-
Notifications
You must be signed in to change notification settings - Fork 44
Expand file tree
/
Copy pathWebAuthnAuthenticationToken.java
More file actions
49 lines (42 loc) · 1.51 KB
/
Copy pathWebAuthnAuthenticationToken.java
File metadata and controls
49 lines (42 loc) · 1.51 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
package com.digitalsanctuary.spring.user.security;
import java.util.Collection;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
/**
* Authentication token representing a successful WebAuthn/passkey authentication.
*
* <p>
* This token replaces the use of {@link org.springframework.security.authentication.UsernamePasswordAuthenticationToken}
* for WebAuthn logins, making it possible to distinguish passkey-based sessions from password-based sessions
* in security logic and audit trails.
* </p>
*
* <p>
* The principal is the application's {@link UserDetails} (typically {@code DSUserDetails}), and
* {@link #getCredentials()} returns {@code null} because no password is involved in WebAuthn authentication.
* </p>
*/
public class WebAuthnAuthenticationToken extends AbstractAuthenticationToken {
private static final long serialVersionUID = 1L;
private final UserDetails principal;
/**
* Creates a new WebAuthn authentication token.
*
* @param principal the authenticated user details
* @param authorities the granted authorities
*/
public WebAuthnAuthenticationToken(UserDetails principal, Collection<? extends GrantedAuthority> authorities) {
super(authorities);
this.principal = principal;
setAuthenticated(true);
}
@Override
public Object getCredentials() {
return null;
}
@Override
public Object getPrincipal() {
return principal;
}
}