From 521d8e9e6a3de6a9ae354c5a058b5edbb8fdbfd2 Mon Sep 17 00:00:00 2001 From: Daniel Seifert Date: Tue, 1 Nov 2022 23:42:25 +0100 Subject: [PATCH] add logger, improve error messages --- .../Controller/Admin/d3user_webauthn.php | 3 ++- .../Controller/Admin/d3webauthnadminlogin.php | 2 +- .../Controller/d3_account_webauthn.php | 3 ++- .../Controller/d3webauthnlogin.php | 4 +-- src/Application/Model/Webauthn.php | 4 ++- src/Application/Model/WebauthnConf.php | 3 +++ src/Application/Model/WebauthnErrors.php | 26 +++++++++---------- .../translations/de/d3webauthn_lang.php | 3 ++- .../views/admin/de/d3webauthn_lang.php | 6 ++++- .../views/admin/en/d3webauthn_lang.php | 6 ++++- 10 files changed, 38 insertions(+), 22 deletions(-) diff --git a/src/Application/Controller/Admin/d3user_webauthn.php b/src/Application/Controller/Admin/d3user_webauthn.php index 6fda38b..8066163 100755 --- a/src/Application/Controller/Admin/d3user_webauthn.php +++ b/src/Application/Controller/Admin/d3user_webauthn.php @@ -18,6 +18,7 @@ namespace D3\Webauthn\Application\Controller\Admin; use D3\Webauthn\Application\Model\Credential\PublicKeyCredential; use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList; use D3\Webauthn\Application\Model\Webauthn; +use D3\Webauthn\Application\Model\WebauthnConf; use D3\Webauthn\Application\Model\WebauthnErrors; use D3\Webauthn\Application\Model\WebauthnException; use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn; @@ -74,7 +75,7 @@ class d3user_webauthn extends AdminDetailsController if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) { $errors = oxNew(WebauthnErrors::class); Registry::getUtilsView()->addErrorToDisplay( - $errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error')) + $errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'), WebauthnConf::TYPE_CREATE) ); } diff --git a/src/Application/Controller/Admin/d3webauthnadminlogin.php b/src/Application/Controller/Admin/d3webauthnadminlogin.php index b12f3a8..12a6862 100755 --- a/src/Application/Controller/Admin/d3webauthnadminlogin.php +++ b/src/Application/Controller/Admin/d3webauthnadminlogin.php @@ -104,7 +104,7 @@ class d3webauthnadminlogin extends AdminController $errors = oxNew(WebauthnErrors::class); throw oxNew( StandardException::class, - $errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error')) + $errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'), WebauthnConf::TYPE_GET) ); } diff --git a/src/Application/Controller/d3_account_webauthn.php b/src/Application/Controller/d3_account_webauthn.php index 7b0ec89..cf10399 100755 --- a/src/Application/Controller/d3_account_webauthn.php +++ b/src/Application/Controller/d3_account_webauthn.php @@ -18,6 +18,7 @@ namespace D3\Webauthn\Application\Controller; use D3\Webauthn\Application\Model\Credential\PublicKeyCredential; use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList; use D3\Webauthn\Application\Model\Webauthn; +use D3\Webauthn\Application\Model\WebauthnConf; use D3\Webauthn\Application\Model\WebauthnErrors; use D3\Webauthn\Application\Model\WebauthnException; use OxidEsales\Eshop\Application\Controller\AccountController; @@ -91,7 +92,7 @@ class d3_account_webauthn extends AccountController if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) { $errors = oxNew(WebauthnErrors::class); Registry::getUtilsView()->addErrorToDisplay( - $errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error')) + $errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'), WebauthnConf::TYPE_CREATE) ); } diff --git a/src/Application/Controller/d3webauthnlogin.php b/src/Application/Controller/d3webauthnlogin.php index a72407e..b2cc1c2 100755 --- a/src/Application/Controller/d3webauthnlogin.php +++ b/src/Application/Controller/d3webauthnlogin.php @@ -102,8 +102,8 @@ class d3webauthnlogin extends FrontendController if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) { $errors = oxNew(WebauthnErrors::class); throw