Package com.tivoli.am.fim.fido.server

Class LocalFIDOClient

java.lang.Object
com.tivoli.am.fim.fido.server.LocalFIDOClient
public class LocalFIDOClient extends Object
LocalFIDOClient provides API to InfoMap and Java Extensions to make calls to a FIDO2 Relying Party without having to use a TCP Socket to call the runtime.

  • Method Details

    • attestationOptions

      public String attestationOptions(String optionsString) throws IOException
      Given a set of attestation options, generate an attestation request from the FIDO Server. The options in this request can be overridden by the Mediator.
      Parameters:
      options - Stringified JSON object containing the requested attestation options
      Returns:
      String Stringified JSONObject of Server generated attestation request which can be consumed by a FIDO2 Client
      Throws:
      IOException

    • attestationResult

      public String attestationResult(String attestationString) throws IOException
      Validate a attestation response against a configured FIDO Server. If the attestation is valid an registration is generated and the details are returned as JSON. If the attestation is unsuccessful then an error message is returned containing the reason the attestation failed.
      Parameters:
      attestation - Stringified JSON object containing the attestation result generated by the client/token
      Returns:
      String Stringified JSONObject containing registration details if successful or an error code/message if unsuccessful
      Throws:
      IOException

    • assertionOptions

      public String assertionOptions(String optionsString) throws IOException, FIDO2Exception
      Given a set of assertion options, generate an assertion request from the FIDO Server. The options in this request can be overridden by the Mediator.
      Parameters:
      options - Stringified JSON object containing the requested assertion options. This may be overwritten by a Mediator.
      Returns:
      String Stringified JSONObject containing Server generated assertion request which can be consumed by a FIDO2 Client
      Throws:
      IOException
      FIDO2Exception

    • assertionResult

      public String assertionResult(String assertionString) throws IOException
      Validate an assertion response against the configured FIDO Server. If the assertion is valid then the user's credentials are updated and a success JSON response is returned to the user. If the assertion is not valid, then an error message containing the reason for the failure is returned.
      Parameters:
      assertion - Stringified JSON object containing the assertion result generated by the client/token
      Returns:
      String Stringified JSONObject containing registration details if successful or an error code/message if unsuccessful
      Throws:
      IOException

    • getRpConfigId

      public static String getRpConfigId(String rpId)
      Fetch the configuration ID of the Relying Party with the given Relying Party ID (rpId).

      The configuration ID is required to invoke the FIDO server endpoints, which are of the format: 
       https://<host>/<aac_junction>/sps/fido2/<config_id>/attestation/options
 https://<host>/<aac_junction>/sps/fido2/<config_id>/attestation/result
 https://<host>/<aac_junction>/sps/fido2/<config_id>/assertion/options
 https://<host>/<aac_junction>/sps/fido2/<config_id>/assertion/result
      Parameters:
      rpId - the Relying Party ID, which is a valid domain string that identifies the WebAuthn Relying Party.
      Returns:
      the configuration ID