webauthn/src/Modules/Application/Controller/Admin/d3_LoginController_Webauthn...

<?php

/**
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 *
 * https://www.d3data.de
 *
 * @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
 * @author    D3 Data Development - Daniel Seifert <info@shopmodule.com>
 * @link      https://www.oxidmodule.com
 */

declare(strict_types=1);

namespace D3\Webauthn\Modules\Application\Controller\Admin;

use D3\TestingTools\Production\IsMockable;
use D3\Webauthn\Application\Model\Webauthn;
use D3\Webauthn\Application\Model\WebauthnConf;
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
use Doctrine\DBAL\Driver\Exception as DoctrineException;
use Doctrine\DBAL\Exception;
use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Request;
use OxidEsales\Eshop\Core\Session;
use Psr\Container\ContainerExceptionInterface;
use Psr\Container\NotFoundExceptionInterface;

class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent
{
    use IsMockable;

    /**
     * @return mixed|string
     * @throws ContainerExceptionInterface
     * @throws DoctrineException
     * @throws Exception
     * @throws NotFoundExceptionInterface
     */
    public function checklogin()
    {
        $lgn_user = $this->d3GetMockableRegistryObject(Request::class)->getRequestParameter( 'user') ?:
            $this->d3GetMockableRegistryObject(Session::class)
                 ->getVariable(WebauthnConf::WEBAUTHN_ADMIN_SESSION_LOGINUSER);

        /** @var d3_User_Webauthn $user */
        $user = $this->d3GetMockableOxNewObject(User::class);
        $userId = $user->d3GetLoginUserId($lgn_user, 'malladmin');

        if ( $this->d3CanUseWebauthn( $lgn_user, $userId)) {
            $this->d3GetMockableRegistryObject(Session::class)->setVariable(
                WebauthnConf::WEBAUTHN_ADMIN_PROFILE,
                $this->d3GetMockableRegistryObject(Request::class)
                     ->getRequestEscapedParameter( 'profile')
            );
            $this->d3GetMockableRegistryObject(Session::class)->setVariable(
                WebauthnConf::WEBAUTHN_ADMIN_CHLANGUAGE,
                $this->d3GetMockableRegistryObject(Request::class)
                     ->getRequestEscapedParameter( 'chlanguage')
            );

            if ($this->hasWebauthnButNotLoggedin($userId)) {
                $this->d3GetMockableRegistryObject(Session::class)->setVariable(
                    WebauthnConf::WEBAUTHN_ADMIN_SESSION_CURRENTCLASS,
                    $this->getClassKey() != 'd3webauthnadminlogin' ? $this->getClassKey() : 'admin_start'
                );
                $this->d3GetMockableRegistryObject(Session::class)->setVariable(
                    WebauthnConf::WEBAUTHN_ADMIN_SESSION_CURRENTUSER,
                    $userId
                );
                $this->d3GetMockableRegistryObject(Session::class)->setVariable(
                    WebauthnConf::WEBAUTHN_ADMIN_SESSION_LOGINUSER,
                    $lgn_user
                );

                return "d3webauthnadminlogin";
            }
        }

        return $this->d3CallMockableFunction([d3_LoginController_Webauthn_parent::class, 'checklogin']);
    }

    /**
     * @return void
     */
    public function d3WebauthnCancelLogin(): void
    {
        $user = $this->d3GetMockableOxNewObject(User::class);
        $user->logout();
    }

    /**
     * @param             $lgn_user
     * @param string|null $userId
     *
     * @return bool
     */
    protected function d3CanUseWebauthn( $lgn_user, ?string $userId): bool
    {
        $password = $this->d3GetMockableRegistryObject(Request::class)->getRequestParameter( 'pwd');

        return $lgn_user &&
               $userId &&
               false === $this->d3GetMockableRegistryObject(Session::class)
                              ->hasVariable( WebauthnConf::WEBAUTHN_ADMIN_SESSION_AUTH ) &&
               ( ! strlen( trim( (string) $password ) ) );
    }

    /**
     * @param $userId
     * @return bool
     * @throws DoctrineException
     * @throws Exception
     */
    protected function hasWebauthnButNotLoggedin($userId): bool
    {
        $webauthn = $this->d3GetMockableOxNewObject(Webauthn::class);

        return $webauthn->isActive($userId)
            && !$this->d3GetMockableRegistryObject(Session::class)
                     ->getVariable(WebauthnConf::WEBAUTHN_ADMIN_SESSION_AUTH);
    }
}
add shop controllers 2022-10-24 22:24:40 +02:00			`<?php`