oxNew( - StandardException::class, - $errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error')) + WebauthnException::class, + $errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'), WebauthnConf::TYPE_GET) ); } diff --git a/src/Application/Model/Webauthn.php b/src/Application/Model/Webauthn.php index b942d00..31c7448 100644 --- a/src/Application/Model/Webauthn.php +++ b/src/Application/Model/Webauthn.php @@ -117,7 +117,9 @@ class Webauthn public function getServer(): Server { $rpEntity = oxNew(RelyingPartyEntity::class); - return oxNew(Server::class, $rpEntity, oxNew(PublicKeyCredentialList::class)); + $server = oxNew(Server::class, $rpEntity, oxNew(PublicKeyCredentialList::class)); + $server->setLogger(Registry::getLogger()); + return $server; } public function saveAuthn(string $credential, string $keyName = null) diff --git a/src/Application/Model/WebauthnConf.php b/src/Application/Model/WebauthnConf.php index d0f8db0..51c094f 100755 --- a/src/Application/Model/WebauthnConf.php +++ b/src/Application/Model/WebauthnConf.php @@ -25,4 +25,7 @@ class WebauthnConf public const WEBAUTHN_SESSION_NAVFORMPARAMS = 'd3webauthnNavFormParams'; // no usage public const GLOBAL_SWITCH = 'blDisableWebauthnGlobally'; + + public const TYPE_CREATE = 'TYPECREATE'; + public const TYPE_GET = 'TYPEGET'; } \ No newline at end of file diff --git a/src/Application/Model/WebauthnErrors.php b/src/Application/Model/WebauthnErrors.php index bbdc41b..28d1b5f 100644 --- a/src/Application/Model/WebauthnErrors.php +++ b/src/Application/Model/WebauthnErrors.php @@ -6,26 +6,27 @@ use OxidEsales\Eshop\Core\Registry; class WebauthnErrors { - public const INVALIDSTATE = 'invalidstateerror'; - public const NOTALLWED = 'notallowederror'; - public const ABORT = 'aborterror'; - public const CONSTRAINT = 'constrainterror'; - public const NOTSUPPORTED = 'notsupporederror'; - public const UNKNOWN = 'unknownerror'; - public const NOPUBKEYSUPPORT= 'd3nopublickeycredentialsupportederror'; + public const INVALIDSTATE = 'invalidstateerror'; + public const NOTALLWED = 'notallowederror'; + public const ABORT = 'aborterror'; + public const CONSTRAINT = 'constrainterror'; + public const NOTSUPPORTED = 'notsupporederror'; + public const UNKNOWN = 'unknownerror'; + public const NOPUBKEYSUPPORT = 'd3nopublickeycredentialsupportederror'; /** - * @see https://webidl.spec.whatwg.org/ * @param $msg - * @return mixed|string + * @param null $type + * @return string */ - public function translateError($msg) + public function translateError($msg, $type = null): string { $lang = Registry::getLang(); + $type = $type ? '_'.$type : null; switch ($this->getErrIdFromMessage($msg)) { case self::INVALIDSTATE: - return $lang->translateString('D3_WEBAUTHN_ERR_INVALIDSTATE', null, true); + return $lang->translateString('D3_WEBAUTHN_ERR_INVALIDSTATE'.$type, null, true); case self::NOTALLWED: return $lang->translateString('D3_WEBAUTHN_ERR_NOTALLOWED', null, true); case self::ABORT: @@ -38,10 +39,9 @@ class WebauthnErrors return $lang->translateString('D3_WEBAUTHN_ERR_UNKNOWN', null, true); case self::NOPUBKEYSUPPORT: return $lang->translateString('D3_WEBAUTHN_ERR_NOPUBKEYSUPPORT', null, true); - // ToDo: translate messages from Webauthn package like "The credential ID is invalid." } - return $msg; + return $lang->translateString('D3_WEBAUTHN_ERR_TECHNICALERROR', null, true); } /** diff --git a/src/Application/translations/de/d3webauthn_lang.php b/src/Application/translations/de/d3webauthn_lang.php index 5e9cfe8..b6da8c5 100755 --- a/src/Application/translations/de/d3webauthn_lang.php +++ b/src/Application/translations/de/d3webauthn_lang.php @@ -7,7 +7,8 @@ $sLangName = 'Deutsch'; // ------------------------------- $aLang = array( 'charset' => 'UTF-8', - + + 'PAGE_TITLE_D3WEBAUTHNLOGIN' => 'Passwortloses Anmelden', 'D3_WEBAUTHN_ACCOUNT' => 'Sicherheitsschlüssel', 'D3_WEBAUTHN_ACC_REGISTERNEW' => 'neue Registrierung erstellen', 'D3_WEBAUTHN_ACC_ADDKEY' => 'Sicherheitsschlüssel hinzufügen', diff --git a/src/Application/views/admin/de/d3webauthn_lang.php b/src/Application/views/admin/de/d3webauthn_lang.php index e6d1329..e0c4324 100755 --- a/src/Application/views/admin/de/d3webauthn_lang.php +++ b/src/Application/views/admin/de/d3webauthn_lang.php @@ -15,6 +15,8 @@ * @link http://www.oxidmodule.com */ +use D3\Webauthn\Application\Model\WebauthnConf; + $sLangName = "Deutsch"; $aLang = [ @@ -39,13 +41,15 @@ $aLang = [ 'D3_WEBAUTHN_REGISTEREDKEYS' => 'registrierte Schlüssel', 'D3_WEBAUTHN_ERR_UNSECURECONNECTION' => 'Die Verwendung von Sicherheitsschlüsseln ist nur bei gesicherten oder lokalen Verbindungen (https) möglich.', - 'D3_WEBAUTHN_ERR_INVALIDSTATE' => 'Der Schlüssel vom Token kann nicht oder nicht mehr verwendet werden. Möglicherweise wurde dieser in Ihrem Konto schon einmal gespeichert.', + 'D3_WEBAUTHN_ERR_INVALIDSTATE_'.WebauthnConf::TYPE_CREATE => 'Der Schlüssel vom Token kann nicht oder nicht mehr verwendet werden. Möglicherweise wurde dieser in Ihrem Konto schon einmal gespeichert.', + 'D3_WEBAUTHN_ERR_INVALIDSTATE_'.WebauthnConf::TYPE_GET => 'Der Schlüssel kann nicht validiert werden.', 'D3_WEBAUTHN_ERR_NOTALLOWED' => 'Die Anfrage wurde vom Browser oder der Plattform nicht zugelassen. Möglicherweise fehlen Berechtigungen oder die Zeit ist abgelaufen.', 'D3_WEBAUTHN_ERR_ABORT' => 'Die Aktion wurde vom Browser oder der Plattform abgebrochen.', 'D3_WEBAUTHN_ERR_CONSTRAINT' => 'Die Aktion konnte vom authentisierenden Gerät nicht durchgeführt werden.', 'D3_WEBAUTHN_ERR_NOTSUPPORTED' => 'Die Aktion wird nicht unterstützt.', 'D3_WEBAUTHN_ERR_UNKNOWN' => 'Die Aktion wurde wegen eines unbekannten Fehlers abgebrochen.', 'D3_WEBAUTHN_ERR_NOPUBKEYSUPPORT' => 'Ihr Browser unterstützt die Verwendung von Hardwareschlüsseln leider nicht.', + 'D3_WEBAUTHN_ERR_TECHNICALERROR' => 'Beim Prüfen der Zugangsdaten ist ein technischer Fehler aufgetreten.', 'D3_WEBAUTHN_ERR_LOGINPROHIBITED' => 'Die Anmeldung mit Sicherheitsschlüssel ist aus technischen Gründen derzeit leider nicht möglich. Bitte verwenden Sie statt dessen Ihr Passwort.', ]; diff --git a/src/Application/views/admin/en/d3webauthn_lang.php b/src/Application/views/admin/en/d3webauthn_lang.php index d5f6c91..7cf8d9d 100755 --- a/src/Application/views/admin/en/d3webauthn_lang.php +++ b/src/Application/views/admin/en/d3webauthn_lang.php @@ -15,6 +15,8 @@ * @link http://www.oxidmodule.com */ +use D3\Webauthn\Application\Model\WebauthnConf; + $sLangName = "English"; $aLang = [ @@ -39,13 +41,15 @@ $aLang = [ 'D3_WEBAUTHN_REGISTEREDKEYS' => 'registered keys', 'D3_WEBAUTHN_ERR_UNSECURECONNECTION' => 'The use of security keys is only possible with secured or local connections (https).', - 'D3_WEBAUTHN_ERR_INVALIDSTATE' => 'The key from the token cannot be used or can no longer be used. It may have been stored in your account before.', + 'D3_WEBAUTHN_ERR_INVALIDSTATE_'.WebauthnConf::TYPE_CREATE => 'The key from the token cannot be used or can no longer be used. It may have been stored in your account before.', + 'D3_WEBAUTHN_ERR_INVALIDSTATE_'.WebauthnConf::TYPE_GET => 'The key cannot be validated.', 'D3_WEBAUTHN_ERR_NOTALLOWED' => 'The request was not allowed by the browser or the platform. Possibly permissions are missing or the time has expired.', 'D3_WEBAUTHN_ERR_ABORT' => 'The action was aborted by the browser or the platform.', 'D3_WEBAUTHN_ERR_CONSTRAINT' => 'The action could not be performed by the authenticating device.', 'D3_WEBAUTHN_ERR_NOTSUPPORTED' => 'The action is not supported.', 'D3_WEBAUTHN_ERR_UNKNOWN' => 'The action was cancelled due to an unknown error.', 'D3_WEBAUTHN_ERR_NOPUBKEYSUPPORT' => 'Unfortunately, your browser does not support the use of hardware keys.', + 'D3_WEBAUTHN_ERR_TECHNICALERROR' => 'A technical error occurred while checking the access data.', 'D3_WEBAUTHN_ERR_LOGINPROHIBITED' => 'Unfortunately, logging in with a security key is currently not possible for technical reasons. Please use your password instead.', ];