diff --git a/webauthn/src/main/java/org/springframework/security/web/webauthn/api/ImmutableCredentialRecord.java b/webauthn/src/main/java/org/springframework/security/web/webauthn/api/ImmutableCredentialRecord.java index 3358d8e4a6..eb51de8762 100644 --- a/webauthn/src/main/java/org/springframework/security/web/webauthn/api/ImmutableCredentialRecord.java +++ b/webauthn/src/main/java/org/springframework/security/web/webauthn/api/ImmutableCredentialRecord.java @@ -60,7 +60,8 @@ public final class ImmutableCredentialRecord implements CredentialRecord { private ImmutableCredentialRecord(@Nullable PublicKeyCredentialType credentialType, Bytes credentialId, Bytes userEntityUserId, PublicKeyCose publicKey, long signatureCount, boolean uvInitialized, Set transports, boolean backupEligible, boolean backupState, - @Nullable Bytes attestationObject, @Nullable Bytes attestationClientDataJSON, Instant created, Instant lastUsed, String label) { + @Nullable Bytes attestationObject, @Nullable Bytes attestationClientDataJSON, Instant created, + Instant lastUsed, String label) { this.credentialType = credentialType; this.credentialId = credentialId; this.userEntityUserId = userEntityUserId; diff --git a/webauthn/src/main/java/org/springframework/security/web/webauthn/authentication/PublicKeyCredentialRequestOptionsRepository.java b/webauthn/src/main/java/org/springframework/security/web/webauthn/authentication/PublicKeyCredentialRequestOptionsRepository.java index cd91b69fd6..d156845d2b 100644 --- a/webauthn/src/main/java/org/springframework/security/web/webauthn/authentication/PublicKeyCredentialRequestOptionsRepository.java +++ b/webauthn/src/main/java/org/springframework/security/web/webauthn/authentication/PublicKeyCredentialRequestOptionsRepository.java @@ -39,7 +39,8 @@ public interface PublicKeyCredentialRequestOptionsRepository { * @param options the {@link PublicKeyCredentialRequestOptions} to save or null if an * existing {@link PublicKeyCredentialRequestOptions} should be removed. */ - void save(HttpServletRequest request, HttpServletResponse response, @Nullable PublicKeyCredentialRequestOptions options); + void save(HttpServletRequest request, HttpServletResponse response, + @Nullable PublicKeyCredentialRequestOptions options); /** * Gets a saved {@link PublicKeyCredentialRequestOptions} if it exists, otherwise diff --git a/webauthn/src/main/java/org/springframework/security/web/webauthn/management/RelyingPartyRegistrationRequest.java b/webauthn/src/main/java/org/springframework/security/web/webauthn/management/RelyingPartyRegistrationRequest.java index 2229ffa8b2..363ca0a0eb 100644 --- a/webauthn/src/main/java/org/springframework/security/web/webauthn/management/RelyingPartyRegistrationRequest.java +++ b/webauthn/src/main/java/org/springframework/security/web/webauthn/management/RelyingPartyRegistrationRequest.java @@ -16,8 +16,6 @@ package org.springframework.security.web.webauthn.management; -import org.jspecify.annotations.Nullable; - import org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions; /** diff --git a/webauthn/src/main/java/org/springframework/security/web/webauthn/management/WebAuthnRelyingPartyOperations.java b/webauthn/src/main/java/org/springframework/security/web/webauthn/management/WebAuthnRelyingPartyOperations.java index fda3ddf560..0e8222dbd9 100644 --- a/webauthn/src/main/java/org/springframework/security/web/webauthn/management/WebAuthnRelyingPartyOperations.java +++ b/webauthn/src/main/java/org/springframework/security/web/webauthn/management/WebAuthnRelyingPartyOperations.java @@ -16,8 +16,6 @@ package org.springframework.security.web.webauthn.management; -import org.jspecify.annotations.Nullable; - import org.springframework.security.core.Authentication; import org.springframework.security.web.webauthn.api.CredentialRecord; import org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions; diff --git a/webauthn/src/main/java/org/springframework/security/web/webauthn/management/Webauthn4JRelyingPartyOperations.java b/webauthn/src/main/java/org/springframework/security/web/webauthn/management/Webauthn4JRelyingPartyOperations.java index f476bee8e5..19d52b6b23 100644 --- a/webauthn/src/main/java/org/springframework/security/web/webauthn/management/Webauthn4JRelyingPartyOperations.java +++ b/webauthn/src/main/java/org/springframework/security/web/webauthn/management/Webauthn4JRelyingPartyOperations.java @@ -375,14 +375,15 @@ public class Webauthn4JRelyingPartyOperations implements WebAuthnRelyingPartyOpe CborConverter cborConverter = this.objectConverter.getCborConverter(); Bytes attestationObject = credentialRecord.getAttestationObject(); Assert.notNull(attestationObject, "attestationObject cannot be null"); - AttestationObject wa4jAttestationObject = cborConverter - .readValue(attestationObject.getBytes(), AttestationObject.class); + AttestationObject wa4jAttestationObject = cborConverter.readValue(attestationObject.getBytes(), + AttestationObject.class); Assert.notNull(wa4jAttestationObject, "attestationObject cannot be null"); - AuthenticatorData wa4jAuthData = wa4jAttestationObject.getAuthenticatorData(); + AuthenticatorData wa4jAuthData = wa4jAttestationObject + .getAuthenticatorData(); AttestedCredentialData wa4jCredData = wa4jAuthData.getAttestedCredentialData(); Assert.notNull(wa4jCredData, "attestedCredentialData cannot be null"); - AttestedCredentialData data = new AttestedCredentialData(wa4jCredData.getAaguid(), - keyId.getBytes(), wa4jCredData.getCOSEKey()); + AttestedCredentialData data = new AttestedCredentialData(wa4jCredData.getAaguid(), keyId.getBytes(), + wa4jCredData.getCOSEKey()); Authenticator authenticator = new AuthenticatorImpl(data, wa4jAttestationObject.getAttestationStatement(), credentialRecord.getSignatureCount()); @@ -392,8 +393,7 @@ public class Webauthn4JRelyingPartyOperations implements WebAuthnRelyingPartyOpe byte[] tokenBindingId = null /* set tokenBindingId */; String rpId = requestOptions.getRpId(); Assert.notNull(rpId, "rpId cannot be null"); - ServerProperty serverProperty = new ServerProperty(origins, rpId, challenge, - tokenBindingId); + ServerProperty serverProperty = new ServerProperty(origins, rpId, challenge, tokenBindingId); boolean userVerificationRequired = request.getRequestOptions() .getUserVerification() == UserVerificationRequirement.REQUIRED; @@ -406,7 +406,8 @@ public class Webauthn4JRelyingPartyOperations implements WebAuthnRelyingPartyOpe AuthenticationData wa4jAuthenticationData = this.webAuthnManager.validate(authenticationRequest, authenticationParameters); - AuthenticatorData wa4jValidatedAuthData = wa4jAuthenticationData.getAuthenticatorData(); + AuthenticatorData wa4jValidatedAuthData = wa4jAuthenticationData + .getAuthenticatorData(); Assert.notNull(wa4jValidatedAuthData, "authenticatorData cannot be null"); long updatedSignCount = wa4jValidatedAuthData.getSignCount(); ImmutableCredentialRecord updatedRecord = ImmutableCredentialRecord.fromCredentialRecord(credentialRecord) @@ -415,10 +416,10 @@ public class Webauthn4JRelyingPartyOperations implements WebAuthnRelyingPartyOpe .build(); this.userCredentials.save(updatedRecord); - PublicKeyCredentialUserEntity userEntity = this.userEntities.findById( - credentialRecord.getUserEntityUserId()); + PublicKeyCredentialUserEntity userEntity = this.userEntities.findById(credentialRecord.getUserEntityUserId()); if (userEntity == null) { - throw new IllegalArgumentException("Unable to find UserEntity with id " + credentialRecord.getUserEntityUserId() + " for " + request); + throw new IllegalArgumentException( + "Unable to find UserEntity with id " + credentialRecord.getUserEntityUserId() + " for " + request); } return userEntity; } diff --git a/webauthn/src/main/java/org/springframework/security/web/webauthn/registration/HttpSessionPublicKeyCredentialCreationOptionsRepository.java b/webauthn/src/main/java/org/springframework/security/web/webauthn/registration/HttpSessionPublicKeyCredentialCreationOptionsRepository.java index 6ee8d66d3d..7a14bc91a9 100644 --- a/webauthn/src/main/java/org/springframework/security/web/webauthn/registration/HttpSessionPublicKeyCredentialCreationOptionsRepository.java +++ b/webauthn/src/main/java/org/springframework/security/web/webauthn/registration/HttpSessionPublicKeyCredentialCreationOptionsRepository.java @@ -22,7 +22,6 @@ import jakarta.servlet.http.HttpSession; import org.jspecify.annotations.Nullable; import org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions; -import org.springframework.security.web.webauthn.api.PublicKeyCredentialRequestOptions; import org.springframework.util.Assert; public class HttpSessionPublicKeyCredentialCreationOptionsRepository @@ -38,7 +37,6 @@ public class HttpSessionPublicKeyCredentialCreationOptionsRepository request.getSession().setAttribute(this.attrName, options); } - public @Nullable PublicKeyCredentialCreationOptions load(HttpServletRequest request) { HttpSession session = request.getSession(false); if (session == null) { diff --git a/webauthn/src/main/java/org/springframework/security/web/webauthn/registration/PublicKeyCredentialCreationOptionsRepository.java b/webauthn/src/main/java/org/springframework/security/web/webauthn/registration/PublicKeyCredentialCreationOptionsRepository.java index 5165e55010..1a45afeff3 100644 --- a/webauthn/src/main/java/org/springframework/security/web/webauthn/registration/PublicKeyCredentialCreationOptionsRepository.java +++ b/webauthn/src/main/java/org/springframework/security/web/webauthn/registration/PublicKeyCredentialCreationOptionsRepository.java @@ -39,7 +39,8 @@ public interface PublicKeyCredentialCreationOptionsRepository { * @param options the {@link PublicKeyCredentialCreationOptions} to save or null if an * existing {@link PublicKeyCredentialCreationOptions} should be removed. */ - void save(HttpServletRequest request, HttpServletResponse response, @Nullable PublicKeyCredentialCreationOptions options); + void save(HttpServletRequest request, HttpServletResponse response, + @Nullable PublicKeyCredentialCreationOptions options); /** * Gets a saved {@link PublicKeyCredentialCreationOptions} if it exists, otherwise