47 implement token enrollment via validatecheck (#52)

* Update challenge and consts with image

* implement imgs

* Update the tests

* Update WebAuthn.java

* Update PIResponse.java

* Make possible to get the challenge's image

* Update TestWebAuthn.java

* Update TestU2F.java

* Update tests

* Update JSONParser.java

* rm redundant function

* Update pom.xml

* get the image from each challenge

* Test to get the image

* Update TestWebAuthn.java

* update tests

* parse the client_mode

* optimize imports

Author: lukasmatusiewicz

pom.xml

@@ -23,7 +23,6 @@
                     <skipTests>false</skipTests>
                 </configuration>
             </plugin>
-
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-shade-plugin</artifactId>
@@ -45,7 +44,6 @@
                     </execution>
                 </executions>
             </plugin>
-
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
@@ -55,7 +53,6 @@
                     <target>1.8</target>
                 </configuration>
             </plugin>
-
             <plugin>
                 <groupId>org.jacoco</groupId>
                 <artifactId>jacoco-maven-plugin</artifactId>
@@ -86,26 +83,22 @@
             <version>4.13.2</version>
             <scope>test</scope>
         </dependency>
-
         <dependency>
             <groupId>com.squareup.okhttp3</groupId>
             <artifactId>okhttp</artifactId>
             <version>4.10.0</version>
         </dependency>
-
         <dependency>
             <groupId>com.google.code.gson</groupId>
             <artifactId>gson</artifactId>
-            <version>2.10</version>
+            <version>2.10.1</version>
         </dependency>
-
         <dependency>
             <groupId>org.mock-server</groupId>
             <artifactId>mockserver-netty-no-dependencies</artifactId>
             <version>5.14.0</version>
             <scope>test</scope>
         </dependency>
-
         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-simple</artifactId>

src/main/java/org/privacyidea/Challenge.java

@@ -22,15 +22,17 @@ public class Challenge
 {
     private final List<String> attributes = new ArrayList<>();
     private final String serial;
+    private final String client_mode;
     private final String message;
-    private final String image;
     private final String transaction_id;
     private final String type;
+    private final String image;
 
-    public Challenge(String serial, String message, String image, String transaction_id, String type)
+    public Challenge(String serial, String message, String client_mode, String image, String transaction_id, String type)
     {
         this.serial = serial;
         this.message = message;
+        this.client_mode = client_mode;
         this.image = image;
         this.transaction_id = transaction_id;
         this.type = type;
@@ -50,6 +52,7 @@ public String getMessage()
     {
         return message;
     }
+    public String getClientMode() { return client_mode; }
 
     public String getImage() { return image.replaceAll("\"", ""); }
 

src/main/java/org/privacyidea/Endpoint.java

@@ -26,14 +26,11 @@
 import javax.net.ssl.SSLSocketFactory;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.X509TrustManager;
-
-import okhttp3.Call;
 import okhttp3.Callback;
 import okhttp3.FormBody;
 import okhttp3.HttpUrl;
 import okhttp3.OkHttpClient;
 import okhttp3.Request;
-import okhttp3.internal.connection.RealCall;
 
 import static org.privacyidea.PIConstants.GET;
 import static org.privacyidea.PIConstants.HEADER_USER_AGENT;

src/main/java/org/privacyidea/JSONParser.java

@@ -12,20 +12,19 @@
 import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Map;
-import java.util.Objects;
 
 import static org.privacyidea.PIConstants.ASSERTIONCLIENTEXTENSIONS;
 import static org.privacyidea.PIConstants.ATTRIBUTES;
 import static org.privacyidea.PIConstants.AUTHENTICATION;
 import static org.privacyidea.PIConstants.AUTHENTICATORDATA;
 import static org.privacyidea.PIConstants.CLIENTDATA;
+import static org.privacyidea.PIConstants.CLIENT_MODE;
 import static org.privacyidea.PIConstants.CODE;
 import static org.privacyidea.PIConstants.CREDENTIALID;
 import static org.privacyidea.PIConstants.DETAIL;
 import static org.privacyidea.PIConstants.ERROR;
 import static org.privacyidea.PIConstants.ID;
 import static org.privacyidea.PIConstants.IMAGE;
-import static org.privacyidea.PIConstants.IMG;
 import static org.privacyidea.PIConstants.INFO;
 import static org.privacyidea.PIConstants.JSONRPC;
 import static org.privacyidea.PIConstants.MAXFAIL;
@@ -229,23 +228,24 @@ else if ("interactive".equals(modeFromResponse))
                                                         .getAsJsonObject();
                     String serial = getString(challenge, SERIAL);
                     String message = getString(challenge, MESSAGE);
-                    String image = getItemFromAttributes(IMG, challenge).replaceAll("\"", "");
+                    String clientmode = getString(challenge, CLIENT_MODE);
+                    String image = getString (challenge, IMAGE);
                     String transactionid = getString(challenge, TRANSACTION_ID);
                     String type = getString(challenge, TYPE);
 
