Yubico
diff --git a/‎webauthn-server-attestation/src/test/scala/com/yubico/webauthn/attestation/DeviceIdentificationSpec.scala
Lines changed: 3 additions & 16 deletions b/‎webauthn-server-attestation/src/test/scala/com/yubico/webauthn/attestation/DeviceIdentificationSpec.scala
Lines changed: 3 additions & 16 deletions
diff --git a/‎webauthn-server-core/src/test/scala/com/yubico/webauthn/RelyingPartyAssertionSpec.scala
Lines changed: 10 additions & 40 deletions b/‎webauthn-server-core/src/test/scala/com/yubico/webauthn/RelyingPartyAssertionSpec.scala
Lines changed: 10 additions & 40 deletions
diff --git a/‎webauthn-server-core/src/test/scala/com/yubico/webauthn/RelyingPartyCeremoniesSpec.scala
Lines changed: 9 additions & 41 deletions b/‎webauthn-server-core/src/test/scala/com/yubico/webauthn/RelyingPartyCeremoniesSpec.scala
Lines changed: 9 additions & 41 deletions
@@ -25,22 +25,17 @@
 package com.yubico.webauthn.attestation
 
 import java.util.Collections
-import java.util.Optional
 
-import com.yubico.internal.util.scala.JavaConverters._
 import com.yubico.internal.util.CertificateParser
 import com.yubico.internal.util.JacksonCodecs
 import com.yubico.webauthn.attestation.resolver.SimpleAttestationResolver
 import com.yubico.webauthn.attestation.resolver.SimpleTrustResolver
 import com.yubico.webauthn.test.RealExamples
-import com.yubico.webauthn.CredentialRepository
-import com.yubico.webauthn.RelyingParty
-import com.yubico.webauthn.data.ByteArray
-import com.yubico.webauthn.data.PublicKeyCredentialDescriptor
 import com.yubico.webauthn.FinishRegistrationOptions
-import com.yubico.webauthn.RegisteredCredential
+import com.yubico.webauthn.RelyingParty
 import com.yubico.webauthn.data.PublicKeyCredentialCreationOptions
 import com.yubico.webauthn.data.PublicKeyCredentialParameters
+import com.yubico.webauthn.test.Helpers
 import org.junit.runner.RunWith
 import org.scalatest.FunSpec
 import org.scalatest.Matchers
@@ -59,21 +54,13 @@ class DeviceIdentificationSpec extends FunSpec with Matchers {
     )
   }
 
-  private val emptyCredentialRepository = new CredentialRepository {
-    override def getCredentialIdsForUsername(username: String): java.util.Set[PublicKeyCredentialDescriptor] = Set.empty.asJava
-    override def getUserHandleForUsername(username: String): Optional[ByteArray] = None.asJava
-    override def getUsernameForUserHandle(userHandle: ByteArray): Optional[String] = None.asJava
-    override def lookup(credentialId: ByteArray, userHandle: ByteArray): Optional[RegisteredCredential] = None.asJava
-    override def lookupAll(credentialId: ByteArray): java.util.Set[RegisteredCredential] = Set.empty.asJava
-  }
-
   describe("A RelyingParty with the default StandardMetadataService") {
 
     describe("correctly identifies") {
       def check(expectedName: String, testData: RealExamples.Example) {
         val rp = RelyingParty.builder()
           .identity(testData.rp)
-          .credentialRepository(emptyCredentialRepository)
+          .credentialRepository(Helpers.CredentialRepository.empty)
           .metadataService(new StandardMetadataService())
           .build()
 
 
@@ -51,6 +51,7 @@ import com.yubico.webauthn.data.UserIdentity
 import com.yubico.webauthn.data.UserVerificationRequirement
 import com.yubico.webauthn.exception.InvalidSignatureCountException
 import com.yubico.webauthn.extension.appid.AppId
+import com.yubico.webauthn.test.Helpers
 import com.yubico.webauthn.test.Util.toStepWithUtilities
 import org.junit.runner.RunWith
 import org.scalacheck.Gen
@@ -73,14 +74,6 @@ class RelyingPartyAssertionSpec extends FunSpec with Matchers with GeneratorDriv
   private def sha256(bytes: ByteArray): ByteArray = crypto.hash(bytes)
   private def sha256(data: String): ByteArray = sha256(new ByteArray(data.getBytes(Charset.forName("UTF-8"))))
 
