Skip to content

Commit

Permalink
Refactor userName to usernachange and change POST to GET request on R…
Browse files Browse the repository at this point in the history
…EGISTER_CHALLENGE_OPTIONS_URL endpoint

For more info about these changes see quarkusio/quarkus#45132
  • Loading branch information
jedla97 authored and michalvavrik committed Dec 18, 2024
1 parent 4c57577 commit 4fd8b77
Show file tree
Hide file tree
Showing 5 changed files with 30 additions and 31 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -13,12 +13,12 @@
public class User extends PanacheEntity {

@Column(unique = true)
public String userName;
public String username;

@OneToOne(mappedBy = "user")
public WebAuthnCredential webAuthnCredential;

public static Uni<User> findByUserName(String userName) {
return find("userName", userName).firstResult();
public static Uni<User> findByUsername(String username) {
return find("username", username).firstResult();
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -55,11 +55,11 @@ public WebAuthnCredential(WebAuthnCredentialRecord credentialRecord, User user)
public WebAuthnCredentialRecord toWebAuthnCredentialRecord() {
return WebAuthnCredentialRecord
.fromRequiredPersistedData(
new RequiredPersistedData(user.userName, credID, aaguid, publicKey, publicKeyAlgorithm, counter));
new RequiredPersistedData(user.username, credID, aaguid, publicKey, publicKeyAlgorithm, counter));
}

public static Uni<List<WebAuthnCredential>> findByUserName(String userName) {
return list("user.userName", userName);
public static Uni<List<WebAuthnCredential>> findByUsername(String username) {
return list("user.username", username);
}

public static Uni<WebAuthnCredential> findByCredentialId(String credID) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,8 @@ public class MyWebAuthnSetup implements WebAuthnUserProvider {

@WithTransaction
@Override
public Uni<List<WebAuthnCredentialRecord>> findByUserName(String userName) {
return WebAuthnCredential.findByUserName(userName)
public Uni<List<WebAuthnCredentialRecord>> findByUsername(String username) {
return WebAuthnCredential.findByUsername(username)
.map(list -> list.stream().map(WebAuthnCredential::toWebAuthnCredentialRecord).toList());
}

Expand All @@ -36,7 +36,7 @@ public Uni<WebAuthnCredentialRecord> findByCredentialId(String credentialId) {
@Override
public Uni<Void> store(WebAuthnCredentialRecord credentialRecord) {
User newUser = new User();
newUser.userName = credentialRecord.getUserName();
newUser.username = credentialRecord.getUsername();
WebAuthnCredential credential = new WebAuthnCredential(credentialRecord, newUser);
return credential.persist()
.flatMap(c -> newUser.persist())
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -58,14 +58,14 @@ <h1>Status</h1>
<div class="item">
<h1>Login</h1>
<p>
<input id="userNameLogin" placeholder="User name"/><br/>
<input id="usernameLogin" placeholder="User name"/><br/>
<button id="login">Login</button>
</p>
</div>
<div class="item">
<h1>Register</h1>
<p>
<input id="userNameRegister" placeholder="User name"/><br/>
<input id="usernameRegister" placeholder="User name"/><br/>
<input id="firstName" placeholder="First name"/><br/>
<input id="lastName" placeholder="Last name"/><br/>
<button id="register">Register</button>
Expand All @@ -88,11 +88,11 @@ <h1>Register</h1>
const loginButton = document.getElementById('login');

loginButton.onclick = () => {
var userName = document.getElementById('userNameLogin').value;
var username = document.getElementById('usernameLogin').value;
result.replaceChildren();
webAuthn.login({ name: userName })
webAuthn.login({ name: username })
.then(body => {
result.append("User: "+userName);
result.append("User: "+username);
})
.catch(err => {
result.append("Login failed: "+err);
Expand All @@ -103,13 +103,13 @@ <h1>Register</h1>
const registerButton = document.getElementById('register');

registerButton.onclick = () => {
var userName = document.getElementById('userNameRegister').value;
var username = document.getElementById('usernameRegister').value;
var firstName = document.getElementById('firstName').value;
var lastName = document.getElementById('lastName').value;
result.replaceChildren();
webAuthn.register({ name: userName, displayName: firstName + " " + lastName })
webAuthn.register({ name: username, displayName: firstName + " " + lastName })
.then(body => {
result.append("User: "+userName);
result.append("User: "+username);
})
.catch(err => {
result.append("Registration failed: "+err);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -111,13 +111,13 @@ public void testRegisterWebAuthnUser() {

