From 8d3431b71fb1a7477b4deddd76fbd7c05b5529b5 Mon Sep 17 00:00:00 2001 From: Guillaume Bouxin Date: Mon, 24 Apr 2023 18:30:03 +0200 Subject: [PATCH] Better request creator --- .idea/vcs.xml | 1 - .../model/CreatePasskeyRequest.kt | 35 +++++++++ .../model/CreatePasskeyResponseData.kt | 2 +- .../model/GetPasskeyRequest.kt | 15 ++++ .../repository/AccountRepository.kt | 76 +++++++++++-------- 5 files changed, 97 insertions(+), 32 deletions(-) create mode 100644 app/src/main/java/com/dashlane/dashlanepasskeydemo/model/CreatePasskeyRequest.kt create mode 100644 app/src/main/java/com/dashlane/dashlanepasskeydemo/model/GetPasskeyRequest.kt diff --git a/.idea/vcs.xml b/.idea/vcs.xml index 40f47b1..94a25f7 100644 --- a/.idea/vcs.xml +++ b/.idea/vcs.xml @@ -1,7 +1,6 @@ - \ No newline at end of file diff --git a/app/src/main/java/com/dashlane/dashlanepasskeydemo/model/CreatePasskeyRequest.kt b/app/src/main/java/com/dashlane/dashlanepasskeydemo/model/CreatePasskeyRequest.kt new file mode 100644 index 0000000..65588a6 --- /dev/null +++ b/app/src/main/java/com/dashlane/dashlanepasskeydemo/model/CreatePasskeyRequest.kt @@ -0,0 +1,35 @@ +package com.dashlane.dashlanepasskeydemo.model + +data class CreatePasskeyRequest( + val challenge: String, + val rp: Rp, + val user: User, + val pubKeyCredParams: List, + val timeout: Long, + val attestation: String, + val excludeCredentials: List, + val authenticatorSelection: AuthenticatorSelection +) { + data class Rp( + val name: String, + val id: String + ) + + data class User( + val id: String, + val name: String, + val displayName: String + ) + + data class PubKeyCredParams( + val type: String, + val alg: Int + ) + + data class AuthenticatorSelection( + val authenticatorAttachment: String, + val requireResidentKey: Boolean, + val residentKey: String, + val userVerification: String + ) +} \ No newline at end of file diff --git a/app/src/main/java/com/dashlane/dashlanepasskeydemo/model/CreatePasskeyResponseData.kt b/app/src/main/java/com/dashlane/dashlanepasskeydemo/model/CreatePasskeyResponseData.kt index 03136b0..74b0593 100644 --- a/app/src/main/java/com/dashlane/dashlanepasskeydemo/model/CreatePasskeyResponseData.kt +++ b/app/src/main/java/com/dashlane/dashlanepasskeydemo/model/CreatePasskeyResponseData.kt @@ -12,6 +12,6 @@ data class CreatePasskeyResponseData( data class Response( @SerializedName("clientDataJSON") val clientDataJSON: String, @SerializedName("attestationObject") val attestationObject: String, - @SerializedName("transports") val transports: List> + @SerializedName("transports") val transports: List ) } \ No newline at end of file diff --git a/app/src/main/java/com/dashlane/dashlanepasskeydemo/model/GetPasskeyRequest.kt b/app/src/main/java/com/dashlane/dashlanepasskeydemo/model/GetPasskeyRequest.kt new file mode 100644 index 0000000..69a5773 --- /dev/null +++ b/app/src/main/java/com/dashlane/dashlanepasskeydemo/model/GetPasskeyRequest.kt @@ -0,0 +1,15 @@ +package com.dashlane.dashlanepasskeydemo.model + +data class GetPasskeyRequest( + val challenge: String, + val allowCredentials: List, + val timeout: Long, + val userVerification: String, + val rpId: String, +) { + data class AllowCredentials( + val id: String, + val transports: List, + val type: