Rename assure to assertTrue

Author: emlun

webauthn-server-attestation/src/main/java/com/yubico/fido/metadata/AAGUID.java

@@ -50,7 +50,7 @@ public class AAGUID {
    * @param value a {@link ByteArray} of length exactly 16.
    */
   public AAGUID(ByteArray value) {
-    ExceptionUtil.assure(
+    ExceptionUtil.assertTrue(
         value.size() == 16,
         "AAGUID as bytes must be exactly 16 bytes long, was %d: %s",
         value.size(),

webauthn-server-core/src/main/java/com/yubico/webauthn/AndroidSafetynetAttestationStatementVerifier.java

@@ -70,13 +70,13 @@ public boolean verifyAttestationSignature(
         attestationObject.getAuthenticatorData().getBytes().concat(clientDataJsonHash);
     ByteArray hashSignedData = Crypto.sha256(signedData);
     ByteArray nonceByteArray = ByteArray.fromBase64(payload.get("nonce").textValue());
-    ExceptionUtil.assure(
+    ExceptionUtil.assertTrue(
         hashSignedData.equals(nonceByteArray),
         "Nonce does not equal authenticator data + client data. Expected nonce: %s, was nonce: %s",
         hashSignedData.getBase64Url(),
         nonceByteArray.getBase64Url());
 
-    ExceptionUtil.assure(
+    ExceptionUtil.assertTrue(
         payload.get("ctsProfileMatch").booleanValue(),
         "Expected ctsProfileMatch to be true, was: %s",
         payload.get("ctsProfileMatch"));
@@ -133,7 +133,7 @@ private boolean verifySignature(JsonWebSignatureCustom jws) {
     }
 
     // Verify the hostname of the certificate.
-    ExceptionUtil.assure(
+    ExceptionUtil.assertTrue(
         verifyHostname(attestationCertificate),
         "Certificate isn't issued for the hostname attest.android.com: %s",
         attestationCertificate);

webauthn-server-core/src/main/java/com/yubico/webauthn/FinishAssertionSteps.java

@@ -24,7 +24,7 @@
 
 package com.yubico.webauthn;
 
-import static com.yubico.internal.util.ExceptionUtil.assure;
+import static com.yubico.internal.util.ExceptionUtil.assertTrue;
 
 import COSE.CoseException;
 import com.yubico.webauthn.data.AuthenticatorAssertionResponse;
@@ -112,7 +112,7 @@ public void validate() {
           .getAllowCredentials()
           .ifPresent(
               allowed -> {
-                assure(
+                assertTrue(
                     allowed.stream().anyMatch(allow -> allow.getId().equals(response.getId())),
                     "Unrequested credential ID: %s",
                     response.getId());
@@ -153,25 +153,25 @@ public Step7 nextStep() {
 
     @Override
     public void validate() {
-      assure(
+      assertTrue(
           request.getUsername().isPresent() || response.getResponse().getUserHandle().isPresent(),
           "At least one of username and user handle must be given; none was.");
 
-      assure(
+      assertTrue(
           userHandle.isPresent(),
           "User handle not found for username: %s",
           request.getUsername(),
           response.getResponse().getUserHandle());
 
-      assure(
+      assertTrue(
           username.isPresent(),
           "Username not found for userHandle: %s",
           request.getUsername(),
           response.getResponse().getUserHandle());
 
-      assure(registration.isPresent(), "Unknown credential: %s", response.getId());
+      assertTrue(registration.isPresent(), "Unknown credential: %s", response.getId());
 
-      assure(
+      assertTrue(
           userHandle.get().equals(registration.get().getUserHandle()),
           "User handle %s does not own credential %s",
           userHandle.get(),
@@ -180,7 +180,7 @@ public void validate() {
       final Optional<String> usernameFromRequest = request.getUsername();
       final Optional<ByteArray> userHandleFromResponse = response.getResponse().getUserHandle();
       if (usernameFromRequest.isPresent() && userHandleFromResponse.isPresent()) {
-        assure(
+        assertTrue(
             userHandleFromResponse.equals(
                 credentialRepository.getUserHandleForUsername(usernameFromRequest.get())),
             "User handle %s in response does not match username %s in request",
@@ -203,7 +203,7 @@ public Step8 nextStep() {
 