@Test
@Order(6)
public void testRegisterSameUserName() {
public void testRegisterSameUsername() {
MyWebAuthnHardware myWebAuthnHardware = new MyWebAuthnHardware(url);
String challenge = getRegistrationChallenge(USERNAME, cookieFilter);
JsonObject registrationJson = myWebAuthnHardware.makeRegistrationJson(challenge);
ExtractableResponse<Response> response = RestAssured
.given()
.queryParam("userName", USERNAME)
.queryParam("username", USERNAME)
.body(registrationJson.encode())
.filter(cookieFilter)
.contentType(ContentType.JSON)
Expand All @@ -136,11 +136,11 @@ public void testRegisterSameUserName() {
@Test
@Order(7)
public void testFailLoginWithFakeRegisterUser() {
String newUserName = "Kipchoge";
String newUsername = "Kipchoge";
ExtractableResponse<Response> response = given().filter(cookieFilter)
.contentType(ContentType.JSON)
.body("{\"name\": \"" + newUserName + "\"}")
.post(REGISTER_CHALLENGE_OPTIONS_URL)
.queryParam("username", newUsername)
.get(REGISTER_CHALLENGE_OPTIONS_URL)
.then()
.statusCode(is(200)).extract();

Expand All @@ -157,10 +157,10 @@ public void testFailLoginWithFakeRegisterUser() {
.statusCode(404);
}

public static void invokeRegisteration(String userName, JsonObject registration, Filter cookieFilter) {
public static void invokeRegisteration(String username, JsonObject registration, Filter cookieFilter) {
RestAssured
.given()
.queryParam("userName", userName)
.queryParam("username", username)
.body(registration.encode())
.filter(cookieFilter)
.contentType(ContentType.JSON)
Expand All @@ -174,13 +174,12 @@ public static void invokeRegisteration(String userName, JsonObject registration,

}

public static String getRegistrationChallenge(String userName, Filter cookieFilter) {
JsonObject registerJson = new JsonObject().put("name", userName);
public static String getRegistrationChallenge(String username, Filter cookieFilter) {
ExtractableResponse<Response> response = given()
.body(registerJson.encode())
.contentType(ContentType.JSON)
.filter(cookieFilter)
.post(REGISTER_CHALLENGE_OPTIONS_URL)
.queryParam("username", username)
.get(REGISTER_CHALLENGE_OPTIONS_URL)
.then()
.statusCode(200)
.cookie("_quarkus_webauthn_challenge", Matchers.notNullValue()).extract();
Expand All @@ -190,7 +189,7 @@ public static String getRegistrationChallenge(String userName, Filter cookieFilt
return challenge;
}

private void verifyLoggedIn(Filter cookieFilter, String userName, User user) {
private void verifyLoggedIn(Filter cookieFilter, String username, User user) {

// public API still good
given().filter(cookieFilter)
Expand All @@ -203,14 +202,14 @@ private void verifyLoggedIn(Filter cookieFilter, String userName, User user) {
.get(PUBLIC_ME_API_URL)
.then()
.statusCode(200)
.body(Matchers.is(userName));
.body(Matchers.is(username));

// user API accessible
given().filter(cookieFilter)
.get(USER_API_URL)
.then()
.statusCode(200)
.body(Matchers.is(userName));
.body(Matchers.is(username));

//admin API
if (user == User.ADMIN) {
Expand Down

0 comments on commit 4fd8b77

Please sign in to comment.