improve code
This commit is contained in:
parent
0cc90e4bd5
commit
06210443c5
|
@ -20,14 +20,15 @@ use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList;
|
|||
use D3\Webauthn\Application\Model\Webauthn;
|
||||
use D3\Webauthn\Application\Model\WebauthnConf;
|
||||
use D3\Webauthn\Application\Model\WebauthnErrors;
|
||||
use D3\Webauthn\Application\Model\WebauthnException;
|
||||
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
|
||||
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
|
||||
use Doctrine\DBAL\Exception as DoctrineException;
|
||||
use Exception;
|
||||
use OxidEsales\Eshop\Application\Controller\Admin\AdminDetailsController;
|
||||
use OxidEsales\Eshop\Application\Model\User;
|
||||
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
|
||||
use OxidEsales\Eshop\Core\Exception\DatabaseErrorException;
|
||||
use OxidEsales\Eshop\Core\Registry;
|
||||
use Psr\Container\ContainerExceptionInterface;
|
||||
use Psr\Container\NotFoundExceptionInterface;
|
||||
|
||||
class d3user_webauthn extends AdminDetailsController
|
||||
{
|
||||
|
@ -40,7 +41,7 @@ class d3user_webauthn extends AdminDetailsController
|
|||
*/
|
||||
public function render(): string
|
||||
{
|
||||
$this->addTplParam('readonly', (bool) !(oxNew(Webauthn::class)->isAvailable()));
|
||||
$this->addTplParam('readonly', !(oxNew(Webauthn::class)->isAvailable()));
|
||||
|
||||
parent::render();
|
||||
|
||||
|
@ -66,26 +67,31 @@ class d3user_webauthn extends AdminDetailsController
|
|||
|
||||
public function requestNewCredential()
|
||||
{
|
||||
$this->setPageType('requestnew');
|
||||
$this->setAuthnRegister();
|
||||
try {
|
||||
$this->setPageType( 'requestnew' );
|
||||
$this->setAuthnRegister();
|
||||
} catch (Exception|ContainerExceptionInterface|NotFoundExceptionInterface|DoctrineDriverException $e) {
|
||||
Registry::getUtilsView()->addErrorToDisplay($e->getMessage());
|
||||
Registry::getLogger()->error('webauthn creation request: '.$e->getMessage());
|
||||
Registry::getUtils()->redirect('index.php?cl=d3user_webauthn');
|
||||
}
|
||||
}
|
||||
|
||||
public function saveAuthn()
|
||||
{
|
||||
if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) {
|
||||
$errors = oxNew(WebauthnErrors::class);
|
||||
Registry::getUtilsView()->addErrorToDisplay(
|
||||
$errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'), WebauthnConf::TYPE_CREATE)
|
||||
);
|
||||
}
|
||||
try {
|
||||
if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'error' ) ) ) {
|
||||
$errors = oxNew( WebauthnErrors::class );
|
||||
Registry::getUtilsView()->addErrorToDisplay( $errors->translateError( Registry::getRequest()->getRequestEscapedParameter( 'error' ), WebauthnConf::TYPE_CREATE ) );
|
||||
}
|
||||
|
||||
if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) {
|
||||
/** @var Webauthn $webauthn */
|
||||
$webauthn = oxNew(Webauthn::class);
|
||||
$webauthn->saveAuthn(
|
||||
Registry::getRequest()->getRequestEscapedParameter('credential'),
|
||||
Registry::getRequest()->getRequestEscapedParameter('keyname')
|
||||
);
|
||||
if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'credential' ) ) ) {
|
||||
/** @var Webauthn $webauthn */
|
||||
$webauthn = oxNew( Webauthn::class );
|
||||
$webauthn->saveAuthn( Registry::getRequest()->getRequestEscapedParameter( 'credential' ), Registry::getRequest()->getRequestEscapedParameter( 'keyname' ) );
|
||||
}
|
||||
} catch (Exception|NotFoundExceptionInterface|ContainerExceptionInterface|DoctrineDriverException $e) {
|
||||
Registry::getUtilsView()->addErrorToDisplay($e->getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -94,22 +100,24 @@ class d3user_webauthn extends AdminDetailsController
