D3Public
/
webauthn
8
0
Fork 0
Code Pull-Requests Pakete Projekte Releases Aktivität

improve error handling

Dieser Commit ist enthalten in:
Daniel Seifert 2022-11-03 13:18:02 +01:00
Ursprung 925d55cb01
Commit 8df85439e4
Signiert von: DanielS
GPG-Schlüssel-ID: 8A7C4C6ED1915C6F
14 geänderte Dateien mit 229 neuen und 97 gelöschten Zeilen
Statistiken anzeigen Patch-Datei herunterladen Vergleichs-Datei herunterladen Alle Dateien ausklappen Alle Dateien einklappen

18
src/Application/Controller/Admin/d3user_webauthn.php
Datei anzeigen

@ -17,9 +17,9 @@ namespace D3\Webauthn\Application\Controller\Admin;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredential;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList;
use D3\Webauthn\Application\Model\Exceptions\WebauthnCreateException;
use D3\Webauthn\Application\Model\Exceptions\WebauthnException;
use D3\Webauthn\Application\Model\Webauthn;
use D3\Webauthn\Application\Model\WebauthnConf;
use D3\Webauthn\Application\Model\WebauthnErrors;
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
use Doctrine\DBAL\Exception as DoctrineException;
@ -71,8 +71,8 @@ class d3user_webauthn extends AdminDetailsController
$this->setPageType( 'requestnew' );
$this->setAuthnRegister();
} catch (Exception|ContainerExceptionInterface|NotFoundExceptionInterface|DoctrineDriverException $e) {
Registry::getUtilsView()->addErrorToDisplay($e->getMessage());
Registry::getLogger()->error('webauthn creation request: '.$e->getMessage());
Registry::getUtilsView()->addErrorToDisplay($e);
Registry::getLogger()->error('webauthn creation request: '.$e->getMessage(), ['UserId' => $this->getEditObjectId()]);
Registry::getUtils()->redirect('index.php?cl=d3user_webauthn');
}
}
@ -81,8 +81,9 @@ class d3user_webauthn extends AdminDetailsController
{
try {
if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'error' ) ) ) {
$errors = oxNew( WebauthnErrors::class );
Registry::getUtilsView()->addErrorToDisplay( $errors->translateError( Registry::getRequest()->getRequestEscapedParameter( 'error' ), WebauthnConf::TYPE_CREATE ) );
/** @var WebauthnCreateException $e */
$e = oxNew(WebauthnCreateException::class, Registry::getRequest()->getRequestEscapedParameter( 'error' ));
throw $e;
}
if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'credential' ) ) ) {
@ -90,8 +91,9 @@ class d3user_webauthn extends AdminDetailsController
$webauthn = oxNew( Webauthn::class );
$webauthn->saveAuthn( Registry::getRequest()->getRequestEscapedParameter( 'credential' ), Registry::getRequest()->getRequestEscapedParameter( 'keyname' ) );
}
} catch (Exception|NotFoundExceptionInterface|ContainerExceptionInterface|DoctrineDriverException $e) {
Registry::getUtilsView()->addErrorToDisplay($e->getMessage());
} catch (WebauthnException|Exception|NotFoundExceptionInterface|ContainerExceptionInterface|DoctrineDriverException $e) {
Registry::getLogger()->error($e->getDetailedErrorMessage(), ['UserId' => $this->getEditObjectId()]);
Registry::getUtilsView()->addErrorToDisplay($e);
}
}

