95, 85, 88, 45, 42, 101, 56, -28, 36, 106, 19, -95, -124, -109, 58, 94, -92, 1, 3, 3, 57, 1, 0, 32, 89, 1, 0, -77, -49, -117, -81, -108, 74, 103, -2, -91, -46, 123, -54, -110, -117, -43, -111, -82, 11, 118, -91, -69, -31, -117, -119, 117, 52, 66, 11, -84, 37, -54, -64, 47, 30, -68, 13, -82, 97, -99, -52, -98, -44, -1, -105, -28, -50, 50, -52, 40, -9, 33, -81, -48, -63, -86, -108, -40, -54, 87, 21, 43, 1, -14, 110, -120, 126, 31, 61, 10, 74, 78, 60, -39, 80, -121, 77, -102, -81, 10, 9, 97, -94, -86, 108, -27, -44, 103, -65, 99, -8, -23, 44, -46, 51, -44, -52, -119, -94, 92, -67, -21, -28, 0, 85, -19, 45, 94, -126, -115, 95, 116, 65, -69, 8, 16, 70, -57, 12, 122, -127, 58, 8, -1, 2, 33, -25, -34, -74, -71, 40, -8, -24, -78, -89, 52, -3, 50, 56, -90, 77, -96, -25, 58, -4, -107, 32, -115, -32, 100, 112, -75, -62, 23, -24, -54, 118, 97, -69, -43, 29, -50, -115, 63, 73, 28, -43, -100, 6, -58, -69, -36, -67, -46, -12, -74, -104, -11, -91, 127, 107, -120, -125, 24, -26, -122, 78, -99, -108, -9, 68, -1, -115, 70, 20, 117, 0, 99, -16, -91, -19, 75, 112, 22, 51, -68, 125, 7, 96, 64, -67, -124, -110, 54, -34, -109, -109, 84, 117, -38, 16, 23, 36, 24, -109, -11, -76, -107, -108, -4, -1, -9, 22, 84, -55, 75, -96, -98, 45, -85, 66, -87, 70, -66, 106, -8, 18, 33, 12, 15, 83, -67, 122, -71, 40, 84, -89, 33, 67, 1, 0, 1])"; final byte[] clientDataHsh = Base64.getUrlDecoder().decode("W8NSPDBpn5dcVS7ZGHowPoUetDjlu3B_oKtns2YrDL4"); @@ -210,8 +209,8 @@ public void getAttestationObjectForTPM() { } - @Test(expected= FIDO2ServerRuntimeException.class) - public void getAttestationObjectForAndroidSafetyNetTest() { + @Test + void getAttestationObjectForAndroidSafetyNetTest() { final String expectedAuthData = "AuthenticatorData(rpIdHash=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24], userPresent=true, userVerified=false, atIncluded=true, edIncluded=false, signCount=149, attestedCredentialData=AttestedCredentialData(aaguid=[-56, 124, -35, -105, 86, -63, 73, -72, -98, 36, -53, 54, 54, 84, -13, 80], credentialId=[124, -105, 114, -22, -104, -11, -105, -117, -17, 46, -95, 86, 67, -26, 77, 78, -90, -69, 49, -44, 64, -97, 107, -51, -90, 122, 75, -66, 11, -101, -109, -80], credentialPublicKey=RSAKey(algorithm=RS256, n=[-67, 99, 60, -14, -49, 4, -105, -28, 86, -94, -82, 16, -64, 70, 22, 104, -81, 62, -36, 94, -52, -49, 4, -76, 48, -83, 84, 123, -27, 5, -103, 118, 85, -22, -63, 30, 26, 35, -83, 112, 89, 35, 37, -47, -44, 80, -72, -38, -76, -67, -57, -93, 97, 46, 59, 56, -52, -116, -79, 60, -59, 88, 62, 125, 2, -122, -69, -34, 84, -59, -7, 39, -26, -72, 16, 117, 31, 111, -62, -55, -123, 37, -104, -75, 65, 67, 56, -66, -118, -15, -78, -27, 115, 56, -79, 90, 100, 1, -58, -102, 62, -19, -41, -32, -3, -28, 10, 10, 16, 86, -78, -29, -4, -70, 17, -82, -94, 55, -79, -47, -107, 123, 26, 33, -55, 92, 62, -67, 29, -34, 97, -1, 36, -50, -69, -9, -61, -6, -71, 78, -62, 37, -100, -73, -122, 53, 12, 85, 36, 41, 46, 67, -4, -53, -127, 123, -49, 62, -28, -38, 91, 126, 6, 70, -91, 88, -75, 61, -104, -35, 92, 118, -88, -15, -87, -81, -108, 16, -6, -13, -47, -88, 96, 54, -22, -128, 89, 97, 44, -23, 33, 40, -103, -50, 124, -77, 127, 29, -26, -100, -63, -113, 47, 44, -70, 61, -57, -125, -68, -7, 41, 90, -118, -72, -119, 29, 11, 32, 83, -71, 67, 70, 92, -65, -52, -5, -70, -116, 50, 28, 92, -18, 24, 38, 34, -122, -124, 42, -27, 81, -25, 85, 46, -94, 93, -124, -87, 95, 40, 119, 0, -103, 14, 117, 64, -79], e=[1, 0, 1])), extensions=null, bytes=[-53, 123, -58, -124, 76, 87, -106, -22, -98, -121, 119, -97, -41, -59, -46, 41, 107, -51, 113, -4, -24, 96, 126, -33, -65, -67, -118, -102, -64, -128, -15, -24, 65, 0, 0, 0, -107, -56, 124, -35, -105, 86, -63, 73, -72, -98, 36, -53, 54, 54, 84, -13, 80, 0, 32, 124, -105, 114, -22, -104, -11, -105, -117, -17, 46, -95, 86, 67, -26, 77, 78, -90, -69, 49, -44, 64, -97, 107, -51, -90, 122, 75, -66, 11, -101, -109, -80, -92, 1, 3, 3, 57, 1, 0, 32, 89, 1, 0, -67, 99, 60, -14, -49, 4, -105, -28, 86, -94, -82, 16, -64, 70, 22, 104, -81, 62, -36, 94, -52, -49, 4, -76, 48, -83, 84, 123, -27, 5, -103, 118, 85, -22, -63, 30, 26, 35, -83, 112, 89, 35, 37, -47, -44, 80, -72, -38, -76, -67, -57, -93, 97, 46, 59, 56, -52, -116, -79, 60, -59, 88, 62, 125, 2, -122, -69, -34, 84, -59, -7, 39, -26, -72, 16, 117, 31, 111, -62, -55, -123, 37, -104, -75, 65, 67, 56, -66, -118, -15, -78, -27, 115, 56, -79, 90, 100, 1, -58, -102, 62, -19, -41, -32, -3, -28, 10, 10, 16, 86, -78, -29, -4, -70, 17, -82, -94, 55, -79, -47, -107, 123, 26, 33, -55, 92, 62, -67, 29, -34, 97, -1, 36, -50, -69, -9, -61, -6, -71, 78, -62, 37, -100, -73, -122, 53, 12, 85, 36, 41, 46, 67, -4, -53, -127, 123, -49, 62, -28, -38, 91, 126, 6, 70, -91, 88, -75, 61, -104, -35, 92, 118, -88, -15, -87, -81, -108, 16, -6, -13, -47, -88, 96, 54, -22, -128, 89, 97, 44, -23, 33, 40, -103, -50, 124, -77, 127, 29, -26, -100, -63, -113, 47, 44, -70, 61, -57, -125, -68, -7, 41, 90, -118, -72, -119, 29, 11, 32, 83, -71, 67, 70, 92, -65, -52, -5, -70, -116, 50, 28, 92, -18, 24, 38, 34, -122, -124, 42, -27, 81, -25, 85, 46, -94, 93, -124, -87, 95, 40, 119, 0, -103, 14, 117, 64, -79, 33, 67, 1, 0, 1])"; final byte[] clientDataHsh = Base64.getUrlDecoder().decode("kpGIEoNjy1vytLHG61KvRbv0A82piKzewPmj_3cBC5c"); @@ -220,11 +219,14 @@ public void getAttestationObjectForAndroidSafetyNetTest() { when(serverAuthenticatorAttestationResponse.getTransports()).thenReturn(null); when(serverAuthenticatorAttestationResponse.getClientDataJSON()).thenReturn(ClientDataJSON); + //when AttestationObject attestationObject = attestationService.getAttestationObject(serverAuthenticatorAttestationResponse); AttestationVerificationResult attestationVerificationResult = attestationService.verifyAttestation(clientDataHsh,attestationObject); - attestationService.verifyAttestationCertificate(attestationObject, attestationVerificationResult); + assertThrows(FIDO2ServerRuntimeException.class, () -> { + attestationService.verifyAttestationCertificate(attestationObject, attestationVerificationResult); + }); //then //throw new FIDO2ServerRuntimeException(InternalErrorCode.ANDROID_SAFETYNET_ATTESTATION_TIMESTAMP_INVALID); } diff --git a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/support/restdocs/SpringRestDocsConfiguration.java b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/support/restdocs/SpringRestDocsConfiguration.java similarity index 51% rename from server/src/test/java/com/linecorp/line/auth/fido/fido2/server/support/restdocs/SpringRestDocsConfiguration.java rename to fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/support/restdocs/SpringRestDocsConfiguration.java index fd25d01..b1cf022 100644 --- a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/support/restdocs/SpringRestDocsConfiguration.java +++ b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/support/restdocs/SpringRestDocsConfiguration.java @@ -1,4 +1,20 @@ -package com.linecorp.line.auth.fido.fido2.server.support.restdocs; +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + +package com.linecorp.line.auth.fido.fido2.demo.support.restdocs; import org.springframework.boot.test.context.TestConfiguration; import org.springframework.context.annotation.Bean; diff --git a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/support/restdocs/TestSupportForSpringRestDocs.java b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/support/restdocs/TestSupportForSpringRestDocs.java similarity index 83% rename from server/src/test/java/com/linecorp/line/auth/fido/fido2/server/support/restdocs/TestSupportForSpringRestDocs.java rename to fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/support/restdocs/TestSupportForSpringRestDocs.java index 4441e47..d7d75f9 100644 --- a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/support/restdocs/TestSupportForSpringRestDocs.java +++ b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/support/restdocs/TestSupportForSpringRestDocs.java @@ -1,4 +1,20 @@ -package com.linecorp.line.auth.fido.fido2.server.support.restdocs; +/* + * Copyright 2024 LY Corporation + * + * LY Corporation licenses this file to you under the Apache License, + * version 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at: + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ + +package com.linecorp.line.auth.fido.fido2.demo.support.restdocs; import com.fasterxml.jackson.databind.ObjectMapper; import io.micrometer.core.instrument.util.IOUtils; diff --git a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/util/SignatureUtilTest.java b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/util/SignatureUtilTest.java similarity index 83% rename from server/src/test/java/com/linecorp/line/auth/fido/fido2/server/util/SignatureUtilTest.java rename to fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/util/SignatureUtilTest.java index 0fd6aaf..89e1799 100644 --- a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/util/SignatureUtilTest.java +++ b/fido2-demo/demo/src/test/java/com/linecorp/line/auth/fido/fido2/demo/util/SignatureUtilTest.