D3Public
/
webauthn
8
0
Fork 0
Code Pull Requests Packages Projects Releases Activity

improve code

This commit is contained in:
Daniel Seifert 2022-11-04 22:02:44 +01:00
parent 3515cd89e4
commit f156e7ad19
Signed by: DanielS
GPG Key ID: 6A513E13AEE66170
39 changed files with 292 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/Application/Controller/Admin/d3user_webauthn.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Application\Controller\Admin;
use D3\Webauthn\Application\Model\Credential\PublicKeyCredential;
@ -65,7 +67,10 @@ class d3user_webauthn extends AdminDetailsController
return $this->_sThisTemplate;
}
public function requestNewCredential()
/**
* @return void
*/
public function requestNewCredential(): void
{
try {
$this->setPageType( 'requestnew' );
@ -78,7 +83,10 @@ class d3user_webauthn extends AdminDetailsController
}
}
public function saveAuthn()
/**
* @return void
*/
public function saveAuthn(): void
{
try {
if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'error' ) ) ) {
@ -99,7 +107,11 @@ class d3user_webauthn extends AdminDetailsController
}
}
public function setPageType($pageType)
/**
* @param $pageType
* @return void
*/
public function setPageType($pageType): void
{
$this->addTplParam('pageType', $pageType);
}
@ -109,8 +121,9 @@ class d3user_webauthn extends AdminDetailsController
* @throws DoctrineDriverException
* @throws NotFoundExceptionInterface
* @throws DoctrineException
* @throws WebauthnException
*/
public function setAuthnRegister()
public function setAuthnRegister(): void
{
$authn = oxNew(Webauthn::class);
@ -153,7 +166,10 @@ class d3user_webauthn extends AdminDetailsController
return oxNew(User::class);
}
public function deleteKey()
/**
* @return void
*/
public function deleteKey(): void
{
/** @var PublicKeyCredential $credential */
$credential = oxNew(PublicKeyCredential::class);

25
src/Application/Controller/Admin/d3webauthnadminlogin.php
View File

@ -13,9 +13,10 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Application\Controller\Admin;
use Assert\AssertionFailedException;
use D3\Webauthn\Application\Model\Exceptions\WebauthnGetException;
use D3\Webauthn\Application\Model\Webauthn;
use D3\Webauthn\Application\Model\WebauthnConf;
@ -37,19 +38,22 @@ class d3webauthnadminlogin extends AdminController
{
protected $_sThisTemplate = 'd3webauthnadminlogin.tpl';
/**
* @return bool
*/
protected function _authorize(): bool
{
return true;
}
/**
* @return null
* @return string
* @throws ContainerExceptionInterface
* @throws DoctrineDriverException
* @throws DoctrineException
* @throws NotFoundExceptionInterface
*/
public function render()
public function render(): string
{
if (Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH) ||
!Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER)
@ -74,7 +78,7 @@ class d3webauthnadminlogin extends AdminController
* @throws ContainerExceptionInterface
* @throws NotFoundExceptionInterface
*/
public function generateCredentialRequest()
public function generateCredentialRequest(): void
{
$userId = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
try {
@ -93,7 +97,10 @@ class d3webauthnadminlogin extends AdminController
}
}
public function d3AssertAuthn()
/**
* @return string|null
*/
public function d3AssertAuthn(): ?string
{
/** @var d3_User_Webauthn $user */
$user = oxNew(User::class);
@ -138,11 +145,17 @@ class d3webauthnadminlogin extends AdminController
return Registry::getUtils();
}
public function getPreviousClass()
/**
* @return string|null
*/
public function getPreviousClass(): ?string
{
return Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS);
}
/**
* @return bool
*/
public function previousClassIsOrderStep(): bool
{
$sClassKey = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS);

2
src/Application/Controller/Traits/accountTrait.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Application\Controller\Traits;
/** workaround for missing tpl blocks (https://github.com/OXID-eSales/wave-theme/pull/124) */

