improve code

This commit is contained in:
Daniel Seifert 2022-11-02 16:38:43 +01:00
parent 0cc90e4bd5
commit 06210443c5
Signed by: DanielS
GPG Key ID: 8A7C4C6ED1915C6F
4 changed files with 109 additions and 62 deletions

View File

@ -20,14 +20,15 @@ use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList;
use D3\Webauthn\Application\Model\Webauthn;
use D3\Webauthn\Application\Model\WebauthnConf;
use D3\Webauthn\Application\Model\WebauthnErrors;
use D3\Webauthn\Application\Model\WebauthnException;
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
use Doctrine\DBAL\Exception as DoctrineException;
use Exception;
use OxidEsales\Eshop\Application\Controller\Admin\AdminDetailsController;
use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
use OxidEsales\Eshop\Core\Exception\DatabaseErrorException;
use OxidEsales\Eshop\Core\Registry;
use Psr\Container\ContainerExceptionInterface;
use Psr\Container\NotFoundExceptionInterface;
class d3user_webauthn extends AdminDetailsController
{
@ -40,7 +41,7 @@ class d3user_webauthn extends AdminDetailsController
*/
public function render(): string
{
$this->addTplParam('readonly', (bool) !(oxNew(Webauthn::class)->isAvailable()));
$this->addTplParam('readonly', !(oxNew(Webauthn::class)->isAvailable()));
parent::render();
@ -66,26 +67,31 @@ class d3user_webauthn extends AdminDetailsController
public function requestNewCredential()
{
$this->setPageType('requestnew');
$this->setAuthnRegister();
try {
$this->setPageType( 'requestnew' );
$this->setAuthnRegister();
} catch (Exception|ContainerExceptionInterface|NotFoundExceptionInterface|DoctrineDriverException $e) {
Registry::getUtilsView()->addErrorToDisplay($e->getMessage());
Registry::getLogger()->error('webauthn creation request: '.$e->getMessage());
Registry::getUtils()->redirect('index.php?cl=d3user_webauthn');
}
}
public function saveAuthn()
{
if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) {
$errors = oxNew(WebauthnErrors::class);
Registry::getUtilsView()->addErrorToDisplay(
$errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'), WebauthnConf::TYPE_CREATE)
);
}
try {
if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'error' ) ) ) {
$errors = oxNew( WebauthnErrors::class );
Registry::getUtilsView()->addErrorToDisplay( $errors->translateError( Registry::getRequest()->getRequestEscapedParameter( 'error' ), WebauthnConf::TYPE_CREATE ) );
}
if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) {
/** @var Webauthn $webauthn */
$webauthn = oxNew(Webauthn::class);
$webauthn->saveAuthn(
Registry::getRequest()->getRequestEscapedParameter('credential'),
Registry::getRequest()->getRequestEscapedParameter('keyname')
);
if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'credential' ) ) ) {
/** @var Webauthn $webauthn */
$webauthn = oxNew( Webauthn::class );
$webauthn->saveAuthn( Registry::getRequest()->getRequestEscapedParameter( 'credential' ), Registry::getRequest()->getRequestEscapedParameter( 'keyname' ) );
}
} catch (Exception|NotFoundExceptionInterface|ContainerExceptionInterface|DoctrineDriverException $e) {
Registry::getUtilsView()->addErrorToDisplay($e->getMessage());
}
}
@ -94,22 +100,24 @@ class d3user_webauthn extends AdminDetailsController
$this->addTplParam('pageType', $pageType);
}
/**
* @throws ContainerExceptionInterface
* @throws DoctrineDriverException
* @throws NotFoundExceptionInterface
* @throws DoctrineException
*/
public function setAuthnRegister()
{
try {
$authn = oxNew(Webauthn::class);
$authn = oxNew(Webauthn::class);
$user = $this->getUserObject();
$user->load($this->getEditObjectId());
$publicKeyCredentialCreationOptions = $authn->getCreationOptions($user);
$user = $this->getUserObject();
$user->load($this->getEditObjectId());
$publicKeyCredentialCreationOptions = $authn->getCreationOptions($user);
$this->addTplParam(
'webauthn_publickey_create',
$publicKeyCredentialCreationOptions
);
} catch (WebauthnException $e) {
// ToDo: log exc message and show message
}
$this->addTplParam(
'webauthn_publickey_create',
$publicKeyCredentialCreationOptions
);
$this->addTplParam('isAdmin', isAdmin());
$this->addTplParam('keyname', Registry::getRequest()->getRequestEscapedParameter('credenialname'));
@ -117,7 +125,12 @@ class d3user_webauthn extends AdminDetailsController
/**
* @param $userId
*
* @return array
* @throws ContainerExceptionInterface
* @throws DoctrineDriverException
* @throws DoctrineException
* @throws NotFoundExceptionInterface
*/
public function getCredentialList($userId): array
{

