public PublicKeyCredentialRequestOptions getSignRequest()

in Fido/app/src/main/java/com/fido/example/fido2apiexample/GAEService.java [234:296]

• 44 lines of code
• 8 McCabe index (conditional complexity)

    public PublicKeyCredentialRequestOptions getSignRequest(List<String> allowedKeys) {
        Log.d(TAG, "getSignRequest");
        try {
            if (fido2Service == null) {
                return null;
            }
            List<String> signRequestContent = fido2Service.getSignRequest().execute().getItems();
            if (signRequestContent == null || signRequestContent.isEmpty()) {
                Log.i(TAG, "signRequestContent is empty");
                return null;
            }
            for (String signRequest : signRequestContent) {
                Log.i(TAG, "signRequestContent " + signRequest);
            }
            JSONObject signRequestJson = new JSONObject(signRequestContent.get(0));
            PublicKeyCredentialRequestOptions.Builder builder =
                    new PublicKeyCredentialRequestOptions.Builder();
            // signRequestContent {"challenge":"AmlL6aQKTMd24MmfZtrvBGP/oKb8+zpXRcB7bfUHrPk=",
            // "rpId":"https://webauthdemo.appspot.com",
            // "allowList":[{"type":"public-key",
            // "id":"lmKQSq81f+gLQ49jeBQNFD/3TU7R2gGFWin+zNzpDrFeWUTTkEZ7nfmIC5OWXarRNqLxImA0hE7UVOI3eeVZZg=="}],
            // "session":{"id":5704837555552256,
            // "challenge":"AmlL6aQKTMd24MmfZtrvBGP/oKb8+zpXRcB7bfUHrPk=",
            // "origin":"https://webauthdemo.appspot.com"}}

            // Parse challenge
            builder.setChallenge(
                    BaseEncoding.base64().decode(signRequestJson.getString(KEY_REQUEST_CHALLENGE)));

            // Parse timeout
            if (signRequestJson.has(KEY_TIMEOUT)) {
                Double timeout = Double.valueOf(signRequestJson.getLong(KEY_TIMEOUT));
                builder.setTimeoutSeconds(timeout);
            }

            // Parse rpId
            String rpId = signRequestJson.getString(KEY_RPID);
            builder.setRpId(rpId);

            // Parse session id
            JSONObject session = signRequestJson.getJSONObject(KEY_SESSION);
            String sessionId = String.valueOf(session.getLong(KEY_SESSION_ID));

            // Parse allow list
            List<PublicKeyCredentialDescriptor> descriptors = new ArrayList<>();
            for (String allowedKey : allowedKeys) {
                sessionIds.put(allowedKey, sessionId);
                PublicKeyCredentialDescriptor publicKeyCredentialDescriptor =
                        new PublicKeyCredentialDescriptor(
                                PublicKeyCredentialType.PUBLIC_KEY.toString(),
                                BaseEncoding.base64Url().decode(allowedKey),
                                /* transports= */ null);
                descriptors.add(publicKeyCredentialDescriptor);
            }
            builder.setAllowList(descriptors);

            return builder.build();

        } catch (IOException | JSONException e) {
            Log.e(TAG, "Error processing sign request from server", e);
        }
        return null;
    }