fix(jans-fido2): #1120 (#2928)

* fix: #1120

* fix(jans-fido2): minor #2928

jans-fido2/client/pom.xml

@@ -61,6 +61,10 @@
                 <artifactId>maven-project-info-reports-plugin</artifactId>
                 <version>2.2</version>
             </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-javadoc-plugin</artifactId>
+            </plugin>
         </plugins>
     </reporting>
 

jans-fido2/pom.xml

@@ -168,5 +168,4 @@
 			</plugins>
 		</pluginManagement>
 	</build>
-
 </project>

jans-fido2/server/pom.xml

@@ -150,5 +150,12 @@
 			<version>2.0.1</version>
 		</dependency>
 	</dependencies>
-
+	<reporting>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-javadoc-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </reporting>
 </project>

jans-fido2/server/src/main/java/io/jans/fido2/exception/AttestationException.java

@@ -1,7 +1,16 @@
 package io.jans.fido2.exception;
 
+/**
+ * Exception Class for Attestation related exceptions.
+ * Extended from Fido2RuntimeException
+ *
+ */
 public class AttestationException extends Fido2RuntimeException{
 
+	/**
+	 * Constructor for AttestationException
+	 * @param errorMessage String containing error message
+	 */
 	public AttestationException(String errorMessage) {
 		super(errorMessage);
 	}

jans-fido2/server/src/main/java/io/jans/fido2/exception/Fido2CompromisedDevice.java

@@ -6,13 +6,23 @@
 
 package io.jans.fido2.exception;
 
+/**
+ * RuntimeException Class for Fido2CompromisedDevice 
+ * Extends RuntimeException
+ *
+ */
 public class Fido2CompromisedDevice extends RuntimeException {
 
     private static final long serialVersionUID = -318563205092295773L;
 
+	/**
+	 * Constructor for Fido2CompromisedDevice
+	 * @param message String: the detailed message
+	 * @param cause Throwable: the cause
+	 */
 	public Fido2CompromisedDevice(String message, Throwable cause) {
 		super(message, cause);
-	}
+	} 
 
 	public Fido2CompromisedDevice(String message) {
 		super(message);

jans-fido2/server/src/main/java/io/jans/fido2/exception/Fido2MissingAttestationCertException.java

@@ -6,6 +6,10 @@
 
 package io.jans.fido2.exception;
 
+/**
+ * Missing attestation certificate Exception
+ *
+ */
 public class Fido2MissingAttestationCertException extends Fido2RuntimeException {
 
 	private static final long serialVersionUID = 9114154955909766262L;

jans-fido2/server/src/main/java/io/jans/fido2/exception/Fido2RpRuntimeException.java

@@ -8,6 +8,10 @@
 
 import io.jans.fido2.model.error.Fido2RPError;
 
+/**
+ * Class for Fido2RpRuntimeException
+ *
+ */
 public class Fido2RpRuntimeException extends RuntimeException {
 
     private static final long serialVersionUID = -518563205092295773L;

jans-fido2/server/src/main/java/io/jans/fido2/exception/Fido2RuntimeException.java

@@ -8,6 +8,10 @@
 
 import io.jans.fido2.model.error.Fido2RPError;
 
+/**
+ * Parent class of all FIDO2 RuntimeExceptions
+ *
+ */
 public class Fido2RuntimeException extends RuntimeException {
 
     private static final long serialVersionUID = -118563205092295773L;

jans-fido2/server/src/main/java/io/jans/fido2/model/auth/AuthData.java

@@ -19,6 +19,7 @@
 package io.jans.fido2.model.auth;
 
 /**
+ * authData structure from https://www.w3.org/TR/webauthn/#authenticator-data
  * @author Yuriy Movchan
  * @version March 9, 2020
  */

jans-fido2/server/src/main/java/io/jans/fido2/model/auth/PublicKeyCredentialDescriptor.java

@@ -10,6 +10,7 @@
 import com.fasterxml.jackson.annotation.JsonInclude;
 
 /**
+ * PublicKeyCredentialDescriptor - https://www.w3.org/TR/webauthn-2/#enum-credentialType
  * @author Yuriy Movchan
  * @version May 08, 2020
  */

jans-fido2/server/src/main/java/io/jans/fido2/model/cert/CertificateHolder.java

@@ -9,6 +9,8 @@
 import java.security.cert.Certificate;
 
 /**
+ * A holding class for certificate
+ * 
  * @author Yuriy Movchan
  * @version May 08, 2020
  */

jans-fido2/server/src/main/java/io/jans/fido2/model/error/Fido2RPError.java

@@ -18,6 +18,10 @@
 
 package io.jans.fido2.model.error;
 
+/**
+ * Error class for FIDO2 RP Errors
+ *
+ */
 public class Fido2RPError {
 
     private final String status;

jans-fido2/server/src/main/java/io/jans/fido2/model/mds/AuthenticatorCertificationStatus.java

@@ -6,7 +6,10 @@
 
 package io.jans.fido2.model.mds;
 
