Package org.springframework.security.web.webauthn.registration

Class WebAuthnRegistrationFilter

java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.web.filter.OncePerRequestFilter
org.springframework.security.web.webauthn.registration.WebAuthnRegistrationFilter
All Implemented Interfaces:
jakarta.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware
public class WebAuthnRegistrationFilter extends org.springframework.web.filter.OncePerRequestFilter
Authenticates PublicKeyCredential<AuthenticatorAssertionResponse> that is parsed from the body of the HttpServletRequest using the setConverter(HttpMessageConverter). An example request is provided below: 
 {
        "publicKey": {
                "credential": {
                        "id": "dYF7EGnRFFIXkpXi9XU2wg",
                        "rawId": "dYF7EGnRFFIXkpXi9XU2wg",
                        "response": {
                                "attestationObject": "o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YViUy9GqwTRaMpzVDbXq1dyEAXVOxrou08k22ggRC45MKNhdAAAAALraVWanqkAfvZZFYZpVEg0AEHWBexBp0RRSF5KV4vV1NsKlAQIDJiABIVggQjmrekPGzyqtoKK9HPUH-8Z2FLpoqkklFpFPQVICQ3IiWCD6I9Jvmor685fOZOyGXqUd87tXfvJk8rxj9OhuZvUALA",
                                "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiSl9RTi10SFJYRWVKYjlNcUNrWmFPLUdOVmlibXpGVGVWMk43Z0ptQUdrQSIsIm9yaWdpbiI6Imh0dHBzOi8vZXhhbXBsZS5sb2NhbGhvc3Q6ODQ0MyIsImNyb3NzT3JpZ2luIjpmYWxzZX0",
                                "transports": [
                                        "internal",
                                        "hybrid"
                                ]
                        },
                        "type": "public-key",
                        "clientExtensionResults": {},
                        "authenticatorAttachment": "platform"
                },
                "label": "1password"
 }
Since:
6.4

  • Constructor Details

  • Method Details

    • setRegisterCredentialMatcher

      public void setRegisterCredentialMatcher(RequestMatcher registerCredentialMatcher)
      Sets the RequestMatcher to trigger this filter's the credential registration operation .

      By default, the RequestMatcher is POST /webauthn/register.

      Parameters:
      registerCredentialMatcher - the RequestMatcher to use
      Since:
      6.5

    • setRemoveCredentialMatcher

      public void setRemoveCredentialMatcher(RequestMatcher removeCredentialMatcher)
      Sets the RequestMatcher to trigger this filter's the credential removal operation .

      By default, the RequestMatcher is DELETE /webauthn/register/{id}.

      Parameters:
      removeCredentialMatcher - the RequestMatcher to use
      Since:
      6.5

    • doFilterInternal

      protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) throws jakarta.servlet.ServletException, IOException
      Specified by:
      doFilterInternal in class org.springframework.web.filter.OncePerRequestFilter
      Throws:
      jakarta.servlet.ServletException
      IOException

    • setConverter

      public void setConverter(org.springframework.http.converter.HttpMessageConverter<Object> converter)
      Set the HttpMessageConverter to read the WebAuthnRegistrationFilter.WebAuthnRegistrationRequest and write the response. The default is JacksonJsonHttpMessageConverter.
      Parameters:
      converter - the HttpMessageConverter to use. Cannot be null.

    • setCreationOptionsRepository

      public void setCreationOptionsRepository(PublicKeyCredentialCreationOptionsRepository creationOptionsRepository)
      Sets the PublicKeyCredentialCreationOptionsRepository to use. The default is HttpSessionPublicKeyCredentialCreationOptionsRepository.
      Parameters:
      creationOptionsRepository - the PublicKeyCredentialCreationOptionsRepository to use. Cannot be null.