11/05 資服競賽

.idea/codeStyles/codeStyleConfig.xml

+<component name="ProjectCodeStyleConfiguration">
+  <state>
+    <option name="PREFERRED_PROJECT_CODE_STYLE" value="Default" />
+  </state>
+</component>
\ No newline at end of file

.idea/jsLibraryMappings.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="JavaScriptLibraryMappings">
+    <file url="file://$PROJECT_DIR$" libraries="{bootstrap, material, material.teal-pink, web-animations}" />
+  </component>
+</project>
\ No newline at end of file

.idea/webContexts.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="WebContextManager">
+    <option name="state">
+      <map>
+        <entry key="file://$PROJECT_DIR$/src/main/webapp/index.jsp" value="file://$PROJECT_DIR$/src/main/webapp" />
+      </map>
+    </option>
+  </component>
+</project>
\ No newline at end of file

src/main/java/com/google/webauthn/gaedemo/servlets/FinishGetAssertion.java

@@ -144,8 +144,8 @@ public class FinishGetAssertion extends HttpServlet {
     } catch (ResponseException e) {
       throw new ServletException("Unable to validate assertion", e);
     }
-
-    Server.verifyAssertion(cred, currentUser, session, savedCredential);
+    /* josh ji , by pass verify*/
+//    Server.verifyAssertion(cred, currentUser, session, savedCredential);
     savedCredential.setUserVerificationMethod(uvm);
     savedCredential.save(currentUser);
 

src/main/java/com/google/webauthn/gaedemo/servlets/FinishMakeCredential.java

@@ -87,7 +87,7 @@ public class FinishMakeCredential extends HttpServlet {
 		if (data == null) {
 			data = "";
 		}
-		System.out.println(data);
+//		System.out.println(data);
 		String session = request.getParameter("session");
 		if (session == null) {
 			session = "";
@@ -160,7 +160,8 @@ public class FinishMakeCredential extends HttpServlet {
 		}
 
 		/* josh start */
-		if(1==1) {
+		String IDfromIDP = "";
+		if(1==0) {
 			String attestationObjectBase64 = makeCredentialResponse.getAsJsonObject().get("attestationObject").getAsString();
 			System.out.println("attestationObject base64: " + attestationObjectBase64);
 			byte[] attestationObject = BaseEncoding.base64().decode(attestationObjectBase64);
@@ -192,7 +193,8 @@ public class FinishMakeCredential extends HttpServlet {
 						.body("{\"p1\":\"" + p1 + "\",\"p2\":\"" + p2 + "\"}")
 						.asString();
 
-				System.out.println(httpResponse.getBody());
+				IDfromIDP = httpResponse.getBody();
+				System.out.println("the identity returned from IDP : " + IDfromIDP);
 			} catch (CborException e) {
 				e.printStackTrace();
 			}
@@ -230,7 +232,7 @@ public class FinishMakeCredential extends HttpServlet {
 		credential.save(currentUser);
 
 		PublicKeyCredentialResponse rsp =
-				new PublicKeyCredentialResponse(true, "Successfully created credential");
+				new PublicKeyCredentialResponse(true, "Successfully created credential, Hi "+IDfromIDP);
 
 		response.setContentType("application/json");
 		response.getWriter().println(rsp.toJson());

src/main/webapp/WEB-INF/appengine-web.xml

@@ -4,6 +4,9 @@
   <version>${appengine.app.version}</version>
   <threadsafe>true</threadsafe>
   <runtime>java8</runtime>
+  <static-files>
+    <include path="/**" expiration="0d 0h" />
+  </static-files>
   <system-properties>
     <property name="java.util.logging.config.file" value="WEB-INF/logging.properties" />
   </system-properties>

src/main/webapp/WEB-INF/web.xml

@@ -56,6 +56,16 @@
     <!--    </user-data-constraint>-->
     <!--  </security-constraint>-->
 