-// https://fidoalliance.org/specs/fido-v2.0-rd-20180702/fido-metadata-service-v2.0-rd-20180702.html
+/**
+ * This enumeration describes the status of an authenticator model as identified by its AAID and potentially some additional information (such as a specific attestation key). -https://fidoalliance.org/specs/fido-v2.0-rd-20180702/fido-metadata-service-v2.0-rd-20180702.html 
+ *
+ */
 public enum AuthenticatorCertificationStatus {
 
 	NOT_FIDO_CERTIFIED, FIDO_CERTIFIED, USER_VERIFICATION_BYPASS, ATTESTATION_KEY_COMPROMISE, USER_KEY_REMOTE_COMPROMISE, USER_KEY_PHYSICAL_COMPROMISE, UPDATE_AVAILABLE, REVOKED, SELF_ASSERTION_SUBMITTED, FIDO_CERTIFIED_L1, FIDO_CERTIFIED_L1plus, FIDO_CERTIFIED_L2, FIDO_CERTIFIED_L2plus, FIDO_CERTIFIED_L3, FIDO_CERTIFIED_L3plus

jans-fido2/server/src/main/java/io/jans/fido2/service/AuthenticatorDataParser.java

@@ -40,6 +40,11 @@
  * @author Yuriy Movchan
  * @version March 9, 2020
  */
+/**
+ * authData — a raw buffer struct containing user info.
+ * Parser for authData or authenticatorData
+ *
+ */
 @ApplicationScoped
 public class AuthenticatorDataParser {
 

jans-fido2/server/src/main/java/io/jans/fido2/service/Base64Service.java

@@ -17,9 +17,11 @@
 import org.slf4j.Logger;
 
 /**
+ * Utility methods for base64 encoding / decoding
  * @author Yuriy Movchan
  * @version May 08, 2020
  */
+
 @ApplicationScoped
 public class Base64Service {
 

jans-fido2/server/src/main/java/io/jans/fido2/service/CertificateService.java

@@ -35,9 +35,11 @@
 import org.slf4j.Logger;
 
 /**
+ * Utiltiy class for Certificate related operations
  * @author Yuriy Movchan
  * @version May 08, 2020
  */
+
 @ApplicationScoped
 public class CertificateService {
 

jans-fido2/server/src/main/java/io/jans/fido2/service/ChallengeGenerator.java

@@ -23,6 +23,10 @@
 import jakarta.enterprise.context.ApplicationScoped;
 import jakarta.inject.Inject;
 
+/**
+ * Challenge generator class
+ *
+ */
 @ApplicationScoped
 public class ChallengeGenerator {
 

jans-fido2/server/src/main/java/io/jans/fido2/service/CoseService.java

@@ -52,6 +52,10 @@
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.node.ObjectNode;
 
+/**
+ * Utility classes for COSE key structure.
+ *
+ */
 @ApplicationScoped
 public class CoseService {
 

jans-fido2/server/src/main/java/io/jans/fido2/service/DataMapperService.java

@@ -23,6 +23,7 @@
 import com.fasterxml.jackson.dataformat.cbor.CBORParser;
 
 /**
+ * Conversions to/from JSON format and to/from CBOR format
  * @author Yuriy Movchan
  * @version May 08, 2020
  */

jans-fido2/server/src/main/java/io/jans/fido2/service/app/AppInitializer.java

@@ -47,6 +47,8 @@
 import java.util.Properties;
 
 /**
+ * 
+ * FIDO2 server initializer
  * @author Yuriy MOvchan
  * @version May 12, 2020
  */

jans-fido2/server/src/main/java/io/jans/fido2/service/app/MDS3UpdateTimer.java

@@ -25,6 +25,7 @@
 import org.slf4j.Logger;
 
 /**
+ * Class that periodically updates the mds3 blob in the FIDO2 server
  * @author madhumitas
  *
  */

jans-fido2/server/src/main/java/io/jans/fido2/service/mds/LocalMdsService.java

@@ -31,6 +31,10 @@
 import com.fasterxml.jackson.databind.JsonNode;
 
 /**
+ * The FIDO2 server has a local database of authenticator data in json format.
+ * It is parsed before MDS blob is looked up. This data has to be obtained from
+ * the vendor and placed in the local folder for metadata
+ * 
  * @author Yuriy Movchan
  * @version May 08, 2020
  */

jans-fido2/server/src/main/java/io/jans/fido2/service/mds/TocService.java

@@ -57,6 +57,10 @@
 import com.nimbusds.jose.crypto.ECDSAVerifier;
 import com.nimbusds.jose.crypto.RSASSAVerifier;
 
+/**
+ * TOC is parsed and Hashmap containing JSON object of individual Authenticators is created.
+ *
+ */
 @ApplicationScoped
 public class TocService {
 

jans-fido2/server/src/main/java/io/jans/fido2/service/operation/AssertionService.java

@@ -46,9 +46,12 @@
 import com.fasterxml.jackson.databind.node.ObjectNode;
 
 /**
+ * Core offering by the FIDO2 server, assertion is invoked upon authentication
+ * 
  * @author Yuriy Movchan
  * @version May 08, 2020
  */
+
 @ApplicationScoped
 public class AssertionService {
 

jans-fido2/server/src/main/java/io/jans/fido2/service/operation/AttestationService.java

