Package com.tivoli.am.fim.fido.server
Class LocalFIDOClient
- java.lang.Object
-
- com.tivoli.am.fim.fido.server.LocalFIDOClient
-
public class LocalFIDOClient extends java.lang.Object
LocalFIDOClient provides API to InfoMap and Java Extensions to make calls to a FIDO2 Relying Party without having to use a TCP Socket to call the runtime.
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.String
assertionOptions(java.lang.String optionsString)
Given a set of assertion options, generate an assertion request from the FIDO Server.java.lang.String
assertionResult(java.lang.String assertionString)
Validate an assertion response against the configured FIDO Server.java.lang.String
attestationOptions(java.lang.String optionsString)
Given a set of attestation options, generate an attestation request from the FIDO Server.java.lang.String
attestationResult(java.lang.String attestationString)
Validate a attestation response against a configured FIDO Server.static java.lang.String
getRpConfigId(java.lang.String rpId)
Fetch the configuration ID of the Relying Party with the given Relying Party ID (rpId).
The configuration ID is required to invoke the FIDO server endpoints, which are of the format:
-
-
-
Method Detail
-
attestationOptions
public java.lang.String attestationOptions(java.lang.String optionsString) throws java.io.IOException
Given a set of attestation options, generate an attestation request from the FIDO Server. The options in this request can be overridden by the Mediator.- Parameters:
options
- Stringified JSON object containing the requested attestation options- Returns:
- String Stringified JSONObject of Server generated attestation request which can be consumed by a FIDO2 Client
- Throws:
java.io.IOException
-
attestationResult
public java.lang.String attestationResult(java.lang.String attestationString) throws java.io.IOException
Validate a attestation response against a configured FIDO Server. If the attestation is valid an registration is generated and the details are returned as JSON. If the attestation is unsuccessful then an error message is returned containing the reason the attestation failed.- Parameters:
attestation
- Stringified JSON object containing the attestation result generated by the client/token- Returns:
- String Stringified JSONObject containing registration details if successful or an error code/message if unsuccessful
- Throws:
java.io.IOException
-
assertionOptions
public java.lang.String assertionOptions(java.lang.String optionsString) throws java.io.IOException, FIDO2Exception
Given a set of assertion options, generate an assertion request from the FIDO Server. The options in this request can be overridden by the Mediator.- Parameters:
options
- Stringified JSON object containing the requested assertion options. This may be overwritten by a Mediator.- Returns:
- String Stringified JSONObject containing Server generated assertion request which can be consumed by a FIDO2 Client
- Throws:
java.io.IOException
FIDO2Exception
-
assertionResult
public java.lang.String assertionResult(java.lang.String assertionString) throws java.io.IOException
Validate an assertion response against the configured FIDO Server. If the assertion is valid then the user's credentials are updated and a success JSON response is returned to the user. If the assertion is not valid, then an error message containing the reason for the failure is returned.- Parameters:
assertion
- Stringified JSON object containing the assertion result generated by the client/token- Returns:
- String Stringified JSONObject containing registration details if successful or an error code/message if unsuccessful
- Throws:
java.io.IOException
-
getRpConfigId
public static java.lang.String getRpConfigId(java.lang.String rpId)
Fetch the configuration ID of the Relying Party with the given Relying Party ID (rpId).
The configuration ID is required to invoke the FIDO server endpoints, which are of the format:https://<host>/<aac_junction>/sps/fido2/<config_id>/attestation/options https://<host>/<aac_junction>/sps/fido2/<config_id>/attestation/result https://<host>/<aac_junction>/sps/fido2/<config_id>/assertion/options https://<host>/<aac_junction>/sps/fido2/<config_id>/assertion/result
- Parameters:
rpId
- the Relying Party ID, which is a valid domain string that identifies the WebAuthn Relying Party.- Returns:
- the configuration ID
-
-