webauthn/src/Application/Controller/Admin/d3user_webauthn.php

178 regels
6.2 KiB
PHP

2022-10-24 22:24:40 +02:00
<?php
/**
2022-11-04 22:45:47 +01:00
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* https://www.d3data.de
2022-10-24 22:24:40 +02:00
*
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
2022-11-04 22:45:47 +01:00
* @author D3 Data Development - Daniel Seifert <info@shopmodule.com>
* @link https://www.oxidmodule.com
2022-10-24 22:24:40 +02:00
*/
2022-11-04 22:02:44 +01:00
declare(strict_types=1);
2022-10-24 22:24:40 +02:00
namespace D3\Webauthn\Application\Controller\Admin;
2022-12-12 23:41:07 +01:00
use Assert\AssertionFailedException;
2022-11-22 00:26:04 +01:00
use D3\TestingTools\Production\IsMockable;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredential;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList;
2022-11-03 13:18:02 +01:00
use D3\Webauthn\Application\Model\Exceptions\WebauthnCreateException;
use D3\Webauthn\Application\Model\Exceptions\WebauthnException;
use D3\Webauthn\Application\Model\Webauthn;
2022-10-24 22:24:40 +02:00
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
2022-11-02 16:38:43 +01:00
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
use Doctrine\DBAL\Exception as DoctrineException;
2022-10-24 22:24:40 +02:00
use Exception;
use OxidEsales\Eshop\Application\Controller\Admin\AdminDetailsController;
use OxidEsales\Eshop\Application\Model\User;
2022-10-24 22:24:40 +02:00
use OxidEsales\Eshop\Core\Registry;
use OxidEsales\Eshop\Core\Utils;
use OxidEsales\Eshop\Core\UtilsView;
2022-11-02 16:38:43 +01:00
use Psr\Container\ContainerExceptionInterface;
use Psr\Container\NotFoundExceptionInterface;
2022-12-12 23:41:07 +01:00
use Throwable;
2022-10-24 22:24:40 +02:00
class d3user_webauthn extends AdminDetailsController
{
2022-11-22 00:26:04 +01:00
use IsMockable;
2022-10-24 22:24:40 +02:00
protected $_sSaveError = null;
protected $_sThisTemplate = 'd3user_webauthn.tpl';
/**
* @return string
*/
2022-10-30 00:27:11 +02:00
public function render(): string
2022-10-24 22:24:40 +02:00
{
$this->addTplParam('readonly', !$this->d3GetMockableOxNewObject(Webauthn::class)->isAvailable());
$this->d3CallMockableFunction([AdminDetailsController::class, 'render']);
2022-10-24 22:24:40 +02:00
$soxId = $this->getEditObjectId();
2022-12-12 23:41:07 +01:00
if ($soxId != "-1") {
2022-10-24 22:24:40 +02:00
/** @var d3_User_Webauthn $oUser */
$oUser = $this->d3GetMockableOxNewObject(User::class);
2022-10-24 22:24:40 +02:00
if ($oUser->load($soxId)) {
$this->addTplParam("oxid", $oUser->getId());
} else {
$this->addTplParam("oxid", '-1');
}
$this->addTplParam("edit", $oUser);
}
if ($this->_sSaveError) {
$this->addTplParam("sSaveError", $this->_sSaveError);
}
return $this->_sThisTemplate;
}
2022-11-04 22:02:44 +01:00
/**
* @return void
*/
public function requestNewCredential(): void
{
2022-11-02 16:38:43 +01:00
try {
$this->setPageType( 'requestnew' );
$this->setAuthnRegister();
} catch (Exception|ContainerExceptionInterface|NotFoundExceptionInterface|DoctrineDriverException $e) {
2022-12-12 23:41:07 +01:00
$this->d3GetMockableRegistryObject(UtilsView::class)->addErrorToDisplay($e->getMessage());
$this->d3GetMockableLogger()->error($e->getMessage(), ['UserId' => $this->getEditObjectId()]);
$this->d3GetMockableLogger()->debug($e->getTraceAsString());
$this->d3GetMockableRegistryObject(Utils::class)->redirect('index.php?cl=d3user_webauthn');
2022-11-02 16:38:43 +01:00
}
}
