D3Public
/
webauthn
8
0
Fork 0
Code Pull Requests Packages Projects Releases Activity

prepare changed frontend login

This commit is contained in:
Daniel Seifert 2022-10-26 22:27:25 +02:00
parent b588c36f72
commit bfe6f50b76
Signed by: DanielS
GPG Key ID: 6A513E13AEE66170
9 changed files with 109 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/Application/Controller/d3webauthnlogin.php
View File

@ -16,7 +16,7 @@
namespace D3\Webauthn\Application\Controller; namespace D3\Webauthn\Application\Controller;
use D3\Webauthn\Application\Model\d3webauthn; use D3\Webauthn\Application\Model\d3webauthn;
use D3\Webauthn\Application\Model\d3webauthn_conf; use D3\Webauthn\Application\Model\WebauthnConf;
use OxidEsales\Eshop\Application\Controller\FrontendController; use OxidEsales\Eshop\Application\Controller\FrontendController;
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException; use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
use OxidEsales\Eshop\Core\Exception\DatabaseErrorException; use OxidEsales\Eshop\Core\Exception\DatabaseErrorException;
@ -34,9 +34,10 @@ class d3webauthnlogin extends FrontendController
*/ */
public function render() public function render()
{ {
dumpvar(__METHOD__.__LINE__);
if (Registry::getSession()->hasVariable(d3webauthn_conf::WEBAUTHN_SESSION_AUTH) || die();
false == Registry::getSession()->hasVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTUSER) if (Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH) ||
false == Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER)
) { ) {
$this->getUtils()->redirect('index.php?cl=start', true, 302); $this->getUtils()->redirect('index.php?cl=start', true, 302);
if (false == defined('OXID_PHP_UNIT')) { if (false == defined('OXID_PHP_UNIT')) {
@ -48,7 +49,7 @@ class d3webauthnlogin extends FrontendController
$this->generateCredentialRequest(); $this->generateCredentialRequest();
$this->addTplParam('navFormParams', Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_NAVFORMPARAMS)); $this->addTplParam('navFormParams', Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_NAVFORMPARAMS));
return parent::render(); return parent::render();
} }
@ -59,7 +60,7 @@ class d3webauthnlogin extends FrontendController
*/ */
public function generateCredentialRequest() public function generateCredentialRequest()
{ {
$auth = Registry::getSession()->getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTUSER); $auth = Registry::getSession()->getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
$webauthn = oxNew(d3webauthn::class); $webauthn = oxNew(d3webauthn::class);
$publicKeyCredentialRequestOptions = $webauthn->getCredentialRequestOptions($auth); $publicKeyCredentialRequestOptions = $webauthn->getCredentialRequestOptions($auth);
@ -79,12 +80,12 @@ class d3webauthnlogin extends FrontendController
public function getPreviousClass() public function getPreviousClass()
{ {
return Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTCLASS); return Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS);
} }
public function previousClassIsOrderStep() public function previousClassIsOrderStep()
{ {
$sClassKey = Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTCLASS); $sClassKey = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS);
$resolvedClass = Registry::getControllerClassNameResolver()->getClassNameById($sClassKey); $resolvedClass = Registry::getControllerClassNameResolver()->getClassNameById($sClassKey);
$resolvedClass = $resolvedClass ? $resolvedClass : 'start'; $resolvedClass = $resolvedClass ? $resolvedClass : 'start';