35
src/Application/Controller/Admin/d3webauthnadminlogin.php
Datei anzeigen

@ -16,10 +16,10 @@
namespace D3\Webauthn\Application\Controller\Admin;
use Assert\AssertionFailedException;
use D3\Webauthn\Application\Model\Exceptions\WebauthnGetException;
use D3\Webauthn\Application\Model\Webauthn;
use D3\Webauthn\Application\Model\WebauthnConf;
use D3\Webauthn\Application\Model\WebauthnErrors;
use D3\Webauthn\Application\Model\WebauthnException;
use D3\Webauthn\Application\Model\Exceptions\WebauthnException;
use D3\Webauthn\Modules\Application\Component\d3_webauthn_UserComponent;
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
@ -28,7 +28,6 @@ use OxidEsales\Eshop\Application\Controller\Admin\AdminController;
use OxidEsales\Eshop\Application\Controller\Admin\LoginController;
use OxidEsales\Eshop\Application\Controller\FrontendController;
use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Exception\StandardException;
use OxidEsales\Eshop\Core\Registry;
use OxidEsales\Eshop\Core\Utils;
use Psr\Container\ContainerExceptionInterface;
@ -77,19 +76,18 @@ class d3webauthnadminlogin extends AdminController
*/
public function generateCredentialRequest()
{
$userId = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
try {
/** @var Webauthn $webauthn */
$webauthn = oxNew(Webauthn::class);
$userId = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
$publicKeyCredentialRequestOptions = $webauthn->getRequestOptions($userId);
Registry::getSession()->setVariable(WebauthnConf::WEBAUTHN_LOGIN_OBJECT, $publicKeyCredentialRequestOptions);
$this->addTplParam('webauthn_publickey_login', $publicKeyCredentialRequestOptions);
$this->addTplParam('isAdmin', isAdmin());
} catch (WebauthnException $e) {
Registry::getSession()->setVariable(WebauthnConf::GLOBAL_SWITCH, true);
$exception = oxNew(WebauthnException::class, Registry::getLang()->translateString('D3_WEBAUTHN_ERR_LOGINPROHIBITED'));
Registry::getUtilsView()->addErrorToDisplay($exception);
Registry::getLogger()->error('webauthn request options: '.$e->getMessage());
Registry::getUtilsView()->addErrorToDisplay($e);
Registry::getLogger()->error('webauthn request options: '.$e->getDetailedErrorMessage(), ['UserId' => $userId]);
$this->getUtils()->redirect('index.php?cl=login');
}
}
@ -98,21 +96,22 @@ class d3webauthnadminlogin extends AdminController
{
/** @var d3_User_Webauthn $user */
$user = oxNew(User::class);
$userId = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
try {
if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) {
$errors = oxNew(WebauthnErrors::class);
throw oxNew(
WebauthnException::class,
$errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'), WebauthnConf::TYPE_GET)
/** @var WebauthnGetException $e */
$e = oxNew(
WebauthnGetException::class,
Registry::getRequest()->getRequestEscapedParameter('error')
);
throw $e;
}
if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) {
$credential = Registry::getRequest()->getRequestEscapedParameter('credential');
$webAuthn = oxNew(Webauthn::class);
$userId = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
$webAuthn->assertAuthn($credential);
$webAuthn = oxNew( Webauthn::class );
$webAuthn->assertAuthn( $credential );
$user->load($userId);
Registry::getSession()->setVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH, true);
@ -120,11 +119,9 @@ class d3webauthnadminlogin extends AdminController
$loginController = oxNew(LoginController::class);
return $loginController->checklogin();
}
} catch (AssertionFailedException|WebauthnException $e) {
Registry::getUtilsView()->addErrorToDisplay($e->getMessage());
// ToDo: add requested username
Registry::getLogger()->info($e->getMessage());
} catch (WebauthnException $e) {
Registry::getUtilsView()->addErrorToDisplay($e);
Registry::getLogger()->error('Webauthn: '.$e->getDetailedErrorMessage(), ['UserId' => $userId]);
$user->logout();
$this->getUtils()->redirect('index.php?cl=login');
}

