D3Public
/
webauthn
8
0
Fork 0
Code Pull Requests Packages Projects Releases Activity

fix missing is string check

This commit is contained in:
Daniel Seifert 2022-11-13 21:43:33 +01:00
parent 55cf8007ec
commit b21d5cf622
Signed by: DanielS
GPG Key ID: 6A513E13AEE66170
7 changed files with 26 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/Application/Controller/Admin/d3user_webauthn.php
View File

@ -87,16 +87,18 @@ class d3user_webauthn extends AdminDetailsController
public function saveAuthn(): void
{
try {
if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'error' ) ) ) {
$error = Registry::getRequest()->getRequestEscapedParameter('error');
if ( strlen((string) $error) ) {
/** @var WebauthnCreateException $e */
$e = oxNew(WebauthnCreateException::class, Registry::getRequest()->getRequestEscapedParameter( 'error' ));
$e = oxNew(WebauthnCreateException::class, $error);
throw $e;
}
if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'credential' ) ) ) {
$credential = Registry::getRequest()->getRequestEscapedParameter('credential');
if ( strlen((string) $credential) ) {
/** @var Webauthn $webauthn */
$webauthn = oxNew( Webauthn::class );
$webauthn->saveAuthn( Registry::getRequest()->getRequestEscapedParameter( 'credential' ), Registry::getRequest()->getRequestEscapedParameter( 'keyname' ) );
$webauthn->saveAuthn($credential, Registry::getRequest()->getRequestEscapedParameter( 'keyname' ) );
}
} catch (WebauthnException|Exception|NotFoundExceptionInterface|ContainerExceptionInterface|DoctrineDriverException $e) {
Registry::getLogger()->error($e->getDetailedErrorMessage(), ['UserId' => $this->getEditObjectId()]);

12
src/Application/Controller/Admin/d3webauthnadminlogin.php
View File

@ -105,17 +105,15 @@ class d3webauthnadminlogin extends AdminController
$userId = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
try {
if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) {
$error = Registry::getRequest()->getRequestEscapedParameter('error');
if (strlen((string) $error)) {
/** @var WebauthnGetException $e */
$e = oxNew(
WebauthnGetException::class,
Registry::getRequest()->getRequestEscapedParameter('error')
);
$e = oxNew(WebauthnGetException::class, $error);
throw $e;
}
if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) {
$credential = Registry::getRequest()->getRequestEscapedParameter('credential');
$credential = Registry::getRequest()->getRequestEscapedParameter('credential');
if (strlen((string) $credential)) {
$webAuthn = oxNew( Webauthn::class );
$webAuthn->assertAuthn( $credential );
$user->load($userId);

10
src/Application/Controller/d3_account_webauthn.php
View File

@ -126,16 +126,18 @@ class d3_account_webauthn extends AccountController
public function saveAuthn(): void
{
try {
if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'error' ) ) ) {
$error = Registry::getRequest()->getRequestEscapedParameter('error');
if (strlen((string) $error)) {
/** @var WebauthnCreateException $e */
$e = oxNew( WebauthnCreateException::class, Registry::getRequest()->getRequestEscapedParameter( 'error' ) );
$e = oxNew( WebauthnCreateException::class, $error);
throw $e;
}
if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'credential' ) ) ) {
$credential = Registry::getRequest()->getRequestEscapedParameter('credential');
if (strlen((string) $credential)) {
/** @var Webauthn $webauthn */
$webauthn = oxNew( Webauthn::class );
$webauthn->saveAuthn( Registry::getRequest()->getRequestEscapedParameter( 'credential' ), Registry::getRequest()->getRequestEscapedParameter( 'keyname' ) );
$webauthn->saveAuthn($credential, Registry::getRequest()->getRequestEscapedParameter('keyname'));
}
} catch (WebauthnException $e) {
Registry::getUtilsView()->addErrorToDisplay( $e );

2
src/Application/Model/Credential/PublicKeyCredential.php
View File

@ -175,6 +175,6 @@ class PublicKeyCredential extends BaseModel
);
$oxid = $qb->execute()->fetchOne();
return is_string($oxid) && strlen($oxid) ? $oxid : null;
return strlen((string) $oxid) ? $oxid : null;
}
}

2
src/Application/Model/Credential/PublicKeyCredentialList.php
View File

@ -66,7 +66,7 @@ class PublicKeyCredentialList extends ListModel implements PublicKeyCredentialSo
);
$credential = $qb->execute()->fetchOne();
if (!is_string($credential) || !strlen($credential)) {
if (!strlen((string) $credential)) {
return null;
}

14
src/Modules/Application/Component/d3_webauthn_UserComponent.php
View File

@ -119,19 +119,17 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
$user = oxNew(User::class);
try {
if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) {
$error = Registry::getRequest()->getRequestEscapedParameter('error');
if (strlen((string) $error)) {
/** @var WebauthnGetException $e */
$e = oxNew(
WebauthnGetException::class,
Registry::getRequest()->getRequestEscapedParameter('error')
);
$e = oxNew(WebauthnGetException::class, $error);
throw $e;
}
if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) {
$credential = Registry::getRequest()->getRequestEscapedParameter('credential');
$credential = Registry::getRequest()->getRequestEscapedParameter('credential');
if (strlen((string) $credential)) {
$webAuthn = oxNew( Webauthn::class );
$webAuthn->assertAuthn( $credential );
$webAuthn->assertAuthn($credential);
$user->load(Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER));
// relogin, don't extract from this try block

2
src/Modules/Application/Controller/Admin/d3_LoginController_Webauthn.php
View File

@ -54,7 +54,7 @@ class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent
if ($lgn_user && $userId &&
false === Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH) &&
(!$password || !strlen(trim($password)))
(!strlen(trim((string) $password)))
) {
$webauthn = $this->d3GetWebauthnObject();