webauthn/src/Application/Controller/Admin/d3user_webauthn.php

144 lines
4.4 KiB
PHP
Raw Normal View History

2022-10-24 22:24:40 +02:00
<?php
/**
* This Software is the property of Data Development and is protected
* by copyright law - it is NOT Freeware.
* Any unauthorized use of this software without a valid license
* is a violation of the license agreement and will be prosecuted by
* civil and criminal law.
* http://www.shopmodule.com
*
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
* @author D3 Data Development - Daniel Seifert <support@shopmodule.com>
* @link http://www.oxidmodule.com
*/
namespace D3\Webauthn\Application\Controller\Admin;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredential;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList;
use D3\Webauthn\Application\Model\Webauthn;
use D3\Webauthn\Application\Model\WebauthnErrors;
2022-10-31 00:11:06 +01:00
use D3\Webauthn\Application\Model\WebauthnException;
2022-10-24 22:24:40 +02:00
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
use Exception;
use OxidEsales\Eshop\Application\Controller\Admin\AdminDetailsController;
use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
use OxidEsales\Eshop\Core\Exception\DatabaseErrorException;
use OxidEsales\Eshop\Core\Registry;
class d3user_webauthn extends AdminDetailsController
{
protected $_sSaveError = null;
protected $_sThisTemplate = 'd3user_webauthn.tpl';
/**
* @return string
*/
2022-10-30 00:27:11 +02:00
public function render(): string
2022-10-24 22:24:40 +02:00
{
$this->addTplParam('readonly', (bool) !(oxNew(Webauthn::class)->isAvailable()));
2022-10-24 22:24:40 +02:00
parent::render();
$soxId = $this->getEditObjectId();
if (isset($soxId) && $soxId != "-1") {
/** @var d3_User_Webauthn $oUser */
$oUser = $this->getUserObject();
if ($oUser->load($soxId)) {
$this->addTplParam("oxid", $oUser->getId());
} else {
$this->addTplParam("oxid", '-1');
}
$this->addTplParam("edit", $oUser);
}
if ($this->_sSaveError) {
$this->addTplParam("sSaveError", $this->_sSaveError);
}
return $this->_sThisTemplate;
}
public function requestNewCredential()
{
$this->setPageType('requestnew');
$this->setAuthnRegister();
}
public function saveAuthn()
{
if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) {
$errors = oxNew(WebauthnErrors::class);
Registry::getUtilsView()->addErrorToDisplay(
$errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'))
);
}
if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) {
/** @var Webauthn $webauthn */
$webauthn = oxNew(Webauthn::class);
$webauthn->saveAuthn(
Registry::getRequest()->getRequestEscapedParameter('credential'),
Registry::getRequest()->getRequestEscapedParameter('keyname')
);
}
}
public function setPageType($pageType)
{
$this->addTplParam('pageType', $pageType);
}
2022-10-24 22:24:40 +02:00
public function setAuthnRegister()
{
2022-10-31 00:11:06 +01:00
try {
$authn = oxNew(Webauthn::class);
2022-10-31 00:11:06 +01:00
$user = $this->getUserObject();
$user->load($this->getEditObjectId());
$publicKeyCredentialCreationOptions = $authn->getCreationOptions($user);
$this->addTplParam(
'webauthn_publickey_create',
$publicKeyCredentialCreationOptions
);
} catch (WebauthnException $e) {
2022-10-31 23:17:04 +01:00
// ToDo: log exc message and show message
2022-10-31 00:11:06 +01:00
}
$this->addTplParam('isAdmin', isAdmin());
$this->addTplParam('keyname', Registry::getRequest()->getRequestEscapedParameter('credenialname'));
2022-10-24 22:24:40 +02:00
}
/**
* @param $userId
* @return array
2022-10-24 22:24:40 +02:00
*/
2022-10-30 00:27:11 +02:00
public function getCredentialList($userId): array
2022-10-24 22:24:40 +02:00
{
$oUser = $this->getUserObject();
$oUser->load($userId);
$publicKeyCrendetials = oxNew(PublicKeyCredentialList::class);
return $publicKeyCrendetials->getAllFromUser($oUser)->getArray();
2022-10-24 22:24:40 +02:00
}
/**
* @return User
*/
2022-10-30 00:27:11 +02:00
public function getUserObject(): User
2022-10-24 22:24:40 +02:00
{
return oxNew(User::class);
}
public function deleteKey()
{
/** @var PublicKeyCredential $credential */
$credential = oxNew(PublicKeyCredential::class);
$credential->delete(Registry::getRequest()->getRequestEscapedParameter('deleteoxid'));
}
2022-10-24 22:24:40 +02:00
}