71
src/Application/Controller/d3_account_webauthn.php
Datei anzeigen

@ -18,12 +18,17 @@ namespace D3\Webauthn\Application\Controller;
use D3\Webauthn\Application\Controller\Traits\accountTrait;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredential;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList;
use D3\Webauthn\Application\Model\Exceptions\WebauthnCreateException;
use D3\Webauthn\Application\Model\Webauthn;
use D3\Webauthn\Application\Model\WebauthnConf;
use D3\Webauthn\Application\Model\WebauthnErrors;
use D3\Webauthn\Application\Model\WebauthnException;
use D3\Webauthn\Application\Model\Exceptions\WebauthnException;
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
use Doctrine\DBAL\Exception as DoctrineException;
use OxidEsales\Eshop\Application\Controller\AccountController;
use OxidEsales\Eshop\Core\Registry;
use Psr\Container\ContainerExceptionInterface;
use Psr\Container\NotFoundExceptionInterface;
class d3_account_webauthn extends AccountController
{
@ -61,10 +66,21 @@ class d3_account_webauthn extends AccountController
return $credentialList->getAllFromUser($oUser);
}
/**
* @throws ContainerExceptionInterface
* @throws NotFoundExceptionInterface
* @throws DoctrineDriverException
* @throws DoctrineException
*/
public function requestNewCredential()
{
$this->setPageType('requestnew');
$this->setAuthnRegister();
try {
$this->setAuthnRegister();
$this->setPageType('requestnew');
} catch (WebauthnException $e) {
Registry::getLogger()->error('webauthn register: '.$e->getDetailedErrorMessage(), ['UserId: ' => $this->getUser()->getId()]);
Registry::getUtilsView()->addErrorToDisplay($e);
}
}
public function setPageType($pageType)
@ -72,19 +88,22 @@ class d3_account_webauthn extends AccountController
$this->addTplParam('pageType', $pageType);
}
/**
* @throws WebauthnException
* @throws DoctrineDriverException
* @throws DoctrineException
* @throws ContainerExceptionInterface
* @throws NotFoundExceptionInterface
*/
public function setAuthnRegister()
{
try {
$authn = oxNew(Webauthn::class);
$publicKeyCredentialCreationOptions = $authn->getCreationOptions($this->getUser());
$authn = oxNew(Webauthn::class);
$publicKeyCredentialCreationOptions = $authn->getCreationOptions($this->getUser());
$this->addTplParam(
'webauthn_publickey_create',
$publicKeyCredentialCreationOptions
);
} catch (WebauthnException $e) {
// ToDo: add exc msg to display and log
}
$this->addTplParam(
'webauthn_publickey_create',
$publicKeyCredentialCreationOptions
);
$this->addTplParam('isAdmin', isAdmin());
$this->addTplParam('keyname', Registry::getRequest()->getRequestEscapedParameter('credenialname'));
@ -92,20 +111,20 @@ class d3_account_webauthn extends AccountController
public function saveAuthn()
{
if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) {
$errors = oxNew(WebauthnErrors::class);
Registry::getUtilsView()->addErrorToDisplay(
$errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'), WebauthnConf::TYPE_CREATE)
);
}
try {
if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'error' ) ) ) {
/** @var WebauthnCreateException $e */
$e = oxNew( WebauthnCreateException::class, Registry::getRequest()->getRequestEscapedParameter( 'error' ) );
throw $e;
}
if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) {
/** @var Webauthn $webauthn */
$webauthn = oxNew(Webauthn::class);
$webauthn->saveAuthn(
Registry::getRequest()->getRequestEscapedParameter('credential'),
Registry::getRequest()->getRequestEscapedParameter('keyname')
);
if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'credential' ) ) ) {
/** @var Webauthn $webauthn */
$webauthn = oxNew( Webauthn::class );
$webauthn->saveAuthn( Registry::getRequest()->getRequestEscapedParameter( 'credential' ), Registry::getRequest()->getRequestEscapedParameter( 'keyname' ) );
}
} catch (WebauthnException $e) {
Registry::getUtilsView()->addErrorToDisplay( $e );
}
}

10
src/Application/Controller/d3webauthnlogin.php
Datei anzeigen

@ -17,7 +17,7 @@ namespace D3\Webauthn\Application\Controller;
use D3\Webauthn\Application\Model\Webauthn;
use D3\Webauthn\Application\Model\WebauthnConf;
use D3\Webauthn\Application\Model\WebauthnException;
use D3\Webauthn\Application\Model\Exceptions\WebauthnException;
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
use Doctrine\DBAL\Exception as DoctrineException;
use OxidEsales\Eshop\Application\Controller\FrontendController;
@ -78,17 +78,17 @@ class d3webauthnlogin extends FrontendController
*/
public function generateCredentialRequest()
{
$userId = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
try {
/** @var Webauthn $webauthn */
$webauthn = oxNew(Webauthn::class);
$userId = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
$publicKeyCredentialRequestOptions = $webauthn->getRequestOptions($userId);
$this->addTplParam('webauthn_publickey_login', $publicKeyCredentialRequestOptions);
} catch (WebauthnException $e) {
Registry::getSession()->setVariable(WebauthnConf::GLOBAL_SWITCH, true);
$exception = oxNew(WebauthnException::class, Registry::getLang()->translateString('D3_WEBAUTHN_ERR_LOGINPROHIBITED'));
Registry::getUtilsView()->addErrorToDisplay($exception);
Registry::getLogger()->error('webauthn request options: '.$e->getMessage());
Registry::getLogger()->error('webauthn request options: '.$e->getDetailedErrorMessage(), ['UserId' => $userId]);
Registry::getUtilsView()->addErrorToDisplay($e);
$this->getUtils()->redirect('index.php?cl=start');
}

26
src/Application/Model/Exceptions/WebauthnCreateException.php Normale Datei
Datei anzeigen