                     if (TOKEN_TYPE_WEBAUTHN.equals(type))
                     {
                         String webAuthnSignRequest = getItemFromAttributes(WEBAUTHN_SIGN_REQUEST, challenge);
-                        response.multichallenge.add(new WebAuthn(serial, message, image, transactionid, webAuthnSignRequest));
+                        response.multichallenge.add(new WebAuthn(serial, message, clientmode, image, transactionid, webAuthnSignRequest));
                     }
                     else if (TOKEN_TYPE_U2F.equals(type))
                     {
                         String u2fSignRequest = getItemFromAttributes(U2F_SIGN_REQUEST, challenge);
-                        response.multichallenge.add(new U2F(serial, message, image, transactionid, u2fSignRequest));
+                        response.multichallenge.add(new U2F(serial, message, clientmode, image, transactionid, u2fSignRequest));
                     }
                     else
                     {
-                        response.multichallenge.add(new Challenge(serial, message, image, transactionid, type));
+                        response.multichallenge.add(new Challenge(serial, message, clientmode, image, transactionid, type));
                     }
                 }
             }

src/main/java/org/privacyidea/PIConfig.java

@@ -15,9 +15,6 @@
  */
 package org.privacyidea;
 
-import java.util.ArrayList;
-import java.util.List;
-
 class PIConfig
 {
     String serverURL = "";

src/main/java/org/privacyidea/PIConstants.java

@@ -64,8 +64,8 @@ private PIConstants()
     public static final String TOKEN = "token";
     public static final String PREFERRED_CLIENT_MODE = "preferred_client_mode";
     public static final String MESSAGE = "message";
+    public static final String CLIENT_MODE = "client_mode";
     public static final String IMAGE = "image";
-    public static final String IMG = "img";
     public static final String MESSAGES = "messages";
     public static final String MULTI_CHALLENGE = "multi_challenge";
     public static final String ATTRIBUTES = "attributes";

src/main/java/org/privacyidea/PIResponse.java

@@ -107,14 +107,6 @@ public List<String> triggeredTokenTypes()
                              .collect(Collectors.toList());
     }
 
-    /**
-     * @return a list of challenges that were triggered or an empty list if none were triggered
-     */
-    public List<Challenge> multiChallenge()
-    {
-        return multichallenge;
-    }
-
     /**
      * Get all WebAuthn challenges from the multi_challenge.
      *

src/main/java/org/privacyidea/PrivacyIDEA.java

@@ -44,7 +44,6 @@
 import static org.privacyidea.PIConstants.POST;
 import static org.privacyidea.PIConstants.REALM;
 import static org.privacyidea.PIConstants.SERIAL;
-import static org.privacyidea.PIConstants.IMAGE;
 import static org.privacyidea.PIConstants.TRANSACTION_ID;
 import static org.privacyidea.PIConstants.TYPE;
 import static org.privacyidea.PIConstants.USER;

src/main/java/org/privacyidea/U2F.java

@@ -19,9 +19,9 @@ public class U2F extends Challenge
 {
     private final String signRequest;
 
-    public U2F(String serial, String message, String image, String transaction_id, String signRequest)
+    public U2F(String serial, String message, String client_mode, String image, String transaction_id, String signRequest)
     {
-        super(serial, message, image, transaction_id, PIConstants.TOKEN_TYPE_U2F);
+        super(serial, message, client_mode, image, transaction_id, PIConstants.TOKEN_TYPE_U2F);
         this.signRequest = signRequest;
     }
 

src/main/java/org/privacyidea/WebAuthn.java

@@ -15,16 +15,13 @@
  */
 package org.privacyidea;
 
-import java.util.Collections;
-import java.util.Map;
-
 public class WebAuthn extends Challenge
 {
     private final String signRequest;
 
-    public WebAuthn(String serial, String message, String image, String transaction_id, String signRequest)
+    public WebAuthn(String serial, String message, String client_mode, String image, String transaction_id, String signRequest)
     {
-        super(serial, message, image, transaction_id, PIConstants.TOKEN_TYPE_WEBAUTHN);
+        super(serial, message, client_mode, image, transaction_id, PIConstants.TOKEN_TYPE_WEBAUTHN);
         this.signRequest = signRequest;
     }