-  private val emptyCredentialRepository = new CredentialRepository {
-    override def getCredentialIdsForUsername(username: String): java.util.Set[PublicKeyCredentialDescriptor] = Set.empty.asJava
-    override def getUserHandleForUsername(username: String): Optional[ByteArray] = None.asJava
-    override def getUsernameForUserHandle(userHandle: ByteArray): Optional[String] = None.asJava
-    override def lookup(credentialId: ByteArray, userHandle: ByteArray): Optional[RegisteredCredential] = None.asJava
-    override def lookupAll(credentialId: ByteArray): java.util.Set[RegisteredCredential] = Set.empty.asJava
-  }
-
   private object Defaults {
 
     val rpId = RelyingPartyIdentity.builder().id("localhost").name("Test party").build()
@@ -123,29 +116,6 @@ class RelyingPartyAssertionSpec extends FunSpec with Matchers with GeneratorDriv
 
   private def getPublicKeyBytes(credentialKey: KeyPair): ByteArray = WebAuthnTestCodecs.ecPublicKeyToCose(credentialKey.getPublic.asInstanceOf[ECPublicKey])
 
-  private def credRepoWithUser(user: UserIdentity, credential: RegisteredCredential): CredentialRepository = new CredentialRepository {
-    override def getCredentialIdsForUsername(username: String): java.util.Set[PublicKeyCredentialDescriptor] =
-      if (username == user.getName)
-        Set(PublicKeyCredentialDescriptor.builder().id(credential.getCredentialId).build()).asJava
-      else Set.empty.asJava
-    override def getUserHandleForUsername(username: String): Optional[ByteArray] =
-      if (username == user.getName)
-        Some(user.getId).asJava
-      else None.asJava
-    override def getUsernameForUserHandle(userHandle: ByteArray): Optional[String] =
-      if (userHandle == user.getId)
-        Some(user.getName).asJava
-      else None.asJava
-    override def lookup(credentialId: ByteArray, userHandle: ByteArray): Optional[RegisteredCredential] =
-      if (credentialId == credential.getCredentialId && userHandle == user.getId)
-        Some(credential).asJava
-      else None.asJava
-    override def lookupAll(credentialId: ByteArray): java.util.Set[RegisteredCredential] =
-      if (credentialId == credential.getCredentialId)
-        Set(credential).asJava
-      else Set.empty.asJava
-  }
-
   def finishAssertion(
     allowCredentials: Option[java.util.List[PublicKeyCredentialDescriptor]] = Some(List(PublicKeyCredentialDescriptor.builder().id(Defaults.credentialId).build()).asJava),
     allowOriginPort: Boolean = false,
@@ -242,7 +212,7 @@ class RelyingPartyAssertionSpec extends FunSpec with Matchers with GeneratorDriv
       it(s"If the parameter is not set, or set to empty, the default of ${default} is used.") {
         val rp = RelyingParty.builder()
           .identity(Defaults.rpId)
-          .credentialRepository(emptyCredentialRepository)
+          .credentialRepository(Helpers.CredentialRepository.empty)
           .build()
         val request1 = rp.startAssertion(StartAssertionOptions.builder().build())
         val request2 = rp.startAssertion(StartAssertionOptions.builder().userVerification(Optional.empty[UserVerificationRequirement]).build())
@@ -254,7 +224,7 @@ class RelyingPartyAssertionSpec extends FunSpec with Matchers with GeneratorDriv
       it(s"If the parameter is set, that value is used.") {
         val rp = RelyingParty.builder()
           .identity(Defaults.rpId)
-          .credentialRepository(emptyCredentialRepository)
+          .credentialRepository(Helpers.CredentialRepository.empty)
           .build()
 
         forAll { uv: UserVerificationRequirement =>
@@ -397,7 +367,7 @@ class RelyingPartyAssertionSpec extends FunSpec with Matchers with GeneratorDriv
       describe("3. Using credential’s id attribute (or the corresponding rawId, if base64url encoding is inappropriate for your use case), look up the corresponding credential public key.") {
         it("Fails if the credential ID is unknown.") {
           val steps = finishAssertion(
-            credentialRepository = Some(emptyCredentialRepository)
+            credentialRepository = Some(Helpers.CredentialRepository.empty)
           )
           val step: steps.Step3 = new steps.Step3(Defaults.username, Defaults.userHandle, Nil.asJava)
 
