D3Public/webauthn
8
0
Fork 0
Code Pull Requests Packages Projects Releases Activity

catch missing userId error

Browse Source 
happens when old session is timed out
This commit is contained in:
Daniel Seifert 2023-02-04 21:04:40 +01:00
parent d142aae84e
commit 9164e1f754
Signed by: DanielS
GPG Key ID: 6A513E13AEE66170
1 changed files with 21 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/Application/Model/WebauthnLogin.php
View File

@ -15,6 +15,9 @@ declare(strict_types=1);
namespace D3\Webauthn\Application\Model; namespace D3\Webauthn\Application\Model;
use Assert\Assert;
use Assert\AssertionFailedException;
use Assert\InvalidArgumentException;
use D3\TestingTools\Production\IsMockable; use D3\TestingTools\Production\IsMockable;
use D3\Webauthn\Application\Model\Exceptions\WebauthnException; use D3\Webauthn\Application\Model\Exceptions\WebauthnException;
use D3\Webauthn\Application\Model\Exceptions\WebauthnGetException; use D3\Webauthn\Application\Model\Exceptions\WebauthnGetException;
@ -105,12 +108,14 @@ class WebauthnLogin
*/ */
public function frontendLogin(UserComponent $usrCmp, bool $setSessionCookie = false) public function frontendLogin(UserComponent $usrCmp, bool $setSessionCookie = false)
{ {
/** @var UtilsView $myUtilsView */
$myUtilsView = d3GetOxidDIC()->get('d3ox.webauthn.'.UtilsView::class); $myUtilsView = d3GetOxidDIC()->get('d3ox.webauthn.'.UtilsView::class);
try {
/** @var d3_User_Webauthn $user */ /** @var d3_User_Webauthn $user */
$user = d3GetOxidDIC()->get('d3ox.webauthn.'.User::class); $user = d3GetOxidDIC()->get('d3ox.webauthn.'.User::class);
$userId = $this->getUserId(); $userId = $this->getUserId();
try {
$this->handleErrorMessage(); $this->handleErrorMessage();
$user = $this->assertUser($userId); $user = $this->assertUser($userId);
@ -133,7 +138,7 @@ class WebauthnLogin
} catch (UserException $oEx) { } catch (UserException $oEx) {
// for login component send exception text to a custom component (if defined) // for login component send exception text to a custom component (if defined)
$myUtilsView->addErrorToDisplay($oEx, false, true); $myUtilsView->addErrorToDisplay($oEx, false, true);
} catch (CookieException $oEx) { } catch (CookieException|AssertionFailedException $oEx) {
$myUtilsView->addErrorToDisplay($oEx); $myUtilsView->addErrorToDisplay($oEx);
} catch (WebauthnException $e) { } catch (WebauthnException $e) {
$myUtilsView->addErrorToDisplay($e); $myUtilsView->addErrorToDisplay($e);
@ -151,12 +156,14 @@ class WebauthnLogin
*/ */
public function adminLogin(string $selectedProfile): string public function adminLogin(string $selectedProfile): string
{ {
/** @var UtilsView $myUtilsView */
$myUtilsView = d3GetOxidDIC()->get('d3ox.webauthn.'.UtilsView::class); $myUtilsView = d3GetOxidDIC()->get('d3ox.webauthn.'.UtilsView::class);
try {
/** @var d3_User_Webauthn $user */ /** @var d3_User_Webauthn $user */
$user = d3GetOxidDIC()->get('d3ox.webauthn.'.User::class); $user = d3GetOxidDIC()->get('d3ox.webauthn.'.User::class);
$userId = $this->getUserId(); $userId = $this->getUserId();
try {
$this->handleErrorMessage(); $this->handleErrorMessage();
$this->assertUser($userId, true); $this->assertUser($userId, true);
$this->handleBlockedUser($user); $this->handleBlockedUser($user);
@ -178,7 +185,7 @@ class WebauthnLogin
return "admin_start"; return "admin_start";
} catch (UserException $oEx) { } catch (UserException $oEx) {
$myUtilsView->addErrorToDisplay('LOGIN_ERROR'); $myUtilsView->addErrorToDisplay('LOGIN_ERROR');
} catch (CookieException $oEx) { } catch (CookieException|AssertionFailedException $oEx) {
$myUtilsView->addErrorToDisplay('LOGIN_NO_COOKIE_SUPPORT'); $myUtilsView->addErrorToDisplay('LOGIN_NO_COOKIE_SUPPORT');
} catch (WebauthnException $e) { } catch (WebauthnException $e) {
$myUtilsView->addErrorToDisplay($e); $myUtilsView->addErrorToDisplay($e);
@ -342,14 +349,19 @@ class WebauthnLogin
/** /**
* @return string * @return string
* @throws InvalidArgumentException
*/ */
public function getUserId(): string public function getUserId(): string
{ {
return $this->isAdmin() ? $userId = $this->isAdmin() ?
d3GetOxidDIC()->get('d3ox.webauthn.'.Session::class) d3GetOxidDIC()->get('d3ox.webauthn.'.Session::class)
->getVariable(WebauthnConf::WEBAUTHN_ADMIN_SESSION_CURRENTUSER) : ->getVariable(WebauthnConf::WEBAUTHN_ADMIN_SESSION_CURRENTUSER) :
d3GetOxidDIC()->get('d3ox.webauthn.'.Session::class) d3GetOxidDIC()->get('d3ox.webauthn.'.Session::class)
->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER); ->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
Assert::that($userId)->minLength(1, 'User id missing, please try again.');
return $userId;
} }
/** /**