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,21 +14,20 @@ * under the License. */ -package com.linecorp.line.auth.fido.fido2.server.util; +package com.linecorp.line.auth.fido.fido2.demo.util; +import com.linecorp.line.auth.fido.fido2.server.util.PublicKeyUtil; +import com.linecorp.line.auth.fido.fido2.server.util.SignatureUtil; import org.bouncycastle.util.encoders.Hex; import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.extension.ExtendWith; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.test.context.junit.jupiter.SpringExtension; import java.security.PublicKey; import static org.junit.jupiter.api.Assertions.assertTrue; -@ExtendWith(SpringExtension.class) @SpringBootTest public class SignatureUtilTest { @@ -48,4 +47,4 @@ public void verifyPureEdDSA() throws Exception { assertTrue(result); } -} \ No newline at end of file +} diff --git a/server/src/test/resources/file/test_encoded_mds_v3_bob_data_.jwt b/fido2-demo/demo/src/test/resources/file/test_encoded_mds_v3_bob_data_.jwt similarity index 100% rename from server/src/test/resources/file/test_encoded_mds_v3_bob_data_.jwt rename to fido2-demo/demo/src/test/resources/file/test_encoded_mds_v3_bob_data_.jwt diff --git a/server/src/test/resources/json/auth/auth-challenge-req.json b/fido2-demo/demo/src/test/resources/json/auth/auth-challenge-req.json similarity index 100% rename from server/src/test/resources/json/auth/auth-challenge-req.json rename to fido2-demo/demo/src/test/resources/json/auth/auth-challenge-req.json diff --git a/server/src/test/resources/json/auth/auth-challenge-res.json b/fido2-demo/demo/src/test/resources/json/auth/auth-challenge-res.json similarity index 100% rename from server/src/test/resources/json/auth/auth-challenge-res.json rename to fido2-demo/demo/src/test/resources/json/auth/auth-challenge-res.json diff --git a/server/src/test/resources/json/auth/auth-response-req.json b/fido2-demo/demo/src/test/resources/json/auth/auth-response-req.json similarity index 100% rename from server/src/test/resources/json/auth/auth-response-req.json rename to fido2-demo/demo/src/test/resources/json/auth/auth-response-req.json diff --git a/server/src/test/resources/json/auth/auth-response-res.json b/fido2-demo/demo/src/test/resources/json/auth/auth-response-res.json similarity index 100% rename from server/src/test/resources/json/auth/auth-response-res.json rename to fido2-demo/demo/src/test/resources/json/auth/auth-response-res.json diff --git a/server/src/test/resources/json/database/user-key-entity.json b/fido2-demo/demo/src/test/resources/json/database/user-key-entity.json similarity index 100% rename from server/src/test/resources/json/database/user-key-entity.json rename to fido2-demo/demo/src/test/resources/json/database/user-key-entity.json diff --git a/server/src/test/resources/json/reg/reg-challenge-req.json b/fido2-demo/demo/src/test/resources/json/reg/reg-challenge-req.json similarity index 100% rename from server/src/test/resources/json/reg/reg-challenge-req.json rename to fido2-demo/demo/src/test/resources/json/reg/reg-challenge-req.json diff --git a/server/src/test/resources/json/reg/reg-challenge-res.json b/fido2-demo/demo/src/test/resources/json/reg/reg-challenge-res.json similarity index 100% rename from server/src/test/resources/json/reg/reg-challenge-res.json rename to fido2-demo/demo/src/test/resources/json/reg/reg-challenge-res.json diff --git a/server/src/test/resources/json/reg/reg-response-req.json b/fido2-demo/demo/src/test/resources/json/reg/reg-response-req.json similarity index 100% rename from server/src/test/resources/json/reg/reg-response-req.json rename to fido2-demo/demo/src/test/resources/json/reg/reg-response-req.json diff --git a/server/src/test/resources/json/reg/reg-response-res.json b/fido2-demo/demo/src/test/resources/json/reg/reg-response-res.json similarity index 100% rename from server/src/test/resources/json/reg/reg-response-res.json rename to fido2-demo/demo/src/test/resources/json/reg/reg-response-res.json diff --git a/server/src/test/resources/org/springframework/restdocs/templates/request-fields.snippet b/fido2-demo/demo/src/test/resources/org/springframework/restdocs/templates/request-fields.snippet similarity index 100% rename from server/src/test/resources/org/springframework/restdocs/templates/request-fields.snippet rename to fido2-demo/demo/src/test/resources/org/springframework/restdocs/templates/request-fields.snippet diff --git a/server/src/test/resources/org/springframework/restdocs/templates/request-parameters.snippet b/fido2-demo/demo/src/test/resources/org/springframework/restdocs/templates/request-parameters.snippet similarity index 100% rename from server/src/test/resources/org/springframework/restdocs/templates/request-parameters.snippet rename to fido2-demo/demo/src/test/resources/org/springframework/restdocs/templates/request-parameters.snippet diff --git a/server/src/test/resources/org/springframework/restdocs/templates/response-fields.snippet b/fido2-demo/demo/src/test/resources/org/springframework/restdocs/templates/response-fields.snippet similarity index 100% rename from server/src/test/resources/org/springframework/restdocs/templates/response-fields.snippet rename to fido2-demo/demo/src/test/resources/org/springframework/restdocs/templates/response-fields.snippet diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index dbc0e23..8cf18f1 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,10 +1,10 @@ -# Copyright 2022 LINE Corporation +# Copyright 2024 LY Corporation # -# LINE Corporation licenses this file to you under the Apache License, +# LY Corporation licenses this file to you under the Apache License, # version 2.0 (the "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at: # -# https://www.apache.org/licenses/LICENSE-2.0 +# https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT diff --git a/images/chrome_android_fingerprint_auth.GIF b/images/chrome_android_fingerprint_auth.GIF deleted file mode 100644 index fa05637..0000000 Binary files a/images/chrome_android_fingerprint_auth.GIF and /dev/null differ diff --git a/images/chrome_android_fingerprint_reg.GIF b/images/chrome_android_fingerprint_reg.GIF deleted file mode 100644 index 5d0628d..0000000 Binary files a/images/chrome_android_fingerprint_reg.GIF and /dev/null differ diff --git a/images/chrome_mac_secretkey.gif b/images/chrome_mac_secretkey.gif deleted file mode 100644 index 93b9445..0000000 Binary files a/images/chrome_mac_secretkey.gif and /dev/null differ diff --git a/images/chrome_mac_touchid.gif b/images/chrome_mac_touchid.gif index 352e2c1..793a34f 100644 Binary files a/images/chrome_mac_touchid.gif and b/images/chrome_mac_touchid.gif differ diff --git a/rpserver/Dockerfile b/rpserver/Dockerfile index 101da12..c02abdc 100644 --- a/rpserver/Dockerfile +++ b/rpserver/Dockerfile @@ -1,4 +1,12 @@ -FROM openjdk:8-jdk-alpine +FROM gradle:6.8.3-jdk11 AS builder +ENV OPEN_SOURCE_BUILD=true + +USER root +WORKDIR /workspace/app +COPY . . +RUN ./rpserver/gradlew dockerBuild + +FROM openjdk:11-jre-slim-buster EXPOSE 8080 -COPY --from=build-image:latest /workspace/app/rpserver/build/libs/rpserver-*.jar rpserver.jar +COPY --from=builder /workspace/app/rpserver/build/libs/rpserver*.jar rpserver.jar ENTRYPOINT ["java","-jar","-Dspring.profiles.active=docker","/rpserver.jar"] diff --git a/rpserver/build.gradle b/rpserver/build.gradle index 6c1c774..5f7071a 100644 --- a/rpserver/build.gradle +++ b/rpserver/build.gradle @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,54 +14,43 @@ * under the License. */ -buildscript { - ext { - springBootVersion = '2.4.3' - } - repositories { - mavenCentral() - } - dependencies { - classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}") - } +plugins { + id 'application' + id 'org.springframework.boot' + id 'io.spring.dependency-management' } -apply plugin: 'java' -apply plugin: 'java-library' -apply plugin: 'eclipse' -apply plugin: 'org.springframework.boot' -apply plugin: 'io.spring.dependency-management' +uploadArchives.enabled = false +jar.enabled = true -group = 'com.linecorp.line.auth.fido.fido2' -version = '0.0.1-SNAPSHOT' -sourceCompatibility = 1.8 - -repositories { - mavenCentral() -} test { useJUnitPlatform() } +task dockerBuild() { + doFirst { + jar.enabled = System.getenv("OPEN_SOURCE_BUILD") != "true" + } + dependsOn(bootJar) +} dependencies { + implementation project(':common') +// implementation("com.linecorp.line.auth.fido.fido2.inhouse:common:0.0.6-SNAPSHOT") + implementation('org.springframework.boot:spring-boot-starter-web') //thymeleaf implementation('org.springframework.boot:spring-boot-starter-thymeleaf') - //logging - implementation('org.zalando:logbook-spring-boot-starter:1.8.1') - - //swagger - implementation('io.springfox:springfox-swagger2:2.9.2') - implementation('io.springfox:springfox-swagger-ui:2.9.2') + //springdoc + implementation 'org.springdoc:springdoc-openapi-ui:1.6.15' implementation('javax.activation:activation:1.1.1') implementation('org.springframework.boot:spring-boot-devtools') compileOnly('org.projectlombok:lombok') - annotationProcessor 'org.projectlombok:lombok:1.18.2' + annotationProcessor 'org.projectlombok:lombok' implementation project(':common') compileOnly('org.springframework.boot:spring-boot-configuration-processor') diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/RpserverApplication.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/RpserverApplication.java index d3a486e..eeff885 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/RpserverApplication.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/RpserverApplication.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/advice/RestExceptionHandler.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/advice/RestExceptionHandler.java index 05947cd..e64bee6 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/advice/RestExceptionHandler.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/advice/RestExceptionHandler.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/config/FidoServerConfig.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/config/FidoServerConfig.java index bce7237..457ced4 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/config/FidoServerConfig.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/config/FidoServerConfig.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/config/JacksonConfig.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/config/JacksonConfig.java index 696f6e2..bb353b3 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/config/JacksonConfig.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/config/JacksonConfig.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/config/RestTemplateConfig.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/config/RestTemplateConfig.java index ad73b2c..7c3408f 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/config/RestTemplateConfig.