|
|||
$this->addTplParam('pageType', $pageType);
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws ContainerExceptionInterface
|
||||
* @throws DoctrineDriverException
|
||||
* @throws NotFoundExceptionInterface
|
||||
* @throws DoctrineException
|
||||
*/
|
||||
public function setAuthnRegister()
|
||||
{
|
||||
try {
|
||||
$authn = oxNew(Webauthn::class);
|
||||
$authn = oxNew(Webauthn::class);
|
||||
|
||||
$user = $this->getUserObject();
|
||||
$user->load($this->getEditObjectId());
|
||||
$publicKeyCredentialCreationOptions = $authn->getCreationOptions($user);
|
||||
$user = $this->getUserObject();
|
||||
$user->load($this->getEditObjectId());
|
||||
$publicKeyCredentialCreationOptions = $authn->getCreationOptions($user);
|
||||
|
||||
$this->addTplParam(
|
||||
'webauthn_publickey_create',
|
||||
$publicKeyCredentialCreationOptions
|
||||
);
|
||||
} catch (WebauthnException $e) {
|
||||
// ToDo: log exc message and show message
|
||||
}
|
||||
$this->addTplParam(
|
||||
'webauthn_publickey_create',
|
||||
$publicKeyCredentialCreationOptions
|
||||
);
|
||||
|
||||
$this->addTplParam('isAdmin', isAdmin());
|
||||
$this->addTplParam('keyname', Registry::getRequest()->getRequestEscapedParameter('credenialname'));
|
||||
|
@ -117,7 +125,12 @@ class d3user_webauthn extends AdminDetailsController
|
|||
|
||||
/**
|
||||
* @param $userId
|
||||
*
|
||||
* @return array
|
||||
* @throws ContainerExceptionInterface
|
||||
* @throws DoctrineDriverException
|
||||
* @throws DoctrineException
|
||||
* @throws NotFoundExceptionInterface
|
||||
*/
|
||||
public function getCredentialList($userId): array
|
||||
{
|
||||
|
|
|
@ -41,47 +41,71 @@ class PublicKeyCredential extends BaseModel
|
|||
parent::__construct();
|
||||
}
|
||||
|
||||
public function setName($name)
|
||||
/**
|
||||
* @param string $name
|
||||
*/
|
||||
public function setName(string $name)
|
||||
{
|
||||
$this->assign(['name' => $name]);
|
||||
}
|
||||
|
||||
public function getName()
|
||||
/**
|
||||
* @return string|null
|
||||
*/
|
||||
public function getName(): ?string
|
||||
{
|
||||
return $this->getFieldData('name');
|
||||
}
|
||||
|
||||
public function setCredentialId($credentialId)
|
||||
/**
|
||||
* @param string $credentialId
|
||||
*/
|
||||
public function setCredentialId(string $credentialId)
|
||||
{
|
||||
$this->assign([
|
||||
'credentialid' => base64_encode($credentialId)
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return false|string
|
||||
*/
|
||||
public function getCredentialId()
|
||||
{
|
||||
return base64_decode($this->__get($this->_getFieldLongName('credentialid'))->rawValue);
|
||||
}
|
||||
|
||||
public function setUserId($userId)
|
||||
/**
|
||||
* @param string $userId
|
||||
*/
|
||||
public function setUserId(string $userId)
|
||||
{
|
||||
$this->assign([
|
||||
'oxuserid' => $userId
|
||||
]);
|
||||
}
|
||||
|
||||
public function getUserId()
|
||||
/**
|
||||
* @return string|null
|
||||
*/
|
||||
public function getUserId(): ?string
|
||||
{
|
||||
return $this->__get($this->_getFieldLongName('oxuserid'))->rawValue;
|
||||
}
|
||||
|
||||
public function setCredential($credential)
|
||||
/**
|
||||
* @param PublicKeyCredentialSource $credential
|
||||
*/
|
||||
public function setCredential(PublicKeyCredentialSource $credential)
|
||||
{
|
||||
$this->assign([
|
||||
'credential' => base64_encode(serialize($credential))
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return false|PublicKeyCredentialSource
|
||||
*/
|
||||
public function getCredential()
|
||||
{
|
||||
return unserialize(base64_decode($this->__get($this->_getFieldLongName('credential'))->rawValue));