			`/**`
change license notes 2022-11-04 22:45:47 +01:00			`* For the full copyright and license information, please view the LICENSE`
			`* file that was distributed with this source code.`
			`*`
			`* https://www.d3data.de`
add shop controllers 2022-10-24 22:24:40 +02:00			`*`
			`* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)`
change license notes 2022-11-04 22:45:47 +01:00			`* @author D3 Data Development - Daniel Seifert <info@shopmodule.com>`
			`* @link https://www.oxidmodule.com`
add shop controllers 2022-10-24 22:24:40 +02:00			`*/`

improve code 2022-11-04 22:02:44 +01:00			`declare(strict_types=1);`

add shop controllers 2022-10-24 22:24:40 +02:00			`namespace D3\Webauthn\Modules\Application\Controller\Admin;`

add further tests 2022-12-03 00:33:46 +01:00			`use D3\TestingTools\Production\IsMockable;`
enable key login in admin 2022-10-29 00:19:34 +02:00			`use D3\Webauthn\Application\Model\Webauthn;`
prepare changed frontend login 2022-10-26 22:27:25 +02:00			`use D3\Webauthn\Application\Model\WebauthnConf;`
improve code 2022-10-31 23:17:04 +01:00			`use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;`
enable key login in admin 2022-10-29 00:19:34 +02:00			`use Doctrine\DBAL\Driver\Exception as DoctrineException;`
			`use Doctrine\DBAL\Exception;`
add shop controllers 2022-10-24 22:24:40 +02:00			`use OxidEsales\Eshop\Application\Model\User;`
add further tests 2022-12-02 15:56:17 +01:00			`use OxidEsales\Eshop\Core\Request;`
add further tests 2022-12-03 00:33:46 +01:00			`use OxidEsales\Eshop\Core\Session;`
enable key login in admin 2022-10-29 00:19:34 +02:00			`use Psr\Container\ContainerExceptionInterface;`
			`use Psr\Container\NotFoundExceptionInterface;`
add shop controllers 2022-10-24 22:24:40 +02:00
			`class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent`
			`{`
add further tests 2022-12-03 00:33:46 +01:00			`use IsMockable;`

add shop controllers 2022-10-24 22:24:40 +02:00			`/**`
			`* @return mixed\|string`
cleanup + improve code 2022-10-31 00:11:06 +01:00			`* @throws ContainerExceptionInterface`
			`* @throws DoctrineException`
			`* @throws Exception`
			`* @throws NotFoundExceptionInterface`
add shop controllers 2022-10-24 22:24:40 +02:00			`*/`
			`public function checklogin()`
			`{`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$lgn_user = $this->d3GetMockableRegistryObject(Request::class)->getRequestParameter( 'user') ?:`
			`$this->d3GetMockableRegistryObject(Session::class)`
			`->getVariable(WebauthnConf::WEBAUTHN_ADMIN_SESSION_LOGINUSER);`
add shop controllers 2022-10-24 22:24:40 +02:00
improve code 2022-10-31 23:17:04 +01:00			`/** @var d3_User_Webauthn $user */`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$user = $this->d3GetMockableOxNewObject(User::class);`
improve code 2022-10-31 23:17:04 +01:00			`$userId = $user->d3GetLoginUserId($lgn_user, 'malladmin');`

add further tests 2022-12-02 15:56:17 +01:00			`if ( $this->d3CanUseWebauthn( $lgn_user, $userId)) {`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$this->d3GetMockableRegistryObject(Session::class)->setVariable(`
restore assertAuth in component instead in frontend controller, prevent check login parent call (OTP doesnt require this anymore) 2022-11-24 01:02:20 +01:00			`WebauthnConf::WEBAUTHN_ADMIN_PROFILE,`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$this->d3GetMockableRegistryObject(Request::class)`
			`->getRequestEscapedParameter( 'profile')`
restore assertAuth in component instead in frontend controller, prevent check login parent call (OTP doesnt require this anymore) 2022-11-24 01:02:20 +01:00			`);`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$this->d3GetMockableRegistryObject(Session::class)->setVariable(`
restore assertAuth in component instead in frontend controller, prevent check login parent call (OTP doesnt require this anymore) 2022-11-24 01:02:20 +01:00			`WebauthnConf::WEBAUTHN_ADMIN_CHLANGUAGE,`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$this->d3GetMockableRegistryObject(Request::class)`
			`->getRequestEscapedParameter( 'chlanguage')`
restore assertAuth in component instead in frontend controller, prevent check login parent call (OTP doesnt require this anymore) 2022-11-24 01:02:20 +01:00			`);`