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/config/RestTemplateConfig.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/config/SwaggerConfig.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/config/SwaggerConfig.java deleted file mode 100644 index b96d04d..0000000 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/config/SwaggerConfig.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright 2021 LINE Corporation - * - * LINE Corporation licenses this file to you under the Apache License, - * version 2.0 (the "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at: - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ - -package com.linecorp.line.auth.fido.fido2.rpserver.config; - -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; - -import com.google.common.base.Predicates; - -import org.springframework.context.annotation.Profile; -import springfox.documentation.builders.ApiInfoBuilder; -import springfox.documentation.builders.PathSelectors; -import springfox.documentation.builders.RequestHandlerSelectors; -import springfox.documentation.service.ApiInfo; -import springfox.documentation.service.Contact; -import springfox.documentation.spi.DocumentationType; -import springfox.documentation.spring.web.plugins.Docket; -import springfox.documentation.swagger2.annotations.EnableSwagger2; - -@Configuration -@EnableSwagger2 -@Profile("!prod") -public class SwaggerConfig { - @Bean - public Docket api() { - return new Docket(DocumentationType.SWAGGER_2) - .select() - .apis(RequestHandlerSelectors - .basePackage("com.linecorp.line.auth.fido.fido2.rpserver.controller")) - .paths(Predicates.not(PathSelectors.regex("/"))) - .build() - .apiInfo(metaData()); - } - - private ApiInfo metaData() { - return new ApiInfoBuilder() - .title("FIDO2 RP SERVER REST API") - .description("If you want to know the details of the WebAuthn standard, you can also refer to the official documentation. \n\n https://www.w3.org/TR/webauthn-2/" ) - .version("1.0.0") - .contact(new Contact("Kyung-Joon Park", null, "kyungjoon.park@linecorp.com")) - .build(); - } -} diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/AdapterController.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/AdapterController.java index 8411dfb..3bd91be 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/AdapterController.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/AdapterController.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/AndroidAssetController.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/AndroidAssetController.java index 4c8c9e0..0c3492b 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/AndroidAssetController.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/AndroidAssetController.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/CredentialController.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/CredentialController.java index bd67cf2..3bb23a1 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/CredentialController.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/CredentialController.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/HealthCheckController.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/HealthCheckController.java index 1c9bc00..49b7897 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/HealthCheckController.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/HealthCheckController.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/ViewController.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/ViewController.java index 7873f9a..b5edf0a 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/ViewController.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/controller/ViewController.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/AdapterAuthServerPublicKeyCredential.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/AdapterAuthServerPublicKeyCredential.java index 51436c8..7d79d9e 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/AdapterAuthServerPublicKeyCredential.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/AdapterAuthServerPublicKeyCredential.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/AdapterRegServerPublicKeyCredential.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/AdapterRegServerPublicKeyCredential.java index 1232f02..c73a2a6 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/AdapterRegServerPublicKeyCredential.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/AdapterRegServerPublicKeyCredential.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/Status.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/Status.java index 7e9d946..b1c3047 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/Status.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/Status.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/AdapterServerResponse.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/AdapterServerResponse.java index 51df3e5..cb8deb8 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/AdapterServerResponse.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/AdapterServerResponse.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerPublicKeyCredentialCreationOptionsRequest.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerPublicKeyCredentialCreationOptionsRequest.java index 9f30a16..59f46e9 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerPublicKeyCredentialCreationOptionsRequest.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerPublicKeyCredentialCreationOptionsRequest.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerPublicKeyCredentialCreationOptionsResponse.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerPublicKeyCredentialCreationOptionsResponse.java index 9359003..9e3382f 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerPublicKeyCredentialCreationOptionsResponse.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerPublicKeyCredentialCreationOptionsResponse.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerPublicKeyCredentialGetOptionsRequest.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerPublicKeyCredentialGetOptionsRequest.java index b130ea5..a144a9b 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerPublicKeyCredentialGetOptionsRequest.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerPublicKeyCredentialGetOptionsRequest.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerPublicKeyCredentialGetOptionsResponse.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerPublicKeyCredentialGetOptionsResponse.java index 46b8373..2f9825a 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerPublicKeyCredentialGetOptionsResponse.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerPublicKeyCredentialGetOptionsResponse.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerRegisterResponse.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerRegisterResponse.java index 41013a4..e0d63d7 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerRegisterResponse.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerRegisterResponse.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerSignResponse.java b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerSignResponse.java index 2008309..2dc0d8b 100644 --- a/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerSignResponse.java +++ b/rpserver/src/main/java/com/linecorp/line/auth/fido/fido2/rpserver/model/transport/ServerSignResponse.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/main/resources/application-docker.yml b/rpserver/src/main/resources/application-docker.yml index 1f6e2b1..6296f38 100644 --- a/rpserver/src/main/resources/application-docker.yml +++ b/rpserver/src/main/resources/application-docker.yml @@ -1,6 +1,6 @@ spring: profiles: - active: docker + active: local resources: chain: cache: false @@ -9,6 +9,7 @@ fido2: id: localhost origin: localhost port: 8080 + conformance: url: http://localhost:8080 logging: @@ -18,4 +19,3 @@ logging: com.linecorp.line: DEBUG fido2-server: host: fido2 - diff --git a/rpserver/src/main/resources/application.yml b/rpserver/src/main/resources/application.yml index 63bf27a..416e3b3 100644 --- a/rpserver/src/main/resources/application.yml +++ b/rpserver/src/main/resources/application.yml @@ -3,20 +3,13 @@ spring: active: local config: use-legacy-processing: true + # Swagger + mvc: + pathmatch: + matching-strategy: ant_path_matcher + server: port: 8080 -logbook: - write: - level: INFO - obfuscate: - headers: - - host - - origin - - referer - - user-agent - - accept-encoding - exclude: - - /health fido2-server: scheme: http host: localhost @@ -28,4 +21,8 @@ fido2-server: send-auth-response: /fido2/auth/response get-delete-credentials: /fido2/credentials - +springdoc: + api-docs: + path: /api-docs + swagger-ui: + path: /swagger-ui.html diff --git a/rpserver/src/main/resources/static/css/index.css b/rpserver/src/main/resources/static/css/index.css index 5dc9134..e8d9ef3 100644 --- a/rpserver/src/main/resources/static/css/index.css +++ b/rpserver/src/main/resources/static/css/index.css @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -30,4 +30,4 @@ .errorText { color: red; -} \ No newline at end of file +} diff --git a/rpserver/src/main/resources/static/js/index.js b/rpserver/src/main/resources/static/js/index.js index de76a1e..40d2329 100644 --- a/rpserver/src/main/resources/static/js/index.js +++ b/rpserver/src/main/resources/static/js/index.js @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -588,4 +588,4 @@ function rest_put(endpoint, object) { .then(response => { return response.json(); }); -} \ No newline at end of file +} diff --git a/rpserver/src/main/resources/templates/index.html b/rpserver/src/main/resources/templates/index.html index 11a00e9..d14caf0 100644 --- a/rpserver/src/main/resources/templates/index.html +++ b/rpserver/src/main/resources/templates/index.html @@ -1,18 +1,17 @@ - + + + + + + + + + + + + + + @@ -271,4 +270,4 @@