6
src/Application/Controller/Traits/checkoutGetUserTrait.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Application\Controller\Traits;
use D3\Webauthn\Application\Model\Webauthn;
@ -28,13 +30,13 @@ use Psr\Container\NotFoundExceptionInterface;
trait checkoutGetUserTrait
{
/**
* @return bool|object|User
* @return null|false|User
* @throws ContainerExceptionInterface
* @throws DoctrineException
* @throws Exception
* @throws NotFoundExceptionInterface
*/
public function getUser()
public function getUser(): ?User
{
$user = parent::getUser();

62
src/Application/Controller/d3_account_webauthn.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Application\Controller;
use D3\Webauthn\Application\Controller\Traits\accountTrait;
@ -27,6 +29,7 @@ use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
use Doctrine\DBAL\Exception as DoctrineException;
use OxidEsales\Eshop\Application\Controller\AccountController;
use OxidEsales\Eshop\Core\Registry;
use OxidEsales\Eshop\Core\SeoEncoder;
use Psr\Container\ContainerExceptionInterface;
use Psr\Container\NotFoundExceptionInterface;
@ -50,7 +53,6 @@ class d3_account_webauthn extends AccountController
}
$this->addTplParam('user', $this->getUser());
$this->addTplParam('readonly', (bool) !(oxNew(Webauthn::class)->isAvailable()));
return $sRet;
@ -58,6 +60,10 @@ class d3_account_webauthn extends AccountController
/**
* @return publicKeyCredentialList
* @throws ContainerExceptionInterface
* @throws DoctrineDriverException
* @throws DoctrineException
* @throws NotFoundExceptionInterface
*/
public function getCredentialList(): PublicKeyCredentialList
{
@ -71,8 +77,9 @@ class d3_account_webauthn extends AccountController
* @throws NotFoundExceptionInterface
* @throws DoctrineDriverException
* @throws DoctrineException
* @return void
*/
public function requestNewCredential()
public function requestNewCredential(): void
{
try {
$this->setAuthnRegister();
@ -84,7 +91,11 @@ class d3_account_webauthn extends AccountController
}
}
public function setPageType($pageType)
/**
* @param $pageType
* @return void
*/
public function setPageType($pageType): void
{
$this->addTplParam('pageType', $pageType);
}
@ -95,22 +106,26 @@ class d3_account_webauthn extends AccountController
* @throws DoctrineException
* @throws ContainerExceptionInterface
* @throws NotFoundExceptionInterface
* @return void
*/
public function setAuthnRegister()
public function setAuthnRegister(): void
{
$authn = oxNew(Webauthn::class);
$publicKeyCredentialCreationOptions = $authn->getCreationOptions($this->getUser());
$this->addTplParam(
'webauthn_publickey_create',
$publicKeyCredentialCreationOptions
);
$this->addTplParam('webauthn_publickey_create', $publicKeyCredentialCreationOptions);
$this->addTplParam('isAdmin', isAdmin());
$this->addTplParam('keyname', Registry::getRequest()->getRequestEscapedParameter('credenialname'));
}
public function saveAuthn()
/**
* @return void
* @throws ContainerExceptionInterface
* @throws DoctrineDriverException
* @throws DoctrineException
* @throws NotFoundExceptionInterface
*/
public function saveAuthn(): void
{
try {
if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'error' ) ) ) {
@ -129,7 +144,10 @@ class d3_account_webauthn extends AccountController
}
}
public function deleteKey()
/**
* @return void
*/
public function deleteKey(): void
{
if (Registry::getRequest()->getRequestEscapedParameter('deleteoxid')) {
/** @var PublicKeyCredential $credential */
@ -137,4 +155,26 @@ class d3_account_webauthn extends AccountController
$credential->delete(Registry::getRequest()->getRequestEscapedParameter('deleteoxid'));
}
}
/**
* @return array
*/
public function getBreadCrumb(): array
{
$aPaths = [];
$aPath = [];
$iBaseLanguage = Registry::getLang()->getBaseLanguage();
/** @var SeoEncoder $oSeoEncoder */
$oSeoEncoder = Registry::getSeoEncoder();
$aPath['title'] = Registry::getLang()->translateString('MY_ACCOUNT', $iBaseLanguage, false);
$aPath['link'] = $oSeoEncoder->getStaticUrl($this->getViewConfig()->getSelfLink() . "cl=account");
$aPaths[] = $aPath;
$aPath['title'] = Registry::getLang()->translateString('D3_WEBAUTHN_ACCOUNT', $iBaseLanguage, false);
$aPath['link'] = $this->getLink();
$aPaths[] = $aPath;
return $aPaths;
}
}

