Class WebAuthnRegistrationFilter
java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.web.filter.OncePerRequestFilter
org.springframework.security.web.webauthn.registration.WebAuthnRegistrationFilter
- All Implemented Interfaces:
jakarta.servlet.Filter
,org.springframework.beans.factory.Aware
,org.springframework.beans.factory.BeanNameAware
,org.springframework.beans.factory.DisposableBean
,org.springframework.beans.factory.InitializingBean
,org.springframework.context.EnvironmentAware
,org.springframework.core.env.EnvironmentCapable
,org.springframework.web.context.ServletContextAware
public class WebAuthnRegistrationFilter
extends org.springframework.web.filter.OncePerRequestFilter
Authenticates
PublicKeyCredential<AuthenticatorAssertionResponse>
that is
parsed from the body of the HttpServletRequest
using the
setConverter(HttpMessageConverter)
. An example request is provided below:
{ "publicKey": { "credential": { "id": "dYF7EGnRFFIXkpXi9XU2wg", "rawId": "dYF7EGnRFFIXkpXi9XU2wg", "response": { "attestationObject": "o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YViUy9GqwTRaMpzVDbXq1dyEAXVOxrou08k22ggRC45MKNhdAAAAALraVWanqkAfvZZFYZpVEg0AEHWBexBp0RRSF5KV4vV1NsKlAQIDJiABIVggQjmrekPGzyqtoKK9HPUH-8Z2FLpoqkklFpFPQVICQ3IiWCD6I9Jvmor685fOZOyGXqUd87tXfvJk8rxj9OhuZvUALA", "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiSl9RTi10SFJYRWVKYjlNcUNrWmFPLUdOVmlibXpGVGVWMk43Z0ptQUdrQSIsIm9yaWdpbiI6Imh0dHBzOi8vZXhhbXBsZS5sb2NhbGhvc3Q6ODQ0MyIsImNyb3NzT3JpZ2luIjpmYWxzZX0", "transports": [ "internal", "hybrid" ] }, "type": "public-key", "clientExtensionResults": {}, "authenticatorAttachment": "platform" }, "label": "1password" }
- Since:
- 6.4
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic class
-
Field Summary
Fields inherited from class org.springframework.web.filter.OncePerRequestFilter
ALREADY_FILTERED_SUFFIX
-
Constructor Summary
ConstructorsConstructorDescriptionWebAuthnRegistrationFilter
(UserCredentialRepository userCredentials, WebAuthnRelyingPartyOperations rpOptions) -
Method Summary
Modifier and TypeMethodDescriptionprotected void
doFilterInternal
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) void
setConverter
(org.springframework.http.converter.HttpMessageConverter<Object> converter) Set theHttpMessageConverter
to read theWebAuthnRegistrationFilter.WebAuthnRegistrationRequest
and write the response.void
setCreationOptionsRepository
(PublicKeyCredentialCreationOptionsRepository creationOptionsRepository) Sets thePublicKeyCredentialCreationOptionsRepository
to use.Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch
Methods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext
-
Constructor Details
-
WebAuthnRegistrationFilter
public WebAuthnRegistrationFilter(UserCredentialRepository userCredentials, WebAuthnRelyingPartyOperations rpOptions)
-
-
Method Details
-
doFilterInternal
protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) throws jakarta.servlet.ServletException, IOException - Specified by:
doFilterInternal
in classorg.springframework.web.filter.OncePerRequestFilter
- Throws:
jakarta.servlet.ServletException
IOException
-
setConverter
Set theHttpMessageConverter
to read theWebAuthnRegistrationFilter.WebAuthnRegistrationRequest
and write the response. The default isMappingJackson2HttpMessageConverter
.- Parameters:
converter
- theHttpMessageConverter
to use. Cannot be null.
-
setCreationOptionsRepository
public void setCreationOptionsRepository(PublicKeyCredentialCreationOptionsRepository creationOptionsRepository) Sets thePublicKeyCredentialCreationOptionsRepository
to use. The default isHttpSessionPublicKeyCredentialCreationOptionsRepository
.- Parameters:
creationOptionsRepository
- thePublicKeyCredentialCreationOptionsRepository
to use. Cannot be null.
-