     @Override
     public void validate() {
-      assure(
+      assertTrue(
           credential.isPresent(),
           "Unknown credential. Credential ID: %s, user handle: %s",
           response.getId(),
@@ -219,9 +219,9 @@ class Step8 implements Step<Step10> {
 
     @Override
     public void validate() {
-      assure(clientData() != null, "Missing client data.");
-      assure(authenticatorData() != null, "Missing authenticator data.");
-      assure(signature() != null, "Missing signature.");
+      assertTrue(clientData() != null, "Missing client data.");
+      assertTrue(authenticatorData() != null, "Missing authenticator data.");
+      assertTrue(signature() != null, "Missing signature.");
     }
 
     @Override
@@ -251,7 +251,7 @@ class Step10 implements Step<Step11> {
 
     @Override
     public void validate() {
-      assure(clientData() != null, "Missing client data.");
+      assertTrue(clientData() != null, "Missing client data.");
     }
 
     @Override
@@ -272,7 +272,7 @@ class Step11 implements Step<Step12> {
 
     @Override
     public void validate() {
-      assure(
+      assertTrue(
           CLIENT_DATA_TYPE.equals(clientData.getType()),
           "The \"type\" in the client data must be exactly \"%s\", was: %s",
           CLIENT_DATA_TYPE,
@@ -292,7 +292,7 @@ class Step12 implements Step<Step13> {
 
     @Override
     public void validate() {
-      assure(
+      assertTrue(
           request
               .getPublicKeyCredentialRequestOptions()
               .getChallenge()
@@ -314,7 +314,7 @@ class Step13 implements Step<Step14> {
     @Override
     public void validate() {
       final String responseOrigin = response.getResponse().getClientData().getOrigin();
-      assure(
+      assertTrue(
           OriginMatcher.isAllowed(responseOrigin, origins, allowOriginPort, allowOriginSubdomain),
           "Incorrect origin: " + responseOrigin);
     }
@@ -350,15 +350,15 @@ class Step15 implements Step<Step16> {
     @Override
     public void validate() {
       try {
-        assure(
+        assertTrue(
             Crypto.sha256(rpId)
                 .equals(response.getResponse().getParsedAuthenticatorData().getRpIdHash()),
             "Wrong RP ID hash.");
       } catch (IllegalArgumentException e) {
         Optional<AppId> appid =
             request.getPublicKeyCredentialRequestOptions().getExtensions().getAppid();
         if (appid.isPresent()) {
-          assure(
+          assertTrue(
               Crypto.sha256(appid.get().getId())
                   .equals(response.getResponse().getParsedAuthenticatorData().getRpIdHash()),
               "Wrong RP ID hash.");
@@ -381,7 +381,7 @@ class Step16 implements Step<Step17> {
 
     @Override
     public void validate() {
-      assure(
+      assertTrue(
           response.getResponse().getParsedAuthenticatorData().getFlags().UP,
           "User Presence is required.");
     }
@@ -403,7 +403,7 @@ public void validate() {
           .getPublicKeyCredentialRequestOptions()
           .getUserVerification()
           .equals(Optional.of(UserVerificationRequirement.REQUIRED))) {
-        assure(
+        assertTrue(
             response.getResponse().getParsedAuthenticatorData().getFlags().UV,
             "User Verification is required.");
       }
@@ -424,7 +424,7 @@ class PendingStep16 implements Step<Step18> {
 
