Class WebAuthnRegistrationFilter
java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.web.filter.OncePerRequestFilter
org.springframework.security.web.webauthn.registration.WebAuthnRegistrationFilter
- All Implemented Interfaces:
jakarta.servlet.Filter
,org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanNameAware
,org.springframework.beans.factory.DisposableBean
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.EnvironmentAware
,org.springframework.core.env.EnvironmentCapable
,org.springframework.web.context.ServletContextAware
public class WebAuthnRegistrationFilter
extends org.springframework.web.filter.OncePerRequestFilter
Authenticates
PublicKeyCredential<AuthenticatorAssertionResponse>
that is
parsed from the body of the HttpServletRequest
using the
setConverter(HttpMessageConverter)
. An example request is provided below:
{ "publicKey": { "credential": { "id": "dYF7EGnRFFIXkpXi9XU2wg", "rawId": "dYF7EGnRFFIXkpXi9XU2wg", "response": { "attestationObject": "o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YViUy9GqwTRaMpzVDbXq1dyEAXVOxrou08k22ggRC45MKNhdAAAAALraVWanqkAfvZZFYZpVEg0AEHWBexBp0RRSF5KV4vV1NsKlAQIDJiABIVggQjmrekPGzyqtoKK9HPUH-8Z2FLpoqkklFpFPQVICQ3IiWCD6I9Jvmor685fOZOyGXqUd87tXfvJk8rxj9OhuZvUALA", "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiSl9RTi10SFJYRWVKYjlNcUNrWmFPLUdOVmlibXpGVGVWMk43Z0ptQUdrQSIsIm9yaWdpbiI6Imh0dHBzOi8vZXhhbXBsZS5sb2NhbGhvc3Q6ODQ0MyIsImNyb3NzT3JpZ2luIjpmYWxzZX0", "transports": [ "internal", "hybrid" ] }, "type": "public-key", "clientExtensionResults": {}, "authenticatorAttachment": "platform" }, "label": "1password" }
- Since:
- 6.4
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic class
-
Field Summary
Fields inherited from class org.springframework.web.filter.OncePerRequestFilter
ALREADY_FILTERED_SUFFIX
-
Constructor Summary
ConstructorsConstructorDescriptionWebAuthnRegistrationFilter
(UserCredentialRepository userCredentials, WebAuthnRelyingPartyOperations rpOptions) -
Method Summary
Modifier and TypeMethodDescriptionprotected void
doFilterInternal
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) void
setConverter
(org.springframework.http.converter.HttpMessageConverter<Object> converter) Set theHttpMessageConverter
to read theWebAuthnRegistrationFilter.WebAuthnRegistrationRequest
and write the response.void
setCreationOptionsRepository
(PublicKeyCredentialCreationOptionsRepository creationOptionsRepository) Sets thePublicKeyCredentialCreationOptionsRepository
to use.void
setRegisterCredentialMatcher
(RequestMatcher registerCredentialMatcher) Sets theRequestMatcher
to trigger this filter's the credential registration operation .void
setRemoveCredentialMatcher
(RequestMatcher removeCredentialMatcher) Sets theRequestMatcher
to trigger this filter's the credential removal operation .Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch
Methods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext
-
Constructor Details
-
WebAuthnRegistrationFilter
public WebAuthnRegistrationFilter(UserCredentialRepository userCredentials, WebAuthnRelyingPartyOperations rpOptions)
-
-
Method Details
-
setRegisterCredentialMatcher
Sets theRequestMatcher
to trigger this filter's the credential registration operation . By default, theRequestMatcher
isPOST /webauthn/register
.- Parameters:
registerCredentialMatcher
- theRequestMatcher
to use- Since:
- 6.5
-
setRemoveCredentialMatcher
Sets theRequestMatcher
to trigger this filter's the credential removal operation . By default, theRequestMatcher
isDELETE /webauthn/register/{id}
.- Parameters:
removeCredentialMatcher
- theRequestMatcher
to use- Since:
- 6.5
-
doFilterInternal
protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) throws jakarta.servlet.ServletException, IOException - Specified by:
doFilterInternal
in classorg.springframework.web.filter.OncePerRequestFilter
- Throws:
jakarta.servlet.ServletException
IOException
-
setConverter
Set theHttpMessageConverter
to read theWebAuthnRegistrationFilter.WebAuthnRegistrationRequest
and write the response. The default isMappingJackson2HttpMessageConverter
.- Parameters:
converter
- theHttpMessageConverter
to use. Cannot be null.
-
setCreationOptionsRepository
public void setCreationOptionsRepository(PublicKeyCredentialCreationOptionsRepository creationOptionsRepository) Sets thePublicKeyCredentialCreationOptionsRepository
to use. The default isHttpSessionPublicKeyCredentialCreationOptionsRepository
.- Parameters:
creationOptionsRepository
- thePublicKeyCredentialCreationOptionsRepository
to use. Cannot be null.
-