webauthn/src/Application/Controller/Admin/d3user_webauthn.php

<?php

/**
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 *
 * https://www.d3data.de
 *
 * @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
 * @author    D3 Data Development - Daniel Seifert <info@shopmodule.com>
 * @link      https://www.oxidmodule.com
 */

declare(strict_types=1);

namespace D3\Webauthn\Application\Controller\Admin;

use Assert\AssertionFailedException;
use D3\TestingTools\Production\IsMockable;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredential;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList;
use D3\Webauthn\Application\Model\Exceptions\WebauthnCreateException;
use D3\Webauthn\Application\Model\Exceptions\WebauthnException;
use D3\Webauthn\Application\Model\Webauthn;
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
use Doctrine\DBAL\Exception as DoctrineException;
use Exception;
use OxidEsales\Eshop\Application\Controller\Admin\AdminDetailsController;
use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Registry;
use OxidEsales\Eshop\Core\Utils;
use OxidEsales\Eshop\Core\UtilsView;
use Psr\Container\ContainerExceptionInterface;
use Psr\Container\NotFoundExceptionInterface;
use Throwable;

class d3user_webauthn extends AdminDetailsController
{
    use IsMockable;

    protected $_sSaveError = null;

    protected $_sThisTemplate = 'd3user_webauthn.tpl';

    /**
     * @return string
     */
    public function render(): string
    {
        $this->addTplParam('readonly', !$this->d3GetMockableOxNewObject(Webauthn::class)->isAvailable());

        $this->d3CallMockableFunction([AdminDetailsController::class, 'render']);

        $soxId = $this->getEditObjectId();

        if ($soxId != "-1") {
            /** @var d3_User_Webauthn $oUser */
            $oUser = $this->d3GetMockableOxNewObject(User::class);
            if ($oUser->load($soxId)) {
                $this->addTplParam("oxid", $oUser->getId());
            } else {
                $this->addTplParam("oxid", '-1');
            }
            $this->addTplParam("edit", $oUser);
        }

        if ($this->_sSaveError) {
            $this->addTplParam("sSaveError", $this->_sSaveError);
        }

        return $this->_sThisTemplate;
    }

    /**
     * @return void
     */
    public function requestNewCredential(): void
    {
        try {
            $this->setPageType( 'requestnew' );
            $this->setAuthnRegister();
        } catch (Exception|ContainerExceptionInterface|NotFoundExceptionInterface|DoctrineDriverException $e) {
            $this->d3GetMockableRegistryObject(UtilsView::class)->addErrorToDisplay($e->getMessage());
            $this->d3GetMockableLogger()->error($e->getMessage(), ['UserId' => $this->getEditObjectId()]);
            $this->d3GetMockableLogger()->debug($e->getTraceAsString());
            $this->d3GetMockableRegistryObject(Utils::class)->redirect('index.php?cl=d3user_webauthn');
        }
    }

    /**
     * @return void
     * @throws AssertionFailedException
     * @throws Throwable
     */
    public function saveAuthn(): void
    {
        try {
            $error = Registry::getRequest()->getRequestEscapedParameter('error');
            if ( strlen((string) $error) ) {
                /** @var WebauthnCreateException $e */
                $e = oxNew(WebauthnCreateException::class, $error);
                throw $e;
            }

            $credential = Registry::getRequest()->getRequestEscapedParameter('credential');
            if ( strlen((string) $credential) ) {
                $webauthn = $this->d3GetMockableOxNewObject(Webauthn::class);
                $webauthn->saveAuthn($credential, Registry::getRequest()->getRequestEscapedParameter( 'keyname' ) );
            }
        } catch (WebauthnException $e) {
            $this->d3GetMockableLogger()->error($e->getDetailedErrorMessage(), ['UserId' => $this->getEditObjectId()]);
            $this->d3GetMockableLogger()->debug($e->getTraceAsString());
            $this->d3GetMockableRegistryObject(UtilsView::class)->addErrorToDisplay($e);
        } catch (Exception|NotFoundExceptionInterface|ContainerExceptionInterface|DoctrineDriverException $e) {
            $this->d3GetMockableLogger()->error($e->getMessage(), ['UserId' => $this->getEditObjectId()]);
            $this->d3GetMockableLogger()->debug($e->getTraceAsString());
            $this->d3GetMockableRegistryObject(UtilsView::class)->addErrorToDisplay($e->getMessage());
        }
    }