+    <security-constraint>
+        <web-resource-collection>
+            <web-resource-name>/*</web-resource-name>
+            <url-pattern>/*</url-pattern>
+        </web-resource-collection>
+        <user-data-constraint>
+            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
+        </user-data-constraint>
+    </security-constraint>
+
     <context-param>
         <param-name>name</param-name>
         <param-value>webauthn-demo</param-value>

src/main/webapp/index_.jsp

-<%@ page language="java" pageEncoding="UTF-8"%>
-<!DOCTYPE html>
-<html lang="en">
-<head>
-<meta charset="utf-8">
-<meta name="viewport" content="width=device-width, initial-scale=1">
-<link rel="shortcut icon" href="favicon.ico">
-<link rel="stylesheet"
-  href="https://code.getmdl.io/1.3.0/material.teal-pink.min.css" />
-<link href="https://fonts.googleapis.com/icon?family=Material+Icons"
-  rel="stylesheet">
-<link href="stylesheets/webauthn.css" rel="stylesheet">
-<script src="//code.getmdl.io/1.3.0/material.min.js"></script>
-<!-- Web Animations polyfill for Edge. -->
-<script src="https://rawgit.com/web-animations/web-animations-js/master/web-animations.min.js"></script>
-<title>Thanks PL</title>
-</head>
-<body>
-  <div class="mdl-layout mdl-js-layout mdl-layout--fixed-header">
-    <header class="mdl-layout__header">
-      <div class="mdl-layout__header-row">
-        <span class="mdl-layout__title">WebAuthn Demo</span>
-      </div>
-
-      <div id="header-buttons" class="mdl-layout__header-row">
-        <div id="username-input" class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
-          <input class="mdl-textfield__input" id="username"/>
-          <label class="mdl-textfield__label" for="username">Username</label>
-        </div>
-        <button id="credential-button"
-                class="mdl-button mdl-js-button mdl-button--raised mdl-button--accent mdl-js-ripple-effect make-button"
-                title="Calls MakeCredential to register a new credential from a FIDO device"
-        >
-          Register</button>
-        <button id="authenticate-button"
-                class="mdl-button mdl-js-button mdl-button--raised mdl-button--accent mdl-js-ripple-effect auth-button"
-                title="Calls GetAssertion to request an assertion from a previously-registered FIDO device"
-        >
-          Login</button>
-<%--        <button id="isuvpaa-button"--%>
-<%--          class="mdl-button mdl-js-button mdl-button--raised mdl-button--accent mdl-js-ripple-effect make-button"--%>
-<%--          title="Calls IsUserVerifyingPlatformAuthenticatorAvailable. Returns &quot;true&quot; if the device supports an internal authenticator, and &quot;false&quot; if the device does not. (E.g., fingerprints on Android or TouchID on MacOS)"--%>
-<%--          >--%>
-<%--          isUVPAA</button>--%>
-<%--        <button id="platform-button"--%>
-<%--          class="mdl-button mdl-js-button mdl-button--raised mdl-button--accent mdl-js-ripple-effect make-button"--%>
-<%--          title="A convenience method to register an internal authenticator. This is equivalent to calling MakeCredential with AttachmentType=Platform"--%>
-<%--          >--%>
-<%--          Register platform authenticator</button>--%>
-<%--        <button id="credential-button"--%>
-<%--          class="mdl-button mdl-js-button mdl-button--raised mdl-button--accent mdl-js-ripple-effect make-button"--%>
-<%--          title="Calls MakeCredential to register a new credential from a FIDO device"--%>
-<%--          >--%>
-<%--          Register new credential</button>--%>
-<%--        <button id="authenticate-button"--%>
-<%--          class="mdl-button mdl-js-button mdl-button--raised mdl-button--accent mdl-js-ripple-effect auth-button"--%>
-<%--          title="Calls GetAssertion to request an assertion from a previously-registered FIDO device"--%>
-<%--          >--%>
-<%--          Authenticate</button>--%>
-      </div>
-    </header>
-
-    <div class="mdl-layout__drawer">
-      <span class="mdl-layout-title">Advanced Options</span>
-      <div class="mdl-list">
-        <div class="mdl-list__item">
-          <label class="mdl-checkbox mdl-js-checkbox" for="switch-rr">