@@ -41,6 +41,7 @@
 import com.fasterxml.jackson.databind.node.ObjectNode;
 
 /**
+ * Core offering by the FIDO2 server, attestation is invoked upon enrollment
  * @author Yuriy Movchan
  * @version May 08, 2020
  */

jans-fido2/server/src/main/java/io/jans/fido2/service/persist/AuthenticationPersistenceService.java

@@ -34,6 +34,8 @@
 import org.slf4j.Logger;
 
 /**
+ * Every authentication is persisted under Person Entry
+ * 
  * @author Yuriy Movchan
  * @version May 08, 2020
  */

jans-fido2/server/src/main/java/io/jans/fido2/service/persist/RegistrationPersistenceService.java

@@ -37,6 +37,7 @@
 import org.slf4j.Logger;
 
 /**
+ * Every registration is persisted under Person Entry
  * @author Yuriy Movchan
  * @version May 08, 2020
  */

jans-fido2/server/src/main/java/io/jans/fido2/service/processor/assertion/AppleAssertionFormatProcessor.java

@@ -40,6 +40,14 @@
 import io.jans.fido2.service.verifier.CommonVerifiers;
 import io.jans.fido2.service.verifier.UserVerificationVerifier;
 
+/**
+ * Processor class for Assertions from Apple Platform authenticator - reference
+ * -
+ * https://medium.com/webauthnworks/webauthn-fido2-verifying-apple-anonymous-attestation-5eaff334c849
+ * 
+ * @author madhumitas
+ *
+ */
 @ApplicationScoped
 public class AppleAssertionFormatProcessor implements AssertionFormatProcessor {
 
@@ -73,13 +81,14 @@ public AttestationFormat getAttestationFormat() {
 	}
 
 	@Override
-	public void process(String base64AuthenticatorData, String signature, String clientDataJson, Fido2RegistrationData registration,
-			Fido2AuthenticationData authenticationEntity) {
+	public void process(String base64AuthenticatorData, String signature, String clientDataJson,
+			Fido2RegistrationData registration, Fido2AuthenticationData authenticationEntity) {
 		AuthData authData = authenticatorDataParser.parseAssertionData(base64AuthenticatorData);
 		commonVerifiers.verifyRpIdHash(authData, registration.getDomain());
 
 		log.info("User verification option {}", authenticationEntity.getUserVerificationOption());
-		userVerificationVerifier.verifyUserVerificationOption(authenticationEntity.getUserVerificationOption(), authData);
+		userVerificationVerifier.verifyUserVerificationOption(authenticationEntity.getUserVerificationOption(),
+				authData);
 
 		byte[] clientDataHash = DigestUtils.getSha256Digest().digest(base64Service.urlDecode(clientDataJson));
 

jans-fido2/server/src/main/java/io/jans/fido2/service/processor/assertion/AssertionProcessorFactory.java

@@ -30,6 +30,10 @@
 import io.jans.fido2.exception.Fido2RuntimeException;
 import io.jans.fido2.service.processors.AssertionFormatProcessor;
 
+/**
+ * Factory Class that returns Processor based on the attestationType value in Fido2RegistrationData
+ *
+ */
 @ApplicationScoped
 public class AssertionProcessorFactory {
 

jans-fido2/server/src/main/java/io/jans/fido2/service/processor/assertion/PackedAssertionFormatProcessor.java

@@ -44,6 +44,10 @@
 
 import com.fasterxml.jackson.databind.JsonNode;
 
+/**
+ * Class which processes assertions of "packed" fmt (attestation type)
+ *
+ */
 @ApplicationScoped
 public class PackedAssertionFormatProcessor implements AssertionFormatProcessor {
 

jans-fido2/server/src/main/java/io/jans/fido2/service/processor/assertion/U2FAssertionFormatProcessor.java

@@ -42,6 +42,10 @@
 
 import com.fasterxml.jackson.databind.JsonNode;
 
+/**
+ *  Class which processes assertions of "fido2-u2f" fmt (attestation type)
+ *
+ */
 @ApplicationScoped
 public class U2FAssertionFormatProcessor implements AssertionFormatProcessor {
 

jans-fido2/server/src/main/java/io/jans/fido2/service/processor/attestation/AndroidKeyAttestationProcessor.java

@@ -46,6 +46,10 @@
 
 import com.fasterxml.jackson.databind.JsonNode;
 
+/**
+ * Attestation processor for attestations of fmt = android-key
+ *
+ */
 @ApplicationScoped
 public class AndroidKeyAttestationProcessor implements AttestationFormatProcessor {
 

jans-fido2/server/src/main/java/io/jans/fido2/service/processor/attestation/AndroidSafetyNetAttestationProcessor.java

@@ -44,6 +44,10 @@
 
 import com.fasterxml.jackson.databind.JsonNode;
 
+/**
+ * Attestation processor for attestations of fmt = android-safetynet
+ *
+ */
 @ApplicationScoped
 public class AndroidSafetyNetAttestationProcessor implements AttestationFormatProcessor {