diff --git a/src/Application/Controller/Admin/d3user_webauthn.php b/src/Application/Controller/Admin/d3user_webauthn.php index 527cec4..4d89749 100755 --- a/src/Application/Controller/Admin/d3user_webauthn.php +++ b/src/Application/Controller/Admin/d3user_webauthn.php @@ -27,7 +27,6 @@ use OxidEsales\Eshop\Application\Model\User; use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException; use OxidEsales\Eshop\Core\Exception\DatabaseErrorException; use OxidEsales\Eshop\Core\Registry; -use OxidEsales\Eshop\Core\UtilsView; class d3user_webauthn extends AdminDetailsController { @@ -147,62 +146,4 @@ class d3user_webauthn extends AdminDetailsController $credential = oxNew(PublicKeyCredential::class); $credential->delete(Registry::getRequest()->getRequestEscapedParameter('deleteoxid')); } - - public function registerNewKey() - { - $this->getWebauthnObject()->registerNewKey(Registry::getRequest()->getRequestParameter('authn')); - } - - /** - * @throws Exception - */ - public function save() - { - parent::save(); - - $aParams = Registry::getRequest()->getRequestEscapedParameter("editval"); - - try { - /** @var d3webauthn $oWebauthn */ - $oWebauthn = $this->getWebauthnObject(); -/* - if ($oWebauthn->checkIfAlreadyExist($this->getEditObjectId())) { - $oException = oxNew(StandardException::class, 'D3_TOTP_ALREADY_EXIST'); - throw $oException; - }; - - if ($aParams['d3totp__oxid']) { - $oWebauthn->load($aParams['d3totp__oxid']); - } else { - $aParams['d3totp__usetotp'] = 1; - $seed = Registry::getRequest()->getRequestEscapedParameter("secret"); - $otp = Registry::getRequest()->getRequestEscapedParameter("otp"); - - $oWebauthn->saveSecret($seed); - $oWebauthn->assign($aParams); - $oWebauthn->verify($otp, $seed); - $oWebauthn->setId(); - } - $oWebauthn->save(); -*/ - } catch (Exception $oExcp) { - $this->_sSaveError = $oExcp->getMessage(); - } - } - - /** - * @throws DatabaseConnectionException - */ - public function delete() - { - $aParams = Registry::getRequest()->getRequestEscapedParameter("editval"); - - /** @var d3webauthn $oWebauthn */ - $oWebauthn = $this->getWebauthnObject(); - if ($aParams['d3totp__oxid']) { - $oWebauthn->load($aParams['d3totp__oxid']); - $oWebauthn->delete(); - Registry::get(UtilsView::class)->addErrorToDisplay('D3_TOTP_REGISTERDELETED'); - } - } } \ No newline at end of file diff --git a/src/Application/Controller/d3_account_webauthn.php b/src/Application/Controller/d3_account_webauthn.php index 3c9d5d5..33cf940 100755 --- a/src/Application/Controller/d3_account_webauthn.php +++ b/src/Application/Controller/d3_account_webauthn.php @@ -17,8 +17,8 @@ namespace D3\Webauthn\Application\Controller; use D3\Webauthn\Application\Model\Credential\PublicKeyCredential; use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList; -use D3\Webauthn\Application\Model\d3webauthn; -use D3\Webauthn\Application\Model\Webauthn\d3PublicKeyCredentialUserEntity; +use D3\Webauthn\Application\Model\Webauthn; +use D3\Webauthn\Application\Model\WebauthnErrors; use OxidEsales\Eshop\Application\Controller\AccountController; use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException; use OxidEsales\Eshop\Core\Exception\DatabaseErrorException; @@ -35,11 +35,6 @@ class d3_account_webauthn extends AccountController */ public function render() { - if (Registry::getRequest()->getRequestEscapedParameter('error')) { -dumpvar(Registry::getRequest()->getRequestEscapedParameter('error')); - Registry::getUtilsView()->addErrorToDisplay('error occured'); - } - $sRet = parent::render(); // is logged in ? @@ -50,56 +45,68 @@ dumpvar(Registry::getRequest()->getRequestEscapedParameter('error')); $this->addTplParam('user', $this->getUser()); - // $this->setAuthnRegister(); - return $sRet; } /** - * @return publicKeyCredentialList|object - * @throws DatabaseConnectionException - * @throws DatabaseErrorException + * @return publicKeyCredentialList */ public function getCredentialList() { - $credentialList = oxNew(PublicKeyCredentialList::class); - $oUser = $this->getUser(); - if ($oUser) { - /** @var d3PublicKeyCredentialUserEntity $userEntity */ - $userEntity = oxNew(d3PublicKeyCredentialUserEntity::class, $oUser); - $credentialList->loadAllForUserEntity($userEntity); - } - - return $credentialList; + $credentialList = oxNew(PublicKeyCredentialList::class); + return $credentialList->getAllFromUser($oUser); + } + + public function requestNewCredential() + { + $this->setPageType('requestnew'); + $this->setAuthnRegister(); + } + + public function setPageType($pageType) + { + $this->addTplParam('pageType', $pageType); } - /** - * @throws DatabaseConnectionException - * @throws DatabaseErrorException - */ public function setAuthnRegister() { - $webauthn = oxNew(d3webauthn::class); - $publicKeyCredentialCreationOptions = $webauthn->setAuthnRegister('36944b76d6e583fe2.12734046'); + $authn = oxNew(Webauthn::class); + $publicKeyCredentialCreationOptions = $authn->getCreationOptions($this->getUser()); $this->addTplParam( - 'webauthn_publickey_register', - json_encode($publicKeyCredentialCreationOptions, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE) + 'webauthn_publickey_create', + $publicKeyCredentialCreationOptions ); + $this->addTplParam('isAdmin', isAdmin()); + $this->addTplParam('keyname', Registry::getRequest()->getRequestEscapedParameter('credenialname')); } - public function registerNewKey() + public function saveAuthn() { - $webauthn = oxNew(d3webauthn::class); - $webauthn->registerNewKey(Registry::getRequest()->getRequestParameter('authn')); + if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) { + $errors = oxNew(WebauthnErrors::class); + Registry::getUtilsView()->addErrorToDisplay( + $errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error')) + ); + } + + if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) { + /** @var Webauthn $webauthn */ + $webauthn = oxNew(Webauthn::class); + $webauthn->saveAuthn( + Registry::getRequest()->getRequestEscapedParameter('credential'), + Registry::getRequest()->getRequestEscapedParameter('keyname') + ); + } } public function deleteKey() { - if (Registry::getRequest()->getRequestEscapedParameter('oxid')) { - $credential = oxNew(publicKeyCredential::class); - $credential->delete(Registry::getRequest()->getRequestEscapedParameter('oxid')); + if (Registry::getRequest()->getRequestEscapedParameter('deleteoxid')) { + /** @var PublicKeyCredential $credential */ + $credential = oxNew(PublicKeyCredential::class); + $credential->delete(Registry::getRequest()->getRequestEscapedParameter('deleteoxid')); } } } \ No newline at end of file diff --git a/src/Application/views/admin/tpl/d3user_webauthn.tpl b/src/Application/views/admin/tpl/d3user_webauthn.tpl index 61eb68b..8eb0efa 100755 --- a/src/Application/views/admin/tpl/d3user_webauthn.tpl +++ b/src/Application/views/admin/tpl/d3user_webauthn.tpl @@ -44,24 +44,26 @@ document.getElementById('myedit').submit(); } } - - function toggle(elementId) { - document.getElementById(elementId).classList.toggle("hidden-delete"); - } [{/capture}] [{oxscript add=$smarty.capture.javascripts}] [{if $oxid && $oxid != '-1'}] [{if $pageType === 'requestnew'}]
-
- [{include file="js_create.tpl"}] +
+
+ [{include file="js_create.tpl"}] -
- Bitte die Anfrage Ihres Browsers bestätigen. +
+
+