27
src/Application/Model/Webauthn.php
View File

@ -7,6 +7,7 @@ namespace D3\Webauthn\Application\Model;
use D3\Totp\Modules\Application\Model\d3_totp_user; use D3\Totp\Modules\Application\Model\d3_totp_user;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredential; use D3\Webauthn\Application\Model\Credential\PublicKeyCredential;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList; use D3\Webauthn\Application\Model\Credential\PublicKeyCredentialList;
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
use Nyholm\Psr7\Factory\Psr17Factory; use Nyholm\Psr7\Factory\Psr17Factory;
use Nyholm\Psr7Server\ServerRequestCreator; use Nyholm\Psr7Server\ServerRequestCreator;
use OxidEsales\Eshop\Application\Model\User; use OxidEsales\Eshop\Application\Model\User;
@ -175,4 +176,30 @@ class Webauthn
die(); die();
} }
} }
/**
* @return bool
*/
public function isActive($userId): bool
{
return false == Registry::getConfig()->getConfigParam('blDisableWebauthnGlobally')
&& $this->UserUseWebauthn($userId);
}
/**
* @param $userId
* @return bool
*/
public function UserUseWebauthn($userId): bool
{
/** @var d3_User_Webauthn $user */
$user = oxNew(User::class);
$user->load($userId);
$entity = $user->d3GetWebauthnUserEntity();
$credentionList = oxNew(PublicKeyCredentialList::class);
$list = $credentionList->findAllForUserEntity($entity);
return is_array($list) && count($list);
}
} }

6
src/Application/Model/d3webauthn_conf.php → src/Application/Model/WebauthnConf.php
View File

@ -15,11 +15,7 @@
namespace D3\Webauthn\Application\Model; namespace D3\Webauthn\Application\Model;
/** class WebauthnConf
* @deprecated
*/
class d3webauthn_conf
{ {
const WEBAUTHN_SESSION_AUTH = 'webauthn_auth'; const WEBAUTHN_SESSION_AUTH = 'webauthn_auth';
const WEBAUTHN_LOGIN_OBJECT = 'authnloginobject'; const WEBAUTHN_LOGIN_OBJECT = 'authnloginobject';

8
src/Application/Model/d3webauthn.php
View File

@ -131,7 +131,7 @@ class d3webauthn extends BaseModel
if ($auth if ($auth
&& $this->isActive() && $this->isActive()
&& false == Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_AUTH) && false == Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH)
) { ) {
/** @var d3PublicKeyCredentialRpEntity $rpEntity */ /** @var d3PublicKeyCredentialRpEntity $rpEntity */
$rpEntity = oxNew(d3PublicKeyCredentialRpEntity::class, Registry::getConfig()->getActiveShop()); $rpEntity = oxNew(d3PublicKeyCredentialRpEntity::class, Registry::getConfig()->getActiveShop());
@ -162,7 +162,7 @@ dumpvar($userEntity);
dumpvar($publicKeyCredentialRequestOptions); dumpvar($publicKeyCredentialRequestOptions);
$requestOptions = json_encode($publicKeyCredentialRequestOptions, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); $requestOptions = json_encode($publicKeyCredentialRequestOptions, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
Registry::getSession()->setVariable(d3webauthn_conf::WEBAUTHN_LOGIN_OBJECT, $publicKeyCredentialRequestOptions); Registry::getSession()->setVariable(WebauthnConf::WEBAUTHN_LOGIN_OBJECT, $publicKeyCredentialRequestOptions);
// set auth as secured parameter; // set auth as secured parameter;
Registry::getSession()->setVariable("auth", $auth); Registry::getSession()->setVariable("auth", $auth);
@ -181,7 +181,7 @@ dumpvar($publicKeyCredentialRequestOptions);
{ {
$blVerify = false; $blVerify = false;
// Retrieve the Options passed to the device // Retrieve the Options passed to the device
$publicKeyCredentialRequestOptions = Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_LOGIN_OBJECT); $publicKeyCredentialRequestOptions = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_LOGIN_OBJECT);
if (!$publicKeyCredentialRequestOptions) { if (!$publicKeyCredentialRequestOptions) {
$oException = oxNew(d3webauthnMissingPublicKeyCredentialRequestOptions::class); $oException = oxNew(d3webauthnMissingPublicKeyCredentialRequestOptions::class);
@ -218,7 +218,7 @@ dumpvar($publicKeyCredentialRequestOptions);
); );
$blVerify = true; $blVerify = true;
Registry::getSession()->deleteVariable(d3webauthn_conf::WEBAUTHN_LOGIN_OBJECT); Registry::getSession()->deleteVariable(WebauthnConf::WEBAUTHN_LOGIN_OBJECT);
//If everything is fine, this means the user has correctly been authenticated using the //If everything is fine, this means the user has correctly been authenticated using the
// authenticator defined in $publicKeyCredentialSource // authenticator defined in $publicKeyCredentialSource
} catch(InvalidArgumentException $exception) { } catch(InvalidArgumentException $exception) {

