From 69349052d4644d81d21ccfaca03157bbfa19e435 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20=C3=89pardaud?= <stef@epardaud.fr>
Date: Thu, 25 Jan 2024 11:16:47 +0100
Subject: [PATCH] Updated webauthn quickstarts

---
 .../src/main/resources/META-INF/resources/index.html     | 9 +++++----
 .../security/webauthn/test/WebAuthnResourceTest.java     | 6 +++---
 .../java/org/acme/security/webauthn/LoginResource.java   | 6 +++---
 .../java/org/acme/security/webauthn/MyWebAuthnSetup.java | 9 ++++-----
 .../src/main/resources/META-INF/resources/index.html     | 9 +++++----
 .../security/webauthn/test/WebAuthnResourceTest.java     | 6 +++---
 6 files changed, 23 insertions(+), 22 deletions(-)

diff --git a/security-webauthn-quickstart/src/main/resources/META-INF/resources/index.html b/security-webauthn-quickstart/src/main/resources/META-INF/resources/index.html
index 4809fbcd8b..76e5a7aa88 100644
--- a/security-webauthn-quickstart/src/main/resources/META-INF/resources/index.html
+++ b/security-webauthn-quickstart/src/main/resources/META-INF/resources/index.html
@@ -48,6 +48,7 @@
       <li><a href="/api/users/me">User API</a></li>
       <li><a href="/api/admin">Admin API</a></li>
       <li><a href="/q/webauthn/logout">Logout</a></li>
+     </ul>
     </nav>
     <div class="container">
      <div class="item">
@@ -86,7 +87,7 @@ <h1>Register</h1>
       
       const loginButton = document.getElementById('login');
       
-      loginButton.onclick = () => {
+      loginButton.addEventListener("click", (e) => {
         var userName = document.getElementById('userNameLogin').value;
         result.replaceChildren();
         webAuthn.login({ name: userName })
@@ -97,11 +98,11 @@ <h1>Register</h1>
             result.append("Login failed: "+err);
           });
         return false;
-      };
+      });
 
       const registerButton = document.getElementById('register');
       
-      registerButton.onclick = () => {
+      registerButton.addEventListener("click", (e) => {
         var userName = document.getElementById('userNameRegister').value;
         var firstName = document.getElementById('firstName').value;
         var lastName = document.getElementById('lastName').value;
@@ -114,7 +115,7 @@ <h1>Register</h1>
             result.append("Registration failed: "+err);
           });
         return false;
-      };
+      });
     </script>
   </body>
 </html>
diff --git a/security-webauthn-quickstart/src/test/java/org/acme/security/webauthn/test/WebAuthnResourceTest.java b/security-webauthn-quickstart/src/test/java/org/acme/security/webauthn/test/WebAuthnResourceTest.java
index 388e1c865c..27fb7c7039 100644
--- a/security-webauthn-quickstart/src/test/java/org/acme/security/webauthn/test/WebAuthnResourceTest.java
+++ b/security-webauthn-quickstart/src/test/java/org/acme/security/webauthn/test/WebAuthnResourceTest.java
@@ -96,9 +96,9 @@ private void invokeCustomEndpoint(String uri, Filter cookieFilter, Consumer<Requ
         .then()
         .statusCode(200)
         .log().ifValidationFails()
-        .cookie(WebAuthnController.CHALLENGE_COOKIE, Matchers.is(""))
-        .cookie(WebAuthnController.USERNAME_COOKIE, Matchers.is(""))
-        .cookie("quarkus-credential", Matchers.notNullValue());
+        .cookie(WebAuthnEndpointHelper.getChallengeCookie(), Matchers.is(""))
+        .cookie(WebAuthnEndpointHelper.getChallengeUsernameCookie(), Matchers.is(""))
+        .cookie(WebAuthnEndpointHelper.getMainCookie(), Matchers.notNullValue());
     }
 
     private void verifyLoggedIn(Filter cookieFilter, String userName, User user) {
diff --git a/security-webauthn-reactive-quickstart/src/main/java/org/acme/security/webauthn/LoginResource.java b/security-webauthn-reactive-quickstart/src/main/java/org/acme/security/webauthn/LoginResource.java
index 2ac63f3aa2..7af291e251 100644
--- a/security-webauthn-reactive-quickstart/src/main/java/org/acme/security/webauthn/LoginResource.java
+++ b/security-webauthn-reactive-quickstart/src/main/java/org/acme/security/webauthn/LoginResource.java
@@ -9,7 +9,7 @@
 
 import org.jboss.resteasy.reactive.RestForm;
 
-import io.quarkus.hibernate.reactive.panache.common.runtime.ReactiveTransactional;
+import io.quarkus.hibernate.reactive.panache.common.WithTransaction;
 import io.quarkus.security.webauthn.WebAuthnLoginResponse;
 import io.quarkus.security.webauthn.WebAuthnRegisterResponse;
 import io.quarkus.security.webauthn.WebAuthnSecurity;
@@ -25,7 +25,7 @@ public class LoginResource {
 
     @Path("/login")
     @POST
-    @ReactiveTransactional
+    @WithTransaction
     public Uni<Response> login(@RestForm String userName, 
                                @BeanParam WebAuthnLoginResponse webAuthnResponse,
                                RoutingContext ctx) {
@@ -63,7 +63,7 @@ public Uni<Response> login(@RestForm String userName,
 
