fix(jans-fido2): #9248 Renaming domain to origin and application id t…

…o RpId

Signed-off-by: Madhumita <madhu@gluu.org>

jans-fido2/server/src/main/java/io/jans/fido2/service/operation/AssertionService.java

@@ -188,10 +188,10 @@ public AssertionOptionsResponse options(AssertionOptions assertionOptions) {
 		Fido2AuthenticationData entity = new Fido2AuthenticationData();
 		entity.setUsername(username);
 		entity.setChallenge(challenge);
-		entity.setDomain(documentDomain);
+		entity.setOrigin(documentDomain);
 		entity.setUserVerificationOption(userVerification);
 		entity.setStatus(Fido2AuthenticationStatus.pending);
-		entity.setApplicationId(documentDomain);
+		entity.setRpId(documentDomain);
 
 
 		// Store original request
@@ -251,10 +251,10 @@ public AsserOptGenerateResponse generateOptions(AssertionOptionsGenerate asserti
 		Fido2AuthenticationData entity = new Fido2AuthenticationData();
 		entity.setUsername(null);
 		entity.setChallenge(challenge);
-		entity.setDomain(documentDomain);
+		entity.setOrigin(documentDomain);
 		entity.setUserVerificationOption(userVerification);
 		entity.setStatus(Fido2AuthenticationStatus.pending);
-		entity.setApplicationId(documentDomain);
+		entity.setRpId(documentDomain);
 
 		// Store original request
 		entity.setAssertionRequest(CommonUtilService.toJsonNode(assertionOptionsGenerate).toString());
@@ -307,7 +307,7 @@ public AttestationOrAssertionResponse verify(AssertionResult assertionResult) {
 		Fido2AuthenticationData authenticationData = authenticationEntity.getAuthenticationData();
 
 		// Verify domain
-		domainVerifier.verifyDomain(authenticationData.getDomain(), clientJsonNode);
+		domainVerifier.verifyDomain(authenticationData.getOrigin(), clientJsonNode);
 
 		// Find registered public key
 		Fido2RegistrationEntry registrationEntry = registrationPersistenceService.findByPublicKeyId(keyId, authenticationEntity.getRpId())
@@ -452,11 +452,11 @@ private Pair<List<PublicKeyCredentialDescriptor>, String> prepareAllowedCredenti
 		});
 
 		Optional<Fido2RegistrationEntry> fidoRegistration = allowedFido2Registrations.parallelStream()
-				.filter(f -> StringUtils.isNotEmpty(f.getRegistrationData().getApplicationId())).findAny();
+				.filter(f -> StringUtils.isNotEmpty(f.getRegistrationData().getRpId())).findAny();
 		String applicationId = null;
 
 		// applicationId should not be sent incase of pure fido2
-		applicationId = fidoRegistration.get().getRegistrationData().getApplicationId();
+		applicationId = fidoRegistration.get().getRegistrationData().getRpId();
 
 		return Pair.of(allowedFido2Keys, applicationId);
 	}

jans-fido2/server/src/main/java/io/jans/fido2/service/operation/AttestationService.java

@@ -241,15 +241,15 @@ else if(hints.contains(PublicKeyCredentialHints.SECURITY_KEY.getValue()) || hint
 		entity.setUsername(attestationOptions.getUsername());
 		entity.setUserId(userId);
 		entity.setChallenge(challenge);
-		entity.setDomain(documentDomain);
+		entity.setOrigin(documentDomain);
 		entity.setStatus(Fido2RegistrationStatus.pending);
 		//if (params.hasNonNull(CommonVerifiers.SUPER_GLUU_APP_ID)) {
 		/*
 		 * if (!Strings.isNullOrEmpty(attestationOptions.getSuperGluuAppId())) {
 		 * entity.setApplicationId(attestationOptions.getSuperGluuAppId()); } else {
 		 */
 		// TODO: this can be removed out in the future
-			entity.setApplicationId(documentDomain);
+			entity.setRpId(documentDomain);
 		//}
 
 		// Store original requests
@@ -304,7 +304,7 @@ public AttestationOrAssertionResponse verify(AttestationResult attestationResult
 		Fido2RegistrationData registrationData = registrationEntry.getRegistrationData();
 
 		// Verify domain
-		domainVerifier.verifyDomain(registrationData.getDomain(), clientDataJSONNode);
+		domainVerifier.verifyDomain(registrationData.getOrigin(), clientDataJSONNode);
 