@ -0,0 +1,26 @@
<?php
/**
* This Software is the property of Data Development and is protected
* by copyright law - it is NOT Freeware.
* Any unauthorized use of this software without a valid license
* is a violation of the license agreement and will be prosecuted by
* civil and criminal law.
* http://www.shopmodule.com
*
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
* @author D3 Data Development - Daniel Seifert <support@shopmodule.com>
* @link http://www.oxidmodule.com
*/
namespace D3\Webauthn\Application\Model\Exceptions;
use D3\Webauthn\Application\Model\WebauthnConf;
class WebauthnCreateException extends WebauthnException
{
public function getRequestType(): string
{
return WebauthnConf::TYPE_CREATE;
}
}

47
src/Application/Model/Exceptions/WebauthnException.php Normale Datei
Datei anzeigen

@ -0,0 +1,47 @@
<?php
namespace D3\Webauthn\Application\Model\Exceptions;
use D3\Webauthn\Application\Model\WebauthnErrors;
use OxidEsales\Eshop\Core\Exception\StandardException;
class WebauthnException extends StandardException
{
public $detailedErrorMessage = null;
public function __construct( $sMessage = "not set", $iCode = 0, \Exception $previous = null )
{
$this->setDetailedErrorMessage($sMessage);
parent::__construct(
(oxNew(WebauthnErrors::class))->translateError($sMessage, $this->getRequestType()),
$iCode,
$previous
);
}
/**
* @return string|null
*/
public function getRequestType(): ?string
{
return null;
}
/**
* @return null|string
*/
public function getDetailedErrorMessage(): ?string
{
return $this->detailedErrorMessage;
}
/**
* @param string|null $detailedErrorMessage
*/
public function setDetailedErrorMessage(string $detailedErrorMessage = null): void
{
$this->detailedErrorMessage = $detailedErrorMessage;
}
}

26
src/Application/Model/Exceptions/WebauthnGetException.php Normale Datei
Datei anzeigen

@ -0,0 +1,26 @@
<?php
/**
* This Software is the property of Data Development and is protected
* by copyright law - it is NOT Freeware.
* Any unauthorized use of this software without a valid license
* is a violation of the license agreement and will be prosecuted by
* civil and criminal law.
* http://www.shopmodule.com
*
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
* @author D3 Data Development - Daniel Seifert <support@shopmodule.com>
* @link http://www.oxidmodule.com
*/
namespace D3\Webauthn\Application\Model\Exceptions;
use D3\Webauthn\Application\Model\WebauthnConf;
class WebauthnGetException extends WebauthnException
{
public function getRequestType(): string
{
return WebauthnConf::TYPE_GET;
}
}

7
src/Application/Model/UserEntity.php
Datei anzeigen

@ -17,10 +17,11 @@
namespace D3\Webauthn\Application\Model;
use D3\Webauthn\Application\Model\Exceptions\WebauthnException;
use OxidEsales\Eshop\Application\Model\User;
use Webauthn\PublicKeyCredentialUserEntity;
class UserEntity extends publicKeyCredentialUserEntity
class UserEntity extends PublicKeyCredentialUserEntity
{
/**
* @param User $user
@ -29,7 +30,9 @@ class UserEntity extends publicKeyCredentialUserEntity
public function __construct(User $user)
{
if (!$user->isLoaded() || !$user->getId()) {
throw oxNew(WebauthnException::class, 'can not create webauthn user entity from not loaded user');
/** @var WebauthnException $e */
$e = oxNew(WebauthnException::class, 'can not create webauthn user entity from not loaded user');
throw $e;
}
parent::__construct(