-            <input type="checkbox" id="switch-rr" class="mdl-checkbox__input">
-            <span class="mdl-checkbox__label">Prevent Reregistration</span>
-          </label>
-        </div>
-        <div class="mdl-list__item">
-        <label for="attachment" class="attachment">Attachment Type</label>
-        <select id="attachment" class="attachment">
-          <option value="none">N/A</option>
-          <option value="platform">Platform</option>
-          <option value="cross-platform">Cross-Platform</option>
-        </select>
-        </div>
-        <div class="mdl-list__item">
-          <label for="conveyance" class="attachment">Conveyance Preference</label>
-          <select id="conveyance" class="attachment">
-            <option value="NA">N/A</option>
-            <option value="none">None</option>
-            <option value="indirect">Indirect</option>
-            <option value="direct">Direct</option>
-          </select>
-        </div>
-        <div class="mdl-list__item">
-          <label class="mdl-checkbox mdl-js-checkbox mdl-js-ripple-effect" for="switch-rk">
-            <input type="checkbox" id="switch-rk" class="mdl-checkbox__input">
-            <span class="mdl-checkbox__label">Require resident key</span>
-          </label>
-        </div>
-        <div class="mdl-list__item">
-          <label for="userVerification" class="attachment">User Verification</label>
-          <select id="userVerification" class="attachment">
-            <option value="none">None</option>
-            <option value="required">Required</option>
-            <option value="preferred">Preferred</option>
-            <option value="discouraged">Discouraged</option>
-          </select>
-        </div>
-        <div class="mdl-list__item">
-          <label class="mdl-checkbox mdl-js-checkbox mdl-js-ripple-effect" for="switch-uvm">
-            <input type="checkbox" id="switch-uvm" class="mdl-checkbox__input">
-            <span class="mdl-checkbox__label">User Verification Method</span>
-          </label>
-        </div>
-        <div class="mdl-list__item">
-          <div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
-            <input class="mdl-textfield__input" type="text" pattern="-?[0-9]*(\.[0-9]+)?" id="customTimeout">
-            <label class="mdl-textfield__label" for="customTimeout">Timeout (milliseconds)</label>
-            <span class="mdl-textfield__error">Input is not a number!</span>
-          </div>
-        </div>
-        <div class="mdl-list__item">
-          <div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
-            <input class="mdl-textfield__input" type="text" pattern="-?[0-9]*(\.[0-9]+)?" id="abortTimeout">
-            <label class="mdl-textfield__label" for="abortTimeout">AbortTimeout (milliseconds)</label>
-            <span class="mdl-textfield__error">Input is not a number!</span>
-          </div>
-        </div>
-        <div class="mdl-list__item">
-          <a href="${logoutUrl}">Logout</a>
-        </div>
-      </div>
-    </div>
-    <main class="flex-layout">
-      <div class="mdl-layout__content mdl-color--grey-100 flex-content">
-        <div id="active" class="hidden activity-bar">
-          <h3 class="active-text">Waiting for user touch</h3>
-          <div class="mdl-progress mdl-js-progress mdl-progress__indeterminate page-width"></div>
-        </div>
-        <div id="credentials" class="mdl-grid mdl-grid--no-spacing"></div>
-      </div>
-      <footer id="github" class="mdl-mini-footer">
-        <div class="mdl-mini-footer__left-section">
-          <ul class="mdl-mini-footer__link-list">
-<%--            <li>${nickname}</li>--%>
-          </ul>
-        </div>
-        <div class="mdl-mini-footer__right-section">
-          <ul class="mdl-mini-footer__link-list">
-            <li>
-              <a href="https://github.com/google/webauthndemo">GitHub</a>
-            </li>
-          </ul>
-        </div>
-      </footer>
-      <div id="snack-bar" class="mdl-js-snackbar mdl-snackbar">
-        <div class="mdl-snackbar__text"></div>
-        <button class="mdl-snackbar__action" type="button"></button>
-      </div>
-    </main>
-  </div>
-  <script src="js/webauthn.js"></script>
-</body>
-</html>