add further tests 2022-12-03 00:33:46 +01:00			`if ($this->hasWebauthnButNotLoggedin($userId)) {`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$this->d3GetMockableRegistryObject(Session::class)->setVariable(`
separate session var names between frontend and backend 2022-11-23 08:46:25 +01:00			`WebauthnConf::WEBAUTHN_ADMIN_SESSION_CURRENTCLASS,`
cleanup + improve code 2022-10-31 00:11:06 +01:00			`$this->getClassKey() != 'd3webauthnadminlogin' ? $this->getClassKey() : 'admin_start'`
			`);`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$this->d3GetMockableRegistryObject(Session::class)->setVariable(`
separate session var names between frontend and backend 2022-11-23 08:46:25 +01:00			`WebauthnConf::WEBAUTHN_ADMIN_SESSION_CURRENTUSER,`
cleanup + improve code 2022-10-31 00:11:06 +01:00			`$userId`
			`);`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$this->d3GetMockableRegistryObject(Session::class)->setVariable(`
separate session var names between frontend and backend 2022-11-23 08:46:25 +01:00			`WebauthnConf::WEBAUTHN_ADMIN_SESSION_LOGINUSER,`
cleanup + improve code 2022-10-31 00:11:06 +01:00			`$lgn_user`
			`);`
enable key login in admin 2022-10-29 00:19:34 +02:00
			`return "d3webauthnadminlogin";`
add shop controllers 2022-10-24 22:24:40 +02:00			`}`
			`}`

adjust mockable function calls, make compatible to same class extensions from TOTP plugin 2022-12-07 12:03:24 +01:00			`return $this->d3CallMockableFunction([d3_LoginController_Webauthn_parent::class, 'checklogin']);`
enable key login in admin 2022-10-29 00:19:34 +02:00			`}`

improve code 2022-11-04 22:02:44 +01:00			`/**`
			`* @return void`
			`*/`
			`public function d3WebauthnCancelLogin(): void`
add shop controllers 2022-10-24 22:24:40 +02:00			`{`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$user = $this->d3GetMockableOxNewObject(User::class);`
			`$user->logout();`
add further tests 2022-12-03 00:33:46 +01:00			`}`

add further tests 2022-12-02 15:56:17 +01:00			`/**`
			`* @param $lgn_user`
			`* @param string\|null $userId`
			`*`
			`* @return bool`
			`*/`
			`protected function d3CanUseWebauthn( $lgn_user, ?string $userId): bool`
			`{`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$password = $this->d3GetMockableRegistryObject(Request::class)->getRequestParameter( 'pwd');`
add further tests 2022-12-02 15:56:17 +01:00
			`return $lgn_user &&`
			`$userId &&`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`false === $this->d3GetMockableRegistryObject(Session::class)`
			`->hasVariable( WebauthnConf::WEBAUTHN_ADMIN_SESSION_AUTH ) &&`
add further tests 2022-12-02 15:56:17 +01:00			`( ! strlen( trim( (string) $password ) ) );`
			`}`
add further tests 2022-12-03 00:33:46 +01:00
			`/**`
			`* @param $userId`
			`* @return bool`
			`* @throws DoctrineException`
			`* @throws Exception`
			`*/`
			`protected function hasWebauthnButNotLoggedin($userId): bool`
			`{`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$webauthn = $this->d3GetMockableOxNewObject(Webauthn::class);`
add further tests 2022-12-03 00:33:46 +01:00
			`return $webauthn->isActive($userId)`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`&& !$this->d3GetMockableRegistryObject(Session::class)`
			`->getVariable(WebauthnConf::WEBAUTHN_ADMIN_SESSION_AUTH);`
add further tests 2022-12-03 00:33:46 +01:00			`}`
add shop controllers 2022-10-24 22:24:40 +02:00			`}`