74
src/Modules/Application/Component/d3_webauthn_UserComponent.php
View File

@ -16,17 +16,20 @@
namespace D3\Webauthn\Modules\Application\Component; namespace D3\Webauthn\Modules\Application\Component;
use D3\Webauthn\Application\Model\d3webauthn; use D3\Webauthn\Application\Model\d3webauthn;
use D3\Webauthn\Application\Model\d3webauthn_conf; use D3\Webauthn\Application\Model\WebauthnConf;
use D3\Webauthn\Application\Model\Exceptions\d3webauthnMissingPublicKeyCredentialRequestOptions; use D3\Webauthn\Application\Model\Exceptions\d3webauthnMissingPublicKeyCredentialRequestOptions;
use D3\Webauthn\Application\Model\Exceptions\d3webauthnWrongAuthException; use D3\Webauthn\Application\Model\Exceptions\d3webauthnWrongAuthException;
use D3\Webauthn\Application\Model\Webauthn;
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn; use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
use Doctrine\DBAL\DBALException; use Doctrine\DBAL\DBALException;
use Doctrine\DBAL\Query\QueryBuilder;
use OxidEsales\Eshop\Application\Model\User; use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\DatabaseProvider;
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException; use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
use OxidEsales\Eshop\Core\Registry; use OxidEsales\Eshop\Core\Registry;
use OxidEsales\Eshop\Core\Session; use OxidEsales\Eshop\Core\Session;
use OxidEsales\Eshop\Core\UtilsView; use OxidEsales\Eshop\Core\UtilsView;
use OxidEsales\EshopCommunity\Internal\Container\ContainerFactory;
use OxidEsales\EshopCommunity\Internal\Framework\Database\QueryBuilderFactoryInterface;
class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
{ {
@ -37,26 +40,39 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
*/ */
public function login_noredirect() public function login_noredirect()
{ {
$sUser = Registry::getRequest()->getRequestParameter('lgn_usr'); $lgn_user = Registry::getRequest()->getRequestParameter('lgn_usr');
$oUser = oxNew(User::class); $user = oxNew(User::class);
$q = "SELECT * FROM ".$oUser->getViewName()." WHERE oxusername = ? and oxshopid = ?";
$userId = DatabaseProvider::getDb()->getOne(
$q,
array($sUser, Registry::getConfig()->getActiveShop()->getId())
);
if ($sUser) { /** @var QueryBuilder $qb */
$qb = ContainerFactory::getInstance()->getContainer()->get(QueryBuilderFactoryInterface::class)->create();
$qb->select('*')
->from($user->getViewName())
->where(
$qb->expr()->and(
$qb->expr()->eq(
'oxusername',
$qb->createNamedParameter($lgn_user)
),
$qb->expr()->eq(
'oxshopid',
$qb->createNamedParameter(Registry::getConfig()->getShopId())
)
)
)->setMaxResults(1);
$userId = $qb->execute()->fetchOne();
if ($lgn_user) {
$webauthn = $this->d3GetWebauthnObject(); $webauthn = $this->d3GetWebauthnObject();
$webauthn->loadByUserId($userId); if ($webauthn->isActive($userId)
if ($webauthn->isActive() && false == Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH)
&& false == Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_AUTH)
) { ) {
Registry::getSession()->setVariable( Registry::getSession()->setVariable(
d3webauthn_conf::WEBAUTHN_SESSION_CURRENTCLASS, WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS,
$this->getParent()->getClassKey() != 'd3webauthnlogin' ? $this->getParent()->getClassKey() : 'start'); $this->getParent()->getClassKey() != 'd3webauthnlogin' ? $this->getParent()->getClassKey() : 'start');
Registry::getSession()->setVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTUSER, $oUser->getId()); Registry::getSession()->setVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER, $user->getId());
Registry::getSession()->setVariable( Registry::getSession()->setVariable(
d3webauthn_conf::WEBAUTHN_SESSION_NAVFORMPARAMS, WebauthnConf::WEBAUTHN_SESSION_NAVFORMPARAMS,
$this->getParent()->getViewConfig()->getNavFormParams() $this->getParent()->getViewConfig()->getNavFormParams()
); );
@ -68,7 +84,7 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
