diff --git a/src/Application/Controller/Admin/d3webauthnadminlogin.php b/src/Application/Controller/Admin/d3webauthnadminlogin.php index eb468eb..55ff460 100755 --- a/src/Application/Controller/Admin/d3webauthnadminlogin.php +++ b/src/Application/Controller/Admin/d3webauthnadminlogin.php @@ -94,7 +94,7 @@ class d3webauthnadminlogin extends AdminController } } - public function assertAuthn() + public function d3AssertAuthn() { /** @var d3_User_Webauthn $user */ $user = oxNew(User::class); diff --git a/src/Application/Controller/d3webauthnlogin.php b/src/Application/Controller/d3webauthnlogin.php index b2cc1c2..c0887dd 100755 --- a/src/Application/Controller/d3webauthnlogin.php +++ b/src/Application/Controller/d3webauthnlogin.php @@ -15,20 +15,12 @@ namespace D3\Webauthn\Application\Controller; -use Assert\AssertionFailedException; use D3\Webauthn\Application\Model\Webauthn; use D3\Webauthn\Application\Model\WebauthnConf; -use D3\Webauthn\Application\Model\WebauthnErrors; use D3\Webauthn\Application\Model\WebauthnException; -use D3\Webauthn\Modules\Application\Component\d3_webauthn_UserComponent; -use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn; use Doctrine\DBAL\Driver\Exception as DoctrineDriverException; use Doctrine\DBAL\Exception as DoctrineException; use OxidEsales\Eshop\Application\Controller\FrontendController; -use OxidEsales\Eshop\Application\Model\User; -use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException; -use OxidEsales\Eshop\Core\Exception\DatabaseErrorException; -use OxidEsales\Eshop\Core\Exception\StandardException; use OxidEsales\Eshop\Core\Registry; use OxidEsales\Eshop\Core\Utils; use Psr\Container\ContainerExceptionInterface; @@ -38,11 +30,21 @@ class d3webauthnlogin extends FrontendController { protected $_sThisTemplate = 'd3webauthnlogin.tpl'; + public function getNavigationParams() + { + $navparams = Registry::getSession()->getVariable( + WebauthnConf::WEBAUTHN_SESSION_NAVPARAMS + ); + + return array_merge( + $navparams, + ['cl' => $navparams['actcontrol']] + ); + } + /** * @return null * @throws ContainerExceptionInterface - * @throws DatabaseConnectionException - * @throws DatabaseErrorException * @throws DoctrineDriverException * @throws DoctrineException * @throws NotFoundExceptionInterface @@ -93,41 +95,6 @@ class d3webauthnlogin extends FrontendController $this->addTplParam('isAdmin', isAdmin()); } - public function assertAuthn() - { - /** @var d3_User_Webauthn $user */ - $user = oxNew(User::class); - - try { - if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) { - $errors = oxNew(WebauthnErrors::class); - throw oxNew( - WebauthnException::class, - $errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'), WebauthnConf::TYPE_GET) - ); - } - - if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) { - $credential = Registry::getRequest()->getRequestEscapedParameter('credential'); - $webAuthn = oxNew(Webauthn::class); - $webAuthn->assertAuthn($credential); - $user->load(Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER)); - - /** @var d3_webauthn_UserComponent $userCmp */ - $userCmp = $this->getComponent('oxcmp_user'); - $userCmp->d3WebauthnRelogin($user, $credential); - } - - } catch (AssertionFailedException|WebauthnException $e) { - Registry::getUtilsView()->addErrorToDisplay($e->getMessage()); - // ToDo: add requested username - Registry::getLogger()->info($e->getMessage()); - - $user->logout(); - $this->getUtils()->redirect('index.php?cl=start'); - } - } - /** * @return Utils */ diff --git a/src/Application/Model/WebauthnConf.php b/src/Application/Model/WebauthnConf.php index 51c094f..4c4dd7b 100755 --- a/src/Application/Model/WebauthnConf.php +++ b/src/Application/Model/WebauthnConf.php @@ -23,6 +23,7 @@ class WebauthnConf public const WEBAUTHN_SESSION_LOGINUSER = 'd3webauthnLoginUser'; // username entered in login form public const WEBAUTHN_SESSION_CURRENTCLASS = 'd3webauthnCurrentClass'; // no usage public const WEBAUTHN_SESSION_NAVFORMPARAMS = 'd3webauthnNavFormParams'; // no usage + public const WEBAUTHN_SESSION_NAVPARAMS = 'd3webauthnNavigationParams'; // no usage public const GLOBAL_SWITCH = 'blDisableWebauthnGlobally'; diff --git a/src/Application/views/tpl/inc/js_login.tpl b/src/Application/views/tpl/inc/js_login.tpl index 8d02ec1..29d77ab 100644 --- a/src/Application/views/tpl/inc/js_login.tpl +++ b/src/Application/views/tpl/inc/js_login.tpl @@ -13,14 +13,14 @@ [{assign var="formNavParams" value=""}] [{else}] [{assign var="action" value=$oViewConf->getSelfActionLink()}] - [{assign var="formNavParams" value=""}] + [{assign var="formNavParams" value=$oViewConf->getNavFormParams()}] [{/if}]
[{$oViewConf->getHiddenSid()}] - [{$formNavParams}] - + [{$formNavParams}] +
diff --git a/src/Modules/Application/Component/d3_webauthn_UserComponent.php b/src/Modules/Application/Component/d3_webauthn_UserComponent.php index 2a68e27..151f647 100755 --- a/src/Modules/Application/Component/d3_webauthn_UserComponent.php +++ b/src/Modules/Application/Component/d3_webauthn_UserComponent.php @@ -18,6 +18,7 @@ namespace D3\Webauthn\Modules\Application\Component; use Assert\AssertionFailedException; use D3\Webauthn\Application\Model\WebauthnConf; use D3\Webauthn\Application\Model\Webauthn; +use D3\Webauthn\Application\Model\WebauthnErrors; use D3\Webauthn\Application\Model\WebauthnException; use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn; use Doctrine\DBAL\Driver\Exception as DoctrineDriverException; @@ -62,6 +63,11 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER, $userId ); + + Registry::getSession()->setVariable( + WebauthnConf::WEBAUTHN_SESSION_NAVPARAMS, + $this->getParent()->getNavigationParams() + ); Registry::getSession()->setVariable( WebauthnConf::WEBAUTHN_SESSION_NAVFORMPARAMS, $this->getParent()->getViewConfig()->getNavFormParams() @@ -170,4 +176,36 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent { return Registry::getSession(); } + + public function d3AssertAuthn() + { + /** @var d3_User_Webauthn $user */ + $user = oxNew(User::class); + + try { + if (strlen(Registry::getRequest()->getRequestEscapedParameter('error'))) { + $errors = oxNew(WebauthnErrors::class); + throw oxNew( + WebauthnException::class, + $errors->translateError(Registry::getRequest()->getRequestEscapedParameter('error'), WebauthnConf::TYPE_GET) + ); + } + + if (strlen(Registry::getRequest()->getRequestEscapedParameter('credential'))) { + $credential = Registry::getRequest()->getRequestEscapedParameter('credential'); + $webAuthn = oxNew(Webauthn::class); + $webAuthn->assertAuthn($credential); + $user->load(Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER)); + $this->d3WebauthnRelogin($user, $credential); + } + + } catch (AssertionFailedException|WebauthnException $e) { + Registry::getUtilsView()->addErrorToDisplay($e->getMessage()); + // ToDo: add requested username + Registry::getLogger()->info($e->getMessage()); + + $user->logout(); + Registry::getUtils()->redirect('index.php?cl=start'); + } + } } \ No newline at end of file