23
src/Application/Controller/d3webauthnlogin.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Application\Controller;
use D3\Webauthn\Application\Model\Webauthn;
@ -30,7 +32,10 @@ class d3webauthnlogin extends FrontendController
{
protected $_sThisTemplate = 'd3webauthnlogin.tpl';
public function getNavigationParams()
/**
* @return array
*/
public function getNavigationParams(): array
{
$navparams = Registry::getSession()->getVariable(
WebauthnConf::WEBAUTHN_SESSION_NAVPARAMS
@ -43,13 +48,13 @@ class d3webauthnlogin extends FrontendController
}
/**
* @return null
* @return string
* @throws ContainerExceptionInterface
* @throws DoctrineDriverException
* @throws DoctrineException
* @throws NotFoundExceptionInterface
*/
public function render()
public function render(): string
{
if (Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH) ||
!Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER)
@ -76,7 +81,7 @@ class d3webauthnlogin extends FrontendController
* @throws ContainerExceptionInterface
* @throws NotFoundExceptionInterface
*/
public function generateCredentialRequest()
public function generateCredentialRequest(): void
{
$userId = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
@ -103,11 +108,17 @@ class d3webauthnlogin extends FrontendController
return Registry::getUtils();
}
public function getPreviousClass()
/**
* @return string|null
*/
public function getPreviousClass(): ?string
{
return Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS);
}
/**
* @return bool
*/
public function previousClassIsOrderStep(): bool
{
$sClassKey = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS);
@ -128,8 +139,6 @@ class d3webauthnlogin extends FrontendController
}
/**
* Returns Bread Crumb - you are here page1/page2/page3...
*
* @return array
*/
public function getBreadCrumb(): array

20
src/Application/Model/Credential/PublicKeyCredential.php
View File

@ -15,6 +15,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Application\Model\Credential;
use DateTime;
@ -44,9 +46,11 @@ class PublicKeyCredential extends BaseModel
/**
* @param string $name
*/
public function setName(string $name)
public function setName(string $name): void
{
$this->assign(['name' => $name]);
$this->assign([
'name' => $name
]);
}
/**
@ -60,7 +64,7 @@ class PublicKeyCredential extends BaseModel
/**
* @param string $credentialId
*/
public function setCredentialId(string $credentialId)
public function setCredentialId(string $credentialId): void
{
$this->assign([
'credentialid' => base64_encode($credentialId)
@ -70,7 +74,7 @@ class PublicKeyCredential extends BaseModel
/**
* @return false|string
*/
public function getCredentialId()
public function getCredentialId(): ?string
{
return base64_decode($this->__get($this->_getFieldLongName('credentialid'))->rawValue);
}
@ -78,7 +82,7 @@ class PublicKeyCredential extends BaseModel
/**
* @param string $userId
*/
public function setUserId(string $userId)
public function setUserId(string $userId): void
{
$this->assign([
'oxuserid' => $userId
@ -96,7 +100,7 @@ class PublicKeyCredential extends BaseModel
/**
* @param PublicKeyCredentialSource $credential
*/
public function setCredential(PublicKeyCredentialSource $credential)
public function setCredential(PublicKeyCredentialSource $credential): void
{
$this->assign([
'credential' => base64_encode(serialize($credential))
@ -106,7 +110,7 @@ class PublicKeyCredential extends BaseModel
/**
* @return false|PublicKeyCredentialSource
*/
public function getCredential()
public function getCredential(): ?PublicKeyCredentialSource
{
return unserialize(base64_decode($this->__get($this->_getFieldLongName('credential'))->rawValue));
}
@ -124,6 +128,7 @@ class PublicKeyCredential extends BaseModel
*/
public function saveCredentialSource(PublicKeyCredentialSource $publicKeyCredentialSource, string $keyName = null): void
{
// item exist already
if ((oxNew(PublicKeyCredentialList::class))
->findOneByCredentialId($publicKeyCredentialSource->getPublicKeyCredentialId())
) {
@ -150,6 +155,7 @@ class PublicKeyCredential extends BaseModel
*
* @return string|null
* @throws ContainerExceptionInterface
* @throws DoctrineDriverException
* @throws DoctrineException
* @throws NotFoundExceptionInterface
*/

