Delete interface RegistrationStorage and highlight CredentialRepository methods in demo

Author: emlun

webauthn-server-demo/src/main/java/demo/webauthn/InMemoryRegistrationStorage.java

@@ -44,22 +44,16 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-public class InMemoryRegistrationStorage implements RegistrationStorage, CredentialRepository {
+public class InMemoryRegistrationStorage implements CredentialRepository {
 
   private final Cache<String, Set<CredentialRegistration>> storage =
       CacheBuilder.newBuilder().maximumSize(1000).expireAfterAccess(1, TimeUnit.DAYS).build();
 
   private Logger logger = LoggerFactory.getLogger(InMemoryRegistrationStorage.class);
 
-  @Override
-  public boolean addRegistrationByUsername(String username, CredentialRegistration reg) {
-    try {
-      return storage.get(username, HashSet::new).add(reg);
-    } catch (ExecutionException e) {
-      logger.error("Failed to add registration", e);
-      throw new RuntimeException(e);
-    }
-  }
+  ////////////////////////////////////////////////////////////////////////////////
+  // The following methods are required by the CredentialRepository interface.
+  ////////////////////////////////////////////////////////////////////////////////
 
   @Override
   public Set<PublicKeyCredentialDescriptor> getCredentialIdsForUsername(String username) {
@@ -74,6 +68,73 @@ public Set<PublicKeyCredentialDescriptor> getCredentialIdsForUsername(String use
   }
 
   @Override
+  public Optional<String> getUsernameForUserHandle(ByteArray userHandle) {
+    return getRegistrationsByUserHandle(userHandle).stream()
+        .findAny()
+        .map(CredentialRegistration::getUsername);
+  }
+
+  @Override
+  public Optional<ByteArray> getUserHandleForUsername(String username) {
+    return getRegistrationsByUsername(username).stream()
+        .findAny()
+        .map(reg -> reg.getUserIdentity().getId());
+  }
+
+  @Override
+  public Optional<RegisteredCredential> lookup(ByteArray credentialId, ByteArray userHandle) {
+    Optional<CredentialRegistration> registrationMaybe =
+        storage.asMap().values().stream()
+            .flatMap(Collection::stream)
+            .filter(credReg -> credentialId.equals(credReg.getCredential().getCredentialId()))
+            .findAny();
+
+    logger.debug(
+        "lookup credential ID: {}, user handle: {}; result: {}",
+        credentialId,
+        userHandle,
+        registrationMaybe);
+    return registrationMaybe.flatMap(
+        registration ->
+            Optional.of(
+                RegisteredCredential.builder()
+                    .credentialId(registration.getCredential().getCredentialId())
+                    .userHandle(registration.getUserIdentity().getId())
+                    .publicKeyCose(registration.getCredential().getPublicKeyCose())
+                    .signatureCount(registration.getCredential().getSignatureCount())
+                    .build()));
+  }
+
+  @Override
+  public Set<RegisteredCredential> lookupAll(ByteArray credentialId) {
+    return CollectionUtil.immutableSet(
+        storage.asMap().values().stream()
+            .flatMap(Collection::stream)
+            .filter(reg -> reg.getCredential().getCredentialId().equals(credentialId))
+            .map(
+                reg ->
+                    RegisteredCredential.builder()
+                        .credentialId(reg.getCredential().getCredentialId())
+                        .userHandle(reg.getUserIdentity().getId())
+                        .publicKeyCose(reg.getCredential().getPublicKeyCose())
+                        .signatureCount(reg.getCredential().getSignatureCount())
+                        .build())
+            .collect(Collectors.toSet()));
+  }
+
+  ////////////////////////////////////////////////////////////////////////////////
+  // The following methods are specific to this demo application.
+  ////////////////////////////////////////////////////////////////////////////////
+
+  public boolean addRegistrationByUsername(String username, CredentialRegistration reg) {
+    try {
+      return storage.get(username, HashSet::new).add(reg);
+    } catch (ExecutionException e) {
+      logger.error("Failed to add registration", e);
+      throw new RuntimeException(e);
+    }
+  }
+
   public Collection<CredentialRegistration> getRegistrationsByUsername(String username) {
     try {
       return storage.get(username, HashSet::new);
@@ -83,7 +144,6 @@ public Collection<CredentialRegistration> getRegistrationsByUsername(String user
     }
   }
 
-  @Override
   public Collection<CredentialRegistration> getRegistrationsByUserHandle(ByteArray userHandle) {
     return storage.asMap().values().stream()
         .flatMap(Collection::stream)
@@ -93,21 +153,6 @@ public Collection<CredentialRegistration> getRegistrationsByUserHandle(ByteArray
         .collect(Collectors.toList());
   }
 