parent::login_noredirect(); parent::login_noredirect();
/** @var d3_User_Webauthn $oUser */ /** @var d3_User_Webauthn $user */
/* /*
$oUser = $this->getUser(); $oUser = $this->getUser();
@ -77,14 +93,14 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
$webauthn->loadByUserId($oUser->getId()); $webauthn->loadByUserId($oUser->getId());
if ($webauthn->isActive() if ($webauthn->isActive()
&& false == Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_AUTH) && false == Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH)
) { ) {
Registry::getSession()->setVariable( Registry::getSession()->setVariable(
d3webauthn_conf::WEBAUTHN_SESSION_CURRENTCLASS, WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS,
$this->getParent()->getClassKey() != 'd3webauthnlogin' ? $this->getParent()->getClassKey() : 'start'); $this->getParent()->getClassKey() != 'd3webauthnlogin' ? $this->getParent()->getClassKey() : 'start');
Registry::getSession()->setVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTUSER, $oUser->getId()); Registry::getSession()->setVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER, $oUser->getId());
Registry::getSession()->setVariable( Registry::getSession()->setVariable(
d3webauthn_conf::WEBAUTHN_SESSION_NAVFORMPARAMS, WebauthnConf::WEBAUTHN_SESSION_NAVFORMPARAMS,
$this->getParent()->getViewConfig()->getNavFormParams() $this->getParent()->getViewConfig()->getNavFormParams()
); );
@ -97,11 +113,11 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
} }
/** /**
* @return d3webauthn * @return Webauthn
*/ */
public function d3GetWebauthnObject() public function d3GetWebauthnObject()
{ {
return oxNew(d3webauthn::class); return oxNew(Webauthn::class);
} }
/** /**
@ -113,7 +129,7 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
{ {
$sWebauth = base64_decode(Registry::getRequest()->getRequestParameter('keyauth')); $sWebauth = base64_decode(Registry::getRequest()->getRequestParameter('keyauth'));
$sUserId = Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTUSER); $sUserId = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
$oUser = oxNew(User::class); $oUser = oxNew(User::class);
$oUser->load($sUserId); $oUser->load($sUserId);
@ -168,7 +184,7 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
*/ */
public function hasValidWebauthn($sWebauth, $webauthn) public function hasValidWebauthn($sWebauth, $webauthn)
{ {
return Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_AUTH) || return Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH) ||
( (
$sWebauth && $webauthn->verify($sWebauth) $sWebauth && $webauthn->verify($sWebauth)
); );
@ -180,7 +196,7 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
*/ */
public function d3WebauthnRelogin(User $oUser, $sWebauthn) public function d3WebauthnRelogin(User $oUser, $sWebauthn)
{ {
$this->d3GetSession()->setVariable(d3webauthn_conf::WEBAUTHN_SESSION_AUTH, $sWebauthn); $this->d3GetSession()->setVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH, $sWebauthn);
$this->d3GetSession()->setVariable('usr', $oUser->getId()); $this->d3GetSession()->setVariable('usr', $oUser->getId());
$this->setUser(null); $this->setUser(null);
$this->setLoginStatus(USER_LOGIN_SUCCESS); $this->setLoginStatus(USER_LOGIN_SUCCESS);
@ -189,9 +205,9 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
public function d3WebauthnClearSessionVariables() public function d3WebauthnClearSessionVariables()
{ {
$this->d3GetSession()->deleteVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTCLASS); $this->d3GetSession()->deleteVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS);
$this->d3GetSession()->deleteVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTUSER); $this->d3GetSession()->deleteVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
$this->d3GetSession()->deleteVariable(d3webauthn_conf::WEBAUTHN_SESSION_NAVFORMPARAMS); $this->d3GetSession()->deleteVariable(WebauthnConf::WEBAUTHN_SESSION_NAVFORMPARAMS);
} }
/** /**