Register credential Options

- \ No newline at end of file + diff --git a/rpserver/src/test/java/com/linecorp/line/auth/fido/fido2/rpserver/RpserverApplicationTests.java b/rpserver/src/test/java/com/linecorp/line/auth/fido/fido2/rpserver/RpserverApplicationTests.java index 1e12aa4..3230776 100644 --- a/rpserver/src/test/java/com/linecorp/line/auth/fido/fido2/rpserver/RpserverApplicationTests.java +++ b/rpserver/src/test/java/com/linecorp/line/auth/fido/fido2/rpserver/RpserverApplicationTests.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * diff --git a/rpserver/src/test/java/com/linecorp/line/auth/fido/fido2/rpserver/advice/RestExceptionHandlerTest.java b/rpserver/src/test/java/com/linecorp/line/auth/fido/fido2/rpserver/advice/RestExceptionHandlerTest.java index 7ce3e13..b7e79fa 100644 --- a/rpserver/src/test/java/com/linecorp/line/auth/fido/fido2/rpserver/advice/RestExceptionHandlerTest.java +++ b/rpserver/src/test/java/com/linecorp/line/auth/fido/fido2/rpserver/advice/RestExceptionHandlerTest.java @@ -1,7 +1,7 @@ /* - * Copyright 2021 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -85,4 +85,4 @@ public void throwFido2ServerException() { throw new HttpClientErrorException(HttpStatus.BAD_REQUEST,null,FIDO2_SERVER_RESPONSE_EXCEPTION_MSG.getBytes(), Charset.defaultCharset()); } } -} \ No newline at end of file +} diff --git a/server/Dockerfile b/server/Dockerfile deleted file mode 100644 index d1bfbee..0000000 --- a/server/Dockerfile +++ /dev/null @@ -1,4 +0,0 @@ -FROM openjdk:8-jdk-slim -EXPOSE 8081 -COPY --from=build-image:latest /workspace/app/server/build/libs/server-*.jar server.jar -ENTRYPOINT ["java","-jar","/server.jar"] \ No newline at end of file diff --git a/server/build.gradle b/server/build.gradle deleted file mode 100644 index 85b0afd..0000000 --- a/server/build.gradle +++ /dev/null @@ -1,149 +0,0 @@ -/* - * Copyright 2022 LINE Corporation - * - * LINE Corporation licenses this file to you under the Apache License, - * version 2.0 (the "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at: - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ -buildscript { - ext { - springBootVersion = '2.4.3' - } - repositories { - mavenCentral() - maven { - url "https://plugins.gradle.org/m2/" - } - } - dependencies { - classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}") - classpath "org.asciidoctor:asciidoctor-gradle-jvm:3.3.2" - } -} - -apply plugin: 'java' -apply plugin: 'java-library' -apply plugin: 'eclipse' -apply plugin: 'org.springframework.boot' -apply plugin: 'io.spring.dependency-management' -apply plugin: 'maven' -apply plugin: 'org.asciidoctor.jvm.convert' - -group = 'com.linecorp.line.auth.fido.fido2' -version = '0.1.1-SNAPSHOT' -sourceCompatibility = 1.8 - -jar.enabled = true -bootJar.enabled = true - -repositories { - mavenCentral() -} - -ext { - snippetsDir = file('build/generated-snippets') -} - -test { - useJUnitPlatform() - outputs.dir snippetsDir -} -configurations { - asciidoctorExtensions -} - -asciidoctor.doFirst { - delete file('src/main/resources/static/docs') -} - -asciidoctor { - configurations "asciidoctorExtensions" - inputs.dir snippetsDir - dependsOn test -} - -task makeRestDocs(type: Copy) { - dependsOn asciidoctor - - from file("${asciidoctor.outputDir}") - into file('src/main/resources/static/docs') -} - -task dockerBuild() { - jar.enabled = false - dependsOn(bootJar) -} - -dependencies { - implementation('org.springframework.boot:spring-boot-starter-data-jpa') - implementation('org.springframework.boot:spring-boot-starter-data-redis') - implementation('org.springframework.boot:spring-boot-starter-web') - implementation('com.fasterxml.jackson.dataformat:jackson-dataformat-cbor') - runtime('org.springframework.boot:spring-boot-devtools') - implementation('org.springframework.boot:spring-boot-starter-logging') - implementation('org.springframework.boot:spring-boot-starter-validation') - - implementation 'junit:junit:4.12' - - //redis client - implementation('redis.clients:jedis:3.5.0') - - //logging - implementation('org.zalando:logbook-spring-boot-starter:1.8.1') - - //swagger - implementation('io.springfox:springfox-swagger2:2.9.2') - implementation('io.springfox:springfox-swagger-ui:2.9.2') - - //jwt - implementation('com.auth0:java-jwt:3.4.0') - - //local redis - implementation('com.github.kstyrc:embedded-redis:0.6') - - //bouncy castle - implementation('org.bouncycastle:bcprov-jdk15on:1.60') - - //eddsa library - implementation('net.i2p.crypto:eddsa:0.3.0') - - //retrofit - implementation('com.squareup.retrofit2:retrofit:2.4.0') - implementation('com.squareup.retrofit2:converter-jackson:2.4.0') - - compileOnly 'org.projectlombok:lombok:1.18.2' - annotationProcessor 'org.projectlombok:lombok:1.18.18' - - implementation project(':common') -// implementation('com.linecorp.line.auth.fido.fido2:common:1.1.1-SNAPSHOT') - - implementation ('org.springframework.boot:spring-boot-starter-jdbc') - - runtime ('mysql:mysql-connector-java') - - //local db - runtime('com.h2database:h2') - - // cache - implementation 'org.springframework.boot:spring-boot-starter-cache:2.4.0' - implementation 'org.ehcache:ehcache:3.8.1' - implementation 'javax.cache:cache-api:1.1.1' - - compileOnly('org.springframework.boot:spring-boot-configuration-processor') - - testCompile('org.springframework.boot:spring-boot-starter-test') - testCompile group: 'org.mockito', name: 'mockito-junit-jupiter', version: '3.1.0' - - //Spring Rest Doc - implementation("org.springframework.boot:spring-boot-starter-actuator") - testImplementation("org.springframework.restdocs:spring-restdocs-mockmvc") - asciidoctorExtensions 'org.springframework.restdocs:spring-restdocs-asciidoctor' -} diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/ServerApplication.java b/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/ServerApplication.java deleted file mode 100644 index 672116c..0000000 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/ServerApplication.java +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright 2021 LINE Corporation - * - * LINE Corporation licenses this file to you under the Apache License, - * version 2.0 (the "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at: - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ - -package com.linecorp.line.auth.fido.fido2.server; - -import org.springframework.boot.SpringApplication; -import org.springframework.boot.autoconfigure.SpringBootApplication; -import org.springframework.boot.autoconfigure.domain.EntityScan; -import org.springframework.scheduling.annotation.EnableScheduling; -import org.springframework.cache.annotation.EnableCaching; - -@EnableCaching -@SpringBootApplication -@EnableScheduling -@EntityScan -public class ServerApplication { - public static void main(String[] args) { - SpringApplication.run(ServerApplication.class, args); - } -} diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/EdDsaProviderConfig.java b/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/EdDsaProviderConfig.java deleted file mode 100644 index aea6f67..0000000 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/EdDsaProviderConfig.java +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright 2021 LINE Corporation - * - * LINE Corporation licenses this file to you under the Apache License, - * version 2.0 (the "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at: - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ - -package com.linecorp.line.auth.fido.fido2.server.config; - -import java.security.Security; - -import javax.annotation.PostConstruct; - -import org.springframework.context.annotation.Configuration; - -import net.i2p.crypto.eddsa.EdDSASecurityProvider; - -@Configuration -public class EdDsaProviderConfig { - @PostConstruct - private void setSecurityProvider() { - Security.addProvider(new EdDSASecurityProvider()); - } -} diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/SwaggerConfig.java b/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/SwaggerConfig.java deleted file mode 100644 index 929f5a9..0000000 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/config/SwaggerConfig.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright 2021 LINE Corporation - * - * LINE Corporation licenses this file to you under the Apache License, - * version 2.0 (the "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at: - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ - -package com.linecorp.line.auth.fido.fido2.server.config; - -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; - -import com.google.common.base.Predicates; - -import org.springframework.context.annotation.Profile; -import springfox.documentation.builders.ApiInfoBuilder; -import springfox.documentation.builders.PathSelectors; -import springfox.documentation.builders.RequestHandlerSelectors; -import springfox.documentation.service.ApiInfo; -import springfox.documentation.service.Contact; -import springfox.documentation.spi.DocumentationType; -import springfox.documentation.spring.web.plugins.Docket; -import springfox.documentation.swagger2.annotations.EnableSwagger2; - -@Configuration -@EnableSwagger2 -@Profile("!prod") -public class SwaggerConfig { - @Bean - public Docket api() { - return new Docket(DocumentationType.SWAGGER_2) - .select() - .apis(RequestHandlerSelectors.basePackage("com.linecorp.line.auth.fido.fido2.server.controller")) - .paths(Predicates.not(PathSelectors.regex("/"))) - .build() - .apiInfo(metaData()); - } - - private ApiInfo metaData() { - return new ApiInfoBuilder() - .title("FIDO2 SERVER REST API") - .description("If you want to know the details of the WebAuthn standard, you can also refer to the official documentation. \n\n https://www.w3.org/TR/webauthn-2/" ) - .version("1.0.0") - .contact(new Contact("Kyung-Joon Park", null, "kyungjoon.park@linecorp.com")) - .build(); - } -} diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/controller/CredentialController.java b/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/controller/CredentialController.java deleted file mode 100644 index 21acb40..0000000 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/controller/CredentialController.java +++ /dev/null @@ -1,141 +0,0 @@ -/* - * Copyright 2021 LINE Corporation - * - * LINE Corporation licenses this file to you under the Apache License, - * version 2.0 (the "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at: - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ - -package com.linecorp.line.auth.fido.fido2.server.controller; - -import java.util.ArrayList; -import java.util.Base64; -import java.util.List; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.web.bind.annotation.DeleteMapping; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; - -import com.linecorp.line.auth.fido.fido2.common.server.BaseResponse; -import com.linecorp.line.auth.fido.fido2.common.server.GetCredentialResult; -import com.linecorp.line.auth.fido.fido2.common.server.GetCredentialsResult; -import com.linecorp.line.auth.fido.fido2.common.server.ServerResponse; -import com.linecorp.line.auth.fido.fido2.common.server.ServerUserKey; -import com.linecorp.line.auth.fido.fido2.server.error.InternalErrorCode; -import com.linecorp.line.auth.fido.fido2.server.model.UserKey; -import com.linecorp.line.auth.fido.fido2.server.service.UserKeyService; - -import lombok.extern.slf4j.Slf4j; - -@Slf4j -@RestController -public class CredentialController { - private final UserKeyService userKeyService; - - @Autowired - public CredentialController(UserKeyService userKeyService) { - this.userKeyService = userKeyService; - } - - @GetMapping(path = "fido2/credentials/{id}") - public GetCredentialResult getCredentialWithCredentialIdAndRpId( - @PathVariable("id") String credentialId, - @RequestParam("rpId") String rpId) { - - return GetCredentialResult - .builder() - .serverResponse(ServerResponse.builder() - .internalErrorCode(InternalErrorCode.SUCCESS.getCode()) - .internalError(InternalErrorCode.SUCCESS.name()) - .build()) - .credential(convert(userKeyService.getWithCredentialId(rpId, credentialId))) - .build(); - } - - @GetMapping(path = "fido2/credentials") - public GetCredentialsResult getCredentialsWithUserIdAndRpId( - @RequestParam("rpId") String rpId, - @RequestParam("userId") String userId) { - - return GetCredentialsResult - .builder() - .serverResponse(ServerResponse.builder() - .internalErrorCode(InternalErrorCode.SUCCESS.getCode()) - .internalError(InternalErrorCode.SUCCESS.name()) - .build()) - .credentials(convert(userKeyService.getWithUserId(rpId, userId))) - .build(); - } - - @DeleteMapping(path = "fido2/credentials/{id}") - public BaseResponse deleteCredentialWithCredentialIdAndRpId( - @PathVariable("id") String credentialId, - @RequestParam("rpId") String rpId) { - userKeyService.deleteWithCredentialId(rpId, credentialId); - - return BaseResponse - .builder() - .serverResponse(ServerResponse.builder() - .internalErrorCode(InternalErrorCode.SUCCESS.getCode()) - .internalError(InternalErrorCode.SUCCESS.name()) - .build()) - .build(); - } - - @DeleteMapping(path = "fido2/credentials") - public BaseResponse deleteCredentialWithUserIdIdAndRpId( - @RequestParam("rpId") String rpId, - @RequestParam("userId") String userId) { - userKeyService.deleteWithUserId(rpId, userId); - - return BaseResponse - .builder() - .serverResponse(ServerResponse.builder() - .internalErrorCode(InternalErrorCode.SUCCESS.getCode()) - .internalError(InternalErrorCode.SUCCESS.name()) - .build()) - .build(); - } - - private ServerUserKey convert(UserKey userKey) { - return ServerUserKey - .builder() - .aaguid(userKey.getAaguid()) - .algorithm(userKey.getAlgorithm()) - .attestationType(userKey.getAttestationType()) - .credentialId(userKey.getCredentialId()) - .displayName(userKey.getDisplayName()) - .icon(userKey.getIcon()) - .id(userKey.getId()) - .name(userKey.getName()) - .publicKey(Base64.getUrlEncoder().withoutPadding().encodeToString(userKey.getPublicKey().getEncoded())) - .rpId(userKey.getRpId()) - .signCounter(userKey.getSignCounter()) - .registeredAt(userKey.getRegisteredAt()) - .authenticatedAt(userKey.getAuthenticatedAt()) - .transports(userKey.getTransports()) - .rk(userKey.getRk()) - .credProtect(userKey.getCredProtect()) - .build(); - } - - private List convert(List userKeyList) { - List serverUserKeys = new ArrayList<>(); - for (UserKey userKey : userKeyList) { - serverUserKeys.add(convert(userKey)); - } - - return serverUserKeys; - } -} diff --git a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/controller/ResponseController.java b/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/controller/ResponseController.java deleted file mode 100644 index 7ee0c66..0000000 --- a/server/src/main/java/com/linecorp/line/auth/fido/fido2/server/controller/ResponseController.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright 2021 LINE Corporation - * - * LINE Corporation licenses this file to you under the Apache License, - * version 2.0 (the "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at: - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ - -package com.linecorp.line.auth.fido.fido2.server.controller; - -import javax.validation.Valid; - -import com.linecorp.line.auth.fido.fido2.common.server.RegisterCredential; -import com.linecorp.line.auth.fido.fido2.common.server.RegisterCredentialResult; -import com.linecorp.line.auth.fido.fido2.common.server.VerifyCredential; -import com.linecorp.line.auth.fido.fido2.common.server.VerifyCredentialResult; -import com.linecorp.line.auth.fido.fido2.server.service.ResponseService; -import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RestController; - -@Slf4j -@RestController -public class ResponseController { - private final ResponseService responseService; - - @Autowired - public ResponseController(ResponseService responseService) { - this.responseService = responseService; - } - - @PostMapping(path = "fido2/reg/response") - public RegisterCredentialResult sendRegResponse(@Valid @RequestBody RegisterCredential registerCredential) { - return responseService.handleAttestation(registerCredential.getServerPublicKeyCredential(), registerCredential.getSessionId(), - registerCredential.getOrigin(), registerCredential.getRpId(), registerCredential.getTokenBinding()); - } - - @PostMapping(path = "fido2/auth/response") - public VerifyCredentialResult sendAuthResponse(@Valid @RequestBody VerifyCredential verifyCredential) { - return responseService.handleAssertion(verifyCredential.getServerPublicKeyCredential(), verifyCredential.getSessionId(), - verifyCredential.getOrigin(), verifyCredential.getRpId(), verifyCredential.getTokenBinding()); - } -} diff --git a/server/src/main/resources/application-local.yml b/server/src/main/resources/application-local.yml deleted file mode 100644 index 5c5f090..0000000 --- a/server/src/main/resources/application-local.yml +++ /dev/null @@ -1,25 +0,0 @@ -spring: - profiles: - active: local - h2: - console: - enabled: true - settings: - web-allow-others: true - datasource: - driver-class-name: org.h2.Driver - url: jdbc:h2:mem:userdb; - username: sa - password: -server: - port: 8081 -redis: - host: localhost - port: 6379 - password: -logging: - level: - com.linecorp.line: DEBUG - org.springframework.web: DEBUG - org.hibernate: DEBUG - diff --git a/server/src/main/resources/data.sql b/server/src/main/resources/data.sql deleted file mode 100644 index fe19a94..0000000 --- a/server/src/main/resources/data.sql +++ /dev/null @@ -1,2 +0,0 @@ --- test rp -insert into rp (id, name, description) values('localhost', 'example1', 'example1'); \ No newline at end of file diff --git a/server/src/main/resources/ehcache.xml b/server/src/main/resources/ehcache.xml deleted file mode 100644 index 116f195..0000000 --- a/server/src/main/resources/ehcache.xml +++ /dev/null @@ -1,17 +0,0 @@ - - - - java.lang.String - retrofit2.Response - - 10 - - - 1 - - - \ No newline at end of file diff --git a/server/src/main/resources/static/docs/api-guide.html b/server/src/main/resources/static/docs/api-guide.html deleted file mode 100644 index c22e9d0..0000000 --- a/server/src/main/resources/static/docs/api-guide.html +++ /dev/null @@ -1,1251 +0,0 @@ - - - - - - - - -LINE FIDO2 SERVER API Guide - - - - - - -
-