 		// Verify authenticator attestation response
 		CredAndCounterData attestationData = attestationVerifier.verifyAuthenticatorAttestationResponse(attestationResult.getResponse(),

jans-fido2/server/src/main/java/io/jans/fido2/service/persist/AuthenticationPersistenceService.java

@@ -101,7 +101,7 @@ public Fido2AuthenticationEntry buildFido2AuthenticationEntry(Fido2Authenticatio
         if (StringUtils.isNotEmpty(challenge)) {
         	authenticationEntity.setChallengeHash(challengeGenerator.getChallengeHashCode(challenge));
         }
-        authenticationEntity.setRpId(authenticationData.getApplicationId());
+        authenticationEntity.setRpId(authenticationData.getRpId());
 
         authenticationData.setCreatedDate(now);
         authenticationData.setCreatedBy(userName);

jans-fido2/server/src/main/java/io/jans/fido2/service/persist/RegistrationPersistenceService.java

@@ -91,7 +91,7 @@ public Fido2RegistrationEntry buildFido2RegistrationEntry(Fido2RegistrationData
         if (StringUtils.isNotEmpty(challenge)) {
         	registrationEntry.setChallengeHash(getChallengeHashCode(challenge));
         }
-        registrationEntry.setRpId(registrationData.getApplicationId());
+        registrationEntry.setRpId(registrationData.getRpId());
 
         registrationData.setCreatedDate(now);
         registrationData.setCreatedBy(userName);

jans-fido2/server/src/main/java/io/jans/fido2/service/processor/attestation/U2FAttestationProcessor.java

@@ -99,7 +99,7 @@ public void process(JsonNode attStmt, AuthData authData, Fido2RegistrationData r
         commonVerifiers.verifyAAGUIDZeroed(authData);
 
         userVerificationVerifier.verifyUserPresent(authData);
-        commonVerifiers.verifyRpIdHash(authData, registration.getDomain());
+        commonVerifiers.verifyRpIdHash(authData, registration.getOrigin());
 
         if (attStmt.hasNonNull("x5c")) {
             Iterator<JsonNode> i = attStmt.get("x5c").elements();

jans-fido2/server/src/main/java/io/jans/fido2/service/processor/attestation/U2FSuperGluuAttestationProcessor.java

@@ -119,7 +119,7 @@ public void process(JsonNode attStmt, AuthData authData, Fido2RegistrationData r
             byte[] challengeHash = DigestUtils.getSha256Digest().digest(registration.getChallenge().getBytes(Charset.forName("UTF-8")));
 
             // RP ID hash is application for Super Gluu
-            byte[] rpIdhash = DigestUtils.getSha256Digest().digest(registration.getApplicationId().getBytes(Charset.forName("UTF-8")));
+            byte[] rpIdhash = DigestUtils.getSha256Digest().digest(registration.getRpId().getBytes(Charset.forName("UTF-8")));
 
             authenticatorDataVerifier.verifyU2FAttestationSignature(authData, rpIdhash, challengeHash, signature, verifiedCert, alg);
         }

jans-fido2/server/src/main/java/io/jans/fido2/service/verifier/AssertionVerifier.java

@@ -93,7 +93,7 @@ public void verifyAuthenticatorAssertionResponse(Response response, Fido2Registr
     public void process(String base64AuthenticatorData, String signature, String clientDataJson, Fido2RegistrationData registration,
             Fido2AuthenticationData authenticationEntity) {
         AuthData authData = authenticatorDataParser.parseAssertionData(base64AuthenticatorData);
-        commonVerifiers.verifyRpIdHash(authData, registration.getDomain());
+        commonVerifiers.verifyRpIdHash(authData, registration.getOrigin());
 
         log.debug("User verification option {}", authenticationEntity.getUserVerificationOption());
         userVerificationVerifier.verifyUserVerificationOption(authenticationEntity.getUserVerificationOption(), authData);

jans-fido2/server/src/main/java/io/jans/u2f/service/persist/DeviceRegistrationService.java

@@ -160,7 +160,7 @@ protected Fido2RegistrationData convertToFido2RegistrationData(String documentDo
 		registrationData.setUpdatedBy(username);
 
 		registrationData.setUsername(username);
-		registrationData.setDomain(documentDomain);
+		registrationData.setOrigin(documentDomain);
 