2022-11-04 22:02:44 +01:00
/**
* @return void
2022-12-12 23:41:07 +01:00
* @throws AssertionFailedException
* @throws Throwable
2022-11-04 22:02:44 +01:00
*/
public function saveAuthn(): void
{
2022-11-02 16:38:43 +01:00
try {
2022-11-13 21:43:33 +01:00
$error = Registry::getRequest()->getRequestEscapedParameter('error');
if ( strlen((string) $error) ) {
2022-11-03 13:18:02 +01:00
/** @var WebauthnCreateException $e */
2022-11-13 21:43:33 +01:00
$e = oxNew(WebauthnCreateException::class, $error);
2022-11-03 13:18:02 +01:00
throw $e;
2022-11-02 16:38:43 +01:00
}
2022-11-13 21:43:33 +01:00
$credential = Registry::getRequest()->getRequestEscapedParameter('credential');
if ( strlen((string) $credential) ) {
$webauthn = $this->d3GetMockableOxNewObject(Webauthn::class);
2022-11-13 21:43:33 +01:00
$webauthn->saveAuthn($credential, Registry::getRequest()->getRequestEscapedParameter( 'keyname' ) );
2022-11-02 16:38:43 +01:00
}
2022-12-12 23:41:07 +01:00
} catch (WebauthnException $e) {
$this->d3GetMockableLogger()->error($e->getDetailedErrorMessage(), ['UserId' => $this->getEditObjectId()]);
$this->d3GetMockableLogger()->debug($e->getTraceAsString());
$this->d3GetMockableRegistryObject(UtilsView::class)->addErrorToDisplay($e);
2022-12-12 23:41:07 +01:00
} catch (Exception|NotFoundExceptionInterface|ContainerExceptionInterface|DoctrineDriverException $e) {
$this->d3GetMockableLogger()->error($e->getMessage(), ['UserId' => $this->getEditObjectId()]);
$this->d3GetMockableLogger()->debug($e->getTraceAsString());
$this->d3GetMockableRegistryObject(UtilsView::class)->addErrorToDisplay($e->getMessage());
}
}
2022-11-04 22:02:44 +01:00
/**
* @param $pageType
* @return void
*/
public function setPageType($pageType): void
{
$this->addTplParam('pageType', $pageType);
}
2022-11-02 16:38:43 +01:00
/**
* @throws DoctrineDriverException
* @throws DoctrineException
*/
2022-11-04 22:02:44 +01:00
public function setAuthnRegister(): void
2022-10-24 22:24:40 +02:00
{
$authn = $this->d3GetMockableOxNewObject(Webauthn::class);
2022-11-02 16:38:43 +01:00
$user = $this->d3GetMockableOxNewObject(User::class);
2022-11-02 16:38:43 +01:00
$user->load($this->getEditObjectId());
$publicKeyCredentialCreationOptions = $authn->getCreationOptions($user);
$this->addTplParam(
'webauthn_publickey_create',
$publicKeyCredentialCreationOptions
);
$this->addTplParam('isAdmin', isAdmin());
$this->addTplParam('keyname', Registry::getRequest()->getRequestEscapedParameter('credenialname'));
2022-10-24 22:24:40 +02:00
}
/**
* @param $userId
2022-11-02 16:38:43 +01:00
*
* @return array
2022-11-02 16:38:43 +01:00
* @throws ContainerExceptionInterface
* @throws DoctrineDriverException
* @throws DoctrineException
* @throws NotFoundExceptionInterface
2022-10-24 22:24:40 +02:00
*/
2022-10-30 00:27:11 +02:00
public function getCredentialList($userId): array
2022-10-24 22:24:40 +02:00
{
$oUser = $this->d3GetMockableOxNewObject(User::class);
2022-10-24 22:24:40 +02:00
$oUser->load($userId);
$publicKeyCredentials = $this->d3GetMockableOxNewObject(PublicKeyCredentialList::class);
2022-11-22 00:26:04 +01:00
return $publicKeyCredentials->getAllFromUser($oUser)->getArray();
2022-10-24 22:24:40 +02:00
}
2022-11-04 22:02:44 +01:00
/**
* @return void
*/
public function deleteKey(): void
{
$credential = $this->d3GetMockableOxNewObject(PublicKeyCredential::class);
$credential->delete(Registry::getRequest()->getRequestEscapedParameter('deleteoxid'));
}
2022-10-24 22:24:40 +02:00
}