     @Path("/register")
     @POST
-    @ReactiveTransactional
+    @WithTransaction
     public Uni<Response> register(@RestForm String userName, 
                                   @BeanParam WebAuthnRegisterResponse webAuthnResponse,
                                   RoutingContext ctx) {
diff --git a/security-webauthn-reactive-quickstart/src/main/java/org/acme/security/webauthn/MyWebAuthnSetup.java b/security-webauthn-reactive-quickstart/src/main/java/org/acme/security/webauthn/MyWebAuthnSetup.java
index dd278171db..0961e62dad 100644
--- a/security-webauthn-reactive-quickstart/src/main/java/org/acme/security/webauthn/MyWebAuthnSetup.java
+++ b/security-webauthn-reactive-quickstart/src/main/java/org/acme/security/webauthn/MyWebAuthnSetup.java
@@ -7,8 +7,7 @@
 import java.util.Set;
 
 import jakarta.enterprise.context.ApplicationScoped;
-
-import io.quarkus.hibernate.reactive.panache.common.runtime.ReactiveTransactional;
+import io.quarkus.hibernate.reactive.panache.common.WithTransaction;
 import io.quarkus.security.webauthn.WebAuthnUserProvider;
 import io.smallrye.mutiny.Uni;
 import io.vertx.ext.auth.webauthn.AttestationCertificates;
@@ -17,21 +16,21 @@
 @ApplicationScoped
 public class MyWebAuthnSetup implements WebAuthnUserProvider {
 
-    @ReactiveTransactional
+    @WithTransaction
     @Override
     public Uni<List<Authenticator>> findWebAuthnCredentialsByUserName(String userName) {
         return WebAuthnCredential.findByUserName(userName)
                 .flatMap(MyWebAuthnSetup::toAuthenticators);
     }
 
-    @ReactiveTransactional
+    @WithTransaction
     @Override
     public Uni<List<Authenticator>> findWebAuthnCredentialsByCredID(String credID) {
         return WebAuthnCredential.findByCredID(credID)
                 .flatMap(MyWebAuthnSetup::toAuthenticators);
     }
 
-    @ReactiveTransactional
+    @WithTransaction
     @Override
     public Uni<Void> updateOrStoreWebAuthnCredentials(Authenticator authenticator) {
         // leave the scooby user to the manual endpoint, because if we do it here it will be
diff --git a/security-webauthn-reactive-quickstart/src/main/resources/META-INF/resources/index.html b/security-webauthn-reactive-quickstart/src/main/resources/META-INF/resources/index.html
index 4809fbcd8b..76e5a7aa88 100644
--- a/security-webauthn-reactive-quickstart/src/main/resources/META-INF/resources/index.html
+++ b/security-webauthn-reactive-quickstart/src/main/resources/META-INF/resources/index.html
@@ -48,6 +48,7 @@
       <li><a href="/api/users/me">User API</a></li>
       <li><a href="/api/admin">Admin API</a></li>
       <li><a href="/q/webauthn/logout">Logout</a></li>
+     </ul>
     </nav>
     <div class="container">
      <div class="item">
@@ -86,7 +87,7 @@ <h1>Register</h1>
       
       const loginButton = document.getElementById('login');
       
-      loginButton.onclick = () => {
+      loginButton.addEventListener("click", (e) => {
         var userName = document.getElementById('userNameLogin').value;
         result.replaceChildren();
         webAuthn.login({ name: userName })
@@ -97,11 +98,11 @@ <h1>Register</h1>
             result.append("Login failed: "+err);
           });
         return false;
-      };
+      });
 
       const registerButton = document.getElementById('register');
       
-      registerButton.onclick = () => {
+      registerButton.addEventListener("click", (e) => {
         var userName = document.getElementById('userNameRegister').value;
         var firstName = document.getElementById('firstName').value;
         var lastName = document.getElementById('lastName').value;
@@ -114,7 +115,7 @@ <h1>Register</h1>
             result.append("Registration failed: "+err);
           });
         return false;
-      };
+      });
     </script>
   </body>
 </html>
diff --git a/security-webauthn-reactive-quickstart/src/test/java/org/acme/security/webauthn/test/WebAuthnResourceTest.java b/security-webauthn-reactive-quickstart/src/test/java/org/acme/security/webauthn/test/WebAuthnResourceTest.java
index 388e1c865c..27fb7c7039 100644
--- a/security-webauthn-reactive-quickstart/src/test/java/org/acme/security/webauthn/test/WebAuthnResourceTest.java
+++ b/security-webauthn-reactive-quickstart/src/test/java/org/acme/security/webauthn/test/WebAuthnResourceTest.java
@@ -96,9 +96,9 @@ private void invokeCustomEndpoint(String uri, Filter cookieFilter, Consumer<Requ
         .then()
         .statusCode(200)
         .log().ifValidationFails()
-        .cookie(WebAuthnController.CHALLENGE_COOKIE, Matchers.is(""))
-        .cookie(WebAuthnController.USERNAME_COOKIE, Matchers.is(""))
-        .cookie("quarkus-credential", Matchers.notNullValue());
+        .cookie(WebAuthnEndpointHelper.getChallengeCookie(), Matchers.is(""))
+        .cookie(WebAuthnEndpointHelper.getChallengeUsernameCookie(), Matchers.is(""))
+        .cookie(WebAuthnEndpointHelper.getMainCookie(), Matchers.notNullValue());
     }
 
     private void verifyLoggedIn(Filter cookieFilter, String userName, User user) {