Introduction

-
-
-
-

This document is about the APIs of the LINE FIDO2 Server application that has been released as open-source.

-
-
-

These define the messages exchanged between the RP server and LINE FIDO2 server.

-
-
-

For more information, please see README.md at the link below.

-
-
-

https://github.com/line/line-fido2-server

-
-
-

If you want to know the details of the WebAuthn standard, you can also refer to the official documentation.

-
-
-

https://www.w3.org/TR/webauthn-2/

-
-
-

Basically, FIDO2 has the following operations - Registration, Authentication.

-
-
-

Example APIs worked like this:

-
-
- -
-
-
-
-

Registration

-
-

Registration consists of two APIs: an API for requesting a challenge, and an API for delivering the results of the client’s registration.

-
-
-

Get Reg Challenge

-
-
HTTP request
-
-
-
POST /fido2/reg/challenge HTTP/1.1
-Content-Type: application/json
-Content-Length: 444
-Host: localhost:8080
-
-{
-  "rp" : {
-    "name" : "Test RP",
-    "icon" : null,
-    "id" : "localhost"
-  },
-  "user" : {
-    "name" : "TestUser",
-    "icon" : null,
-    "id" : "65fUCTlqPlOSk22tkrkJ2m8I2MEhpF4fCI_pdosMAzk",
-    "displayName" : "Test Display Name"
-  },
-  "authenticatorSelection" : {
-    "authenticatorAttachment" : "platform",
-    "requireResidentKey" : true,
-    "userVerification" : "preferred"
-  },
-  "attestation" : "none",
-  "credProtect" : null
-}
-
-
-
-
-
HTTP response
-
-
-
HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 1471
-
-{
-  "serverResponse" : {
-    "description" : null,
-    "internalError" : "SUCCESS",
-    "internalErrorCode" : 0,
-    "internalErrorCodeDescription" : null
-  },
-  "rp" : {
-    "name" : "example1",
-    "icon" : null,
-    "id" : "localhost"
-  },
-  "user" : {
-    "name" : "TestUser",
-    "icon" : null,
-    "id" : "65fUCTlqPlOSk22tkrkJ2m8I2MEhpF4fCI_pdosMAzk",
-    "displayName" : "Test Display Name"
-  },
-  "challenge" : "TXgZfiz2B88oNbksOpC4GjNQ8YNaFzntXMBTMdN3K1XgIgKRr3FoXltAhV1zNmmdF4WJhxnoQDeq4s0bARhtRg",
-  "pubKeyCredParams" : [ {
-    "type" : "public-key",
-    "alg" : -65535
-  }, {
-    "type" : "public-key",
-    "alg" : -257
-  }, {
-    "type" : "public-key",
-    "alg" : -258
-  }, {
-    "type" : "public-key",
-    "alg" : -259
-  }, {
-    "type" : "public-key",
-    "alg" : -37
-  }, {
-    "type" : "public-key",
-    "alg" : -38
-  }, {
-    "type" : "public-key",
-    "alg" : -39
-  }, {
-    "type" : "public-key",
-    "alg" : -7
-  }, {
-    "type" : "public-key",
-    "alg" : -35
-  }, {
-    "type" : "public-key",
-    "alg" : -36
-  }, {
-    "type" : "public-key",
-    "alg" : -8
-  }, {
-    "type" : "public-key",
-    "alg" : -43
-  } ],
-  "timeout" : 180000,
-  "excludeCredentials" : [ ],
-  "authenticatorSelection" : {
-    "authenticatorAttachment" : "platform",
-    "requireResidentKey" : true,
-    "userVerification" : "preferred"
-  },
-  "attestation" : "none",
-  "sessionId" : "8bfc693e-8582-45e1-ad08-e2b71901cc97",
-  "extensions" : {
-    "credProps" : true
-  }
-}
-
-
-
-
-
-

Send Reg Response

-
-
HTTP request
-
-
-
POST /fido2/reg/response HTTP/1.1
-Content-Type: application/json
-Content-Length: 1331
-Host: localhost:8080
-
-{
-  "serverPublicKeyCredential" : {
-    "id" : "AYF-hoBThKTDPlpZs5i-xXCmPppyXuqEf8g0PpBclsJaSqnxOkC3qa3QVAdLeyBav-1cqnRhhB34YPsjQuN2DlH0AlGDNisTU6mi3TQRnOUSqodRkZKAPKnwx6s",
-    "type" : "public-key",
-    "response" : {
-      "clientDataJSON" : "eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiSGw5eU4xRkh0T01ZdjJqOE1PVENQcmhRRFRSSGQ2Y2VCenFtMkhrMGxqTl9tR24yaUR6RzN5UGxoNEwtVTdzWTljc2FPZ1ZpWmJIZ0o5RU5xRDROMFEiLCJvcmlnaW4iOiJodHRwOi8vbG9jYWxob3N0OjgwODAiLCJjcm9zc09yaWdpbiI6ZmFsc2V9",
-      "attestationObject" : "o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YVjgSZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2NFYW-p8K3OAAI1vMYKZIsLJfHwVQMAXAGBfoaAU4Skwz5aWbOYvsVwpj6acl7qhH_IND6QXJbCWkqp8TpAt6mt0FQHS3sgWr_tXKp0YYQd-GD7I0Ljdg5R9AJRgzYrE1Opot00EZzlEqqHUZGSgDyp8MerpQECAyYgASFYIIhbKqrHnS6kY-g57es_NRLrr7MUVaM1MNnjxYAjRFQYIlggKx3lFHU9zGTbdG2FSKqZODGdf47oYb-1SiCleHSTDgk",
-      "transports" : [ "internal" ]
-    },
-    "extensions" : {
-      "appid" : null,
-      "txAuthSimple" : null,
-      "txAuthGeneric" : null,
-      "authnSel" : null,
-      "exts" : null,
-      "uvi" : null,
-      "loc" : null,
-      "biometricPerfBounds" : null,
-      "credProps" : {
-        "rk" : true
-      }
-    }
-  },
-  "sessionId" : "fde89293-9dd4-4244-b7db-1df1086c7bc9",
-  "origin" : "http://localhost:8080",
-  "rpId" : "localhost",
-  "tokenBinding" : null
-}
-
-
-
-
-
HTTP response
-
-
-
HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 475
-
-{
-  "serverResponse" : {
-    "description" : null,
-    "internalError" : "SUCCESS",
-    "internalErrorCode" : 0,
-    "internalErrorCodeDescription" : null
-  },
-  "aaguid" : "adce0002-35bc-c60a-648b-0b25f1f05503",
-  "credentialId" : "AYF-hoBThKTDPlpZs5i-xXCmPppyXuqEf8g0PpBclsJaSqnxOkC3qa3QVAdLeyBav-1cqnRhhB34YPsjQuN2DlH0AlGDNisTU6mi3TQRnOUSqodRkZKAPKnwx6s",
-  "attestationType" : "NONE",
-  "authenticatorTransports" : [ "internal" ],
-  "userVerified" : true,
-  "rk" : true
-}
-
-
-
-
-
-
-

Authentication

-
-

Authentication consists of two APIs: an API for requesting a challenge and an API for delivering the client’s authentication result.