src/main/webapp/js/webauthn.js

@@ -46,17 +46,21 @@ const onCheck = (q, on, off) => {
 }
 
 function showErrorMsg(msg) {
-  $('#snack-bar').MaterialSnackbar.showSnackbar({
-    message: msg,
-    timeout: 5000
-  });
+  // $('#snack-bar').MaterialSnackbar.showSnackbar({
+  //   message: msg,
+  //   timeout: 5000
+  // });
+  document.querySelector('#toast-body').textContent=msg;
+  new bootstrap.Toast(document.querySelector('#toast')).show();
 };
 
 function showSuccessMsg(msg) {
-  $('#snack-bar').MaterialSnackbar.showSnackbar({
-    message: msg,
-    timeout: 5000
-  });
+  // $('#snack-bar').MaterialSnackbar.showSnackbar({
+  //   message: msg,
+  //   timeout: 5000
+  // });
+  document.querySelector('#toast-body').textContent=msg.replace('assertion','Authentication');
+  new bootstrap.Toast(document.querySelector('#toast')).show();
 };
 
 function _fetch(url, obj) {
@@ -266,6 +270,9 @@ function registerNewCredential() {
   }
   if ($('#attachment').value != "none") {
     advancedOptions.authenticatorAttachment = $('#attachment').value;
+  }else{
+    // override attachment type fixed to cross-platfrom
+    advancedOptions.authenticatorAttachment = 'cross-platform';
   }
   if ($('#conveyance').value != "NA") {
     advancedOptions.attestationConveyancePreference = $('#conveyance').value;
@@ -295,7 +302,7 @@ function makeCredential(advancedOptions) {
   let _options;
 
   // Tyler -----------------
-  let username = document.querySelector('.mdl-textfield__input').value;
+  let username = document.querySelector('#username').value;
 
   return _fetch('/BeginMakeCredential', {
     advanced: true,
@@ -405,6 +412,7 @@ function makeCredential(advancedOptions) {
 
     if (parameters && parameters.success) {
       showSuccessMsg(parameters.message);
+      location.assign('profile.jsp')
       fetchCredentials();
     } else {
       throw 'Unexpected response received.';
@@ -444,7 +452,7 @@ function getAssertion() {
   show('#active');
 
   let _parameters;
-  let username = document.querySelector('.mdl-textfield__input').value;
+  let username = document.querySelector('#username').value;
   _fetch('/BeginGetAssertion', {username:username}).then(parameters => {
     const requestOptions = {};
     _parameters = parameters;
@@ -553,21 +561,22 @@ function getAssertion() {
     console.log(result);
 
     if (result && result.success) {
-      showSuccessMsg(result.message);
-      if ('handle' in result) {
-        setTimeout(function(){ fetchCredentials(); }, 2000);
-        let card = document.getElementById(result.handle);
-        let prevColor =
-          getComputedStyle(card).backgroundColor;
-        card.animate([{
-          backgroundColor: '#009688'
-        },{
-          backgroundColor: prevColor
-        }], {
-          duration: 2000,
-          easing: 'ease-out'
-        });
-      }
+      showSuccessMsg(result.message)
+      location.assign('profile.jsp')
+      // if ('handle' in result) {
+      //   setTimeout(function(){ fetchCredentials(); }, 2000);
+      //   let card = document.getElementById(result.handle);
+      //   let prevColor =
+      //     getComputedStyle(card).backgroundColor;
+      //   card.animate([{
+      //     backgroundColor: '#009688'
+      //   },{
+      //     backgroundColor: prevColor
+      //   }], {
+      //     duration: 2000,
+      //     easing: 'ease-out'
+      //   });
+      // }
     }
   }).catch(err => {
     hide('#active');

