diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 896d161de9..4bd71d3cd8 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -102,7 +102,7 @@ org-sonarsource-scanner-gradle-sonarqube-gradle-plugin = "org.sonarsource.scanne org-instancio-instancio-junit = "org.instancio:instancio-junit:3.7.1" spring-nullability = 'io.spring.nullability:io.spring.nullability.gradle.plugin:0.0.11' -webauthn4j-core = 'com.webauthn4j:webauthn4j-core:0.29.7.RELEASE' +webauthn4j-core = 'com.webauthn4j:webauthn4j-core:0.31.0.RELEASE' com-password4j-password4j = { module = "com.password4j:password4j", version.ref = "com-password4j" } [plugins] diff --git a/webauthn/spring-security-webauthn.gradle b/webauthn/spring-security-webauthn.gradle index aed255eb01..11bb7f2a24 100644 --- a/webauthn/spring-security-webauthn.gradle +++ b/webauthn/spring-security-webauthn.gradle @@ -18,10 +18,12 @@ dependencies { optional 'org.springframework:spring-jdbc' optional 'org.springframework:spring-tx' optional 'tools.jackson.core:jackson-databind' + optional 'com.fasterxml.jackson.core:jackson-databind' provided 'jakarta.servlet:jakarta.servlet-api' testImplementation project(path: ':spring-security-core', configuration: 'tests') + testImplementation 'com.fasterxml.jackson.dataformat:jackson-dataformat-cbor' testImplementation 'io.projectreactor:reactor-test' testImplementation 'jakarta.xml.bind:jakarta.xml.bind-api' testImplementation 'jakarta.websocket:jakarta.websocket-api' diff --git a/webauthn/src/test/java/org/springframework/security/web/webauthn/api/TestAuthenticatorAttestationResponses.java b/webauthn/src/test/java/org/springframework/security/web/webauthn/api/TestAuthenticatorAttestationResponses.java index 5514a8a654..06f7322227 100644 --- a/webauthn/src/test/java/org/springframework/security/web/webauthn/api/TestAuthenticatorAttestationResponses.java +++ b/webauthn/src/test/java/org/springframework/security/web/webauthn/api/TestAuthenticatorAttestationResponses.java @@ -21,7 +21,7 @@ public final class TestAuthenticatorAttestationResponses { public static AuthenticatorAttestationResponse.AuthenticatorAttestationResponseBuilder createAuthenticatorAttestationResponse() { return AuthenticatorAttestationResponse.builder() .attestationObject(Bytes.fromBase64( - "o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YViUy9GqwTRaMpzVDbXq1dyEAXVOxrou08k22ggRC45MKNhdAAAAALraVWanqkAfvZZFYZpVEg0AEDWRLOHq0Wxw4cOkCemynKqlAQIDJiABIVgg4Hkrn2kbGmpZTdoDZUNrppo93OqgQV7ONzVvo5GLCFciWCCrf6yIQggq2BfZntawxRsBBbWG_FWkYAoU8yPipS-5hg-p1VREax-qKTGn1Bp92fRMjRMunH7XwSlf9mMWJdY3VvAkicTChlxVd256yk4jEiXiJ5BuwugdpT7fBOYtymjpQECAyYgASFYIJK-2epPEw0ujHN-gvVp2Hp3ef8CzU3zqwO5ylx8L2OsIlggK5x5OlTGEPxLS-85TAABum4aqVK4CSWJ7LYDdkjuBLk")) + "o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YViUy9GqwTRaMpzVDbXq1dyEAXVOxrou08k22ggRC45MKNhdAAAAALraVWanqkAfvZZFYZpVEg0AEDWRLOHq0Wxw4cOkCemynKqlAQIDJiABIVgg4Hkrn2kbGmpZTdoDZUNrppo93OqgQV7ONzVvo5GLCFciWCCrf6yIQggq2BfZntawxRsBBbWG_FWkYAoU8yPipS-5hg==")) .clientDataJSON(Bytes.fromBase64( "eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoicTdsQ2RkM1NWUXhkQy12OHBuUkFHRW4xQjJNLXQ3WkVDV1B3Q0FtaFd2YyIsIm9yaWdpbiI6Imh0dHBzOi8vZXhhbXBsZS5sb2NhbGhvc3Q6ODQ0MyIsImNyb3NzT3JpZ2luIjpmYWxzZX0")) .transports(AuthenticatorTransport.HYBRID, AuthenticatorTransport.INTERNAL); diff --git a/webauthn/src/test/java/org/springframework/security/web/webauthn/management/Webauthn4jRelyingPartyOperationsTests.java b/webauthn/src/test/java/org/springframework/security/web/webauthn/management/Webauthn4jRelyingPartyOperationsTests.java index 65213c7b6a..163e2d15f6 100644 --- a/webauthn/src/test/java/org/springframework/security/web/webauthn/management/Webauthn4jRelyingPartyOperationsTests.java +++ b/webauthn/src/test/java/org/springframework/security/web/webauthn/management/Webauthn4jRelyingPartyOperationsTests.java @@ -43,6 +43,8 @@ import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.ArgumentCaptor; import org.mockito.Mock; import org.mockito.junit.jupiter.MockitoExtension; +import tools.jackson.databind.json.JsonMapper; +import tools.jackson.dataformat.cbor.CBORMapper; import org.springframework.security.authentication.AnonymousAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; @@ -78,6 +80,7 @@ import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException import static org.assertj.core.api.Assertions.assertThatRuntimeException; import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; +import static org.mockito.Mockito.RETURNS_SELF; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verifyNoInteractions; @@ -613,9 +616,11 @@ class Webauthn4jRelyingPartyOperationsTests { ImmutableCredentialRecord credentialRecord = TestCredentialRecords.fullUserCredential().build(); given(this.userCredentials.findByCredentialId(publicKey.getRawId())).willReturn(credentialRecord); - ObjectMapper json = mock(ObjectMapper.class); - ObjectMapper cbor = mock(ObjectMapper.class); - given(cbor.getFactory()).willReturn(mock(CBORFactory.class)); + JsonMapper json = new JsonMapper(); + CBORMapper cbor = mock(CBORMapper.class); + CBORMapper.Builder builder = mock(CBORMapper.Builder.class, RETURNS_SELF); + given(builder.build()).willReturn(cbor); + given(cbor.rebuild()).willReturn(builder); AttestationObject attestationObject = mock(AttestationObject.class); AuthenticatorData wa4jAuthData = mock(AuthenticatorData.class); given(attestationObject.getAuthenticatorData()).willReturn(wa4jAuthData);