-
-
-

Get Auth Challenge

-
-
HTTP request
-
-
-
POST /fido2/auth/challenge HTTP/1.1
-Content-Type: application/json
-Content-Length: 122
-Host: localhost:8080
-
-{
-  "rpId" : "localhost",
-  "userId" : "65fUCTlqPlOSk22tkrkJ2m8I2MEhpF4fCI_pdosMAzk",
-  "userVerification" : "preferred"
-}
-
-
-
-
-
HTTP response
-
-
-
HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 624
-
-{
-  "serverResponse" : {
-    "description" : null,
-    "internalError" : "SUCCESS",
-    "internalErrorCode" : 0,
-    "internalErrorCodeDescription" : null
-  },
-  "challenge" : "7ZKNccKcYL0Rky0YqVx-_-yHDudCPScBayiw17arUfzpAfqa-A8nv-OmQbSLMHtpEE0rp0MbblIzLw-bE5x6zQ",
-  "timeout" : 180000,
-  "rpId" : "localhost",
-  "allowCredentials" : [ {
-    "type" : "public-key",
-    "id" : "AUTjvBgL29DEg4aoRVchh4KSi9cLUmNuL4JqH4H8RTvKaBVDu88CnXGHDTkpIag5ODydvM-UP5FgqzDzzM3A_tzLSeoWc7hnkQK3g0N0jifjatDHgXX6YmMVAJc"
-  } ],
-  "userVerification" : "preferred",
-  "sessionId" : "3d310653-8d7a-449e-975e-30a467dfbe9a",
-  "extensions" : { }
-}
-
-
-
-
-
-

Send Auth Response

-
-
HTTP request
-
-
-
POST /fido2/auth/response HTTP/1.1
-Content-Type: application/json
-Content-Length: 1310
-Host: localhost:8080
-
-{
-  "serverPublicKeyCredential" : {
-    "id" : "AUTjvBgL29DEg4aoRVchh4KSi9cLUmNuL4JqH4H8RTvKaBVDu88CnXGHDTkpIag5ODydvM-UP5FgqzDzzM3A_tzLSeoWc7hnkQK3g0N0jifjatDHgXX6YmMVAJc",
-    "type" : "public-key",
-    "response" : {
-      "clientDataJSON" : "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoid19aOGctaklHdW5GYkM4S1g5THU0MThVUHV5RmNxQTlnM2ZqajVQRC1OdFYyWXA3R3dxeHdYdXJFNnRSZkp5V29rS21wV2R5c1VSS3lXRDRYNjJFb0EiLCJvcmlnaW4iOiJodHRwOi8vbG9jYWxob3N0OjgwODAiLCJjcm9zc09yaWdpbiI6ZmFsc2UsIm90aGVyX2tleXNfY2FuX2JlX2FkZGVkX2hlcmUiOiJkbyBub3QgY29tcGFyZSBjbGllbnREYXRhSlNPTiBhZ2FpbnN0IGEgdGVtcGxhdGUuIFNlZSBodHRwczovL2dvby5nbC95YWJQZXgifQ",
-      "authenticatorData" : "SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MFYW-4ew",
-      "signature" : "MEYCIQC74yVXB6oz66Y1hfahBYnHvrhl42p8l2PWpGIPv2EgEgIhAM8ooggslk3efQhiulISGw489JMPQqTWjj0kRXvgc61G",
-      "userHandle" : "65fUCTlqPlOSk22tkrkJ2m8I2MEhpF4fCI_pdosMAzk"
-    },
-    "extensions" : {
-      "appid" : null,
-      "txAuthSimple" : null,
-      "txAuthGeneric" : null,
-      "authnSel" : null,
-      "exts" : null,
-      "uvi" : null,
-      "loc" : null,
-      "biometricPerfBounds" : null,
-      "credProps" : null
-    }
-  },
-  "sessionId" : "c05c782a-77ca-4721-b523-19389bfcf3d7",
-  "origin" : "http://localhost:8080",
-  "rpId" : "localhost",
-  "tokenBinding" : null
-}
-
-
-
-
-
HTTP response
-
-
-
HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 322
-
-{
-  "serverResponse" : {
-    "description" : null,
-    "internalError" : "SUCCESS",
-    "internalErrorCode" : 0,
-    "internalErrorCodeDescription" : null
-  },
-  "aaguid" : "adce0002-35bc-c60a-648b-0b25f1f05503",
-  "userId" : "65fUCTlqPlOSk22tkrkJ2m8I2MEhpF4fCI_pdosMAzk",
-  "userVerified" : true,
-  "userPresent" : true
-}
-
-
-
-
-
-
-

Credential API

-
- - - - - -
- - -These are not within the scope of the WebAuthn specification but its own APIs. -
-
-
-

Get Credential by CredentialId

-
-
HTTP request
-
-
-
GET /fido2/credentials/AUTjvBgL29DEg4aoRVchh4KSi9cLUmNuL4JqH4H8RTvKaBVDu88CnXGHDTkpIag5ODydvM-UP5FgqzDzzM3A_tzLSeoWc7hnkQK3g0N0jifjatDHgXX6YmMVAJc?rpId=localhost HTTP/1.1
-Host: localhost:8080
-
-
-
-
-
Path parameters
- - ---- - - - - - - - - - - - - -
Table 1. /fido2/credentials/{id}
ParameterDescription

id

credential Id

-
-
-
Request parameters
- ----- - - - - - - - - - - - - -

Parameter

Required

Description

rpId

true

RP Id

-
-
-
HTTP response
-
-
-
HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 966
-
-{
-  "serverResponse" : {
-    "description" : null,
-    "internalError" : "SUCCESS",
-    "internalErrorCode" : 0,
-    "internalErrorCodeDescription" : null
-  },
-  "credential" : {
-    "rpId" : "localhost",
-    "id" : "65fUCTlqPlOSk22tkrkJ2m8I2MEhpF4fCI_pdosMAzk",
-    "name" : "TestUser",
-    "icon" : null,
-    "displayName" : "Test Display Name",
-    "aaguid" : "adce0002-35bc-c60a-648b-0b25f1f05503",
-    "credentialId" : "AUTjvBgL29DEg4aoRVchh4KSi9cLUmNuL4JqH4H8RTvKaBVDu88CnXGHDTkpIag5ODydvM-UP5FgqzDzzM3A_tzLSeoWc7hnkQK3g0N0jifjatDHgXX6YmMVAJc",
-    "publicKey" : "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE6A7PJ7L7xHAP3wrd1i6Th9ep8KmOi8slCeT2SjREtuFDJfoF1L42dzgww2adGGq7cjYspbjl9YvJA-sr9R2sOg",
-    "algorithm" : "ES256",
-    "signCounter" : 1634711283,
-    "attestationType" : "NONE",
-    "transports" : null,
-    "rk" : true,
-    "credProtect" : 1,
-    "registeredAt" : "2021-10-20T06:27:17.595+00:00",
-    "authenticatedAt" : "2021-10-20T06:28:08.530+00:00"
-  }
-}
-
-
-
-
-
-

Get Credential by UserId

-
-
HTTP request
-
-
-
GET /fido2/credentials?rpId=localhost&userId=65fUCTlqPlOSk22tkrkJ2m8I2MEhpF4fCI_pdosMAzk HTTP/1.1
-Host: localhost:8080
-
-
-
-
-
Request parameters
- ----- - - - - - - - - - - - - - - - - - -

Parameter

Required

Description

rpId

true

RP Id

userId

true

User Id

-
-
-
HTTP response
-
-
-
HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 971
-
-{
-  "serverResponse" : {
-    "description" : null,
-    "internalError" : "SUCCESS",
-    "internalErrorCode" : 0,
-    "internalErrorCodeDescription" : null
-  },
-  "credentials" : [ {
-    "rpId" : "localhost",
-    "id" : "65fUCTlqPlOSk22tkrkJ2m8I2MEhpF4fCI_pdosMAzk",
-    "name" : "TestUser",
-    "icon" : null,
-    "displayName" : "Test Display Name",
-    "aaguid" : "adce0002-35bc-c60a-648b-0b25f1f05503",
-    "credentialId" : "AUTjvBgL29DEg4aoRVchh4KSi9cLUmNuL4JqH4H8RTvKaBVDu88CnXGHDTkpIag5ODydvM-UP5FgqzDzzM3A_tzLSeoWc7hnkQK3g0N0jifjatDHgXX6YmMVAJc",
-    "publicKey" : "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE6A7PJ7L7xHAP3wrd1i6Th9ep8KmOi8slCeT2SjREtuFDJfoF1L42dzgww2adGGq7cjYspbjl9YvJA-sr9R2sOg",
-    "algorithm" : "ES256",
-    "signCounter" : 1634711283,
-    "attestationType" : "NONE",
-    "transports" : null,
-    "rk" : true,
-    "credProtect" : 1,
-    "registeredAt" : "2021-10-20T06:27:17.595+00:00",
-    "authenticatedAt" : "2021-10-20T06:28:08.530+00:00"
-  } ]
-}
-
-
-
-
-
-

Delete Credential by CredentialId

-
-
HTTP request
-
-
-
DELETE /fido2/credentials/AUTjvBgL29DEg4aoRVchh4KSi9cLUmNuL4JqH4H8RTvKaBVDu88CnXGHDTkpIag5ODydvM-UP5FgqzDzzM3A_tzLSeoWc7hnkQK3g0N0jifjatDHgXX6YmMVAJc?rpId=localhost HTTP/1.1
-Host: localhost:8080
-
-
-
-
-
Path parameters
- - ---- - - - - - - - - - - - - -
Table 1. /fido2/credentials/{id}
ParameterDescription

id

credential Id

-
-
-
Request parameters
- ----- - - - - - - - - - - - - -

Parameter

Required

Description

rpId

true

RP Id

-
-
-
HTTP response
-
-
-
HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 160
-
-{
-  "serverResponse" : {
-    "description" : null,
-    "internalError" : "SUCCESS",
-    "internalErrorCode" : 0,
-    "internalErrorCodeDescription" : null
-  }
-}
-
-
-
-
-
-

Delete Credential by UserId

-
-
HTTP request
-
-
-
DELETE /fido2/credentials?rpId=localhost&userId=65fUCTlqPlOSk22tkrkJ2m8I2MEhpF4fCI_pdosMAzk HTTP/1.1
-Host: localhost:8080
-
-
-
-
-
Request parameters
- ----- - - - - - - - - - - - - - - - - - -