     @Override
     public void validate() {
-      assure(
+      assertTrue(
           !credential.isBackupEligible().isPresent()
               || response.getResponse().getParsedAuthenticatorData().getFlags().BE
                   == credential.isBackupEligible().get(),
@@ -461,7 +461,7 @@ class Step19 implements Step<Step20> {
 
     @Override
     public void validate() {
-      assure(clientDataJsonHash().size() == 32, "Failed to compute hash of client data");
+      assertTrue(clientDataJsonHash().size() == 32, "Failed to compute hash of client data");
     }
 
     @Override

webauthn-server-core/src/main/java/com/yubico/webauthn/FinishRegistrationSteps.java

@@ -24,7 +24,7 @@
 
 package com.yubico.webauthn;
 
-import static com.yubico.internal.util.ExceptionUtil.assure;
+import static com.yubico.internal.util.ExceptionUtil.assertTrue;
 import static com.yubico.internal.util.ExceptionUtil.wrapAndLog;
 
 import COSE.CoseException;
@@ -129,7 +129,7 @@ default RegistrationResult run() {
   class Step6 implements Step<Step7> {
     @Override
     public void validate() {
-      assure(clientData() != null, "Client data must not be null.");
+      assertTrue(clientData() != null, "Client data must not be null.");
     }
 
     @Override
@@ -148,7 +148,7 @@ class Step7 implements Step<Step8> {
 
     @Override
     public void validate() {
-      assure(
+      assertTrue(
           CLIENT_DATA_TYPE.equals(clientData.getType()),
           "The \"type\" in the client data must be exactly \"%s\", was: %s",
           CLIENT_DATA_TYPE,
@@ -167,7 +167,7 @@ class Step8 implements Step<Step9> {
 
     @Override
     public void validate() {
-      assure(request.getChallenge().equals(clientData.getChallenge()), "Incorrect challenge.");
+      assertTrue(request.getChallenge().equals(clientData.getChallenge()), "Incorrect challenge.");
     }
 
     @Override
@@ -183,7 +183,7 @@ class Step9 implements Step<Step10> {
     @Override
     public void validate() {
       final String responseOrigin = clientData.getOrigin();
-      assure(
+      assertTrue(
           OriginMatcher.isAllowed(responseOrigin, origins, allowOriginPort, allowOriginSubdomain),
           "Incorrect origin: " + responseOrigin);
     }
@@ -213,7 +213,7 @@ public Step11 nextStep() {
   class Step11 implements Step<Step12> {
     @Override
     public void validate() {
-      assure(clientDataJsonHash().size() == 32, "Failed to compute hash of client data");
+      assertTrue(clientDataJsonHash().size() == 32, "Failed to compute hash of client data");
     }
 
     @Override
@@ -232,7 +232,7 @@ class Step12 implements Step<Step13> {
 
     @Override
     public void validate() {
-      assure(attestation() != null, "Malformed attestation object.");
+      assertTrue(attestation() != null, "Malformed attestation object.");
     }
 
     @Override
@@ -252,7 +252,7 @@ class Step13 implements Step<Step14> {
 
     @Override
     public void validate() {
-      assure(
+      assertTrue(
           Crypto.sha256(rpId)
               .equals(response.getResponse().getAttestation().getAuthenticatorData().getRpIdHash()),
           "Wrong RP ID hash.");
@@ -271,7 +271,7 @@ class Step14 implements Step<Step15> {
 