 		JsonNode uncompressedECPoint = coseService.convertECKeyToUncompressedPoint(
 				base64Service.urlDecode(fidoRegistration.getDeviceRegistrationConfiguration().getPublicKey()));
@@ -179,7 +179,7 @@ protected Fido2RegistrationData convertToFido2RegistrationData(String documentDo
 
 		registrationData.setStatus(Fido2RegistrationStatus.registered);
 
-		registrationData.setApplicationId(fidoRegistration.getApplication());
+		registrationData.setRpId(fidoRegistration.getApplication());
 
 		return registrationData;
 	}

jans-fido2/server/src/test/java/io/jans/fido2/service/processor/attestation/U2FAttestationProcessorTest.java

@@ -87,7 +87,7 @@ void process_ifAttStmtHasX5cAndVerifyAttestationThrowErrorAndCertificatesIsEmpty
         byte[] clientDataHash = new byte[]{};
         CredAndCounterData credIdAndCounters = mock(CredAndCounterData.class);
         JsonNode x5cNode = mock(JsonNode.class);
-        when(registration.getDomain()).thenReturn("test-domain");
+        when(registration.getOrigin()).thenReturn("test-domain");
         when(attStmt.hasNonNull("x5c")).thenReturn(true);
         when(attStmt.get("x5c")).thenReturn(x5cNode);
         when(x5cNode.elements()).thenReturn(Collections.emptyIterator());
@@ -124,7 +124,7 @@ void process_ifAttStmprocess_ifAttStmtHasX5cAndVerifyAttestationThrowErrorAndCer
         byte[] clientDataHash = new byte[]{};
         CredAndCounterData credIdAndCounters = mock(CredAndCounterData.class);
         JsonNode x5cNode = mock(JsonNode.class);
-        when(registration.getDomain()).thenReturn("test-domain");
+        when(registration.getOrigin()).thenReturn("test-domain");
         when(attStmt.hasNonNull("x5c")).thenReturn(true);
         when(attStmt.get("x5c")).thenReturn(x5cNode);
         when(x5cNode.elements()).thenReturn(Collections.singletonList((JsonNode) new TextNode("cert1")).iterator());
@@ -162,7 +162,8 @@ void process_ifAttStmtHasX5cAndCertificatesIsNotEmptyAndVerifyAttestationIsValid
         byte[] clientDataHash = new byte[]{};
         CredAndCounterData credIdAndCounters = mock(CredAndCounterData.class);
         JsonNode x5cNode = mock(JsonNode.class);
-        when(registration.getDomain()).thenReturn("test-domain");
+        when(registration.getOrigin
+        		()).thenReturn("test-domain");
         when(attStmt.hasNonNull("x5c")).thenReturn(true);
         when(attStmt.get("x5c")).thenReturn(x5cNode);
         when(x5cNode.elements()).thenReturn(Collections.singletonList((JsonNode) new TextNode("cert1")).iterator());
@@ -193,7 +194,7 @@ void process_ifAttStmtHasEcdaaKeyId_badRequestException() {
         Fido2RegistrationData registration = mock(Fido2RegistrationData.class);
         byte[] clientDataHash = new byte[]{};
         CredAndCounterData credIdAndCounters = mock(CredAndCounterData.class);
-        when(registration.getDomain()).thenReturn("test-domain");
+        when(registration.getOrigin()).thenReturn("test-domain");
         when(attStmt.get("sig")).thenReturn(mock(JsonNode.class));
         when(attStmt.hasNonNull("x5c")).thenReturn(false);
         when(attStmt.hasNonNull("ecdaaKeyId")).thenReturn(true);
@@ -222,7 +223,7 @@ void process_ifAttStmtNotIsX5cOrEcdaaKeyId_success() {
         Fido2RegistrationData registration = mock(Fido2RegistrationData.class);
         byte[] clientDataHash = new byte[]{};
         CredAndCounterData credIdAndCounters = mock(CredAndCounterData.class);
-        when(registration.getDomain()).thenReturn("test-domain");
+        when(registration.getOrigin()).thenReturn("test-domain");
         when(authData.getAuthDataDecoded()).thenReturn("test-decoded".getBytes());
         when(attStmt.get("sig")).thenReturn(mock(JsonNode.class));
         when(commonVerifiers.verifyBase64String(any())).thenReturn("test-signature");