+ Bitte die Anfrage Ihres Browsers bestätigen. +

+ +
+ +
- -
[{else}] @@ -122,9 +124,10 @@ [{oxmultilang ident="D3_WEBAUTHN_REGISTEREDKEYS"}]
- [{if $oView->getCredentialList($userid)}] + [{assign var="list" value=$oView->getCredentialList($oxid)}] + [{if $list|@count}]
- -
-
[{oxmultilang ident="D3_WEBAUTHN_ACC_REGISTERNEW"}]
-
- -
-
- -
-
[{oxmultilang ident="D3_WEBAUTHN_ACC_REGISTEREDKEYS"}]
-
-
- [{foreach from=$oView->getCredentialList() item="credential"}] - - [{$credential->d3GetName()}] (last used: XX) - - - [{/foreach}] -
-
-
- - [{if 1 == 0 && false == $totp->getId()}] -
-
- [{oxmultilang ident="D3_TOTP_REGISTERNEW"}] -
-
-
-
- [{oxmultilang ident="D3_TOTP_QRCODE"}]  -
-
- [{$totp->getQrCodeElement()}] -
-
-

- [{oxmultilang ident="D3_TOTP_QRCODE_HELP"}] -

- -
- -
-
- -
-
- -
-
-

- [{oxmultilang ident="D3_TOTP_SECRET_HELP"}] -

- -
- -
-
- -
-
- -
-
-

- [{oxmultilang ident="D3_TOTP_CURROTP_HELP"}] -

-
-
- [{/if}] - - [{if 1 == 0 && $totp->getId()}] - [{block name="d3_account_totp_deletenotes"}] -
-
- [{oxmultilang ident="D3_TOTP_REGISTEREXIST"}] -
-
- [{oxmultilang ident="D3_TOTP_REGISTERDELETE_DESC"}] -
-
- [{/block}] - - [{block name="d3_account_totp_backupcodes"}] -
-
- [{oxmultilang ident="D3_TOTP_BACKUPCODES"}] -
-
- [{if $oView->getBackupCodes()}] - [{block name="d3_account_totp_backupcodes_list"}] - - - [{/block}] - [{else}] - [{block name="d3_account_totp_backupcodes_info"}] - [{oxmultilang ident="D3_TOTP_AVAILBACKUPCODECOUNT" args=$oView->getAvailableBackupCodeCount()}]
- [{oxmultilang ident="D3_TOTP_AVAILBACKUPCODECOUNT_DESC"}] - [{/block}] - [{/if}] -
-
- [{/block}] - [{/if}] -[{* -

- -

- - [{/block}] *}] + [{/capture}] [{capture append="oxidBlock_sidebar"}]