8
src/Application/Model/Credential/PublicKeyCredentialList.php
View File

@ -15,6 +15,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Application\Model\Credential;
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
@ -112,7 +114,7 @@ class PublicKeyCredentialList extends ListModel implements PublicKeyCredentialSo
/**
* @param User $user
* @return $this
* @return self
* @throws ContainerExceptionInterface
* @throws DoctrineDriverException
* @throws DoctrineException
@ -151,6 +153,10 @@ class PublicKeyCredentialList extends ListModel implements PublicKeyCredentialSo
return $this;
}
/**
* @param PublicKeyCredentialSource $publicKeyCredentialSource
* @return void
*/
public function saveCredentialSource(PublicKeyCredentialSource $publicKeyCredentialSource): void
{
$this->getBaseObject()->saveCredentialSource($publicKeyCredentialSource);

2
src/Application/Model/Exceptions/WebauthnCreateException.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Application\Model\Exceptions;
use D3\Webauthn\Application\Model\WebauthnConf;

15
src/Application/Model/Exceptions/WebauthnException.php
View File

@ -1,5 +1,20 @@
<?php
/**
* This Software is the property of Data Development and is protected
* by copyright law - it is NOT Freeware.
* Any unauthorized use of this software without a valid license
* is a violation of the license agreement and will be prosecuted by
* civil and criminal law.
* http://www.shopmodule.com
*
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
* @author D3 Data Development - Daniel Seifert <support@shopmodule.com>
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Application\Model\Exceptions;
use D3\Webauthn\Application\Model\WebauthnErrors;

2
src/Application/Model/Exceptions/WebauthnGetException.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Application\Model\Exceptions;
use D3\Webauthn\Application\Model\WebauthnConf;

5
src/Application/Model/UserEntity.php
View File

@ -15,10 +15,13 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Application\Model;
use D3\Webauthn\Application\Model\Exceptions\WebauthnException;
use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Registry;
use Webauthn\PublicKeyCredentialUserEntity;
class UserEntity extends PublicKeyCredentialUserEntity
@ -31,7 +34,7 @@ class UserEntity extends PublicKeyCredentialUserEntity
{
if (!$user->isLoaded() || !$user->getId()) {
/** @var WebauthnException $e */
$e = oxNew(WebauthnException::class, 'can not create webauthn user entity from not loaded user');
$e = oxNew(WebauthnException::class, 'D3_WEBAUTHN_ERR_NOTLOADEDUSER');
throw $e;
}

