webauthn/src/Application/Controller/Admin/d3user_webauthn.php

158 lines
5.3 KiB
PHP
Raw Normal View History

2022-10-24 22:24:40 +02:00
<?php
/**
* This Software is the property of Data Development and is protected
* by copyright law - it is NOT Freeware.
* Any unauthorized use of this software without a valid license
* is a violation of the license agreement and will be prosecuted by
* civil and criminal law.
* http://www.shopmodule.com
*
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
* @author D3 Data Development - Daniel Seifert <support@shopmodule.com>
* @link http://www.oxidmodule.com
*/
namespace D3\Webauthn\Application\Controller\Admin;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredential;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList;
use D3\Webauthn\Application\Model\Webauthn;
2022-11-01 23:42:25 +01:00
use D3\Webauthn\Application\Model\WebauthnConf;
use D3\Webauthn\Application\Model\WebauthnErrors;
2022-10-24 22:24:40 +02:00
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
2022-11-02 16:38:43 +01:00
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
use Doctrine\DBAL\Exception as DoctrineException;
2022-10-24 22:24:40 +02:00
use Exception;
use OxidEsales\Eshop\Application\Controller\Admin\AdminDetailsController;
use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Registry;
2022-11-02 16:38:43 +01:00
use Psr\Container\ContainerExceptionInterface;
use Psr\Container\NotFoundExceptionInterface;
2022-10-24 22:24:40 +02:00
class d3user_webauthn extends AdminDetailsController
{
protected $_sSaveError = null;
protected $_sThisTemplate = 'd3user_webauthn.tpl';
/**
* @return string
*/
2022-10-30 00:27:11 +02:00
public function render(): string
2022-10-24 22:24:40 +02:00
{
2022-11-02 16:38:43 +01:00
$this->addTplParam('readonly', !(oxNew(Webauthn::class)->isAvailable()));
2022-10-24 22:24:40 +02:00
parent::render();
$soxId = $this->getEditObjectId();
if (isset($soxId) && $soxId != "-1") {
/** @var d3_User_Webauthn $oUser */
$oUser = $this->getUserObject();
if ($oUser->load($soxId)) {
$this->addTplParam("oxid", $oUser->getId());
} else {
$this->addTplParam("oxid", '-1');
}
$this->addTplParam("edit", $oUser);
}
if ($this->_sSaveError) {
$this->addTplParam("sSaveError", $this->_sSaveError);
}
return $this->_sThisTemplate;
}
public function requestNewCredential()
{
2022-11-02 16:38:43 +01:00
try {
$this->setPageType( 'requestnew' );
$this->setAuthnRegister();
} catch (Exception|ContainerExceptionInterface|NotFoundExceptionInterface|DoctrineDriverException $e) {
Registry::getUtilsView()->addErrorToDisplay($e->getMessage());
Registry::getLogger()->error('webauthn creation request: '.$e->getMessage());
Registry::getUtils()->redirect('index.php?cl=d3user_webauthn');
}
}
public function saveAuthn()
{
2022-11-02 16:38:43 +01:00
try {
if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'error' ) ) ) {
$errors = oxNew( WebauthnErrors::class );
Registry::getUtilsView()->addErrorToDisplay( $errors->translateError( Registry::getRequest()->getRequestEscapedParameter( 'error' ), WebauthnConf::TYPE_CREATE ) );
}
2022-11-02 16:38:43 +01:00
if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'credential' ) ) ) {
/** @var Webauthn $webauthn */
$webauthn = oxNew( Webauthn::class );
$webauthn->saveAuthn( Registry::getRequest()->getRequestEscapedParameter( 'credential' ), Registry::getRequest()->getRequestEscapedParameter( 'keyname' ) );
}
} catch (Exception|NotFoundExceptionInterface|ContainerExceptionInterface|DoctrineDriverException $e) {
Registry::getUtilsView()->addErrorToDisplay($e->getMessage());
}
}
public function setPageType($pageType)
{
$this->addTplParam('pageType', $pageType);
}
2022-11-02 16:38:43 +01:00
/**
* @throws ContainerExceptionInterface
* @throws DoctrineDriverException
* @throws NotFoundExceptionInterface
* @throws DoctrineException
*/
2022-10-24 22:24:40 +02:00
public function setAuthnRegister()
{
2022-11-02 16:38:43 +01:00
$authn = oxNew(Webauthn::class);
$user = $this->getUserObject();
$user->load($this->getEditObjectId());
$publicKeyCredentialCreationOptions = $authn->getCreationOptions($user);
$this->addTplParam(
'webauthn_publickey_create',
$publicKeyCredentialCreationOptions
);
$this->addTplParam('isAdmin', isAdmin());
$this->addTplParam('keyname', Registry::getRequest()->getRequestEscapedParameter('credenialname'));
2022-10-24 22:24:40 +02:00
}
/**
* @param $userId
2022-11-02 16:38:43 +01:00
*
* @return array
2022-11-02 16:38:43 +01:00
* @throws ContainerExceptionInterface
* @throws DoctrineDriverException
* @throws DoctrineException
* @throws NotFoundExceptionInterface
2022-10-24 22:24:40 +02:00
*/
2022-10-30 00:27:11 +02:00
public function getCredentialList($userId): array
2022-10-24 22:24:40 +02:00
{
$oUser = $this->getUserObject();
$oUser->load($userId);
$publicKeyCrendetials = oxNew(PublicKeyCredentialList::class);
return $publicKeyCrendetials->getAllFromUser($oUser)->getArray();
2022-10-24 22:24:40 +02:00
}
/**
* @return User
*/
2022-10-30 00:27:11 +02:00
public function getUserObject(): User
2022-10-24 22:24:40 +02:00
{
return oxNew(User::class);
}
public function deleteKey()
{
/** @var PublicKeyCredential $credential */
$credential = oxNew(PublicKeyCredential::class);
$credential->delete(Registry::getRequest()->getRequestEscapedParameter('deleteoxid'));
}
2022-10-24 22:24:40 +02:00
}