D3Public
/
webauthn
8
0
Fork 0
Code Pull Requests Packages Projects Releases Activity

assert valid credential response

This commit is contained in:
Daniel Seifert 2023-02-05 22:50:19 +01:00
parent ccf091a7e3
commit 161787d26f
Signed by: DanielS
GPG Key ID: 6A513E13AEE66170
2 changed files with 15 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/Application/Controller/Admin/d3webauthnadminlogin.php
View File

@ -15,6 +15,9 @@ declare(strict_types=1);
namespace D3\Webauthn\Application\Controller\Admin; namespace D3\Webauthn\Application\Controller\Admin;
use Assert\Assert;
use Assert\AssertionFailedException;
use Assert\InvalidArgumentException;
use D3\TestingTools\Production\IsMockable; use D3\TestingTools\Production\IsMockable;
use D3\Webauthn\Application\Model\Exceptions\WebauthnGetException; use D3\Webauthn\Application\Model\Exceptions\WebauthnGetException;
use D3\Webauthn\Application\Model\Webauthn; use D3\Webauthn\Application\Model\Webauthn;
@ -125,7 +128,7 @@ class d3webauthnadminlogin extends AdminController
return $login->adminLogin( return $login->adminLogin(
d3GetOxidDIC()->get('d3ox.webauthn.'.Request::class)->getRequestEscapedParameter('profile') d3GetOxidDIC()->get('d3ox.webauthn.'.Request::class)->getRequestEscapedParameter('profile')
); );
} catch (WebauthnGetException $e) { } catch (WebauthnGetException|AssertionFailedException $e) {
d3GetOxidDIC()->get('d3ox.webauthn.'.UtilsView::class)->addErrorToDisplay($e); d3GetOxidDIC()->get('d3ox.webauthn.'.UtilsView::class)->addErrorToDisplay($e);
return 'login'; return 'login';
} }
@ -165,16 +168,19 @@ class d3webauthnadminlogin extends AdminController
/** /**
* @return WebauthnLogin * @return WebauthnLogin
* @throws InvalidArgumentException
*/ */
protected function getWebAuthnLogin(): WebauthnLogin protected function getWebAuthnLogin(): WebauthnLogin
{ {
/** @var Request $request */ /** @var Request $request */
$request = d3GetOxidDIC()->get('d3ox.webauthn.'.Request::class); $request = d3GetOxidDIC()->get('d3ox.webauthn.'.Request::class);
return oxNew( $credential = $request->getRequestEscapedParameter('credential');
WebauthnLogin::class, $error = $request->getRequestEscapedParameter('error');
$request->getRequestEscapedParameter('credential'),
$request->getRequestEscapedParameter('error') Assert::that($credential)->string('credential value expected to be string');
); Assert::that($error)->string('error value expected to be string');
return oxNew(WebauthnLogin::class, $credential, $error);
} }
} }

5
src/Modules/Application/Component/d3_webauthn_UserComponent.php
View File

@ -17,6 +17,7 @@ namespace D3\Webauthn\Modules\Application\Component;
use Assert\Assert; use Assert\Assert;
use Assert\AssertionFailedException; use Assert\AssertionFailedException;
use Assert\InvalidArgumentException;
use D3\TestingTools\Production\IsMockable; use D3\TestingTools\Production\IsMockable;
use D3\Webauthn\Application\Model\Exceptions\WebauthnGetException; use D3\Webauthn\Application\Model\Exceptions\WebauthnGetException;
use D3\Webauthn\Application\Model\Exceptions\WebauthnLoginErrorException; use D3\Webauthn\Application\Model\Exceptions\WebauthnLoginErrorException;
@ -163,6 +164,7 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
/** /**
* @return WebauthnLogin * @return WebauthnLogin
* @throws InvalidArgumentException
*/ */
protected function d3GetWebauthnLogin(): WebauthnLogin protected function d3GetWebauthnLogin(): WebauthnLogin
{ {
@ -172,8 +174,7 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
$credential = $request->getRequestEscapedParameter('credential'); $credential = $request->getRequestEscapedParameter('credential');
$error = $request->getRequestEscapedParameter('error'); $error = $request->getRequestEscapedParameter('error');
Assert::that($credential)->string('credential value expected to be string') Assert::that($credential)->string('credential value expected to be string');
->notEmpty('credential value expected contained content');
Assert::that($error)->string('error value expected to be string'); Assert::that($error)->string('error value expected to be string');
return oxNew(WebauthnLogin::class, $credential, $error); return oxNew(WebauthnLogin::class, $credential, $error);