     @Override
     public void validate() {
-      assure(
+      assertTrue(
           response.getResponse().getParsedAuthenticatorData().getFlags().UP,
           "User Presence is required.");
     }
@@ -294,7 +294,7 @@ public void validate() {
               .flatMap(AuthenticatorSelectionCriteria::getUserVerification)
               .orElse(UserVerificationRequirement.PREFERRED)
           == UserVerificationRequirement.REQUIRED) {
-        assure(
+        assertTrue(
             response.getResponse().getParsedAuthenticatorData().getFlags().UV,
             "User Verification is required.");
       }
@@ -323,7 +323,7 @@ public void validate() {
               .getCredentialPublicKey();
       CBORObject publicKeyCbor = CBORObject.DecodeFromBytes(publicKeyCose.getBytes());
       final int alg = publicKeyCbor.get(CBORObject.FromObject(3)).AsInt32();
-      assure(
+      assertTrue(
           request.getPubKeyCredParams().stream()
               .anyMatch(pkcparam -> pkcparam.getAlg().getId() == alg),
           "Unrequested credential key algorithm: got %d, expected one of: %s",
@@ -393,12 +393,12 @@ class Step19 implements Step<Step20> {
     public void validate() {
       attestationStatementVerifier.ifPresent(
           verifier -> {
-            assure(
+            assertTrue(
                 verifier.verifyAttestationSignature(attestation, clientDataJsonHash),
                 "Invalid attestation signature.");
           });
 
-      assure(attestationType() != null, "Failed to determine attestation type");
+      assertTrue(attestationType() != null, "Failed to determine attestation type");
     }
 
     @Override
@@ -522,7 +522,7 @@ public Step21(
 
     @Override
     public void validate() {
-      assure(
+      assertTrue(
           allowUntrustedAttestation || attestationTrusted,
           "Failed to derive trust for attestation key.");
     }
@@ -617,7 +617,7 @@ class Step22 implements Step<Finished> {
 
     @Override
     public void validate() {
-      assure(
+      assertTrue(
           credentialRepository.lookupAll(response.getId()).isEmpty(),
           "Credential ID is already registered: %s",
           response.getId());

webauthn-server-core/src/main/java/com/yubico/webauthn/PackedAttestationStatementVerifier.java

@@ -189,7 +189,7 @@ private boolean verifyX5cSignature(
                   throw new IllegalArgumentException(
                       "Packed attestation statement must have field \"alg\".");
                 }
-                ExceptionUtil.assure(
+                ExceptionUtil.assertTrue(
                     algNode.isIntegralNumber(),
                     "Field \"alg\" in packed attestation statement must be a COSEAlgorithmIdentifier.");
                 final Long sigAlgId = algNode.asLong();
@@ -276,16 +276,16 @@ public boolean verifyX5cRequirements(X509Certificate cert, ByteArray aaguid) {
     final Set<String> countries =
         CollectionUtil.immutableSet(new HashSet<>(Arrays.asList(Locale.getISOCountries())));
 
-    ExceptionUtil.assure(
+    ExceptionUtil.assertTrue(
         getDnField("C", cert).filter(countries::contains).isPresent(),
         "Invalid attestation certificate country code: %s",
         getDnField("C", cert));
 
-    ExceptionUtil.assure(
+    ExceptionUtil.assertTrue(
         getDnField("O", cert).filter(o -> !((String) o).isEmpty()).isPresent(),
         "Organization (O) field of attestation certificate DN must be present.");
 
-    ExceptionUtil.assure(
+    ExceptionUtil.assertTrue(
         getDnField("OU", cert).filter(ouValue::equals).isPresent(),
         "Organization Unit (OU) field of attestation certificate DN must be exactly \"%s\", was: %s",
         ouValue,
@@ -294,12 +294,12 @@ public boolean verifyX5cRequirements(X509Certificate cert, ByteArray aaguid) {
     CertificateParser.parseFidoAaguidExtension(cert)
         .ifPresent(
             extensionAaguid -> {
-              ExceptionUtil.assure(
+              ExceptionUtil.assertTrue(
                   Arrays.equals(aaguid.getBytes(), extensionAaguid),
                   "X.509 extension \"id-fido-gen-ce-aaguid\" is present but does not match the authenticator AAGUID.");
             });
 
-    ExceptionUtil.assure(
+    ExceptionUtil.assertTrue(
         cert.getBasicConstraints() == -1, "Attestation certificate must not be a CA certificate.");
 
     return true;