in Fido/app/src/main/java/com/fido/example/fido2apiexample/GAEService.java [97:203]
public PublicKeyCredentialCreationOptions getRegistrationRequest(List<String> excludedKeys) {
try {
if (fido2Service == null) {
return null;
}
List<String> registerRequestContent =
fido2Service.getRegistrationRequest().execute().getItems();
if (registerRequestContent == null || registerRequestContent.isEmpty()) {
Log.i(TAG, "registerRequestContent is null or empty");
return null;
}
for (String value : registerRequestContent) {
Log.i(TAG, "registerRequestContent " + value);
}
// A sample register request:
// {"rp":{"id":"webauthndemo.appspot.com","name":"webauthndemo.appspot.com"},
//
// "user":{"name":"littlecattest","displayName":"littlecattest","id":"bGl0dGxlY2F0dGVzdEBnbWFpbC5jb20="},
// "challenge":"Zys9NEvoE6KRhZtVMJZ3KKHg+spgXu2R0R7AQ2Mudlg=",
// "pubKeyCredParams":[{"type":"public-key","alg":-7},{"type":"public-key","alg":-35},
// {"type":"public-key","alg":-36},{"type":"public-key","alg":-40},
// {"type":"public-key","alg":-41},{"type":"public-key","alg":-42},
// {"type":"public-key","alg":-37},{"type":"public-key","alg":-38},
// {"type":"public-key","alg":-39}],
// "session":{"id":5634387206995968,
// "challenge":"Zys9NEvoE6KRhZtVMJZ3KKHg+spgXu2R0R7AQ2Mudlg=",
// "origin":"webauthndemo.appspot.com"}}*/
JSONObject registerRequestJson = new JSONObject(registerRequestContent.get(0));
PublicKeyCredentialCreationOptions.Builder builder =
new PublicKeyCredentialCreationOptions.Builder();
// Parse challenge
builder.setChallenge(
BaseEncoding.base64().decode(registerRequestJson.getString(KEY_REQUEST_CHALLENGE)));
// Parse RP
JSONObject rpJson = registerRequestJson.getJSONObject(KEY_RP);
String rpId = rpJson.getString(KEY_RP_ID);
String rpName = rpJson.getString(KEY_RP_NAME);
String rpIcon = null;
if (rpJson.has(KEY_RP_ICON)) {
rpIcon = rpJson.getString(KEY_RP_ICON);
}
PublicKeyCredentialRpEntity entity = new PublicKeyCredentialRpEntity(rpId, rpName, rpIcon);
builder.setRp(entity);
// Parse user
JSONObject userJson = registerRequestJson.getJSONObject(KEY_USER);
String displayName = userJson.getString(KEY_USER_DISPLAY_NAME);
PublicKeyCredentialUserEntity userEntity =
new PublicKeyCredentialUserEntity(
displayName.getBytes() /* id */,
displayName /* name */,
null /* icon */,
displayName);
builder.setUser(userEntity);
// Parse parameters
List<PublicKeyCredentialParameters> parameters = new ArrayList<>();
if (registerRequestJson.has(KEY_PARAMETERS)) {
JSONArray params = registerRequestJson.getJSONArray(KEY_PARAMETERS);
for (int i = 0; i < params.length(); i++) {
JSONObject param = params.getJSONObject(i);
String type = param.getString(KEY_PARAMETERS_TYPE);
// TODO: this is a hack, use KEY_PARAMETERS_ALGORITHM = "alg"
PublicKeyCredentialParameters parameter =
new PublicKeyCredentialParameters(type, EC2Algorithm.ES256.getAlgoValue());
parameters.add(parameter);
}
}
builder.setParameters(parameters);
// Parse timeout
Double timeout = null;
if (registerRequestJson.has(KEY_TIMEOUT)) {
timeout = Double.valueOf(registerRequestJson.getLong(KEY_TIMEOUT));
}
builder.setTimeoutSeconds(timeout);
// Parse exclude list
List<PublicKeyCredentialDescriptor> descriptors =
FluentIterable.from(excludedKeys)
.transform(
k ->
new PublicKeyCredentialDescriptor(
PublicKeyCredentialType.PUBLIC_KEY.toString(),
BaseEncoding.base64Url().decode(k),
/* transports= */ null))
.toList();
builder.setExcludeList(descriptors);
AuthenticatorSelectionCriteria.Builder criteria =
new AuthenticatorSelectionCriteria.Builder();
if (registerRequestJson.has(KEY_ATTACHMENT)) {
criteria.setAttachment(
Attachment.fromString(registerRequestJson.getString(KEY_ATTACHMENT)));
}
builder.setAuthenticatorSelection(criteria.build());
return builder.build();
} catch (IOException
| JSONException
| Attachment.UnsupportedAttachmentException e) {
Log.e(TAG, "Error extracting information from server's registration request", e);
}
return null;
}