|
||||
|
@ -89,8 +113,13 @@ class PublicKeyCredential extends BaseModel
|
|||
|
||||
/**
|
||||
* @param PublicKeyCredentialSource $publicKeyCredentialSource
|
||||
* @param string|null $keyName
|
||||
* @param string|null $keyName
|
||||
*
|
||||
* @return void
|
||||
* @throws ContainerExceptionInterface
|
||||
* @throws DoctrineDriverException
|
||||
* @throws DoctrineException
|
||||
* @throws NotFoundExceptionInterface
|
||||
* @throws Exception
|
||||
*/
|
||||
public function saveCredentialSource(PublicKeyCredentialSource $publicKeyCredentialSource, string $keyName = null): void
|
||||
|
@ -118,10 +147,10 @@ class PublicKeyCredential extends BaseModel
|
|||
|
||||
/**
|
||||
* @param string $publicKeyCredentialId
|
||||
*
|
||||
* @return string|null
|
||||
* @throws DoctrineDriverException
|
||||
* @throws DoctrineException
|
||||
* @throws ContainerExceptionInterface
|
||||
* @throws DoctrineException
|
||||
* @throws NotFoundExceptionInterface
|
||||
*/
|
||||
public function getIdByCredentialId(string $publicKeyCredentialId): ?string
|
||||
|
|
|
@ -122,36 +122,41 @@ class Webauthn
|
|||
return $server;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $credential
|
||||
* @param string|null $keyName
|
||||
*
|
||||
* @throws ContainerExceptionInterface
|
||||
* @throws DoctrineDriverException
|
||||
* @throws DoctrineException
|
||||
* @throws NotFoundExceptionInterface
|
||||
* @throws Exception
|
||||
*/
|
||||
public function saveAuthn(string $credential, string $keyName = null)
|
||||
{
|
||||
try {
|
||||
$psr17Factory = new Psr17Factory();
|
||||
$creator = new ServerRequestCreator(
|
||||
$psr17Factory,
|
||||
$psr17Factory,
|
||||
$psr17Factory,
|
||||
$psr17Factory
|
||||
);
|
||||
$serverRequest = $creator->fromGlobals();
|
||||
$psr17Factory = new Psr17Factory();
|
||||
$creator = new ServerRequestCreator(
|
||||
$psr17Factory,
|
||||
$psr17Factory,
|
||||
$psr17Factory,
|
||||
$psr17Factory
|
||||
);
|
||||
$serverRequest = $creator->fromGlobals();
|
||||
|
||||
$publicKeyCredentialSource = $this->getServer()->loadAndCheckAttestationResponse(
|
||||
html_entity_decode($credential),
|
||||
Registry::getSession()->getVariable(self::SESSION_CREATIONS_OPTIONS),
|
||||
$serverRequest
|
||||
);
|
||||
$publicKeyCredentialSource = $this->getServer()->loadAndCheckAttestationResponse(
|
||||
html_entity_decode($credential),
|
||||
Registry::getSession()->getVariable(self::SESSION_CREATIONS_OPTIONS),
|
||||
$serverRequest
|
||||
);
|
||||
|
||||
$pkCredential = oxNew(PublicKeyCredential::class);
|
||||
$pkCredential->saveCredentialSource($publicKeyCredentialSource, $keyName);
|
||||
} catch (Exception $e) {
|
||||
// ToDo: write exc msg to display and log
|
||||
}
|
||||
$pkCredential = oxNew(PublicKeyCredential::class);
|
||||
$pkCredential->saveCredentialSource($publicKeyCredentialSource, $keyName);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $response
|
||||
*
|
||||
* @return bool
|
||||
* @throws AssertionFailedException
|
||||
* @throws WebauthnException
|
||||
*/
|
||||
public function assertAuthn(string $response): bool
|
||||
{
|
||||
|
|
|
@ -44,7 +44,7 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
|
|||
public function login_noredirect()
|
||||
{
|
||||
$lgn_user = Registry::getRequest()->getRequestParameter('lgn_usr');
|
||||
$password = Registry::getConfig()->getRequestParameter('lgn_pwd', true);
|
||||
$password = Registry::getRequest()->getRequestParameter('lgn_pwd');
|
||||
/** @var d3_User_Webauthn $user */
|
||||
$user = oxNew(User::class);
|
||||
$userId = $user->d3GetLoginUserId($lgn_user);
|
||||
|
|
Loading…
Reference in New Issue