63
src/Application/Model/Webauthn.php
View File

@ -1,5 +1,20 @@
<?php
/**
* This Software is the property of Data Development and is protected
* by copyright law - it is NOT Freeware.
*
* Any unauthorized use of this software without a valid license
* is a violation of the license agreement and will be prosecuted by
* civil and criminal law.
*
* http://www.shopmodule.com
*
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
* @author D3 Data Development - Daniel Seifert <support@shopmodule.com>
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Application\Model;
@ -29,12 +44,16 @@ class Webauthn
public const SESSION_CREATIONS_OPTIONS = 'd3WebAuthnCreationOptions';
public const SESSION_ASSERTION_OPTIONS = 'd3WebAuthnAssertionOptions';
/**
* @return bool
*/
public function isAvailable(): bool
{
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' || // is HTTPS
!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https' ||
!empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on' ||
in_array($_SERVER['REMOTE_ADDR'], ['127.0.0.1', '::1']) // is localhost
in_array($_SERVER['REMOTE_ADDR'], ['127.0.0.1', '::1']) || // is localhost
preg_match('/.*\.localhost$/mi', $_SERVER['REMOTE_ADDR']) // localhost is TLD
) {
return true;
}
@ -47,14 +66,13 @@ class Webauthn
/**
* @param User $user
* @return false|string
* @return string
* @throws ContainerExceptionInterface
* @throws DoctrineDriverException
* @throws DoctrineException
* @throws NotFoundExceptionInterface
* @throws WebauthnException
*/
public function getCreationOptions(User $user)
public function getCreationOptions(User $user): string
{
$userEntity = oxNew(UserEntity::class, $user);
@ -74,18 +92,23 @@ class Webauthn
Registry::getSession()->setVariable(self::SESSION_CREATIONS_OPTIONS, $publicKeyCredentialCreationOptions);
return json_encode($publicKeyCredentialCreationOptions,JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
$json = json_encode($publicKeyCredentialCreationOptions,JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
if ($json === false) {
throw oxNew(Exception::class, "can't encode creation options");
}
return $json;
}
/**
* @return false|string
* @return string
* @throws DoctrineDriverException
* @throws DoctrineException
* @throws ContainerExceptionInterface
* @throws NotFoundExceptionInterface
* @throws WebauthnException
*/
public function getRequestOptions(string $userId)
public function getRequestOptions(string $userId): string
{
/** @var d3_User_Webauthn $user */
$user = oxNew(User::class);
@ -111,7 +134,13 @@ class Webauthn
Registry::getSession()->setVariable(self::SESSION_ASSERTION_OPTIONS, $publicKeyCredentialRequestOptions);
return json_encode($publicKeyCredentialRequestOptions, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
$json = json_encode($publicKeyCredentialRequestOptions, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
if ($json === false) {
throw oxNew(Exception::class, "can't encode request options");
}
return $json;
}
/**
@ -119,7 +148,9 @@ class Webauthn
*/
public function getServer(): Server
{
/** @var RelyingPartyEntity $rpEntity */
$rpEntity = oxNew(RelyingPartyEntity::class);
/** @var Server $server */
$server = oxNew(Server::class, $rpEntity, oxNew(PublicKeyCredentialList::class));
$server->setLogger(Registry::getLogger());
return $server;
@ -135,7 +166,7 @@ class Webauthn
* @throws NotFoundExceptionInterface
* @throws Exception
*/
public function saveAuthn(string $credential, string $keyName = null)
public function saveAuthn(string $credential, string $keyName = null): void
{
$psr17Factory = new Psr17Factory();
$creator = new ServerRequestCreator(
@ -173,12 +204,19 @@ class Webauthn
);
$serverRequest = $creator->fromGlobals();
/** @var User $user */
$user = oxNew(User::class);
$user->load(Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER));
/** @var UserEntity $userEntity */
$userEntity = oxNew(UserEntity::class, $user);
try {
$this->getServer()->loadAndCheckAssertionResponse( html_entity_decode( $response ), Registry::getSession()->getVariable( self::SESSION_ASSERTION_OPTIONS ), $userEntity, $serverRequest );
$this->getServer()->loadAndCheckAssertionResponse(
html_entity_decode( $response ),
Registry::getSession()->getVariable( self::SESSION_ASSERTION_OPTIONS ),
$userEntity,
$serverRequest
);
} catch (AssertionFailedException $e) {
/** @var WebauthnGetException $exc */
$exc = oxNew(WebauthnGetException::class, $e->getMessage(), 0, $e);
@ -213,10 +251,13 @@ class Webauthn
*/
public function UserUseWebauthn($userId): bool
{
/** @var User $user */
$user = oxNew(User::class);
$user->load($userId);
/** @var UserEntity $entity */
$entity = oxNew(UserEntity::class, $user);
/** @var PublicKeyCredentialList $credentialList */
$credentialList = oxNew(PublicKeyCredentialList::class);
$list = $credentialList->findAllForUserEntity($entity);

2
src/Application/Model/WebauthnConf.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Application\Model;
class WebauthnConf

15
src/Application/Model/WebauthnErrors.php
View File

@ -1,5 +1,20 @@
<?php
/**
* This Software is the property of Data Development and is protected
* by copyright law - it is NOT Freeware.
* Any unauthorized use of this software without a valid license
* is a violation of the license agreement and will be prosecuted by
* civil and criminal law.
* http://www.shopmodule.com
*
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
* @author D3 Data Development - Daniel Seifert <support@shopmodule.com>
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Application\Model;
use OxidEsales\Eshop\Core\Registry;

