Add SPC tests

Author: fdennis

webauthn-server-core/src/test/scala/com/yubico/webauthn/RelyingPartyAssertionSpec.scala

@@ -42,8 +42,10 @@ import com.yubico.webauthn.data.CollectedClientData
 import com.yubico.webauthn.data.Extensions.LargeBlob.LargeBlobAuthenticationInput
 import com.yubico.webauthn.data.Extensions.LargeBlob.LargeBlobAuthenticationOutput
 import com.yubico.webauthn.data.Extensions.Prf.PrfAuthenticationOutput
+import com.yubico.webauthn.data.Extensions.Spc.SpcAuthenticationOutput
 import com.yubico.webauthn.data.Extensions.Uvm.UvmEntry
 import com.yubico.webauthn.data.Generators.Extensions.Prf.arbitraryPrfAuthenticationOutput
+import com.yubico.webauthn.data.Generators.Extensions.Spc.arbitrarySpcAuthenticationOutput
 import com.yubico.webauthn.data.Generators._
 import com.yubico.webauthn.data.PublicKeyCredential
 import com.yubico.webauthn.data.PublicKeyCredentialCreationOptions
@@ -2608,6 +2610,33 @@ class RelyingPartyAssertionSpec
         }
       }
 
+      it("pass through spc extension outputs when present.") {
+        forAll(minSuccessful(3)) { spcOutput: SpcAuthenticationOutput =>
+          val result = rp.finishAssertion(
+            FinishAssertionOptions
+              .builder()
+              .request(
+                testDataBase.assertion.get.request
+              )
+              .response(
+                testDataBase.assertion.get.response.toBuilder
+                  .clientExtensionResults(
+                    ClientAssertionExtensionOutputs
+                      .builder()
+                      .spc(spcOutput)
+                      .build()
+                  )
+                  .build()
+              )
+              .build()
+          )
+
+          result.getClientExtensionOutputs.get().getSpc.toScala should equal(
+            Some(spcOutput)
+          )
+        }
+      }
+
       describe("support the uvm extension") {
         it("at authentication time.") {
 

webauthn-server-core/src/test/scala/com/yubico/webauthn/RelyingPartyRegistrationSpec.scala

@@ -58,8 +58,10 @@ import com.yubico.webauthn.data.Extensions.CredentialProtection.CredentialProtec
 import com.yubico.webauthn.data.Extensions.LargeBlob.LargeBlobRegistrationInput.LargeBlobSupport
 import com.yubico.webauthn.data.Extensions.LargeBlob.LargeBlobRegistrationOutput
 import com.yubico.webauthn.data.Extensions.Prf.PrfRegistrationOutput
+import com.yubico.webauthn.data.Extensions.Spc.SpcRegistrationOutput
 import com.yubico.webauthn.data.Extensions.Uvm.UvmEntry
 import com.yubico.webauthn.data.Generators.Extensions.Prf.arbitraryPrfRegistrationOutput
+import com.yubico.webauthn.data.Generators.Extensions.Spc.arbitrarySpcRegistrationOutput
 import com.yubico.webauthn.data.Generators._
 import com.yubico.webauthn.data.PublicKeyCredential
 import com.yubico.webauthn.data.PublicKeyCredentialCreationOptions
@@ -4625,6 +4627,31 @@ class RelyingPartyRegistrationSpec
         }
       }
 
+      it("pass through spc extension outputs when present.") {
+        forAll(minSuccessful(3)) { spcOutput: SpcRegistrationOutput =>
+          val testData = RegistrationTestData.Packed.BasicAttestation
+          val result = rp.finishRegistration(
+            FinishRegistrationOptions
+              .builder()
+              .request(testData.request)
+              .response(
+                testData.response.toBuilder
+                  .clientExtensionResults(
+                    ClientRegistrationExtensionOutputs
+                      .builder()
+                      .spc(spcOutput)
+                      .build()
+                  )
+                  .build()
+              )
+              .build()
+          )
+          result.getClientExtensionOutputs.get().getSpc.toScala should equal(
+            Some(spcOutput)
+          )
+        }
+      }
+
       describe("support the uvm extension") {
         it("at registration time.") {
 

webauthn-server-core/src/test/scala/com/yubico/webauthn/RelyingPartyStartOperationSpec.scala

@@ -36,8 +36,10 @@ import com.yubico.webauthn.data.Extensions.CredentialProtection.CredentialProtec
 import com.yubico.webauthn.data.Extensions.CredentialProtection.CredentialProtectionPolicy
 import com.yubico.webauthn.data.Extensions.Prf.PrfAuthenticationInput
 import com.yubico.webauthn.data.Extensions.Prf.PrfRegistrationInput
+import com.yubico.webauthn.data.Extensions.Spc.SpcRegistrationInput
 import com.yubico.webauthn.data.Generators.Extensions.Prf.arbitraryPrfAuthenticationInput
 import com.yubico.webauthn.data.Generators.Extensions.Prf.arbitraryPrfRegistrationInput
+import com.yubico.webauthn.data.Generators.Extensions.Spc.arbitrarySpcRegistrationInput
 import com.yubico.webauthn.data.Generators.Extensions.registrationExtensionInputs
 import com.yubico.webauthn.data.Generators._
 import com.yubico.webauthn.data.PublicKeyCredentialCreationOptions
@@ -616,6 +618,38 @@ class RelyingPartyStartOperationSpec
         }
       }
 
+      it("by default does not set the spc extension.") {
+        val rp = relyingParty(userId = userId)
+        val result = rp.startRegistration(
+          StartRegistrationOptions
+            .builder()
+            .user(userId)
+            .build()
+        )
+        result.getExtensions.getSpc.toScala should be(None)
+      }
+
+      it("sets the spc extension if enabled in StartRegistrationOptions.") {
+        forAll {
+          (
+              extensions: RegistrationExtensionInputs,
+              spc: SpcRegistrationInput,
+          ) =>
+            val rp = relyingParty(userId = userId)
+            val result = rp.startRegistration(
+              StartRegistrationOptions
+                .builder()
+                .user(userId)
+                .extensions(extensions.toBuilder.spc(spc).build())
+                .build()
+            )
+
+            result.getExtensions.getSpc.toScala should equal(
+              Some(spc)
+            )
+        }
+      }
+
       it("respects the residentKey setting.") {
         val rp = relyingParty(userId = userId)