6
src/Modules/Application/Controller/Admin/d3_LoginController_Webauthn.php
View File

@ -16,7 +16,7 @@
namespace D3\Webauthn\Modules\Application\Controller\Admin; namespace D3\Webauthn\Modules\Application\Controller\Admin;
use D3\Webauthn\Application\Model\d3webauthn; use D3\Webauthn\Application\Model\d3webauthn;
use D3\Webauthn\Application\Model\d3webauthn_conf; use D3\Webauthn\Application\Model\WebauthnConf;
use D3\Webauthn\Application\Model\Exceptions\d3WebauthnExceptionAbstract; use D3\Webauthn\Application\Model\Exceptions\d3WebauthnExceptionAbstract;
use D3\Webauthn\Application\Model\Exceptions\d3webauthnMissingPublicKeyCredentialRequestOptions; use D3\Webauthn\Application\Model\Exceptions\d3webauthnMissingPublicKeyCredentialRequestOptions;
use D3\Webauthn\Application\Model\Exceptions\d3webauthnWrongAuthException; use D3\Webauthn\Application\Model\Exceptions\d3webauthnWrongAuthException;
@ -97,7 +97,7 @@ class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent
if ($this->isNoWebauthnOrNoLogin($webauthn)) { if ($this->isNoWebauthnOrNoLogin($webauthn)) {
$return = parent::checklogin(); $return = parent::checklogin();
} elseif ($this->hasValidWebauthn($sWebauth, $webauthn)) { } elseif ($this->hasValidWebauthn($sWebauth, $webauthn)) {
$this->d3GetSession()->setVariable(d3webauthn_conf::WEBAUTHN_SESSION_AUTH, $sWebauth); $this->d3GetSession()->setVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH, $sWebauth);
$return = "admin_start"; $return = "admin_start";
} }
} catch (d3webauthnExceptionAbstract $oEx) { } catch (d3webauthnExceptionAbstract $oEx) {
@ -126,7 +126,7 @@ class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent
*/ */
public function hasValidWebauthn($sWebauth, $webauthn) public function hasValidWebauthn($sWebauth, $webauthn)
{ {
return Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_AUTH) || return Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH) ||
( (
$sWebauth && $webauthn->verify($sWebauth) $sWebauth && $webauthn->verify($sWebauth)
); );

4
src/Modules/Application/Controller/d3_webauthn_getUserTrait.php
View File

@ -16,7 +16,7 @@
namespace D3\Webauthn\Modules\Application\Controller; namespace D3\Webauthn\Modules\Application\Controller;
use D3\Webauthn\Application\Model\d3webauthn; use D3\Webauthn\Application\Model\d3webauthn;
use D3\Webauthn\Application\Model\d3webauthn_conf; use D3\Webauthn\Application\Model\WebauthnConf;
use Doctrine\DBAL\DBALException; use Doctrine\DBAL\DBALException;
use OxidEsales\Eshop\Application\Model\User; use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException; use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
@ -39,7 +39,7 @@ trait d3_webauthn_getUserTrait
$webauthn->loadByUserId($oUser->getId()); $webauthn->loadByUserId($oUser->getId());
if ($webauthn->isActive() if ($webauthn->isActive()
&& false == $this->d3GetSessionObject()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_AUTH) && false == $this->d3GetSessionObject()->getVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH)
) { ) {
return false; return false;
} }