    /**
     * @param $pageType
     * @return void
     */
    public function setPageType($pageType): void
    {
        $this->addTplParam('pageType', $pageType);
    }

    /**
     * @throws DoctrineDriverException
     * @throws DoctrineException
     */
    public function setAuthnRegister(): void
    {
        $authn = $this->d3GetMockableOxNewObject(Webauthn::class);

        $user = $this->d3GetMockableOxNewObject(User::class);
        $user->load($this->getEditObjectId());
        $publicKeyCredentialCreationOptions = $authn->getCreationOptions($user);

        $this->addTplParam(
            'webauthn_publickey_create',
            $publicKeyCredentialCreationOptions
        );

        $this->addTplParam('isAdmin', isAdmin());
        $this->addTplParam('keyname', Registry::getRequest()->getRequestEscapedParameter('credenialname'));
    }

    /**
     * @param $userId
     *
     * @return array
     * @throws ContainerExceptionInterface
     * @throws DoctrineDriverException
     * @throws DoctrineException
     * @throws NotFoundExceptionInterface
     */
    public function getCredentialList($userId): array
    {
        $oUser = $this->d3GetMockableOxNewObject(User::class);
        $oUser->load($userId);

        $publicKeyCredentials = $this->d3GetMockableOxNewObject(PublicKeyCredentialList::class);
        return $publicKeyCredentials->getAllFromUser($oUser)->getArray();
    }

    /**
     * @return void
     */
    public function deleteKey(): void
    {
        $credential = $this->d3GetMockableOxNewObject(PublicKeyCredential::class);
        $credential->delete(Registry::getRequest()->getRequestEscapedParameter('deleteoxid'));
    }
}
add shop controllers 2022-10-24 22:24:40 +02:00			`<?php`

			`/**`
change license notes 2022-11-04 22:45:47 +01:00			`* For the full copyright and license information, please view the LICENSE`
			`* file that was distributed with this source code.`
			`*`
			`* https://www.d3data.de`
add shop controllers 2022-10-24 22:24:40 +02:00			`*`
			`* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)`
change license notes 2022-11-04 22:45:47 +01:00			`* @author D3 Data Development - Daniel Seifert <info@shopmodule.com>`
			`* @link https://www.oxidmodule.com`
add shop controllers 2022-10-24 22:24:40 +02:00			`*/`

improve code 2022-11-04 22:02:44 +01:00			`declare(strict_types=1);`

add shop controllers 2022-10-24 22:24:40 +02:00			`namespace D3\Webauthn\Application\Controller\Admin;`

improve code 2022-12-12 23:41:07 +01:00			`use Assert\AssertionFailedException;`
add admin controller tests 2022-11-22 00:26:04 +01:00			`use D3\TestingTools\Production\IsMockable;`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`use D3\Webauthn\Application\Model\Credential\PublicKeyCredential;`
			`use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList;`
improve error handling 2022-11-03 13:18:02 +01:00			`use D3\Webauthn\Application\Model\Exceptions\WebauthnCreateException;`
			`use D3\Webauthn\Application\Model\Exceptions\WebauthnException;`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`use D3\Webauthn\Application\Model\Webauthn;`
add shop controllers 2022-10-24 22:24:40 +02:00			`use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;`
improve code 2022-11-02 16:38:43 +01:00			`use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;`
			`use Doctrine\DBAL\Exception as DoctrineException;`
add shop controllers 2022-10-24 22:24:40 +02:00			`use Exception;`
			`use OxidEsales\Eshop\Application\Controller\Admin\AdminDetailsController;`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`use OxidEsales\Eshop\Application\Model\User;`
add shop controllers 2022-10-24 22:24:40 +02:00			`use OxidEsales\Eshop\Core\Registry;`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`use OxidEsales\Eshop\Core\Utils;`
			`use OxidEsales\Eshop\Core\UtilsView;`
improve code 2022-11-02 16:38:43 +01:00			`use Psr\Container\ContainerExceptionInterface;`
			`use Psr\Container\NotFoundExceptionInterface;`
improve code 2022-12-12 23:41:07 +01:00			`use Throwable;`
add shop controllers 2022-10-24 22:24:40 +02:00
			`class d3user_webauthn extends AdminDetailsController`
			`{`
add admin controller tests 2022-11-22 00:26:04 +01:00			`use IsMockable;`

add shop controllers 2022-10-24 22:24:40 +02:00			`protected $_sSaveError = null;`