Parameter

Required

Description

rpId

true

RP Id

userId

true

User Id

-
-
-
HTTP response
-
-
-
HTTP/1.1 200 OK
-Content-Type: application/json
-Content-Length: 160
-
-{
-  "serverResponse" : {
-    "description" : null,
-    "internalError" : "SUCCESS",
-    "internalErrorCode" : 0,
-    "internalErrorCodeDescription" : null
-  }
-}
-
-
-
-
-
-
-

Health Check

-
- - - - - -
- - -This is not within the scope of the WebAuthn specification but its own API. -
-
-
-
-

Get Health Check Status

-
-

HTTP request

-
-
-
GET /health HTTP/1.1
-Host: localhost:8080
-
-
-
-
-

HTTP response

-
-
-
HTTP/1.1 200 OK
-Content-Type: text/plain;charset=UTF-8
-Content-Length: 2
-
-OK
-
-
-
-
-
- - - - - - \ No newline at end of file diff --git a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/CertRevokeCheckerCacheTest.java b/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/CertRevokeCheckerCacheTest.java deleted file mode 100644 index e063099..0000000 --- a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/attestation/android/keyattestation/CertRevokeCheckerCacheTest.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright 2021 LINE Corporation - * - * LINE Corporation licenses this file to you under the Apache License, - * version 2.0 (the "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at: - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ - -package com.linecorp.line.auth.fido.fido2.server.attestation.android.keyattestation; - -import okhttp3.ResponseBody; -import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.extension.ExtendWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.test.context.junit.jupiter.SpringExtension; -import retrofit2.Response; - -import java.io.IOException; - -import static org.assertj.core.api.Assertions.assertThat; - -@ExtendWith(SpringExtension.class) -@SpringBootTest -public class CertRevokeCheckerCacheTest { - - private static final String REVOKE_STATUS_URL = "attestation/status"; - - @Autowired - private RevokeCheckerClient client; - - @Test - public void fetchRevokeListCacheTest_Cached_AndroidKeyAttestation() throws IOException { - - long start = System.currentTimeMillis(); - Response bodyResponse = client.fetchAndroidKeyAttestationRevokeList(REVOKE_STATUS_URL); - long end = System.currentTimeMillis(); - long uncachedDataFetchTime = end - start; - - assertThat(bodyResponse.isSuccessful()).isTrue(); - assertThat(uncachedDataFetchTime).isGreaterThan(100); - - long cachedStart1 = System.currentTimeMillis(); - Response cachedResponse1 = client.fetchAndroidKeyAttestationRevokeList(REVOKE_STATUS_URL); - long cachedEnd1 = System.currentTimeMillis(); - long cachedDataFetchTime1 = cachedEnd1 - cachedStart1; - - assertThat(cachedResponse1.isSuccessful()).isTrue(); - assertThat(cachedDataFetchTime1).isLessThan(5); - - long cachedStart2 = System.currentTimeMillis(); - Response cachedResponse2 = client.fetchAndroidKeyAttestationRevokeList(REVOKE_STATUS_URL); - long cachedEnd2 = System.currentTimeMillis(); - long cachedDataFetchTime2 = cachedEnd2 - cachedStart2; - - assertThat(cachedResponse2.isSuccessful()).isTrue(); - assertThat(cachedDataFetchTime2).isLessThan(5); - } -} diff --git a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/controller/HealthCheckControllerTest.java b/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/controller/HealthCheckControllerTest.java deleted file mode 100644 index d33af46..0000000 --- a/server/src/test/java/com/linecorp/line/auth/fido/fido2/server/controller/HealthCheckControllerTest.java +++ /dev/null @@ -1,18 +0,0 @@ -package com.linecorp.line.auth.fido.fido2.server.controller; - -import com.linecorp.line.auth.fido.fido2.server.support.restdocs.TestSupportForSpringRestDocs; -import org.junit.jupiter.api.Test; -import org.springframework.test.web.servlet.result.MockMvcResultMatchers; - -import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.get; -import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; - -class HealthCheckControllerTest extends TestSupportForSpringRestDocs { - - @Test - void healthCheck_success() throws Exception { - mockMvc.perform(get("/health")) - .andExpect(MockMvcResultMatchers.content().string("OK")) - .andExpect(status().isOk()); - } -} \ No newline at end of file diff --git a/settings.gradle b/settings.gradle index 16202e5..18f454c 100644 --- a/settings.gradle +++ b/settings.gradle @@ -1,7 +1,7 @@ /* - * Copyright 2022 LINE Corporation + * Copyright 2024 LY Corporation * - * LINE Corporation licenses this file to you under the Apache License, + * LY Corporation licenses this file to you under the Apache License, * version 2.0 (the "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at: * @@ -14,12 +14,24 @@ * under the License. */ +pluginManagement { + plugins { + id 'org.springframework.boot' version '2.7.12' + id 'io.spring.dependency-management' version '1.0.11.RELEASE' + id 'org.asciidoctor.jvm.convert' version '3.3.2' + } +} + rootProject.name = 'fido2' include 'server' +include 'fido2-core' include 'rpserver' include 'common' -include 'spring-boot-starter:line-fido2-spring-boot-autoconfigure' -include 'spring-boot-starter:line-fido2-spring-boot-starter' -include 'spring-boot-starter:line-fido2-spring-boot-demo' + +include ':demo' +project(":demo").projectDir = new File('./fido2-demo/demo') + +include ':base' +project(":base").projectDir = new File('./fido2-demo/base') diff --git a/spring-boot-starter/line-fido2-spring-boot-autoconfigure/build.gradle b/spring-boot-starter/line-fido2-spring-boot-autoconfigure/build.gradle deleted file mode 100644 index 9d6d3ea..0000000 --- a/spring-boot-starter/line-fido2-spring-boot-autoconfigure/build.gradle +++ /dev/null @@ -1,34 +0,0 @@ -plugins { - id 'org.springframework.boot' version '2.4.3' - id 'io.spring.dependency-management' version '1.0.11.RELEASE' - id 'java' - id 'java-library' - id 'maven' -} - -group = 'com.linecorp.line.auth.fido.fido2' -version = '0.1.1-SNAPSHOT' -sourceCompatibility = '1.8' - -bootJar.enabled = false -jar.enabled = true - -compileJava.dependsOn(processResources) - -repositories { - mavenCentral() -} - -dependencies { - api project(':common') - api project(':server') - - annotationProcessor 'org.springframework.boot:spring-boot-autoconfigure-processor' - annotationProcessor 'org.springframework.boot:spring-boot-configuration-processor' - - implementation 'org.springframework.boot:spring-boot' - implementation 'org.springframework.boot:spring-boot-autoconfigure' - implementation ('org.springframework.boot:spring-boot-starter-jdbc') - implementation('org.springframework.boot:spring-boot-starter-data-redis') - implementation('org.springframework.boot:spring-boot-starter-data-jpa') -} diff --git a/spring-boot-starter/line-fido2-spring-boot-autoconfigure/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/autoconfigure/config/ChallengeServiceAutoConfiguration.java b/spring-boot-starter/line-fido2-spring-boot-autoconfigure/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/autoconfigure/config/ChallengeServiceAutoConfiguration.java deleted file mode 100644 index d2026ee..0000000 --- a/spring-boot-starter/line-fido2-spring-boot-autoconfigure/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/autoconfigure/config/ChallengeServiceAutoConfiguration.java +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright 2021 LINE Corporation - * - * LINE Corporation licenses this file to you under the Apache License, - * version 2.0 (the "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at: - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ - -package com.linecorp.line.auth.fido.fido2.springboot.autoconfigure.config; - -import com.linecorp.line.auth.fido.fido2.server.repository.*; -import com.linecorp.line.auth.fido.fido2.server.service.*; -import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; -import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; -import org.springframework.boot.autoconfigure.domain.EntityScan; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.ComponentScan; -import org.springframework.context.annotation.Configuration; -import org.springframework.data.jpa.repository.config.EnableJpaRepositories; -import org.springframework.data.redis.core.RedisTemplate; - -@Configuration -@EnableJpaRepositories(basePackages = {"com.linecorp.line.auth.fido.fido2.server.repository"}) -@EntityScan(basePackages = {"com.linecorp.line.auth.fido.fido2.server.entity"}) -@ComponentScan(basePackages = {"com.linecorp.line.auth.fido.fido2.server.config","com.linecorp.line.auth.fido.fido2.server.service"}) -@ConditionalOnClass(ChallengeService.class) -public class ChallengeServiceAutoConfiguration { - - @Bean - @ConditionalOnMissingBean - public SessionRepository sessionRepository(RedisTemplate redisTemplate) { - return new SessionRepositoryImp(redisTemplate); - } - - @Bean - @ConditionalOnMissingBean - public SessionService sessionService(SessionRepository sessionRepository) { - return new SessionServiceImpl(sessionRepository); - } - - @Bean - @ConditionalOnMissingBean - public ChallengeService challengeService(final RpService rpService, - final UserKeyService userKeyService, - final SessionService sessionService) { - return new ChallengeServiceImpl(rpService, - userKeyService, - sessionService); - } -} diff --git a/spring-boot-starter/line-fido2-spring-boot-autoconfigure/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/autoconfigure/config/MdsFetchTaskAutoConfiguration.java b/spring-boot-starter/line-fido2-spring-boot-autoconfigure/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/autoconfigure/config/MdsFetchTaskAutoConfiguration.java deleted file mode 100644 index 5485d16..0000000 --- a/spring-boot-starter/line-fido2-spring-boot-autoconfigure/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/autoconfigure/config/MdsFetchTaskAutoConfiguration.java +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright 2021 LINE Corporation - * - * LINE Corporation licenses this file to you under the Apache License, - * version 2.0 (the "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at: - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ - -package com.linecorp.line.auth.fido.fido2.springboot.autoconfigure.config; - -import com.linecorp.line.auth.fido.fido2.server.config.MdsConfig; -import com.linecorp.line.auth.fido.fido2.server.helper.MdsV3MetadataHelper; -import com.linecorp.line.auth.fido.fido2.server.mds.MdsFetchTask; -import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; -import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; -import org.springframework.boot.autoconfigure.domain.EntityScan; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.ComponentScan; -import org.springframework.context.annotation.Configuration; - -@Configuration -@ConditionalOnClass(MdsFetchTask.class) -@EntityScan(basePackages = {"com.linecorp.line.auth.fido.fido2.server.entity"}) -@ComponentScan(basePackages = "com.linecorp.line.auth.fido.fido2.server.helper") -public class MdsFetchTaskAutoConfiguration { - - @Bean - @ConditionalOnMissingBean - public MdsFetchTask mdsFetchTask(MdsConfig mdsConfig, MdsV3MetadataHelper mdsV3MetadataHelper) { - return new MdsFetchTask(mdsConfig, mdsV3MetadataHelper); - } -} diff --git a/spring-boot-starter/line-fido2-spring-boot-autoconfigure/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/autoconfigure/config/ResponseServiceAutoConfiguration.java b/spring-boot-starter/line-fido2-spring-boot-autoconfigure/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/autoconfigure/config/ResponseServiceAutoConfiguration.java deleted file mode 100644 index 1066bf4..0000000 --- a/spring-boot-starter/line-fido2-spring-boot-autoconfigure/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/autoconfigure/config/ResponseServiceAutoConfiguration.java +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright 2021 LINE Corporation - * - * LINE Corporation licenses this file to you under the Apache License, - * version 2.0 (the "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at: - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ - -package com.linecorp.line.auth.fido.fido2.springboot.autoconfigure.config; - -import com.linecorp.line.auth.fido.fido2.server.service.