String, + ) +} \ No newline at end of file diff --git a/app/src/main/java/com/dashlane/dashlanepasskeydemo/repository/AccountRepository.kt b/app/src/main/java/com/dashlane/dashlanepasskeydemo/repository/AccountRepository.kt index 23bc4ef..8a8c63b 100644 --- a/app/src/main/java/com/dashlane/dashlanepasskeydemo/repository/AccountRepository.kt +++ b/app/src/main/java/com/dashlane/dashlanepasskeydemo/repository/AccountRepository.kt @@ -2,6 +2,8 @@ package com.dashlane.dashlanepasskeydemo.repository import android.content.SharedPreferences import com.dashlane.dashlanepasskeydemo.b64Encode +import com.dashlane.dashlanepasskeydemo.model.CreatePasskeyRequest +import com.dashlane.dashlanepasskeydemo.model.GetPasskeyRequest import com.dashlane.dashlanepasskeydemo.model.UserData import com.google.gson.Gson import java.security.SecureRandom @@ -54,42 +56,56 @@ class AccountRepositoryLocal @Inject constructor( * Create the request to create a passkey. From https://w3c.github.io/webauthn/#sctn-sample-registration */ override fun getCreatePasskeyRequest(userId: String, email: String): String { - return "{\n" + - " \"challenge\":\"${generateFidoChallenge()}\",\n" + - " \"rp\":{\n" + - " \"name\":\"Dashlane Passkey Demo\",\n" + - " \"id\":\"$RELYING_PARTY_ID\"\n" + - " },\n" + - " \"user\":{\n" + - " \"id\":\"$userId\",\n" + - " \"name\":\"$email\",\n" + - " \"displayName\":\"$email\"\n" + - " },\n" + - " \"pubKeyCredParams\":[\n" + - " {\"type\":\"public-key\",\"alg\":-7}],\n" + - " \"timeout\":1800000,\n" + - " \"attestation\":\"none\",\n" + - " \"excludeCredentials\":[],\n" + - " \"authenticatorSelection\":{\n" + - " \"authenticatorAttachment\":\"platform\",\n" + - " \"requireResidentKey\":true,\n" + - " \"residentKey\": \"required\",\n" + - " \"userVerification\":\"required\"\n" + - " }\n" + - "}" + return gson.toJson( + CreatePasskeyRequest( + challenge = generateFidoChallenge(), + rp = CreatePasskeyRequest.Rp( + name = "Dashlane Passkey Demo", + id = RELYING_PARTY_ID + ), + user = CreatePasskeyRequest.User( + id = userId, + name = email, + displayName = email + ), + pubKeyCredParams = listOf( + CreatePasskeyRequest.PubKeyCredParams( + type = "public-key", + alg = -7 + ) + ), + timeout = 1800000, + attestation = "none", + excludeCredentials = emptyList(), + authenticatorSelection = CreatePasskeyRequest.AuthenticatorSelection( + authenticatorAttachment = "platform", + requireResidentKey = false, + residentKey = "required", + userVerification = "required" + ) + ) + ) } /** * Create the request to login with a passkey. From https://w3c.github.io/webauthn/#sctn-sample-authentication */ override fun getLoginPasskeyRequest(allowedCredential: List): String { - return "{\n" + - " \"challenge\":\"${generateFidoChallenge()}\",\n" + - " \"allowCredentials\":$allowedCredential,\n" + - " \"timeout\":1800000,\n" + - " \"userVerification\":\"required\",\n" + - " \"rpId\":\"$RELYING_PARTY_ID\"\n" + - "}" + return gson.toJson( + GetPasskeyRequest( + challenge = generateFidoChallenge(), + timeout = 1800000, + userVerification = "required", + rpId = RELYING_PARTY_ID, + allowCredentials = allowedCredential.map { + GetPasskeyRequest.AllowCredentials( + id = it, + transports = listOf(), + type = "public-key" + ) + } + ) + ) } /**