			`protected $_sThisTemplate = 'd3user_webauthn.tpl';`

			`/**`
			`* @return string`
			`*/`
improve code 2022-10-30 00:27:11 +02:00			`public function render(): string`
add shop controllers 2022-10-24 22:24:40 +02:00			`{`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$this->addTplParam('readonly', !$this->d3GetMockableOxNewObject(Webauthn::class)->isAvailable());`
disable create credential on insecure connections 2022-10-26 10:15:49 +02:00
adjust mockable function calls, make compatible to same class extensions from TOTP plugin 2022-12-07 12:03:24 +01:00			`$this->d3CallMockableFunction([AdminDetailsController::class, 'render']);`
add shop controllers 2022-10-24 22:24:40 +02:00
			`$soxId = $this->getEditObjectId();`

improve code 2022-12-12 23:41:07 +01:00			`if ($soxId != "-1") {`
add shop controllers 2022-10-24 22:24:40 +02:00			`/** @var d3_User_Webauthn $oUser */`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$oUser = $this->d3GetMockableOxNewObject(User::class);`
add shop controllers 2022-10-24 22:24:40 +02:00			`if ($oUser->load($soxId)) {`
			`$this->addTplParam("oxid", $oUser->getId());`
			`} else {`
			`$this->addTplParam("oxid", '-1');`
			`}`
			`$this->addTplParam("edit", $oUser);`
			`}`

			`if ($this->_sSaveError) {`
			`$this->addTplParam("sSaveError", $this->_sSaveError);`
			`}`

			`return $this->_sThisTemplate;`
			`}`

improve code 2022-11-04 22:02:44 +01:00			`/**`
			`* @return void`
			`*/`
			`public function requestNewCredential(): void`
can add new key and delete existing one 2022-10-26 00:02:55 +02:00			`{`
improve code 2022-11-02 16:38:43 +01:00			`try {`
			`$this->setPageType( 'requestnew' );`
			`$this->setAuthnRegister();`
			`} catch (Exception\|ContainerExceptionInterface\|NotFoundExceptionInterface\|DoctrineDriverException $e) {`
improve code 2022-12-12 23:41:07 +01:00			`$this->d3GetMockableRegistryObject(UtilsView::class)->addErrorToDisplay($e->getMessage());`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$this->d3GetMockableLogger()->error($e->getMessage(), ['UserId' => $this->getEditObjectId()]);`
			`$this->d3GetMockableLogger()->debug($e->getTraceAsString());`
			`$this->d3GetMockableRegistryObject(Utils::class)->redirect('index.php?cl=d3user_webauthn');`
improve code 2022-11-02 16:38:43 +01:00			`}`
can add new key and delete existing one 2022-10-26 00:02:55 +02:00			`}`

improve code 2022-11-04 22:02:44 +01:00			`/**`
			`* @return void`
improve code 2022-12-12 23:41:07 +01:00			`* @throws AssertionFailedException`
			`* @throws Throwable`
improve code 2022-11-04 22:02:44 +01:00			`*/`
			`public function saveAuthn(): void`
can add new key and delete existing one 2022-10-26 00:02:55 +02:00			`{`
improve code 2022-11-02 16:38:43 +01:00			`try {`
fix missing is string check 2022-11-13 21:43:33 +01:00			`$error = Registry::getRequest()->getRequestEscapedParameter('error');`
			`if ( strlen((string) $error) ) {`
improve error handling 2022-11-03 13:18:02 +01:00			`/** @var WebauthnCreateException $e */`
fix missing is string check 2022-11-13 21:43:33 +01:00			`$e = oxNew(WebauthnCreateException::class, $error);`
improve error handling 2022-11-03 13:18:02 +01:00			`throw $e;`
improve code 2022-11-02 16:38:43 +01:00			`}`
can add new key and delete existing one 2022-10-26 00:02:55 +02:00
fix missing is string check 2022-11-13 21:43:33 +01:00			`$credential = Registry::getRequest()->getRequestEscapedParameter('credential');`
			`if ( strlen((string) $credential) ) {`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$webauthn = $this->d3GetMockableOxNewObject(Webauthn::class);`
fix missing is string check 2022-11-13 21:43:33 +01:00			`$webauthn->saveAuthn($credential, Registry::getRequest()->getRequestEscapedParameter( 'keyname' ) );`
improve code 2022-11-02 16:38:43 +01:00			`}`
improve code 2022-12-12 23:41:07 +01:00			`} catch (WebauthnException $e) {`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$this->d3GetMockableLogger()->error($e->getDetailedErrorMessage(), ['UserId' => $this->getEditObjectId()]);`
			`$this->d3GetMockableLogger()->debug($e->getTraceAsString());`
			`$this->d3GetMockableRegistryObject(UtilsView::class)->addErrorToDisplay($e);`
improve code 2022-12-12 23:41:07 +01:00			`} catch (Exception\|NotFoundExceptionInterface\|ContainerExceptionInterface\|DoctrineDriverException $e) {`
			`$this->d3GetMockableLogger()->error($e->getMessage(), ['UserId' => $this->getEditObjectId()]);`
			`$this->d3GetMockableLogger()->debug($e->getTraceAsString());`
			`$this->d3GetMockableRegistryObject(UtilsView::class)->addErrorToDisplay($e->getMessage());`
can add new key and delete existing one 2022-10-26 00:02:55 +02:00			`}`
			`}`