*; -import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; -import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; -import org.springframework.boot.autoconfigure.domain.EntityScan; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.ComponentScan; -import org.springframework.context.annotation.Configuration; - -@Configuration -@ComponentScan(basePackages = "com.linecorp.line.auth.fido.fido2.server.attestation") -@EntityScan(basePackages = {"com.linecorp.line.auth.fido.fido2.server.entity"}) -@ConditionalOnClass(ResponseService.class) -public class ResponseServiceAutoConfiguration { - - @Bean - @ConditionalOnMissingBean - public ResponseService responseService(SessionService sessionService, - UserKeyService userKeyService, - AttestationService attestationService) { - return new ResponseServiceImpl( - sessionService, - userKeyService, - attestationService); - } -} diff --git a/spring-boot-starter/line-fido2-spring-boot-autoconfigure/src/main/resources/META-INF/spring.factories b/spring-boot-starter/line-fido2-spring-boot-autoconfigure/src/main/resources/META-INF/spring.factories deleted file mode 100644 index 047c781..0000000 --- a/spring-boot-starter/line-fido2-spring-boot-autoconfigure/src/main/resources/META-INF/spring.factories +++ /dev/null @@ -1,4 +0,0 @@ -org.springframework.boot.autoconfigure.EnableAutoConfiguration=\ - com.linecorp.line.auth.fido.fido2.springboot.autoconfigure.config.ChallengeServiceAutoConfiguration, \ - com.linecorp.line.auth.fido.fido2.springboot.autoconfigure.config.ResponseServiceAutoConfiguration, \ - com.linecorp.line.auth.fido.fido2.springboot.autoconfigure.config.MdsFetchTaskAutoConfiguration \ No newline at end of file diff --git a/spring-boot-starter/line-fido2-spring-boot-demo/build.gradle b/spring-boot-starter/line-fido2-spring-boot-demo/build.gradle deleted file mode 100644 index 35ed548..0000000 --- a/spring-boot-starter/line-fido2-spring-boot-demo/build.gradle +++ /dev/null @@ -1,58 +0,0 @@ -plugins { - id 'org.springframework.boot' version '2.4.3' - id 'io.spring.dependency-management' version '1.0.11.RELEASE' - id 'java' -} - -group = 'com.linecorp.line.auth.fido.fido2' -version = '0.0.1-SNAPSHOT' - -sourceCompatibility = '1.8' - -apply plugin: 'application' - -bootRun { - mainClassName = 'com.linecorp.line.auth.fido.fido2.springboot.Fido2StarterDemoApplication' -} - -repositories { - mavenCentral() -} - -jar { - processResources { - exclude("**/*.sql") - } -} - -dependencies { - implementation 'org.springframework.boot:spring-boot-starter' - implementation('org.springframework.boot:spring-boot-starter-web') - implementation project(':spring-boot-starter:line-fido2-spring-boot-starter') - - compileOnly 'org.projectlombok:lombok:1.18.18' - annotationProcessor 'org.projectlombok:lombok:1.18.18' - - //logging - implementation('org.zalando:logbook-spring-boot-starter:1.8.1') - - //local redis - implementation('com.github.kstyrc:embedded-redis:0.6') - - runtime ('mysql:mysql-connector-java') - - //local db - runtime('com.h2database:h2') - - //bouncy castle - implementation('org.bouncycastle:bcprov-jdk15on:1.60') - - //redis client - implementation('redis.clients:jedis:3.5.0') - - // cache - implementation 'org.springframework.boot:spring-boot-starter-cache:2.4.0' - implementation 'org.ehcache:ehcache:3.8.1' - implementation 'javax.cache:cache-api:1.1.1' - -} diff --git a/spring-boot-starter/line-fido2-spring-boot-demo/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/controller/ChallengeController.java b/spring-boot-starter/line-fido2-spring-boot-demo/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/controller/ChallengeController.java deleted file mode 100644 index 0fba124..0000000 --- a/spring-boot-starter/line-fido2-spring-boot-demo/src/main/java/com/linecorp/line/auth/fido/fido2/springboot/controller/ChallengeController.java +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright 2021 LINE Corporation - * - * LINE Corporation licenses this file to you under the Apache License, - * version 2.0 (the "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at: - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations - * under the License. - */ - -package com.linecorp.line.auth.fido.fido2.springboot.controller; - -import javax.validation.Valid; - -import com.linecorp.line.auth.fido.fido2.common.server.AuthOptionRequest; -import com.linecorp.line.auth.fido.fido2.common.server.AuthOptionResponse; -import com.linecorp.line.auth.fido.fido2.common.server.RegOptionRequest; -import com.linecorp.line.auth.fido.fido2.common.server.RegOptionResponse; -import com.linecorp.line.auth.fido.fido2.server.service.ChallengeService; -import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RestController; - -@Slf4j -@RestController -public class ChallengeController { - private final ChallengeService challengeService; - - @Autowired - public ChallengeController(ChallengeService challengeService) { - this.challengeService = challengeService; - } - - @PostMapping(path = "fido2/reg/challenge") - public RegOptionResponse getRegChallenge(@Valid @RequestBody RegOptionRequest regOptionRequest) { - return challengeService.getRegChallenge(regOptionRequest); - } - - @PostMapping(path = "fido2/auth/challenge") - public AuthOptionResponse getAuthChallenge(@Valid @RequestBody AuthOptionRequest authOptionRequest) { - return challengeService.getAuthChallenge(authOptionRequest); - } -} diff --git a/spring-boot-starter/line-fido2-spring-boot-demo/src/main/resources/application.yml b/spring-boot-starter/line-fido2-spring-boot-demo/src/main/resources/application.yml deleted file mode 100644 index 0efe973..0000000 --- a/spring-boot-starter/line-fido2-spring-boot-demo/src/main/resources/application.yml +++ /dev/null @@ -1,46 +0,0 @@ -spring: - profiles: - active: local - config: - use-legacy-processing: true - cache: - jcache: - config: classpath:ehcache.xml -server: - port: 8081 -fido: - protocols: - fido2: - versions: - - - major: 1 - minor: 0 - - fido2: - session-ttl-millis: 180000 - accept-unregistered-authenticators: true - -logbook: - write: - level: INFO - category: http.wire-log - obfuscate: - headers: - - host - - origin - - referer - - user-agent - - accept-encoding - exclude: - - /health -mds: - enable-mds : false - sources: - # if you want to use mds service please see below - # https://fidoalliance.org/metadata/ - - name: fido-mds-v2 - enabled: true - endpoint: https://mds2.fidoalliance.org/ - access-token: xxx - root-certificates: - - xxx \ No newline at end of file diff --git a/spring-boot-starter/line-fido2-spring-boot-demo/src/main/resources/data.sql b/spring-boot-starter/line-fido2-spring-boot-demo/src/main/resources/data.sql deleted file mode 100644 index fe19a94..0000000 --- a/spring-boot-starter/line-fido2-spring-boot-demo/src/main/resources/data.sql +++ /dev/null @@ -1,2 +0,0 @@ --- test rp -insert into rp (id, name, description) values('localhost', 'example1', 'example1'); \ No newline at end of file diff --git a/spring-boot-starter/line-fido2-spring-boot-demo/src/main/resources/ehcache.xml b/spring-boot-starter/line-fido2-spring-boot-demo/src/main/resources/ehcache.xml deleted file mode 100644 index 116f195..0000000 --- a/spring-boot-starter/line-fido2-spring-boot-demo/src/main/resources/ehcache.xml +++ /dev/null @@ -1,17 +0,0 @@ - - - - java.lang.String - retrofit2.Response - - 10 - - - 1 - - - \ No newline at end of file diff --git a/spring-boot-starter/line-fido2-spring-boot-starter/build.gradle b/spring-boot-starter/line-fido2-spring-boot-starter/build.gradle deleted file mode 100644 index 229f317..0000000 --- a/spring-boot-starter/line-fido2-spring-boot-starter/build.gradle +++ /dev/null @@ -1,59 +0,0 @@ -plugins { - id 'org.springframework.boot' version '2.4.3' - id 'io.spring.dependency-management' version '1.0.11.RELEASE' - id 'java-library' - id 'maven' -} - -bootJar.enabled = false -jar.enabled = true - -task sourcesJar(type: Jar) { - from sourceSets.main.allJava - archiveClassifier.set('sources') -} - -group = 'com.linecorp.line.auth.fido.fido2' -version = '0.1.1-SNAPSHOT' -sourceCompatibility = '1.8' - -repositories { - mavenCentral() -} - -dependencies { - implementation 'org.springframework.boot:spring-boot-starter' - api project(':spring-boot-starter:line-fido2-spring-boot-autoconfigure') - - implementation('org.springframework.boot:spring-boot-starter-data-jpa') - implementation('org.springframework.boot:spring-boot-starter-data-redis') - implementation('org.springframework.boot:spring-boot-starter-web') - implementation('com.fasterxml.jackson.dataformat:jackson-dataformat-cbor') - runtime('org.springframework.boot:spring-boot-devtools') - implementation('org.springframework.boot:spring-boot-starter-logging') - implementation('org.springframework.boot:spring-boot-starter-validation') - - //swagger - implementation('io.springfox:springfox-swagger2:2.9.2') - implementation('io.springfox:springfox-swagger-ui:2.9.2') - - //jwt - implementation('com.auth0:java-jwt:3.4.0') - - //bouncy castle - implementation('org.bouncycastle:bcprov-jdk15on:1.60') - - //eddsa library - implementation('net.i2p.crypto:eddsa:0.3.0') - - //retrofit - implementation('com.squareup.retrofit2:retrofit:2.4.0') - implementation('com.squareup.retrofit2:converter-jackson:2.4.0') - - compileOnly 'org.projectlombok:lombok:1.18.18' - annotationProcessor 'org.projectlombok:lombok:1.18.18' - - implementation ('org.springframework.boot:spring-boot-starter-jdbc') - compileOnly('org.springframework.boot:spring-boot-configuration-processor') - -}