1
src/Application/translations/de/d3webauthn_lang.php
View File

@ -35,4 +35,5 @@ $aLang = array(
'D3_WEBAUTHN_ERR_UNSECURECONNECTION' => 'Die Verwendung von Sicherheitsschlüsseln ist nur bei lokalen oder gesicherten Verbindungen (https) möglich.',
'D3_WEBAUTHN_ERR_LOGINPROHIBITED' => 'Die Anmeldung mit Sicherheitsschlüssel ist aus technischen Gründen derzeit leider nicht möglich. Bitte verwenden Sie statt dessen Ihr Passwort.',
'D3_WEBAUTHN_ERR_NOTLOADEDUSER' => "Kann keine Anmeldedaten von nicht geladenem Kundenkonto beziehen.",
);

1
src/Application/views/admin/de/d3webauthn_lang.php
View File

@ -50,6 +50,7 @@ $aLang = [
'D3_WEBAUTHN_ERR_UNKNOWN' => 'Die Aktion wurde wegen eines unbekannten Fehlers abgebrochen.',
'D3_WEBAUTHN_ERR_NOPUBKEYSUPPORT' => 'Ihr Browser unterstützt die Verwendung von Hardwareschlüsseln leider nicht.',
'D3_WEBAUTHN_ERR_TECHNICALERROR' => 'Beim Prüfen der Zugangsdaten ist ein technischer Fehler aufgetreten.',
'D3_WEBAUTHN_ERR_NOTLOADEDUSER' => "Kann keine Anmeldedaten von nicht geladenem Kundenkonto beziehen.",
'D3_WEBAUTHN_ERR_LOGINPROHIBITED' => 'Die Anmeldung mit Sicherheitsschlüssel ist aus technischen Gründen derzeit leider nicht möglich. Bitte verwenden Sie statt dessen Ihr Passwort.',

1
src/Application/views/admin/en/d3webauthn_lang.php
View File

@ -50,6 +50,7 @@ $aLang = [
'D3_WEBAUTHN_ERR_UNKNOWN' => 'The action was cancelled due to an unknown error.',
'D3_WEBAUTHN_ERR_NOPUBKEYSUPPORT' => 'Unfortunately, your browser does not support the use of hardware keys.',
'D3_WEBAUTHN_ERR_TECHNICALERROR' => 'A technical error occurred while checking the access data.',
'D3_WEBAUTHN_ERR_NOTLOADEDUSER' => "Can't create webauthn user entity from not loaded user",
'D3_WEBAUTHN_ERR_LOGINPROHIBITED' => 'Unfortunately, logging in with a security key is currently not possible for technical reasons. Please use your password instead.',

2
src/Application/views/tpl/d3webauthnlogin.tpl
View File

@ -24,7 +24,7 @@
<form action="[{$oViewConf->getSelfActionLink()}]" method="post" name="webauthnlogout" id="webauthnlogout">
[{$oViewConf->getHiddenSid()}]
<input type="hidden" name="fnc" value="cancelWebauthnlogin">
<input type="hidden" name="fnc" value="d3CancelWebauthnlogin">
<input type="hidden" name="cl" value="[{$oView->getPreviousClass()}]">
[{$navFormParams}]

2
src/Application/views/tpl/inc/js_create.tpl
View File

@ -1,5 +1,3 @@
[{*** require creationOptions variable containing ... ***}]
[{oxscript include=$oViewConf->getModuleUrl('d3webauthn', 'out/src/js/webauthn.js')}]
[{capture name="d3script"}]

2
src/Application/views/tpl/inc/js_login.tpl
View File

@ -1,5 +1,3 @@
[{*** require creationOptions variable containing ... ***}]
[{oxscript include=$oViewConf->getModuleUrl('d3webauthn', 'out/src/js/webauthn.js')}]
[{capture name="d3script"}]

