TokenBindingValidator.java

1 
// Copyright (c) 2018, Yubico AB
2 
// All rights reserved.
3 
//
4 
// Redistribution and use in source and binary forms, with or without
5 
// modification, are permitted provided that the following conditions are met:
6 
//
7 
// 1. Redistributions of source code must retain the above copyright notice, this
8 
//    list of conditions and the following disclaimer.
9 
//
10 
// 2. Redistributions in binary form must reproduce the above copyright notice,
11 
//    this list of conditions and the following disclaimer in the documentation
12 
//    and/or other materials provided with the distribution.
13 
//
14 
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
15 
// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 
// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
17 
// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
18 
// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 
// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
20 
// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
21 
// CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
22 
// OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
23 
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24
25 
package com.yubico.webauthn;
26
27 
import com.yubico.webauthn.data.ByteArray;
28 
import com.yubico.webauthn.data.TokenBindingInfo;
29 
import java.util.Optional;
30
31 
final class TokenBindingValidator {
32
33 
  static boolean validate(
34 
      Optional<TokenBindingInfo> clientTokenBinding, Optional<ByteArray> rpTokenBindingId) {
35 2 1. validate : replaced boolean return with false for com/yubico/webauthn/TokenBindingValidator::validate → SURVIVED
2. validate : replaced boolean return with true for com/yubico/webauthn/TokenBindingValidator::validate → SURVIVED
 
    return rpTokenBindingId
36 
        .map(
37 
            rpToken ->
38 
                clientTokenBinding
39 
                    .map(
40 
                        tbi -> {
41 
                          switch (tbi.getStatus()) {
42 
                            case SUPPORTED:
43
44 
                            case PRESENT:
45 2 1. lambda$validate$2 : replaced Boolean return with False for com/yubico/webauthn/TokenBindingValidator::lambda$validate$2 → SURVIVED
2. lambda$validate$2 : replaced Boolean return with True for com/yubico/webauthn/TokenBindingValidator::lambda$validate$2 → SURVIVED
 
                              return tbi.getId()
46 
                                  .map(
47 
                                      id -> {
48 1 1. lambda$validate$0 : negated conditional → KILLED
 
                                        if (id.equals(rpToken)) {
49 1 1. lambda$validate$0 : replaced Boolean return with False for com/yubico/webauthn/TokenBindingValidator::lambda$validate$0 → SURVIVED
 
                                          return true;
50 
                                        } else {
51 
                                          throw new IllegalArgumentException(
52 
                                              "Incorrect token binding ID.");
53 
                                        }
54 
                                      })
55 
                                  .orElseThrow(
56 
                                      () ->
57 1 1. lambda$validate$1 : replaced return value with null for com/yubico/webauthn/TokenBindingValidator::lambda$validate$1 → KILLED
 
                                          new IllegalArgumentException(
58 
                                              "Property \"id\" missing from \"tokenBinding\" object."));
59 
                          }
60 
                          throw new RuntimeException(
61 
                              "Unknown token binding status: " + tbi.getStatus());
62 
                        })
63 2 1. lambda$validate$4 : replaced Boolean return with True for com/yubico/webauthn/TokenBindingValidator::lambda$validate$4 → SURVIVED
2. lambda$validate$4 : replaced Boolean return with False for com/yubico/webauthn/TokenBindingValidator::lambda$validate$4 → SURVIVED
 
                    .orElseThrow(
64 
                        () ->
65 1 1. lambda$validate$3 : replaced return value with null for com/yubico/webauthn/TokenBindingValidator::lambda$validate$3 → KILLED
 
                            new IllegalArgumentException(
66 
                                "Token binding ID set by RP but not by client.")))
67 
        .orElseGet(
68 
            () ->
69 
                clientTokenBinding
70 
                    .map(
71 
                        tbi -> {
72 
                          switch (tbi.getStatus()) {
73 
                            case SUPPORTED:
74 1 1. lambda$validate$5 : replaced Boolean return with False for com/yubico/webauthn/TokenBindingValidator::lambda$validate$5 → SURVIVED
 
                              return true;
75
76 
                            case PRESENT:
77 
                              throw new IllegalArgumentException(
78 
                                  "Token binding ID set by client but not by RP.");
79 
                          }
80 
                          throw new RuntimeException(
81 
                              "Unknown token binding status: " + tbi.getStatus());
82 
                        })
83 2 1. lambda$validate$6 : replaced Boolean return with False for com/yubico/webauthn/TokenBindingValidator::lambda$validate$6 → SURVIVED
2. lambda$validate$6 : replaced Boolean return with True for com/yubico/webauthn/TokenBindingValidator::lambda$validate$6 → SURVIVED
 
                    .orElse(true));
84 
  }
85 
}

Mutations

35

1.1
Location : validate
Killed by : none replaced boolean return with false for com/yubico/webauthn/TokenBindingValidator::validate → SURVIVED

2.2
Location : validate
Killed by : none replaced boolean return with true for com/yubico/webauthn/TokenBindingValidator::validate → SURVIVED
45

1.1
Location : lambda$validate$2
Killed by : none replaced Boolean return with False for com/yubico/webauthn/TokenBindingValidator::lambda$validate$2 → SURVIVED

2.2
Location : lambda$validate$2
Killed by : none replaced Boolean return with True for com/yubico/webauthn/TokenBindingValidator::lambda$validate$2 → SURVIVED
48

1.1
Location : lambda$validate$0
Killed by : com.yubico.webauthn.RelyingPartyV2AssertionSpec negated conditional → KILLED
49

1.1
Location : lambda$validate$0
Killed by : none replaced Boolean return with False for com/yubico/webauthn/TokenBindingValidator::lambda$validate$0 → SURVIVED
57

1.1
Location : lambda$validate$1
Killed by : com.yubico.webauthn.RelyingPartyV2AssertionSpec replaced return value with null for com/yubico/webauthn/TokenBindingValidator::lambda$validate$1 → KILLED
63

1.1
Location : lambda$validate$4
Killed by : none replaced Boolean return with True for com/yubico/webauthn/TokenBindingValidator::lambda$validate$4 → SURVIVED

2.2
Location : lambda$validate$4
Killed by : none replaced Boolean return with False for com/yubico/webauthn/TokenBindingValidator::lambda$validate$4 → SURVIVED
65

1.1
Location : lambda$validate$3
Killed by : com.yubico.webauthn.RelyingPartyV2AssertionSpec replaced return value with null for com/yubico/webauthn/TokenBindingValidator::lambda$validate$3 → KILLED
74

1.1
Location : lambda$validate$5
Killed by : none replaced Boolean return with False for com/yubico/webauthn/TokenBindingValidator::lambda$validate$5 → SURVIVED
83

1.1
Location : lambda$validate$6
Killed by : none replaced Boolean return with False for com/yubico/webauthn/TokenBindingValidator::lambda$validate$6 → SURVIVED

2.2
Location : lambda$validate$6
Killed by : none replaced Boolean return with True for com/yubico/webauthn/TokenBindingValidator::lambda$validate$6 → SURVIVED

Active mutators

Tests examined


Report generated by PIT 1.15.0