From 329661eb68b1f98063f701ec4377d85255b0fead Mon Sep 17 00:00:00 2001 From: maximthomas Date: Fri, 17 May 2024 16:17:26 +0300 Subject: [PATCH] webauthn.js methods encapsulation --- .../amAuthWebAuthnAuthentication.xml | 2 +- .../resources/amAuthWebAuthnRegistration.xml | 14 +- .../src/main/webapp/assets/js/webauthn.js | 210 +++++++++--------- .../WebAuthnAuthenticationCredentials.jsp | 2 +- .../default/WebAuthnRegisterCredentials.jsp | 2 +- .../openam/authn/WebAuthnAuthentication2.html | 2 +- .../openam/authn/WebAuthnRegistration2.html | 2 +- 7 files changed, 118 insertions(+), 116 deletions(-) diff --git a/openam-authentication/openam-auth-webauthn/src/main/resources/amAuthWebAuthnAuthentication.xml b/openam-authentication/openam-auth-webauthn/src/main/resources/amAuthWebAuthnAuthentication.xml index 941f33d855..388857f21c 100644 --- a/openam-authentication/openam-auth-webauthn/src/main/resources/amAuthWebAuthnAuthentication.xml +++ b/openam-authentication/openam-auth-webauthn/src/main/resources/amAuthWebAuthnAuthentication.xml @@ -7,7 +7,7 @@ diff --git a/openam-authentication/openam-auth-webauthn/src/main/resources/amAuthWebAuthnRegistration.xml b/openam-authentication/openam-auth-webauthn/src/main/resources/amAuthWebAuthnRegistration.xml index b90ede662b..ef7d471cd9 100644 --- a/openam-authentication/openam-auth-webauthn/src/main/resources/amAuthWebAuthnRegistration.xml +++ b/openam-authentication/openam-auth-webauthn/src/main/resources/amAuthWebAuthnRegistration.xml @@ -7,7 +7,7 @@ @@ -78,9 +78,9 @@ syntax="string" i18nKey="org.openidentityplatform.openam.authentication.modules.webauthn.WebAuthnRegistration.attestation"> - None - Indirect - Direct + none + indirect + direct none @@ -91,9 +91,9 @@ syntax="string" i18nKey="org.openidentityplatform.openam.authentication.modules.webauthn.WebAuthnRegistration.authType"> - Unspecified - Cross-platform - Platform + unspecified + cross-platform + platform unspecified diff --git a/openam-server-only/src/main/webapp/assets/js/webauthn.js b/openam-server-only/src/main/webapp/assets/js/webauthn.js index f6e41f8595..8dbf45c509 100644 --- a/openam-server-only/src/main/webapp/assets/js/webauthn.js +++ b/openam-server-only/src/main/webapp/assets/js/webauthn.js @@ -1,117 +1,119 @@ -function bufferDecode(value) { - return Uint8Array.from(atob(value), c => c.charCodeAt(0)); -} - -function bufferEncode(bytes) { - let binary = '' - const len = bytes.byteLength; - for (let i = 0; i < len; i++) { - binary += String.fromCharCode( bytes[ i ] ); +function WebAuthn() { + function bufferDecode(value) { + return Uint8Array.from(atob(value), c => c.charCodeAt(0)); } - return window.btoa( binary ).replace(/\+/g, "-") - .replace(/\//g, "_") - .replace(/=/g, "") -} - -function processRegistrationChallenge() { - var challengeStr = getRegistrationChallenge(); - var challenge = JSON.parse(challengeStr); - challenge.challenge = bufferDecode(challenge.challenge.value); - challenge.user.id = bufferDecode(challenge.user.id); - navigator.credentials.create({ - publicKey: challenge, - }).then((credential) => { - register(credential); - }).catch((e) => { - console.log(e.toString()); + + function bufferEncode(bytes) { + let binary = '' + const len = bytes.byteLength; + for (let i = 0; i < len; i++) { + binary += String.fromCharCode(bytes[i]); } - ); -} + return window.btoa(binary).replace(/\+/g, "-") + .replace(/\//g, "_") + .replace(/=/g, "") + } -function getRegistrationChallenge() { - var querySelector = ".TextOutputCallback_0"; - if(isXUI()) { - querySelector = "#callback_3"; + function processRegistrationChallenge() { + var challengeStr = getRegistrationChallenge(); + var challenge = JSON.parse(challengeStr); + challenge.challenge = bufferDecode(challenge.challenge.value); + challenge.user.id = bufferDecode(challenge.user.id); + navigator.credentials.create({ + publicKey: challenge, + }).then((credential) => { + register(credential); + }).catch((e) => { + console.log(e.toString()); + } + ); + } + + function getRegistrationChallenge() { + var querySelector = ".TextOutputCallback_0"; + if (isXUI()) { + querySelector = "#callback_1"; + } + return document.querySelector(querySelector).innerText; } - return document.querySelector(querySelector).innerText; -} - -function isXUI() { - return !!window.requirejs; -} - -function register(credential) { - var idToken1Sel = "IDToken1"; - var idToken2Sel = "IDToken2"; - var idToken3Sel = "IDToken3"; - var buttonSel = "[name='Login.Submit']"; - if(isXUI()) { - idToken1Sel = "idToken1"; - idToken2Sel = "idToken2"; - idToken3Sel = "idToken3"; - buttonSel = "#loginButton_0"; + + function isXUI() { + return !!window.requirejs; } - document.getElementById(idToken1Sel).value = credential.id; - document.getElementById(idToken2Sel).value = bufferEncode( new Uint8Array(credential.response.attestationObject)); - document.getElementById(idToken3Sel).value = bufferEncode( new Uint8Array(credential.response.clientDataJSON)); - document.querySelector(buttonSel).click(); -} - - -function processAuthenticationChallenge() { - var credentialsStr = getAuthenticationChallenge(); - var credentials = JSON.parse(credentialsStr); - credentials.challenge = bufferDecode(credentials.challenge.value); - credentials.allowCredentials.forEach(function (allowCredential, i) { - allowCredential.id = bufferDecode(allowCredential.id); + + function register(credential) { + var idToken1Sel = "IDToken1"; + var buttonSel = "[name='Login.Submit']"; + if (isXUI()) { + idToken1Sel = "idToken1"; + buttonSel = "#loginButton_0"; + } + + var credentials = { + credentialId: credential.id, + attestationObject: bufferEncode(new Uint8Array(credential.response.attestationObject)), + clientDataJSON: bufferEncode(new Uint8Array(credential.response.clientDataJSON)), } - ); - - navigator.credentials.get({ - publicKey: credentials, - }).then((assertion) => { - assert(assertion); - }).catch((e) => { - console.log(e.toString()); - }); -} - -function assert(assertion) { - - var authenticatorData = new Uint8Array(assertion.response.authenticatorData); - var clientDataJSON = new Uint8Array(assertion.response.clientDataJSON); - var signature = new Uint8Array(assertion.response.signature); - var userHandle = new Uint8Array(assertion.response.userHandle); - - var idToken1Sel = "IDToken1"; - var idToken2Sel = "IDToken2"; - var idToken3Sel = "IDToken3"; - var idToken4Sel = "IDToken4"; - var idToken5Sel = "IDToken5"; - var buttonSel = "[name='Login.Submit']"; - if(isXUI()) { - idToken1Sel = "idToken1"; - idToken2Sel = "idToken2"; - idToken3Sel = "idToken3"; - idToken4Sel = "idToken4"; - idToken5Sel = "idToken5"; - buttonSel = "#loginButton_0"; + + document.getElementById(idToken1Sel).value = JSON.stringify(credentials); + document.querySelector(buttonSel).click(); + } + + + function processAuthenticationChallenge() { + var credentialsStr = getAuthenticationChallenge(); + var credentials = JSON.parse(credentialsStr); + credentials.challenge = bufferDecode(credentials.challenge.value); + credentials.allowCredentials.forEach(function (allowCredential, i) { + allowCredential.id = bufferDecode(allowCredential.id); + } + ); + + navigator.credentials.get({ + publicKey: credentials, + }).then((assertion) => { + assert(assertion); + }).catch((e) => { + console.log(e.toString()); + }); } - document.getElementById(idToken1Sel).value = assertion.id; - document.getElementById(idToken2Sel).value = bufferEncode( new Uint8Array(authenticatorData)); - document.getElementById(idToken3Sel).value = bufferEncode( new Uint8Array(clientDataJSON)); - document.getElementById(idToken4Sel).value = bufferEncode( new Uint8Array(signature)); - document.getElementById(idToken5Sel).value = bufferEncode(userHandle); + function assert(assertion) { + + var authenticatorData = new Uint8Array(assertion.response.authenticatorData); + var clientDataJSON = new Uint8Array(assertion.response.clientDataJSON); + var signature = new Uint8Array(assertion.response.signature); + var userHandle = new Uint8Array(assertion.response.userHandle); + + var idToken1Sel = "IDToken1"; + var buttonSel = "[name='Login.Submit']"; + if (isXUI()) { + idToken1Sel = "idToken1"; + buttonSel = "#loginButton_0"; + } + + var credentials = { + assertionId: assertion.id, + authenticatorData: bufferEncode(new Uint8Array(authenticatorData)), + clientDataJSON: bufferEncode(new Uint8Array(clientDataJSON)), + signature: bufferEncode(new Uint8Array(signature)), + userHandle: bufferEncode(userHandle), + } - document.querySelector(buttonSel).click(); + document.getElementById(idToken1Sel).value = JSON.stringify(credentials); + document.querySelector(buttonSel).click(); -} + } -function getAuthenticationChallenge() { - var querySelector = ".TextOutputCallback_0"; - if(isXUI()) { - querySelector = "#callback_5"; + function getAuthenticationChallenge() { + var querySelector = ".TextOutputCallback_0"; + if (isXUI()) { + querySelector = "#callback_1"; + } + return document.querySelector(querySelector).innerText; + } + return { + processRegistrationChallenge: processRegistrationChallenge, + processAuthenticationChallenge: processAuthenticationChallenge, } - return document.querySelector(querySelector).innerText; } \ No newline at end of file diff --git a/openam-server-only/src/main/webapp/config/auth/default/WebAuthnAuthenticationCredentials.jsp b/openam-server-only/src/main/webapp/config/auth/default/WebAuthnAuthenticationCredentials.jsp index 889f4030ef..869175638b 100644 --- a/openam-server-only/src/main/webapp/config/auth/default/WebAuthnAuthenticationCredentials.jsp +++ b/openam-server-only/src/main/webapp/config/auth/default/WebAuthnAuthenticationCredentials.jsp @@ -252,7 +252,7 @@ diff --git a/openam-server-only/src/main/webapp/config/auth/default/WebAuthnRegisterCredentials.jsp b/openam-server-only/src/main/webapp/config/auth/default/WebAuthnRegisterCredentials.jsp index 18670900d3..30e354757f 100644 --- a/openam-server-only/src/main/webapp/config/auth/default/WebAuthnRegisterCredentials.jsp +++ b/openam-server-only/src/main/webapp/config/auth/default/WebAuthnRegisterCredentials.jsp @@ -252,7 +252,7 @@ diff --git a/openam-ui/openam-ui-ria/src/main/resources/templates/openam/authn/WebAuthnAuthentication2.html b/openam-ui/openam-ui-ria/src/main/resources/templates/openam/authn/WebAuthnAuthentication2.html index e1d20eb5d9..3f572b5686 100644 --- a/openam-ui/openam-ui-ria/src/main/resources/templates/openam/authn/WebAuthnAuthentication2.html +++ b/openam-ui/openam-ui-ria/src/main/resources/templates/openam/authn/WebAuthnAuthentication2.html @@ -1,7 +1,7 @@
diff --git a/openam-ui/openam-ui-ria/src/main/resources/templates/openam/authn/WebAuthnRegistration2.html b/openam-ui/openam-ui-ria/src/main/resources/templates/openam/authn/WebAuthnRegistration2.html index 39c48fa63d..4a00e0711d 100644 --- a/openam-ui/openam-ui-ria/src/main/resources/templates/openam/authn/WebAuthnRegistration2.html +++ b/openam-ui/openam-ui-ria/src/main/resources/templates/openam/authn/WebAuthnRegistration2.html @@ -1,7 +1,7 @@