@@ -408,7 +378,7 @@ class RelyingPartyAssertionSpec extends FunSpec with Matchers with GeneratorDriv
 
         it("Succeeds if the credential ID is known.") {
           val steps = finishAssertion(
-            credentialRepository = Some(credRepoWithUser(
+            credentialRepository = Some(Helpers.CredentialRepository.withUser(
               Defaults.user,
               RegisteredCredential.builder()
                 .credentialId(Defaults.credentialId)
@@ -1144,7 +1114,7 @@ class RelyingPartyAssertionSpec extends FunSpec with Matchers with GeneratorDriv
       describe("17. If the signature counter value authData.signCount is nonzero or the value stored in conjunction with credential’s id attribute is nonzero, then run the following sub-step:") {
         describe("If the signature counter value authData.signCount is") {
           def credentialRepository(signatureCount: Long) =
-            credRepoWithUser(
+            Helpers.CredentialRepository.withUser(
               Defaults.user,
               RegisteredCredential.builder()
                 .credentialId(Defaults.credentialId)
@@ -1304,7 +1274,7 @@ class RelyingPartyAssertionSpec extends FunSpec with Matchers with GeneratorDriv
         new TypeReference[PublicKeyCredential[AuthenticatorAssertionResponse, ClientAssertionExtensionOutputs]](){}
       )
 
-      val credRepo = credRepoWithUser(
+      val credRepo = Helpers.CredentialRepository.withUser(
         testData.userId,
         RegisteredCredential.builder()
           .credentialId(testData.response.getId)
@@ -1413,7 +1383,7 @@ class RelyingPartyAssertionSpec extends FunSpec with Matchers with GeneratorDriv
       val credId: ByteArray = credData.getCredentialId
       val publicKeyBytes: ByteArray = credData.getCredentialPublicKey
 
-      val credRepo = credRepoWithUser(
+      val credRepo = Helpers.CredentialRepository.withUser(
         registrationRequest.getUser,
         RegisteredCredential.builder()
           .credentialId(registrationResponse.getId)
@@ -1448,7 +1418,7 @@ class RelyingPartyAssertionSpec extends FunSpec with Matchers with GeneratorDriv
 
       val rp = RelyingParty.builder()
         .identity(RelyingPartyIdentity.builder().id("localhost").name("Test RP").build())
-        .credentialRepository(credRepoWithUser(registrationTestData.userId, RegisteredCredential.builder()
+        .credentialRepository(Helpers.CredentialRepository.withUser(registrationTestData.userId, RegisteredCredential.builder()
           .credentialId(registrationTestData.response.getId)
           .userHandle(registrationTestData.userId.getId)
           .publicKeyCose(registrationTestData.response.getResponse.getParsedAuthenticatorData.getAttestedCredentialData.get.getCredentialPublicKey)
@@ -1474,7 +1444,7 @@ class RelyingPartyAssertionSpec extends FunSpec with Matchers with GeneratorDriv
 
         val rp = RelyingParty.builder()
           .identity(RelyingPartyIdentity.builder().id("localhost").name("Test RP").build())
-          .credentialRepository(credRepoWithUser(registrationTestData.userId, RegisteredCredential.builder()
+          .credentialRepository(Helpers.CredentialRepository.withUser(registrationTestData.userId, RegisteredCredential.builder()
             .credentialId(registrationTestData.response.getId)
             .userHandle(registrationTestData.userId.getId)
             .publicKeyCose(registrationTestData.response.getResponse.getParsedAuthenticatorData.getAttestedCredentialData.get.getCredentialPublicKey)
 