32
src/Modules/Application/Model/d3_User_Webauthn.php
View File

@ -16,7 +16,7 @@
namespace D3\Webauthn\Modules\Application\Model; namespace D3\Webauthn\Modules\Application\Model;
use D3\Webauthn\Application\Model\d3webauthn; use D3\Webauthn\Application\Model\d3webauthn;
use D3\Webauthn\Application\Model\d3webauthn_conf; use D3\Webauthn\Application\Model\WebauthnConf;
use OxidEsales\Eshop\Core\Exception\StandardException; use OxidEsales\Eshop\Core\Exception\StandardException;
use OxidEsales\Eshop\Core\Registry; use OxidEsales\Eshop\Core\Registry;
use Webauthn\PublicKeyCredentialUserEntity; use Webauthn\PublicKeyCredentialUserEntity;
@ -27,30 +27,30 @@ class d3_User_Webauthn extends d3_User_Webauthn_parent
{ {
$return = parent::logout(); $return = parent::logout();
Registry::getSession()->deleteVariable(d3webauthn_conf::WEBAUTHN_SESSION_AUTH); Registry::getSession()->deleteVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH);
Registry::getSession()->deleteVariable(d3webauthn_conf::WEBAUTHN_LOGIN_OBJECT); Registry::getSession()->deleteVariable(WebauthnConf::WEBAUTHN_LOGIN_OBJECT);
Registry::getSession()->deleteVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTUSER); Registry::getSession()->deleteVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
Registry::getSession()->deleteVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTCLASS); Registry::getSession()->deleteVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS);
Registry::getSession()->deleteVariable(d3webauthn_conf::WEBAUTHN_SESSION_NAVFORMPARAMS); Registry::getSession()->deleteVariable(WebauthnConf::WEBAUTHN_SESSION_NAVFORMPARAMS);
return $return; return $return;
} }
public function d3templogout() public function d3templogout()
{ {
$varname = Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_AUTH); $varname = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH);
$object = Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_LOGIN_OBJECT); $object = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_LOGIN_OBJECT);
$currentUser = Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTUSER); $currentUser = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
$currentClass = Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTCLASS); $currentClass = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS);
$navFormParams = Registry::getSession()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_NAVFORMPARAMS); $navFormParams = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_NAVFORMPARAMS);
$return = $this->logout(); $return = $this->logout();
Registry::getSession()->setVariable(d3webauthn_conf::WEBAUTHN_SESSION_AUTH, $varname); Registry::getSession()->setVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH, $varname);
Registry::getSession()->setVariable(d3webauthn_conf::WEBAUTHN_LOGIN_OBJECT, $object); Registry::getSession()->setVariable(WebauthnConf::WEBAUTHN_LOGIN_OBJECT, $object);
Registry::getSession()->setVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTUSER, $currentUser); Registry::getSession()->setVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER, $currentUser);
Registry::getSession()->setVariable(d3webauthn_conf::WEBAUTHN_SESSION_CURRENTCLASS, $currentClass); Registry::getSession()->setVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS, $currentClass);
Registry::getSession()->setVariable(d3webauthn_conf::WEBAUTHN_SESSION_NAVFORMPARAMS, $navFormParams); Registry::getSession()->setVariable(WebauthnConf::WEBAUTHN_SESSION_NAVFORMPARAMS, $navFormParams);
return $return; return $return;
} }

4
src/Modules/Core/d3_webauthn_utils.php
View File

@ -16,7 +16,7 @@
namespace D3\Webauthn\Modules\Core; namespace D3\Webauthn\Modules\Core;
use D3\Webauthn\Application\Model\d3webauthn; use D3\Webauthn\Application\Model\d3webauthn;
use D3\Webauthn\Application\Model\d3webauthn_conf; use D3\Webauthn\Application\Model\WebauthnConf;
use Doctrine\DBAL\DBALException; use Doctrine\DBAL\DBALException;
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException; use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
use OxidEsales\Eshop\Core\Registry; use OxidEsales\Eshop\Core\Registry;
@ -34,7 +34,7 @@ class d3_webauthn_utils extends d3_webauthn_utils_parent
$blAuth = parent::checkAccessRights(); $blAuth = parent::checkAccessRights();
$userID = $this->d3GetSessionObject()->getVariable("auth"); $userID = $this->d3GetSessionObject()->getVariable("auth");
$webauthnAuth = (bool) $this->d3GetSessionObject()->getVariable(d3webauthn_conf::WEBAUTHN_SESSION_AUTH); $webauthnAuth = (bool) $this->d3GetSessionObject()->getVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH);
/** @var d3webauthn $webauthn */ /** @var d3webauthn $webauthn */
$webauthn = $this->d3GetWebauthnObject(); $webauthn = $this->d3GetWebauthnObject();
$webauthn->loadByUserId($userID); $webauthn->loadByUserId($userID);