54
src/Modules/Application/Component/d3_webauthn_UserComponent.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Modules\Application\Component;
use Assert\AssertionFailedException;
@ -93,50 +95,16 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
return Registry::getUtilsView();
}
public function cancelWebauthnLogin(): bool
public function d3CancelWebauthnLogin(): void
{
$this->d3WebauthnClearSessionVariables();
return false;
}
/**
* @param Webauthn $webauthn
* @param $userId
* @return bool
* @throws ContainerExceptionInterface
* @throws DoctrineDriverException
* @throws Exception
* @throws NotFoundExceptionInterface
*/
public function isNoWebauthnOrNoLogin(Webauthn $webauthn, $userId): bool
{
return false == $this->d3GetSession()->getVariable("auth")
|| false == $webauthn->isActive($userId);
}
/**
* @param string $sWebauth
* @param Webauthn $webauthn
* @return bool
*/
public function hasValidWebauthn(string $sWebauth, Webauthn $webauthn): bool
{
try {
return Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH) ||
(
$sWebauth && $webauthn->assertAuthn($sWebauth)
);
} catch (WebauthnException $e) {
return false;
}
}
/**
* @param User $user
* @param $sWebauthn
*/
public function d3WebauthnRelogin(User $user, $sWebauthn)
public function d3WebauthnRelogin(User $user, $sWebauthn): void
{
$setSessionCookie = Registry::getRequest()->getRequestParameter('lgn_cook');
$this->d3GetSession()->setVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH, $sWebauthn);
@ -149,16 +117,17 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
Registry::getUtilsServer()->setUserCookie(
$user->oxuser__oxusername->value,
$user->oxuser__oxpassword->value,
Registry::getConfig()->getShopId(),
31536000,
User::USER_COOKIE_SALT
Registry::getConfig()->getShopId()
);
}
$this->_afterLogin($user);
}
public function d3WebauthnClearSessionVariables()
/**
* @return void
*/
public function d3WebauthnClearSessionVariables(): void
{
$this->d3GetSession()->deleteVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS);
$this->d3GetSession()->deleteVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER);
@ -174,7 +143,10 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent
return Registry::getSession();
}
public function d3AssertAuthn()
/**
* @return void
*/
public function d3AssertAuthn(): void
{
/** @var d3_User_Webauthn $user */
$user = oxNew(User::class);

7
src/Modules/Application/Controller/Admin/d3_LoginController_Webauthn.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Modules\Application\Controller\Admin;
use D3\Webauthn\Application\Model\Webauthn;
@ -88,7 +90,10 @@ class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent
return parent::checklogin();
}
public function d3WebauthnCancelLogin()
/**
* @return void
*/
public function d3WebauthnCancelLogin(): void
{
$oUser = $this->d3GetUserObject();
$oUser->logout();

2
src/Modules/Application/Controller/d3_AccountController_Webauthn.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Modules\Application\Controller;
use D3\Webauthn\Application\Controller\Traits\accountTrait;

2
src/Modules/Application/Controller/d3_AccountDownloadsController_Webauthn.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Modules\Application\Controller;
use D3\Webauthn\Application\Controller\Traits\accountTrait;

2
src/Modules/Application/Controller/d3_AccountNewsletterController_Webauthn.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Modules\Application\Controller;
use D3\Webauthn\Application\Controller\Traits\accountTrait;

2
src/Modules/Application/Controller/d3_AccountNoticeListController_Webauthn.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Modules\Application\Controller;
use D3\Webauthn\Application\Controller\Traits\accountTrait;

2
src/Modules/Application/Controller/d3_AccountOrderController_Webauthn.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Modules\Application\Controller;
use D3\Webauthn\Application\Controller\Traits\accountTrait;

2
src/Modules/Application/Controller/d3_AccountPasswordController_Webauthn.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Modules\Application\Controller;
use D3\Webauthn\Application\Controller\Traits\accountTrait;

2
src/Modules/Application/Controller/d3_AccountRecommlistController_Webauthn.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Modules\Application\Controller;
use D3\Webauthn\Application\Controller\Traits\accountTrait;

2
src/Modules/Application/Controller/d3_AccountReviewController_Webauthn.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Modules\Application\Controller;
use D3\Webauthn\Application\Controller\Traits\accountTrait;

2
src/Modules/Application/Controller/d3_AccountUserController_Webauthn.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Modules\Application\Controller;
use D3\Webauthn\Application\Controller\Traits\accountTrait;

2
src/Modules/Application/Controller/d3_AccountWishlistController_Webauthn.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Modules\Application\Controller;
use D3\Webauthn\Application\Controller\Traits\accountTrait;

