D3Public
/
webauthn
8
0
Fork 0
Code Pull Requests Packages Projects Releases Activity

assert some expectations

This commit is contained in:
Daniel Seifert 2023-02-06 22:38:03 +01:00
parent e72f365a29
commit e11b93e300
Signed by: DanielS
GPG Key ID: 6A513E13AEE66170
4 changed files with 26 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/Application/Controller/Admin/d3user_webauthn.php
View File

@ -15,6 +15,7 @@ declare(strict_types=1);
namespace D3\Webauthn\Application\Controller\Admin; namespace D3\Webauthn\Application\Controller\Admin;
use Assert\Assert;
use Assert\AssertionFailedException; use Assert\AssertionFailedException;
use D3\TestingTools\Production\IsMockable; use D3\TestingTools\Production\IsMockable;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredential; use D3\Webauthn\Application\Model\Credential\PublicKeyCredential;
@ -107,12 +108,15 @@ class d3user_webauthn extends AdminDetailsController
} }
$credential = Registry::getRequest()->getRequestEscapedParameter('credential'); $credential = Registry::getRequest()->getRequestEscapedParameter('credential');
if (strlen((string) $credential)) { Assert::that($credential)->minLength(1, 'Credential should not be empty.');
d3GetOxidDIC()->get('d3ox.webauthn.'.LoggerInterface::class)->debug($credential);
/** @var Webauthn $webauthn */ $keyname = Registry::getRequest()->getRequestEscapedParameter('keyname');
$webauthn = d3GetOxidDIC()->get(Webauthn::class); Assert::that($keyname)->minLength(1, 'Key name should not be empty.');
$webauthn->saveAuthn($credential, Registry::getRequest()->getRequestEscapedParameter('keyname'));
} d3GetOxidDIC()->get('d3ox.webauthn.'.LoggerInterface::class)->debug($credential);
/** @var Webauthn $webauthn */
$webauthn = d3GetOxidDIC()->get(Webauthn::class);
$webauthn->saveAuthn($credential, $keyname);
} catch (WebauthnException $e) { } catch (WebauthnException $e) {
d3GetOxidDIC()->get('d3ox.webauthn.'.LoggerInterface::class)->error($e->getDetailedErrorMessage(), ['UserId' => $this->getEditObjectId()]); d3GetOxidDIC()->get('d3ox.webauthn.'.LoggerInterface::class)->error($e->getDetailedErrorMessage(), ['UserId' => $this->getEditObjectId()]);
d3GetOxidDIC()->get('d3ox.webauthn.'.LoggerInterface::class)->debug($e->getTraceAsString()); d3GetOxidDIC()->get('d3ox.webauthn.'.LoggerInterface::class)->debug($e->getTraceAsString());

6
src/Application/Controller/Admin/d3webauthnadminlogin.php
View File

@ -125,9 +125,9 @@ class d3webauthnadminlogin extends AdminController
{ {
try { try {
$login = $this->getWebAuthnLogin(); $login = $this->getWebAuthnLogin();
return $login->adminLogin( $profile = d3GetOxidDIC()->get('d3ox.webauthn.'.Request::class)->getRequestEscapedParameter('profile');
d3GetOxidDIC()->get('d3ox.webauthn.'.Request::class)->getRequestEscapedParameter('profile') Assert::that($profile)->string();
); return $login->adminLogin($profile);
} catch (WebauthnGetException|AssertionFailedException $e) { } catch (WebauthnGetException|AssertionFailedException $e) {
d3GetOxidDIC()->get('d3ox.webauthn.'.UtilsView::class)->addErrorToDisplay($e); d3GetOxidDIC()->get('d3ox.webauthn.'.UtilsView::class)->addErrorToDisplay($e);
return 'login'; return 'login';

10
src/Application/Controller/d3_account_webauthn.php
View File

@ -15,6 +15,7 @@ declare(strict_types=1);
namespace D3\Webauthn\Application\Controller; namespace D3\Webauthn\Application\Controller;
use Assert\Assert;
use Assert\AssertionFailedException; use Assert\AssertionFailedException;
use D3\TestingTools\Production\IsMockable; use D3\TestingTools\Production\IsMockable;
use D3\Webauthn\Application\Controller\Traits\accountTrait; use D3\Webauthn\Application\Controller\Traits\accountTrait;
@ -137,11 +138,10 @@ class d3_account_webauthn extends AccountController
} }
$credential = d3GetOxidDIC()->get('d3ox.webauthn.'.Request::class)->getRequestEscapedParameter('credential'); $credential = d3GetOxidDIC()->get('d3ox.webauthn.'.Request::class)->getRequestEscapedParameter('credential');
if (strlen((string) $credential)) { Assert::that($credential)->minLength(1, 'Credential should not be empty.');
d3GetOxidDIC()->get('d3ox.webauthn.'.LoggerInterface::class)->debug($credential); d3GetOxidDIC()->get('d3ox.webauthn.'.LoggerInterface::class)->debug($credential);
$webauthn = d3GetOxidDIC()->get(Webauthn::class); $webauthn = d3GetOxidDIC()->get(Webauthn::class);
$webauthn->saveAuthn($credential, d3GetOxidDIC()->get('d3ox.webauthn.'.Request::class)->getRequestEscapedParameter('keyname')); $webauthn->saveAuthn($credential, d3GetOxidDIC()->get('d3ox.webauthn.'.Request::class)->getRequestEscapedParameter('keyname'));
}
} catch (WebauthnException $e) { } catch (WebauthnException $e) {
d3GetOxidDIC()->get('d3ox.webauthn.'.LoggerInterface::class)->error( d3GetOxidDIC()->get('d3ox.webauthn.'.LoggerInterface::class)->error(
$e->getDetailedErrorMessage(), $e->getDetailedErrorMessage(),

10
src/Application/Model/Credential/PublicKeyCredential.php
View File

@ -17,6 +17,7 @@ namespace D3\Webauthn\Application\Model\Credential;
use Assert\Assert; use Assert\Assert;
use Assert\AssertionFailedException; use Assert\AssertionFailedException;
use Assert\InvalidArgumentException;
use D3\TestingTools\Production\IsMockable; use D3\TestingTools\Production\IsMockable;
use D3\Webauthn\Setup\Actions; use D3\Webauthn\Setup\Actions;
use DateTime; use DateTime;
@ -85,11 +86,16 @@ class PublicKeyCredential extends BaseModel
} }
/** /**
* @return null|string * @return string
* @throws InvalidArgumentException
*/ */
public function getCredentialId(): ?string public function getCredentialId(): ?string
{ {
return base64_decode($this->__get($this->_getFieldLongName('credentialid'))->rawValue) ?: null; $encodedCID = $this->__get($this->_getFieldLongName('credentialid'))->rawValue;
Assert::that($encodedCID)->base64('Credential ID "%s" is not a valid base64 string.');
return base64_decode($encodedCID);
} }
/** /**