@@ -24,14 +24,11 @@
 
 package com.yubico.webauthn
 
-import java.util.Optional
-
-import com.yubico.internal.util.scala.JavaConverters._
-import com.yubico.webauthn.data.ByteArray
 import com.yubico.webauthn.data.PublicKeyCredentialCreationOptions
 import com.yubico.webauthn.data.PublicKeyCredentialDescriptor
 import com.yubico.webauthn.data.PublicKeyCredentialParameters
 import com.yubico.webauthn.data.PublicKeyCredentialRequestOptions
+import com.yubico.webauthn.test.Helpers
 import com.yubico.webauthn.test.RealExamples
 import org.junit.runner.RunWith
 import org.scalatest.FunSpec
@@ -50,46 +47,11 @@ class RelyingPartyCeremoniesSpec extends FunSpec with Matchers {
       .credentialRepository(credentialRepo)
       .build()
 
-  private val emptyCredentialRepository = new CredentialRepository {
-    override def getCredentialIdsForUsername(username: String): java.util.Set[PublicKeyCredentialDescriptor] = Set.empty.asJava
-    override def getUserHandleForUsername(username: String): Optional[ByteArray] = None.asJava
-    override def getUsernameForUserHandle(userHandle: ByteArray): Optional[String] = None.asJava
-    override def lookup(credentialId: ByteArray, userHandle: ByteArray): Optional[RegisteredCredential] = None.asJava
-    override def lookupAll(credentialId: ByteArray): java.util.Set[RegisteredCredential] = Set.empty.asJava
-  }
-
-  private def credentialRepoWithUser(testData: RealExamples.Example, reg: RegistrationResult): CredentialRepository = new CredentialRepository {
-    override def getCredentialIdsForUsername(username: String): java.util.Set[PublicKeyCredentialDescriptor] =
-      if (username == testData.user.getName)
-        Set(PublicKeyCredentialDescriptor.builder().id(reg.getKeyId.getId).build()).asJava
-      else Set.empty.asJava
-    override def getUserHandleForUsername(username: String): Optional[ByteArray] =
-      if (username == testData.user.getName)
-        Some(testData.user.getId).asJava
-      else None.asJava
-    override def getUsernameForUserHandle(userHandle: ByteArray): Optional[String] =
-      if (userHandle == testData.user.getId)
-        Some(testData.user.getName).asJava
-      else None.asJava
-    override def lookup(credentialId: ByteArray, userHandle: ByteArray): Optional[RegisteredCredential] =
-      if (credentialId == reg.getKeyId.getId && userHandle == testData.user.getId)
-        Some(RegisteredCredential.builder()
-          .credentialId(reg.getKeyId.getId)
-          .userHandle(testData.user.getId)
-          .publicKeyCose(reg.getPublicKeyCose)
-          .build()).asJava
-      else None.asJava
-    override def lookupAll(credentialId: ByteArray): java.util.Set[RegisteredCredential] =
-      if (credentialId == reg.getKeyId.getId)
-        Set(lookup(credentialId, testData.user.getId).get()).asJava
-      else Set.empty.asJava
-  }
-
   describe("The default RelyingParty settings") {
 
     describe("can register and then authenticate") {
       def check(testData: RealExamples.Example) {
-        val registrationRp = newRp(testData, emptyCredentialRepository)
+        val registrationRp = newRp(testData, Helpers.CredentialRepository.empty)
 
         val registrationResult = registrationRp.finishRegistration(FinishRegistrationOptions.builder()
           .request(PublicKeyCredentialCreationOptions.builder()
@@ -105,7 +67,13 @@ class RelyingPartyCeremoniesSpec extends FunSpec with Matchers {
         registrationResult.isAttestationTrusted should be (false)
         registrationResult.getAttestationMetadata.isPresent should be (false)
 
-        val assertionRp = newRp(testData, credentialRepoWithUser(testData, registrationResult))
+        val assertionRp = newRp(
+          testData,
+          Helpers.CredentialRepository.withUser(
+            testData.user,
+            Helpers.toRegisteredCredential(testData.user, registrationResult)
+          )
+        )
 
         val assertionResult = assertionRp.finishAssertion(FinishAssertionOptions.builder()
           .request(AssertionRequest.builder()