improve code 2022-11-04 22:02:44 +01:00			`/**`
			`* @param $pageType`
			`* @return void`
			`*/`
			`public function setPageType($pageType): void`
can add new key and delete existing one 2022-10-26 00:02:55 +02:00			`{`
			`$this->addTplParam('pageType', $pageType);`
			`}`

improve code 2022-11-02 16:38:43 +01:00			`/**`
			`* @throws DoctrineDriverException`
			`* @throws DoctrineException`
			`*/`
improve code 2022-11-04 22:02:44 +01:00			`public function setAuthnRegister(): void`
add shop controllers 2022-10-24 22:24:40 +02:00			`{`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$authn = $this->d3GetMockableOxNewObject(Webauthn::class);`
improve code 2022-11-02 16:38:43 +01:00
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$user = $this->d3GetMockableOxNewObject(User::class);`
improve code 2022-11-02 16:38:43 +01:00			`$user->load($this->getEditObjectId());`
			`$publicKeyCredentialCreationOptions = $authn->getCreationOptions($user);`

			`$this->addTplParam(`
			`'webauthn_publickey_create',`
			`$publicKeyCredentialCreationOptions`
			`);`
can add new key and delete existing one 2022-10-26 00:02:55 +02:00
			`$this->addTplParam('isAdmin', isAdmin());`
			`$this->addTplParam('keyname', Registry::getRequest()->getRequestEscapedParameter('credenialname'));`
add shop controllers 2022-10-24 22:24:40 +02:00			`}`

			`/**`
			`* @param $userId`
improve code 2022-11-02 16:38:43 +01:00			`*`
refactor to show existing registrations in admin 2022-10-25 01:01:10 +02:00			`* @return array`
improve code 2022-11-02 16:38:43 +01:00			`* @throws ContainerExceptionInterface`
			`* @throws DoctrineDriverException`
			`* @throws DoctrineException`
			`* @throws NotFoundExceptionInterface`
add shop controllers 2022-10-24 22:24:40 +02:00			`*/`
improve code 2022-10-30 00:27:11 +02:00			`public function getCredentialList($userId): array`
add shop controllers 2022-10-24 22:24:40 +02:00			`{`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$oUser = $this->d3GetMockableOxNewObject(User::class);`
add shop controllers 2022-10-24 22:24:40 +02:00			`$oUser->load($userId);`

move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$publicKeyCredentials = $this->d3GetMockableOxNewObject(PublicKeyCredentialList::class);`
add admin controller tests 2022-11-22 00:26:04 +01:00			`return $publicKeyCredentials->getAllFromUser($oUser)->getArray();`
add shop controllers 2022-10-24 22:24:40 +02:00			`}`

improve code 2022-11-04 22:02:44 +01:00			`/**`
			`* @return void`
			`*/`
			`public function deleteKey(): void`
can add new key and delete existing one 2022-10-26 00:02:55 +02:00			`{`
move OXID object getters to testing library 2022-12-04 00:24:28 +01:00			`$credential = $this->d3GetMockableOxNewObject(PublicKeyCredential::class);`
can add new key and delete existing one 2022-10-26 00:02:55 +02:00			`$credential->delete(Registry::getRequest()->getRequestEscapedParameter('deleteoxid'));`
			`}`
add shop controllers 2022-10-24 22:24:40 +02:00			`}`