View File

@ -41,47 +41,71 @@ class PublicKeyCredential extends BaseModel
parent::__construct();
}
public function setName($name)
/**
* @param string $name
*/
public function setName(string $name)
{
$this->assign(['name' => $name]);
}
public function getName()
/**
* @return string|null
*/
public function getName(): ?string
{
return $this->getFieldData('name');
}
public function setCredentialId($credentialId)
/**
* @param string $credentialId
*/
public function setCredentialId(string $credentialId)
{
$this->assign([
'credentialid' => base64_encode($credentialId)
]);
}
/**
* @return false|string
*/
public function getCredentialId()
{
return base64_decode($this->__get($this->_getFieldLongName('credentialid'))->rawValue);
}
public function setUserId($userId)
/**
* @param string $userId
*/
public function setUserId(string $userId)
{
$this->assign([
'oxuserid' => $userId
]);
}
public function getUserId()
/**
* @return string|null
*/
public function getUserId(): ?string
{
return $this->__get($this->_getFieldLongName('oxuserid'))->rawValue;
}
public function setCredential($credential)
/**
* @param PublicKeyCredentialSource $credential
*/
public function setCredential(PublicKeyCredentialSource $credential)
{
$this->assign([
'credential' => base64_encode(serialize($credential))
]);
}
/**
* @return false|PublicKeyCredentialSource
*/
public function getCredential()
{
return unserialize(base64_decode($this->__get($this->_getFieldLongName('credential'))->rawValue));
@ -89,8 +113,13 @@ class PublicKeyCredential extends BaseModel
/**
* @param PublicKeyCredentialSource $publicKeyCredentialSource
* @param string|null $keyName
* @param string|null $keyName
*
* @return void
* @throws ContainerExceptionInterface
* @throws DoctrineDriverException
* @throws DoctrineException
* @throws NotFoundExceptionInterface
* @throws Exception
*/
public function saveCredentialSource(PublicKeyCredentialSource $publicKeyCredentialSource, string $keyName = null): void
@ -118,10 +147,10 @@ class PublicKeyCredential extends BaseModel
/**
* @param string $publicKeyCredentialId
*
* @return string|null
* @throws DoctrineDriverException
* @throws DoctrineException
* @throws ContainerExceptionInterface
* @throws DoctrineException
* @throws NotFoundExceptionInterface
*/
public function getIdByCredentialId(string $publicKeyCredentialId): ?string

View File

@ -122,36 +122,41 @@ class Webauthn
return $server;
}
/**
* @param string $credential
* @param string|null $keyName
*
* @throws ContainerExceptionInterface
* @throws DoctrineDriverException
* @throws DoctrineException
* @throws NotFoundExceptionInterface
* @throws Exception
*/
public function saveAuthn(string $credential, string $keyName = null)
{
try {
$psr17Factory = new Psr17Factory();
$creator = new ServerRequestCreator(
$psr17Factory,
$psr17Factory,
$psr17Factory,
$psr17Factory
);
$serverRequest = $creator->fromGlobals();
$psr17Factory = new Psr17Factory();
$creator = new ServerRequestCreator(
$psr17Factory,
$psr17Factory,
$psr17Factory,
$psr17Factory
);
$serverRequest = $creator->fromGlobals();
$publicKeyCredentialSource = $this->getServer()->loadAndCheckAttestationResponse(
html_entity_decode($credential),
Registry::getSession()->getVariable(self::SESSION_CREATIONS_OPTIONS),
$serverRequest
);
$publicKeyCredentialSource = $this->getServer()->loadAndCheckAttestationResponse(
html_entity_decode($credential),
Registry::getSession()->getVariable(self::SESSION_CREATIONS_OPTIONS),
$serverRequest
);
$pkCredential = oxNew(PublicKeyCredential::class);
$pkCredential->saveCredentialSource($publicKeyCredentialSource, $keyName);
} catch (Exception $e) {
// ToDo: write exc msg to display and log
}
$pkCredential = oxNew(PublicKeyCredential::class);
$pkCredential->saveCredentialSource($publicKeyCredentialSource, $keyName);
}
/**
* @param string $response
*
* @return bool
* @throws AssertionFailedException
* @throws WebauthnException
*/
public function assertAuthn(string $response): bool
{

View File

@ -44,7 +44,7 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
public function login_noredirect()
{
$lgn_user = Registry::getRequest()->getRequestParameter('lgn_usr');
$password = Registry::getConfig()->getRequestParameter('lgn_pwd', true);
$password = Registry::getRequest()->getRequestParameter('lgn_pwd');
/** @var d3_User_Webauthn $user */
$user = oxNew(User::class);
$userId = $user->d3GetLoginUserId($lgn_user);