-  @Override
-  public Optional<String> getUsernameForUserHandle(ByteArray userHandle) {
-    return getRegistrationsByUserHandle(userHandle).stream()
-        .findAny()
-        .map(CredentialRegistration::getUsername);
-  }
-
-  @Override
-  public Optional<ByteArray> getUserHandleForUsername(String username) {
-    return getRegistrationsByUsername(username).stream()
-        .findAny()
-        .map(reg -> reg.getUserIdentity().getId());
-  }
-
-  @Override
   public void updateSignatureCount(AssertionResult result) {
     CredentialRegistration registration =
         getRegistrationByUsernameAndCredentialId(result.getUsername(), result.getCredentialId())
@@ -127,7 +172,6 @@ public void updateSignatureCount(AssertionResult result) {
                 .build()));
   }
 
-  @Override
   public Optional<CredentialRegistration> getRegistrationByUsernameAndCredentialId(
       String username, ByteArray id) {
     try {
@@ -140,7 +184,6 @@ public Optional<CredentialRegistration> getRegistrationByUsernameAndCredentialId
     }
   }
 
-  @Override
   public boolean removeRegistrationByUsername(
       String username, CredentialRegistration credentialRegistration) {
     try {
@@ -151,50 +194,12 @@ public boolean removeRegistrationByUsername(
     }
   }
 
-  @Override
   public boolean removeAllRegistrations(String username) {
     storage.invalidate(username);
     return true;
   }
 
-  @Override
-  public Optional<RegisteredCredential> lookup(ByteArray credentialId, ByteArray userHandle) {
-    Optional<CredentialRegistration> registrationMaybe =
-        storage.asMap().values().stream()
-            .flatMap(Collection::stream)
-            .filter(credReg -> credentialId.equals(credReg.getCredential().getCredentialId()))
-            .findAny();
-
-    logger.debug(
-        "lookup credential ID: {}, user handle: {}; result: {}",
-        credentialId,
-        userHandle,
-        registrationMaybe);
-    return registrationMaybe.flatMap(
-        registration ->
-            Optional.of(
-                RegisteredCredential.builder()
-                    .credentialId(registration.getCredential().getCredentialId())
-                    .userHandle(registration.getUserIdentity().getId())
-                    .publicKeyCose(registration.getCredential().getPublicKeyCose())
-                    .signatureCount(registration.getCredential().getSignatureCount())
-                    .build()));
-  }
-
-  @Override
-  public Set<RegisteredCredential> lookupAll(ByteArray credentialId) {
-    return CollectionUtil.immutableSet(
-        storage.asMap().values().stream()
-            .flatMap(Collection::stream)
-            .filter(reg -> reg.getCredential().getCredentialId().equals(credentialId))
-            .map(
-                reg ->
-                    RegisteredCredential.builder()
-                        .credentialId(reg.getCredential().getCredentialId())
-                        .userHandle(reg.getUserIdentity().getId())
-                        .publicKeyCose(reg.getCredential().getPublicKeyCose())
-                        .signatureCount(reg.getCredential().getSignatureCount())
-                        .build())
-            .collect(Collectors.toSet()));
+  public boolean userExists(String username) {
+    return !getRegistrationsByUsername(username).isEmpty();
   }
 }

webauthn-server-demo/src/main/java/demo/webauthn/RegistrationStorage.java

@@ -113,7 +113,7 @@ public class WebAuthnServer {
 
   private final Cache<ByteArray, AssertionRequestWrapper> assertRequestStorage;
   private final Cache<ByteArray, RegistrationRequest> registerRequestStorage;
-  private final RegistrationStorage userStorage;
+  private final InMemoryRegistrationStorage userStorage;
   private final SessionManager sessions = new SessionManager();
 
   private final TrustResolver trustResolver =
@@ -144,7 +144,7 @@ public WebAuthnServer() throws InvalidAppIdException, CertificateException {
   }
 
   public WebAuthnServer(
-      RegistrationStorage userStorage,
+      InMemoryRegistrationStorage userStorage,
       Cache<ByteArray, RegistrationRequest> registerRequestStorage,
       Cache<ByteArray, AssertionRequestWrapper> assertRequestStorage,
       RelyingPartyIdentity rpIdentity,

webauthn-server-demo/src/main/java/demo/webauthn/WebAuthnServer.java

@@ -330,7 +330,7 @@ class WebAuthnServerSpec
       testData: RegistrationTestData,
       origins: java.util.Set[String] = origins,
   ) = {
-    val userStorage: RegistrationStorage = makeUserStorage(testData)
+    val userStorage: InMemoryRegistrationStorage = makeUserStorage(testData)
 
     new WebAuthnServer(
       userStorage,