2
src/Modules/Application/Controller/d3_webauthn_OrderController.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Modules\Application\Controller;
use D3\Webauthn\Application\Controller\Traits\checkoutGetUserTrait;

2
src/Modules/Application/Controller/d3_webauthn_PaymentController.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Modules\Application\Controller;
use D3\Webauthn\Application\Controller\Traits\checkoutGetUserTrait;

2
src/Modules/Application/Controller/d3_webauthn_UserController.php
View File

@ -13,6 +13,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Modules\Application\Controller;
use D3\Webauthn\Application\Controller\Traits\checkoutGetUserTrait;

15
src/Modules/Application/Model/d3_User_Webauthn.php
View File

@ -13,19 +13,22 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Modules\Application\Model;
use D3\Webauthn\Application\Model\WebauthnConf;
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;
use Doctrine\DBAL\Exception;
use Doctrine\DBAL\Query\QueryBuilder;
use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Exception\UserException;
use OxidEsales\Eshop\Core\Registry;
use OxidEsales\EshopCommunity\Internal\Container\ContainerFactory;
use OxidEsales\EshopCommunity\Internal\Framework\Database\QueryBuilderFactoryInterface;
use Psr\Container\ContainerExceptionInterface;
use Psr\Container\NotFoundExceptionInterface;
use ReflectionClass;
use ReflectionException;
class d3_User_Webauthn extends d3_User_Webauthn_parent
{
@ -43,6 +46,14 @@ class d3_User_Webauthn extends d3_User_Webauthn_parent
return $return;
}
/**
* @param $userName
* @param $password
* @param $setSessionCookie
* @return bool
* @throws UserException
* @throws ReflectionException
*/
public function login($userName, $password, $setSessionCookie = false)
{
if (Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH)) {
@ -68,7 +79,7 @@ class d3_User_Webauthn extends d3_User_Webauthn_parent
/**
* @param string $username
* @param ?string $rights
* @param string|null $rights
* @return string|null
* @throws ContainerExceptionInterface
* @throws DoctrineDriverException

2
src/Setup/Events.php
View File

@ -15,6 +15,8 @@
* @link http://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\Setup;
use Doctrine\DBAL\Driver\Exception as DoctrineDriverException;

10
src/metadata.php
View File

@ -15,9 +15,7 @@
* @link http://www.oxidmodule.com
*/
// https://github.com/web-auth/webauthn-framework/tree/master/doc
// https://webauthn-doc.spomky-labs.com/
// https://docs.solokeys.io/solo/
declare(strict_types=1);
use D3\Webauthn\Application\Controller\Admin\d3user_webauthn;
use D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin;
@ -39,7 +37,6 @@ use D3\Webauthn\Modules\Application\Controller\d3_webauthn_OrderController;
use D3\Webauthn\Modules\Application\Controller\d3_webauthn_PaymentController;
use D3\Webauthn\Modules\Application\Controller\d3_webauthn_UserController;
use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn;
use D3\Webauthn\Modules\Core\d3_webauthn_utils;
use OxidEsales\Eshop\Application\Component\UserComponent;
use OxidEsales\Eshop\Application\Controller\AccountController;
use OxidEsales\Eshop\Application\Controller\AccountDownloadsController;
@ -55,7 +52,6 @@ use OxidEsales\Eshop\Application\Controller\Admin\LoginController;
use OxidEsales\Eshop\Application\Controller\OrderController;
use OxidEsales\Eshop\Application\Controller\PaymentController;
use OxidEsales\Eshop\Application\Controller\UserController;
use OxidEsales\Eshop\Core\Utils;
use OxidEsales\Eshop\Application\Model as OxidModel;
/**
@ -76,10 +72,10 @@ $aModule = array(
'de' => 'Webauthn f&uuml;r OXID eSales Shop',
'en' => 'Webauthn for OXID eSales shop',
],
'version' => '0.0.1',
'version' => '1.0.0.0',
'author' => 'D&sup3; Data Development (Inh.: Thomas Dartsch)',
'email' => 'support@shopmodule.com',
'url' => 'http://www.oxidmodule.com/',
'url' => 'https://www.oxidmodule.com/',
'extend' => [
UserController::class => d3_webauthn_UserController::class,
PaymentController::class => d3_webauthn_PaymentController::class,