23
src/Application/Model/Webauthn.php
Datei anzeigen

@ -7,6 +7,8 @@ namespace D3\Webauthn\Application\Model;
use Assert\AssertionFailedException;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredential;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList;
use D3\Webauthn\Application\Model\Exceptions\WebauthnException;
use D3\Webauthn\Application\Model\Exceptions\WebauthnGetException;
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
use Doctrine\DBAL\Exception as DoctrineException;
@ -37,9 +39,8 @@ class Webauthn
return true;
}
Registry::getUtilsView()->addErrorToDisplay(
Registry::getLang()->translateString('D3_WEBAUTHN_ERR_UNSECURECONNECTION', null, true)
);
$e = oxNew(WebauthnException::class, 'D3_WEBAUTHN_ERR_UNSECURECONNECTION');
Registry::getUtilsView()->addErrorToDisplay($e);
return false;
}
@ -51,6 +52,7 @@ class Webauthn
* @throws DoctrineDriverException
* @throws DoctrineException
* @throws NotFoundExceptionInterface
* @throws WebauthnException
*/
public function getCreationOptions(User $user)
{
@ -81,6 +83,7 @@ class Webauthn
* @throws DoctrineException
* @throws ContainerExceptionInterface
* @throws NotFoundExceptionInterface
* @throws WebauthnException
*/
public function getRequestOptions(string $userId)
{
@ -157,6 +160,7 @@ class Webauthn
* @param string $response
*
* @return bool
* @throws WebauthnException
*/
public function assertAuthn(string $response): bool
{
@ -173,12 +177,13 @@ class Webauthn
$user->load(Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER));
$userEntity = oxNew(UserEntity::class, $user);
$this->getServer()->loadAndCheckAssertionResponse(
html_entity_decode($response),
Registry::getSession()->getVariable(self::SESSION_ASSERTION_OPTIONS),
$userEntity,
$serverRequest
);
try {
$this->getServer()->loadAndCheckAssertionResponse( html_entity_decode( $response ), Registry::getSession()->getVariable( self::SESSION_ASSERTION_OPTIONS ), $userEntity, $serverRequest );
} catch (AssertionFailedException $e) {
/** @var WebauthnGetException $exc */
$exc = oxNew(WebauthnGetException::class, $e->getMessage(), 0, $e);
throw $exc;
}
return true;
}

10
src/Application/Model/WebauthnException.php
Datei anzeigen

@ -1,10 +0,0 @@
<?php
namespace D3\Webauthn\Application\Model;
use OxidEsales\Eshop\Core\Exception\StandardException;
class WebauthnException extends StandardException
{
}

2
src/Application/translations/de/d3webauthn_lang.php
Datei anzeigen

@ -10,6 +10,7 @@ $aLang = array(
'PAGE_TITLE_D3WEBAUTHNLOGIN' => 'Passwortloses Anmelden',
'D3_WEBAUTHN_ACCOUNT' => 'Meine Schlüssel',
'PAGE_TITLE_D3_ACCOUNT_WEBAUTHN' => 'Meine Schlüssel',
'D3_WEBAUTHN_ACCOUNT_DESC' => 'Verwalten Sie hier Ihre Anmeldeschlüssel.',
'D3_WEBAUTHN_ACC_REGISTERNEW' => 'neue Registrierung erstellen',
'D3_WEBAUTHN_ACC_ADDKEY' => 'Sicherheitsschlüssel hinzufügen',
@ -32,5 +33,6 @@ $aLang = array(
'D3_WEBAUTHN_ACCOUNT_TYPE2' => 'nur Auth-Stick, Passwort als Alternative',
'D3_WEBAUTHN_ACCOUNT_TYPE3' => 'Auth-Stick und Passwort in Kombination',
'D3_WEBAUTHN_ERR_UNSECURECONNECTION' => 'Die Verwendung von Sicherheitsschlüsseln ist nur bei lokalen oder gesicherten Verbindungen (https) möglich.',
'D3_WEBAUTHN_ERR_LOGINPROHIBITED' => 'Die Anmeldung mit Sicherheitsschlüssel ist aus technischen Gründen derzeit leider nicht möglich. Bitte verwenden Sie statt dessen Ihr Passwort.',
);

8
src/Application/views/admin/de/d3webauthn_lang.php
Datei anzeigen

@ -52,4 +52,12 @@ $aLang = [
'D3_WEBAUTHN_ERR_TECHNICALERROR' => 'Beim Prüfen der Zugangsdaten ist ein technischer Fehler aufgetreten.',
'D3_WEBAUTHN_ERR_LOGINPROHIBITED' => 'Die Anmeldung mit Sicherheitsschlüssel ist aus technischen Gründen derzeit leider nicht möglich. Bitte verwenden Sie statt dessen Ihr Passwort.',
'SHOP_MODULE_GROUP_d3webauthn_general' => 'Grundeinstellungen',
'SHOP_MODULE_d3webauthn_diffshopurl' => 'abweichende Shop-URL',
'HELP_SHOP_MODULE_d3webauthn_diffshopurl' => '<p>Die Zugangsdaten werden für die URL Ihres Shops festgeschrieben. Dazu wird bei jeder Anfrage die Domain Ihres Shops ohne "http(s)://" und ohne "www." übergeben.</p>'.
'<p>Ist Ihr Shop unter verschiedenen Subdomains erreichbar, können Sie hier die Hauptdomain angeben, die zur Registrierung verwendet werden soll. Beachten Sie bitte, '.
'dass die hier angegebene Adresse mit der des Shopaufrufs übereinstimmen muss. Shopfremde Adressen werden bei der Verwendung abgelehnt.</p>'.
'<p>Bleibt das Feld leer, wird die Adresse des aktuellen Shopaufrufs verwendet. Bei Verwendung unterschiedlicher Adressen muss vom Nutzer für jede Adresse eine separate '.
'Schlüsselregistrierung durchgeführt werden.</p>'
];