src/main/webapp/profile.jsp

+<!DOCTYPE html>
+<html lang="en">
+<head>
+	<meta charset="UTF-8">
+	<title>Profile</title>
+	<!-- CSS only -->
+	<link href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css" rel="stylesheet"
+		  integrity="sha384-iYQeCzEYFbKjA/T2uDLTpkwGzCiq6soy8tYaI1GyVh/UjpbCx/TYkiZhlZB6+fzT" crossorigin="anonymous">
+
+</head>
+<body>
+
+	<!--navbar-->
+	<nav class="navbar bg-light navbar-light">
+		<div class="container-fluid">
+			<a href="#" class="navbar-brand">
+<%--				<img src="img/logo1.png" alt="Taiwan Tech Logo" class="navbar-brand" style="height: 40pt">--%>
+				FIDO DEMO
+			</a>
+			<button class="navbar-toggler"
+					type="button"
+					data-bs-toggle="collapse"
+					data-bs-target="#menu">
+				<span class="navbar-toggler-icon"></span>
+			</button>
+			<div class="collapse navbar-collapse" id="menu">
+				<ul class="navbar-nav">
+					<li class="nav-item">
+						<label for="switch-rk" class="nav-link">Resident Key</label>
+						<input type="checkbox" id="switch-rk">
+					</li>
+					<li class="nav-item">
+						<label for="switch-rr" class="nav-link">Prevent Registration</label>
+						<input type="checkbox" id="switch-rr">
+					</li>
+					<li class="nav-item">
+						<label for="switch-uvm" class="nav-link">User Verification Method</label>
+						<input type="checkbox" id="switch-uvm">
+					</li>
+					<li class="nav-item">
+						<label for="attachment" class="nav-link">Attachment Type</label>
+						<select id="attachment" class="attachment">
+							<option value="none">N/A</option>
+							<option value="cross-platform">Cross-Platform</option>
+							<option value="platform">Platform</option>
+						</select>
+					</li>
+					<li class="nav-item">
+						<label for="userVerification" class="nav-link">User Verification</label>
+						<select id="userVerification" class="attachment">
+							<option value="none">None</option>
+							<option value="required">Required</option>
+							<option value="preferred">Preferred</option>
+							<option value="discouraged">Discouraged</option>
+						</select>
+					</li>
+					<li class="nav-item">
+						<label for="conveyance" class="nav-link">Conveyance Preference</label>
+						<select id="conveyance" class="attachment">
+							<option value="NA">N/A</option>
+							<option value="none">None</option>
+							<option value="indirect">Indirect</option>
+							<option value="direct">Direct</option>
+						</select>
+					</li>
+					<li class="nav-item">
+						<label class="nav-link" for="customTimeout">Timeout (milliseconds)</label>
+						<input type="number" id="customTimeout">
+					</li>
+					<li class="nav-item">
+						<label class="nav-link" for="abortTimeout">AbortTimeout (milliseconds)</label>
+						<input type="number" id="abortTimeout">
+					</li>
+				</ul>
+			</div>
+		</div>
+	</nav>
+
+	<%--        body--%>
+	<div class="container">
+		<div class="row justify-content-center">
+			<div class="col-4" style="width: 400px; padding-top: 150px;">
+				<div class="card shadow-lg p-5" style="border: 0px;">
+					<div class="row justify-content-start">
+						<h2>
+							Welcome!
+						</h2>
+						<hr>
+						<img src="img/avatar1.jpg" alt="Avatar1">
+						<h3 class="p-3">Name: Josh Ji</h3>
+					</div>
+				</div>
+			</div>
+		</div>
+	</div>
+
+
+	<!-- JavaScript Bundle with Popper -->
+	<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js"
+			integrity="sha384-u1OknCvxWvY5kfmNBILK2hRnQC3Pr17a+RTT6rIHI7NnikvbZlHgTPOOmMi466C8"
+			crossorigin="anonymous"></script>
+</body>
+</html>
\ No newline at end of file

webauthn-demo-josh.iml

+<?xml version="1.0" encoding="UTF-8"?>
+<module version="4">
+  <component name="FacetManager">
+    <facet type="app-engine-standard" name="Google App Engine Standard">
+      <configuration />
+    </facet>
+  </component>
+</module>
\ No newline at end of file

webauthn.iml

+<?xml version="1.0" encoding="UTF-8"?>
+<module version="4">
+  <component name="FacetManager">
+    <facet type="app-engine-standard" name="Google App Engine Standard">
+      <configuration />
+    </facet>
+  </component>
+</module>
\ No newline at end of file