Package com.tivoli.am.fim.fido.server

Class LocalFIDOClient

  • public class LocalFIDOClient
extends java.lang.Object
    LocalFIDOClient provides API to InfoMap and Java Extensions to make calls to a FIDO2 Relying Party without having to use a TCP Socket to call the runtime.

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      java.lang.String assertionOptions​(java.lang.String optionsString)
      Given a set of assertion options, generate an assertion request from the FIDO Server.
      java.lang.String assertionResult​(java.lang.String assertionString)
      Validate an assertion response agains the configured FIDO Server.
      java.lang.String attestationOptions​(java.lang.String optionsString)
      Given a set of attestation options, generate an attestation request from the FIDO Server.
      java.lang.String attestationResult​(java.lang.String attestationString)
      Validate a attestation response against a configured FIDO Server.
      static java.lang.String getRpConfigId​(java.lang.String rpId)
      Fetch the configuration ID of the Relying Party with the given Relying Party ID (rpId).

      The configuration ID is required to invoke the FIDO server endpoints, which are of the format:

      • Methods inherited from class java.lang.Object

        equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Method Detail

      • attestationOptions

        public java.lang.String attestationOptions​(java.lang.String optionsString)
                                    throws java.io.IOException
        Given a set of attestation options, generate an attestation request from the FIDO Server. The options in this request can be overridden by the Mediator.
        Parameters:
        options - Stringified JSON object containing the requested attestation options
        Returns:
        String Stringified JSONObject of Server generated attestation request which can be consumed by a FIDO2 Client
        Throws:
        java.io.IOException

      • attestationResult

        public java.lang.String attestationResult​(java.lang.String attestationString)
                                   throws java.io.IOException
        Validate a attestation response against a configured FIDO Server. If the attestation is valid an registration is generated and the details are returned as JSON. If the attestation is unsuccessful then an error message is returned containing the reason the attestation failed.
        Parameters:
        attestation - Stringified JSON object containing the attestation result generated by the client/token
        Returns:
        String Stringified JSONObject containing registration details if successful or an error code/message if unsuccessful
        Throws:
        java.io.IOException

      • assertionOptions

        public java.lang.String assertionOptions​(java.lang.String optionsString)
                                  throws java.io.IOException,
                                         FIDO2Exception
        Given a set of assertion options, generate an assertion request from the FIDO Server. The options in this request can be overridden by the Mediator.
        Parameters:
        options - Stringified JSON object containing the requested assertion options. This may be overwritten by a Mediator.
        Returns:
        String Stringified JSONObject containing Server generated assertion request which can be consumed by a FIDO2 Client
        Throws:
        java.io.IOException
        FIDO2Exception

      • assertionResult

        public java.lang.String assertionResult​(java.lang.String assertionString)
                                 throws java.io.IOException
        Validate an assertion response agains the configured FIDO Server. If the assertion is valid then the user's credentials are updated and a success json response is returned to the user. If the assertion is not valid, then an error message containing the reason for the failure is returned.
        Parameters:
        assertion - Stringified JSON object containing the assertion result generated by the client/token
        Returns:
        String Stringified JSONObject containing registration details if successful or an error code/message if unsuccessful
        Throws:
        java.io.IOException

      • getRpConfigId

        public static java.lang.String getRpConfigId​(java.lang.String rpId)
        Fetch the configuration ID of the Relying Party with the given Relying Party ID (rpId).

        The configuration ID is required to invoke the FIDO server endpoints, which are of the format: 
         https://<host>/<aac_junction>/sps/fido2/<config_id>/attestation/options
 https://<host>/<aac_junction>/sps/fido2/<config_id>/attestation/result
 https://<host>/<aac_junction>/sps/fido2/<config_id>/assertion/options
 https://<host>/<aac_junction>/sps/fido2/<config_id>/assertion/result
        Parameters:
        rpId - the Relying Party ID, which is a valid domain string that identifies the WebAuthn Relying Party.
        Returns:
        the configuration ID