2022-10-24 22:24:40 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
/**
|
|
|
|
* This Software is the property of Data Development and is protected
|
|
|
|
* by copyright law - it is NOT Freeware.
|
|
|
|
* Any unauthorized use of this software without a valid license
|
|
|
|
* is a violation of the license agreement and will be prosecuted by
|
|
|
|
* civil and criminal law.
|
|
|
|
* http://www.shopmodule.com
|
|
|
|
*
|
|
|
|
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
|
|
|
|
* @author D3 Data Development - Daniel Seifert <support@shopmodule.com>
|
|
|
|
* @link http://www.oxidmodule.com
|
|
|
|
*/
|
|
|
|
|
|
|
|
namespace D3\Webauthn\Application\Controller;
|
|
|
|
|
2022-11-02 14:45:47 +01:00
|
|
|
use D3\Webauthn\Application\Controller\Traits\accountTrait;
|
2022-10-25 01:01:10 +02:00
|
|
|
use D3\Webauthn\Application\Model\Credential\PublicKeyCredential;
|
|
|
|
use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList;
|
2022-10-26 21:37:02 +02:00
|
|
|
use D3\Webauthn\Application\Model\Webauthn;
|
2022-11-01 23:42:25 +01:00
|
|
|
use D3\Webauthn\Application\Model\WebauthnConf;
|
2022-10-26 21:37:02 +02:00
|
|
|
use D3\Webauthn\Application\Model\WebauthnErrors;
|
2022-10-31 00:11:06 +01:00
|
|
|
use D3\Webauthn\Application\Model\WebauthnException;
|
2022-10-24 22:24:40 +02:00
|
|
|
use OxidEsales\Eshop\Application\Controller\AccountController;
|
|
|
|
use OxidEsales\Eshop\Core\Registry;
|
|
|
|
|
|
|
|
class d3_account_webauthn extends AccountController
|
|
|
|
{
|
2022-11-02 14:45:47 +01:00
|
|
|
use accountTrait;
|
|
|
|
|
2022-10-24 22:24:40 +02:00
|
|
|
protected $_sThisTemplate = 'd3_account_webauthn.tpl';
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @return string
|
|
|
|
*/
|
2022-10-30 00:27:11 +02:00
|
|
|
public function render(): string
|
2022-10-24 22:24:40 +02:00
|
|
|
{
|
|
|
|
$sRet = parent::render();
|
|
|
|
|
|
|
|
// is logged in ?
|
|
|
|
$oUser = $this->getUser();
|
|
|
|
if (!$oUser) {
|
|
|
|
return $this->_sThisTemplate = $this->_sThisLoginTemplate;
|
|
|
|
}
|
|
|
|
|
|
|
|
$this->addTplParam('user', $this->getUser());
|
|
|
|
|
2022-10-27 14:52:20 +02:00
|
|
|
$this->addTplParam('readonly', (bool) !(oxNew(Webauthn::class)->isAvailable()));
|
|
|
|
|
2022-10-24 22:24:40 +02:00
|
|
|
return $sRet;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2022-10-26 21:37:02 +02:00
|
|
|
* @return publicKeyCredentialList
|
2022-10-24 22:24:40 +02:00
|
|
|
*/
|
2022-10-30 00:27:11 +02:00
|
|
|
public function getCredentialList(): PublicKeyCredentialList
|
2022-10-24 22:24:40 +02:00
|
|
|
{
|
2022-10-26 21:37:02 +02:00
|
|
|
$oUser = $this->getUser();
|
2022-10-25 01:01:10 +02:00
|
|
|
$credentialList = oxNew(PublicKeyCredentialList::class);
|
2022-10-26 21:37:02 +02:00
|
|
|
return $credentialList->getAllFromUser($oUser);
|
|
|
|
}
|
2022-10-24 22:24:40 +02:00
|
|
|
|
2022-10-26 21:37:02 +02:00
|
|
|
public function requestNewCredential()
|
|
|
|
{
|
|
|
|
$this->setPageType('requestnew');
|
|
|
|
$this->setAuthnRegister();
|
|
|
|
}
|
2022-10-24 22:24:40 +02:00
|
|
|
|
2022-10-26 21:37:02 +02:00
|
|
|
public function setPageType($pageType)
|
|
|
|
{
|
|
|
|
$this->addTplParam('pageType', $pageType);
|
2022-10-24 22:24:40 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
public function setAuthnRegister()
|
|
|
|
{
|
2022-10-31 00:11:06 +01:00
|
|
|
try {
|
|
|
|
$authn = oxNew(Webauthn::class);
|
|
|
|
$publicKeyCredentialCreationOptions = $authn->getCreationOptions($this->getUser());
|
|
|
|
|
|
|
|
$this->addTplParam(
|
|
|
|
'webauthn_publickey_create',
|
|
|
|
$publicKeyCredentialCreationOptions
|
|
|
|
);
|
|
|
|
} catch (WebauthnException $e) {
|
|
|
|
// ToDo: add exc msg to display and log
|
|
|
|
}
|
2022-10-24 22:24:40 +02:00
|
|
|
|
2022-10-26 21:37:02 +02:00
|
|
|
$this->addTplParam('isAdmin', isAdmin());
|
|
|
|
$this->addTplParam('keyname', Registry::getRequest()->getRequestEscapedParameter('credenialname'));
|
2022-10-24 22:24:40 +02:00
|
|
|
}
|
|
|
|
|
2022-10-26 21:37:02 +02:00
|
|
|
public function saveAuthn()
|
2022-10-24 22:24:40 +02:00
|
|
|
{
|
2022-10-26 21:37:02 +02:00
|
|
|
if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) {
|
|
|
|
$errors = oxNew(WebauthnErrors::class);
|
|
|
|
Registry::getUtilsView()->addErrorToDisplay(
|
2022-11-01 23:42:25 +01:00
|
|
|
$errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'), WebauthnConf::TYPE_CREATE)
|
2022-10-26 21:37:02 +02:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) {
|
|
|
|
/** @var Webauthn $webauthn */
|
|
|
|
$webauthn = oxNew(Webauthn::class);
|
|
|
|
$webauthn->saveAuthn(
|
|
|
|
Registry::getRequest()->getRequestEscapedParameter('credential'),
|
|
|
|
Registry::getRequest()->getRequestEscapedParameter('keyname')
|
|
|
|
);
|
|
|
|
}
|
2022-10-24 22:24:40 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
public function deleteKey()
|
|
|
|
{
|
2022-10-26 21:37:02 +02:00
|
|
|
if (Registry::getRequest()->getRequestEscapedParameter('deleteoxid')) {
|
|
|
|
/** @var PublicKeyCredential $credential */
|
|
|
|
$credential = oxNew(PublicKeyCredential::class);
|
|
|
|
$credential->delete(Registry::getRequest()->getRequestEscapedParameter('deleteoxid'));
|
2022-10-24 22:24:40 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|