D3Public/webauthn
8
0
Fork 0
Code Pull Requests Packages Projects Releases Activity

prepare changed frontend login

Browse Source
This commit is contained in:
Daniel Seifert
2022-10-26 22:27:25 +02:00
parent b588c36f72
commit bfe6f50b76
9 changed files with 109 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/Application/Controller/d3webauthnlogin.php
View File

@ -16,7 +16,7 @@
namespace D3\Webauthn\Application\Controller;
use D3\Webauthn\Application\Model\d3webauthn;
use D3\Webauthn\Application\Model\d3webauthn_conf;
use D3\Webauthn\Application\Model\WebauthnConf;
use OxidEsales\Eshop\Application\Controller\FrontendController;
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
use OxidEsales\Eshop\Core\Exception\DatabaseErrorException;
@ -34,9 +34,10 @@ class d3webauthnlogin extends FrontendController
*/
public function render()
{
if (Registry::getSession()->hasVariable(d3webauthn_conf::WEBAUTHN_SESSION_AUTH) ||
false == Registry::getSession()->hasVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTUSER)
dumpvar(__METHOD__.__LINE__);
die();
if (Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH) ||
false == Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER)
) {
$this->getUtils()->redirect('index.php?cl=start', true, 302);
if (false == defined('OXID_PHP_UNIT')) {
@ -48,7 +49,7 @@ class d3webauthnlogin extends FrontendController
$this->generateCredentialRequest();
$this->addTplParam('navFormParams', Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_NAVFORMPARAMS));
$this->addTplParam('navFormParams', Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_NAVFORMPARAMS));
return parent::render();
}
@ -59,7 +60,7 @@ class d3webauthnlogin extends FrontendController
*/
public function generateCredentialRequest()
{
$auth = Registry::getSession()->getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTUSER);
$auth = Registry::getSession()->getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
$webauthn = oxNew(d3webauthn::class);
$publicKeyCredentialRequestOptions = $webauthn->getCredentialRequestOptions($auth);
@ -79,12 +80,12 @@ class d3webauthnlogin extends FrontendController
public function getPreviousClass()
{
return Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTCLASS);
return Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS);
}
public function previousClassIsOrderStep()
{
$sClassKey = Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTCLASS);
$sClassKey = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS);
$resolvedClass = Registry::getControllerClassNameResolver()->getClassNameById($sClassKey);
$resolvedClass = $resolvedClass ? $resolvedClass : 'start';

27
src/Application/Model/Webauthn.php
View File

@ -7,6 +7,7 @@ namespace D3\Webauthn\Application\Model;
use D3\Totp\Modules\Application\Model\d3_totp_user;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredential;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList;
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
use Nyholm\Psr7\Factory\Psr17Factory;
use Nyholm\Psr7Server\ServerRequestCreator;
use OxidEsales\Eshop\Application\Model\User;
@ -175,4 +176,30 @@ class Webauthn
die();
}
}
/**
* @return bool
*/
public function isActive($userId): bool
{
return false == Registry::getConfig()->getConfigParam('blDisableWebauthnGlobally')
&& $this->UserUseWebauthn($userId);
}
/**
* @param $userId
* @return bool
*/
public function UserUseWebauthn($userId): bool
{
/** @var d3_User_Webauthn $user */
$user = oxNew(User::class);
$user->load($userId);
$entity = $user->d3GetWebauthnUserEntity();
$credentionList = oxNew(PublicKeyCredentialList::class);
$list = $credentionList->findAllForUserEntity($entity);
return is_array($list) && count($list);
}
}

6
src/Application/Model/d3webauthn_conf.php → src/Application/Model/WebauthnConf.php
View File

@ -15,11 +15,7 @@
namespace D3\Webauthn\Application\Model;
/**
* @deprecated
*/
class d3webauthn_conf
class WebauthnConf
{
const WEBAUTHN_SESSION_AUTH = 'webauthn_auth';
const WEBAUTHN_LOGIN_OBJECT = 'authnloginobject';

8
src/Application/Model/d3webauthn.php
View File

@ -131,7 +131,7 @@ class d3webauthn extends BaseModel
if ($auth
&& $this->isActive()
&& false == Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_AUTH)
&& false == Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH)
) {
/** @var d3PublicKeyCredentialRpEntity $rpEntity */
$rpEntity = oxNew(d3PublicKeyCredentialRpEntity::class, Registry::getConfig()->getActiveShop());
@ -162,7 +162,7 @@ dumpvar($userEntity);
dumpvar($publicKeyCredentialRequestOptions);
$requestOptions = json_encode($publicKeyCredentialRequestOptions, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
Registry::getSession()->setVariable(d3webauthn_conf::WEBAUTHN_LOGIN_OBJECT, $publicKeyCredentialRequestOptions);
Registry::getSession()->setVariable(WebauthnConf::WEBAUTHN_LOGIN_OBJECT, $publicKeyCredentialRequestOptions);
// set auth as secured parameter;
Registry::getSession()->setVariable("auth", $auth);
@ -181,7 +181,7 @@ dumpvar($publicKeyCredentialRequestOptions);
{
$blVerify = false;
// Retrieve the Options passed to the device
$publicKeyCredentialRequestOptions = Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_LOGIN_OBJECT);
$publicKeyCredentialRequestOptions = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_LOGIN_OBJECT);
if (!$publicKeyCredentialRequestOptions) {
$oException = oxNew(d3webauthnMissingPublicKeyCredentialRequestOptions::class);
@ -218,7 +218,7 @@ dumpvar($publicKeyCredentialRequestOptions);
);
$blVerify = true;
Registry::getSession()->deleteVariable(d3webauthn_conf::WEBAUTHN_LOGIN_OBJECT);
Registry::getSession()->deleteVariable(WebauthnConf::WEBAUTHN_LOGIN_OBJECT);
//If everything is fine, this means the user has correctly been authenticated using the
// authenticator defined in $publicKeyCredentialSource
} catch(InvalidArgumentException $exception) {