9
src/Application/views/admin/en/d3webauthn_lang.php
Datei anzeigen

@ -52,4 +52,13 @@ $aLang = [
'D3_WEBAUTHN_ERR_TECHNICALERROR' => 'A technical error occurred while checking the access data.',
'D3_WEBAUTHN_ERR_LOGINPROHIBITED' => 'Unfortunately, logging in with a security key is currently not possible for technical reasons. Please use your password instead.',
'SHOP_MODULE_GROUP_d3webauthn_general' => 'Basic settings',
'SHOP_MODULE_d3webauthn_diffshopurl' => 'different shop URL',
'HELP_SHOP_MODULE_d3webauthn_diffshopurl' => '<p>The access data are fixed for the URL of your shop. For this purpose, the domain of your shop without "http(s)://" and without "www." '.
'is transferred with every request.</p>'.
'<p>If your shop can be reached under different subdomains, you can enter the main domain here that is to be used for registration. Please '.
'note that the address given here must match the address of the shop call. Addresses that do not match the shop will be rejected.</p>'.
'<p>If the field remains empty, the address of the current shop call is used. If different addresses are used, a separate key registration '.
'must be carried out by the user for each address.</p>'
];

34
src/Modules/Application/Component/d3_webauthn_UserComponent.php
Datei anzeigen

@ -16,20 +16,17 @@
namespace D3\Webauthn\Modules\Application\Component;
use Assert\AssertionFailedException;
use D3\Webauthn\Application\Model\Exceptions\WebauthnGetException;
use D3\Webauthn\Application\Model\WebauthnConf;
use D3\Webauthn\Application\Model\Webauthn;
use D3\Webauthn\Application\Model\WebauthnErrors;
use D3\Webauthn\Application\Model\WebauthnException;
use D3\Webauthn\Application\Model\Exceptions\WebauthnException;
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
use Doctrine\DBAL\Exception;
use Doctrine\DBAL\Query\QueryBuilder;
use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Registry;
use OxidEsales\Eshop\Core\Session;
use OxidEsales\Eshop\Core\UtilsView;
use OxidEsales\EshopCommunity\Internal\Container\ContainerFactory;
use OxidEsales\EshopCommunity\Internal\Framework\Database\QueryBuilderFactoryInterface;
use Psr\Container\ContainerExceptionInterface;
use Psr\Container\NotFoundExceptionInterface;
@ -130,7 +127,7 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
(
$sWebauth && $webauthn->assertAuthn($sWebauth)
);
} catch (AssertionFailedException|WebauthnException $e) {
} catch (WebauthnException $e) {
return false;
}
}
@ -184,26 +181,27 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
try {
if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) {
$errors = oxNew(WebauthnErrors::class);
throw oxNew(
WebauthnException::class,
$errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'), WebauthnConf::TYPE_GET)
/** @var WebauthnGetException $e */
$e = oxNew(
WebauthnGetException::class,
Registry::getRequest()->getRequestEscapedParameter('error')
);
throw $e;
}
if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) {
$credential = Registry::getRequest()->getRequestEscapedParameter('credential');
$webAuthn = oxNew(Webauthn::class);
$webAuthn->assertAuthn($credential);
$webAuthn = oxNew( Webauthn::class );
$webAuthn->assertAuthn( $credential );
$user->load(Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER));
$this->d3WebauthnRelogin($user, $credential);
}
} catch (AssertionFailedException|WebauthnException $e) {
Registry::getUtilsView()->addErrorToDisplay($e->getMessage());
// ToDo: add requested username
Registry::getLogger()->info($e->getMessage());
} catch (WebauthnException $e) {
Registry::getUtilsView()->addErrorToDisplay($e);
Registry::getLogger()->error(
'Webauthn: '.$e->getDetailedErrorMessage(),
['UserId' => Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER)]
);
$user->logout();
Registry::getUtils()->redirect('index.php?cl=start');
}