Package sk.iway.iwcm.system.spring.passkey

Class DynamicWebAuthnRelyingPartyOperations

java.lang.Object
sk.iway.iwcm.system.spring.passkey.DynamicWebAuthnRelyingPartyOperations
All Implemented Interfaces:
org.springframework.security.web.webauthn.management.WebAuthnRelyingPartyOperations
public class DynamicWebAuthnRelyingPartyOperations extends Object implements org.springframework.security.web.webauthn.management.WebAuthnRelyingPartyOperations
Dynamic WebAuthn Relying Party Operations that determines rpId from the current HTTP request. This allows passkeys to work across multiple domains by automatically setting the rpId based on the request's server name. The wrapper creates and caches Webauthn4JRelyingPartyOperations instances per domain, ensuring that passkey registration and authentication use the correct rpId for each domain. Thread-safe: uses ConcurrentHashMap to cache operations per rpId.

  • Constructor Summary

    Constructors
    Constructor
    Description
    DynamicWebAuthnRelyingPartyOperations(org.springframework.security.web.webauthn.management.PublicKeyCredentialUserEntityRepository userEntityRepository, org.springframework.security.web.webauthn.management.UserCredentialRepository userCredentialRepository, String rpName, Set<String> allowedOrigins)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity
    authenticate(org.springframework.security.web.webauthn.management.RelyingPartyAuthenticationRequest request)
     
    org.springframework.security.web.webauthn.api.PublicKeyCredentialRequestOptions
    createCredentialRequestOptions(org.springframework.security.web.webauthn.management.PublicKeyCredentialRequestOptionsRequest request)
     
    org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions
    createPublicKeyCredentialCreationOptions(org.springframework.security.web.webauthn.management.PublicKeyCredentialCreationOptionsRequest request)
     
    static String
    determineRpId()
    Determine the rpId from the current HTTP request.
    org.springframework.security.web.webauthn.api.CredentialRecord
    registerCredential(org.springframework.security.web.webauthn.management.RelyingPartyRegistrationRequest request)
     

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • DynamicWebAuthnRelyingPartyOperations

      public DynamicWebAuthnRelyingPartyOperations(org.springframework.security.web.webauthn.management.PublicKeyCredentialUserEntityRepository userEntityRepository, org.springframework.security.web.webauthn.management.UserCredentialRepository userCredentialRepository, String rpName, Set<String> allowedOrigins)

  • Method Details

    • determineRpId

      public static String determineRpId()
      Determine the rpId from the current HTTP request. Falls back to configured default if no request is available.
      Returns:
      the rpId (domain) for the current request

    • createPublicKeyCredentialCreationOptions

      public org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions createPublicKeyCredentialCreationOptions(org.springframework.security.web.webauthn.management.PublicKeyCredentialCreationOptionsRequest request)
      Specified by:
      createPublicKeyCredentialCreationOptions in interface org.springframework.security.web.webauthn.management.WebAuthnRelyingPartyOperations

    • registerCredential

      public org.springframework.security.web.webauthn.api.CredentialRecord registerCredential(org.springframework.security.web.webauthn.management.RelyingPartyRegistrationRequest request)
      Specified by:
      registerCredential in interface org.springframework.security.web.webauthn.management.WebAuthnRelyingPartyOperations

    • createCredentialRequestOptions

      public org.springframework.security.web.webauthn.api.PublicKeyCredentialRequestOptions createCredentialRequestOptions(org.springframework.security.web.webauthn.management.PublicKeyCredentialRequestOptionsRequest request)
      Specified by:
      createCredentialRequestOptions in interface org.springframework.security.web.webauthn.management.WebAuthnRelyingPartyOperations

    • authenticate

      public org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity authenticate(org.springframework.security.web.webauthn.management.RelyingPartyAuthenticationRequest request)
      Specified by:
      authenticate in interface org.springframework.security.web.webauthn.management.WebAuthnRelyingPartyOperations