webauthn/src/Application/Controller/d3_account_webauthn.php

116 lignes
3.7 KiB
PHP
Brut Vue normale Historique

2022-10-24 22:24:40 +02:00
<?php
/**
* This Software is the property of Data Development and is protected
* by copyright law - it is NOT Freeware.
* Any unauthorized use of this software without a valid license
* is a violation of the license agreement and will be prosecuted by
* civil and criminal law.
* http://www.shopmodule.com
*
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
* @author D3 Data Development - Daniel Seifert <support@shopmodule.com>
* @link http://www.oxidmodule.com
*/
namespace D3\Webauthn\Application\Controller;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredential;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList;
use D3\Webauthn\Application\Model\Webauthn;
use D3\Webauthn\Application\Model\WebauthnErrors;
2022-10-31 00:11:06 +01:00
use D3\Webauthn\Application\Model\WebauthnException;
2022-10-24 22:24:40 +02:00
use OxidEsales\Eshop\Application\Controller\AccountController;
use OxidEsales\Eshop\Core\Registry;
class d3_account_webauthn extends AccountController
{
protected $_sThisTemplate = 'd3_account_webauthn.tpl';
/**
* @return string
*/
2022-10-30 00:27:11 +02:00
public function render(): string
2022-10-24 22:24:40 +02:00
{
$sRet = parent::render();
// is logged in ?
$oUser = $this->getUser();
if (!$oUser) {
return $this->_sThisTemplate = $this->_sThisLoginTemplate;
}
$this->addTplParam('user', $this->getUser());
$this->addTplParam('readonly', (bool) !(oxNew(Webauthn::class)->isAvailable()));
2022-10-24 22:24:40 +02:00
return $sRet;
}
/**
* @return publicKeyCredentialList
2022-10-24 22:24:40 +02:00
*/
2022-10-30 00:27:11 +02:00
public function getCredentialList(): PublicKeyCredentialList
2022-10-24 22:24:40 +02:00
{
$oUser = $this->getUser();
$credentialList = oxNew(PublicKeyCredentialList::class);
return $credentialList->getAllFromUser($oUser);
}
2022-10-24 22:24:40 +02:00
public function requestNewCredential()
{
$this->setPageType('requestnew');
$this->setAuthnRegister();
}
2022-10-24 22:24:40 +02:00
public function setPageType($pageType)
{
$this->addTplParam('pageType', $pageType);
2022-10-24 22:24:40 +02:00
}
public function setAuthnRegister()
{
2022-10-31 00:11:06 +01:00
try {
$authn = oxNew(Webauthn::class);
$publicKeyCredentialCreationOptions = $authn->getCreationOptions($this->getUser());
$this->addTplParam(
'webauthn_publickey_create',
$publicKeyCredentialCreationOptions
);
} catch (WebauthnException $e) {
// ToDo: add exc msg to display and log
}
2022-10-24 22:24:40 +02:00
$this->addTplParam('isAdmin', isAdmin());
$this->addTplParam('keyname', Registry::getRequest()->getRequestEscapedParameter('credenialname'));
2022-10-24 22:24:40 +02:00
}
public function saveAuthn()
2022-10-24 22:24:40 +02:00
{
if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) {
$errors = oxNew(WebauthnErrors::class);
Registry::getUtilsView()->addErrorToDisplay(
$errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'))
);
}
if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) {
/** @var Webauthn $webauthn */
$webauthn = oxNew(Webauthn::class);
$webauthn->saveAuthn(
Registry::getRequest()->getRequestEscapedParameter('credential'),
Registry::getRequest()->getRequestEscapedParameter('keyname')
);
}
2022-10-24 22:24:40 +02:00
}
public function deleteKey()
{
if (Registry::getRequest()->getRequestEscapedParameter('deleteoxid')) {
/** @var PublicKeyCredential $credential */
$credential = oxNew(PublicKeyCredential::class);
$credential->delete(Registry::getRequest()->getRequestEscapedParameter('deleteoxid'));
2022-10-24 22:24:40 +02:00
}
}
}