From f156e7ad19aa6288c4d933c8332ddd6c518ecee5 Mon Sep 17 00:00:00 2001 From: Daniel Seifert Date: Fri, 4 Nov 2022 22:02:44 +0100 Subject: [PATCH] improve code --- .../Controller/Admin/d3user_webauthn.php | 26 ++++++-- .../Controller/Admin/d3webauthnadminlogin.php | 25 ++++++-- .../Controller/Traits/accountTrait.php | 2 + .../Traits/checkoutGetUserTrait.php | 6 +- .../Controller/d3_account_webauthn.php | 62 ++++++++++++++---- .../Controller/d3webauthnlogin.php | 23 ++++--- .../Model/Credential/PublicKeyCredential.php | 20 +++--- .../Credential/PublicKeyCredentialList.php | 8 ++- .../Exceptions/WebauthnCreateException.php | 2 + .../Model/Exceptions/WebauthnException.php | 15 +++++ .../Model/Exceptions/WebauthnGetException.php | 2 + src/Application/Model/UserEntity.php | 5 +- src/Application/Model/Webauthn.php | 63 +++++++++++++++---- src/Application/Model/WebauthnConf.php | 2 + src/Application/Model/WebauthnErrors.php | 15 +++++ .../translations/de/d3webauthn_lang.php | 1 + .../views/admin/de/d3webauthn_lang.php | 1 + .../views/admin/en/d3webauthn_lang.php | 1 + src/Application/views/tpl/d3webauthnlogin.tpl | 2 +- src/Application/views/tpl/inc/js_create.tpl | 2 - src/Application/views/tpl/inc/js_login.tpl | 2 - .../Component/d3_webauthn_UserComponent.php | 54 ++++------------ .../Admin/d3_LoginController_Webauthn.php | 7 ++- .../d3_AccountController_Webauthn.php | 2 + ...d3_AccountDownloadsController_Webauthn.php | 2 + ...3_AccountNewsletterController_Webauthn.php | 2 + ...3_AccountNoticeListController_Webauthn.php | 2 + .../d3_AccountOrderController_Webauthn.php | 2 + .../d3_AccountPasswordController_Webauthn.php | 2 + ...3_AccountRecommlistController_Webauthn.php | 2 + .../d3_AccountReviewController_Webauthn.php | 2 + .../d3_AccountUserController_Webauthn.php | 2 + .../d3_AccountWishlistController_Webauthn.php | 2 + .../d3_webauthn_OrderController.php | 2 + .../d3_webauthn_PaymentController.php | 2 + .../Controller/d3_webauthn_UserController.php | 2 + .../Application/Model/d3_User_Webauthn.php | 15 ++++- src/Setup/Events.php | 2 + src/metadata.php | 10 +-- 39 files changed, 292 insertions(+), 107 deletions(-) diff --git a/src/Application/Controller/Admin/d3user_webauthn.php b/src/Application/Controller/Admin/d3user_webauthn.php index 6feddac..b305bbc 100755 --- a/src/Application/Controller/Admin/d3user_webauthn.php +++ b/src/Application/Controller/Admin/d3user_webauthn.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Application\Controller\Admin; use D3\Webauthn\Application\Model\Credential\PublicKeyCredential; @@ -65,7 +67,10 @@ class d3user_webauthn extends AdminDetailsController return $this->_sThisTemplate; } - public function requestNewCredential() + /** + * @return void + */ + public function requestNewCredential(): void { try { $this->setPageType( 'requestnew' ); @@ -78,7 +83,10 @@ class d3user_webauthn extends AdminDetailsController } } - public function saveAuthn() + /** + * @return void + */ + public function saveAuthn(): void { try { if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'error' ) ) ) { @@ -99,7 +107,11 @@ class d3user_webauthn extends AdminDetailsController } } - public function setPageType($pageType) + /** + * @param $pageType + * @return void + */ + public function setPageType($pageType): void { $this->addTplParam('pageType', $pageType); } @@ -109,8 +121,9 @@ class d3user_webauthn extends AdminDetailsController * @throws DoctrineDriverException * @throws NotFoundExceptionInterface * @throws DoctrineException + * @throws WebauthnException */ - public function setAuthnRegister() + public function setAuthnRegister(): void { $authn = oxNew(Webauthn::class); @@ -153,7 +166,10 @@ class d3user_webauthn extends AdminDetailsController return oxNew(User::class); } - public function deleteKey() + /** + * @return void + */ + public function deleteKey(): void { /** @var PublicKeyCredential $credential */ $credential = oxNew(PublicKeyCredential::class); diff --git a/src/Application/Controller/Admin/d3webauthnadminlogin.php b/src/Application/Controller/Admin/d3webauthnadminlogin.php index 9fc6ac4..49c8bc6 100755 --- a/src/Application/Controller/Admin/d3webauthnadminlogin.php +++ b/src/Application/Controller/Admin/d3webauthnadminlogin.php @@ -13,9 +13,10 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Application\Controller\Admin; -use Assert\AssertionFailedException; use D3\Webauthn\Application\Model\Exceptions\WebauthnGetException; use D3\Webauthn\Application\Model\Webauthn; use D3\Webauthn\Application\Model\WebauthnConf; @@ -37,19 +38,22 @@ class d3webauthnadminlogin extends AdminController { protected $_sThisTemplate = 'd3webauthnadminlogin.tpl'; + /** + * @return bool + */ protected function _authorize(): bool { return true; } /** - * @return null + * @return string * @throws ContainerExceptionInterface * @throws DoctrineDriverException * @throws DoctrineException * @throws NotFoundExceptionInterface */ - public function render() + public function render(): string { if (Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH) || !Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER) @@ -74,7 +78,7 @@ class d3webauthnadminlogin extends AdminController * @throws ContainerExceptionInterface * @throws NotFoundExceptionInterface */ - public function generateCredentialRequest() + public function generateCredentialRequest(): void { $userId = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER); try { @@ -93,7 +97,10 @@ class d3webauthnadminlogin extends AdminController } } - public function d3AssertAuthn() + /** + * @return string|null + */ + public function d3AssertAuthn(): ?string { /** @var d3_User_Webauthn $user */ $user = oxNew(User::class); @@ -138,11 +145,17 @@ class d3webauthnadminlogin extends AdminController return Registry::getUtils(); } - public function getPreviousClass() + /** + * @return string|null + */ + public function getPreviousClass(): ?string { return Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS); } + /** + * @return bool + */ public function previousClassIsOrderStep(): bool { $sClassKey = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS); diff --git a/src/Application/Controller/Traits/accountTrait.php b/src/Application/Controller/Traits/accountTrait.php index 4b35528..9365376 100644 --- a/src/Application/Controller/Traits/accountTrait.php +++ b/src/Application/Controller/Traits/accountTrait.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Application\Controller\Traits; /** workaround for missing tpl blocks (https://github.com/OXID-eSales/wave-theme/pull/124) */ diff --git a/src/Application/Controller/Traits/checkoutGetUserTrait.php b/src/Application/Controller/Traits/checkoutGetUserTrait.php index f75507b..7f6e78d 100755 --- a/src/Application/Controller/Traits/checkoutGetUserTrait.php +++ b/src/Application/Controller/Traits/checkoutGetUserTrait.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Application\Controller\Traits; use D3\Webauthn\Application\Model\Webauthn; @@ -28,13 +30,13 @@ use Psr\Container\NotFoundExceptionInterface; trait checkoutGetUserTrait { /** - * @return bool|object|User + * @return null|false|User * @throws ContainerExceptionInterface * @throws DoctrineException * @throws Exception * @throws NotFoundExceptionInterface */ - public function getUser() + public function getUser(): ?User { $user = parent::getUser(); diff --git a/src/Application/Controller/d3_account_webauthn.php b/src/Application/Controller/d3_account_webauthn.php index 23b1808..b9cd497 100755 --- a/src/Application/Controller/d3_account_webauthn.php +++ b/src/Application/Controller/d3_account_webauthn.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Application\Controller; use D3\Webauthn\Application\Controller\Traits\accountTrait; @@ -27,6 +29,7 @@ use Doctrine\DBAL\Driver\Exception as DoctrineDriverException; use Doctrine\DBAL\Exception as DoctrineException; use OxidEsales\Eshop\Application\Controller\AccountController; use OxidEsales\Eshop\Core\Registry; +use OxidEsales\Eshop\Core\SeoEncoder; use Psr\Container\ContainerExceptionInterface; use Psr\Container\NotFoundExceptionInterface; @@ -50,7 +53,6 @@ class d3_account_webauthn extends AccountController } $this->addTplParam('user', $this->getUser()); - $this->addTplParam('readonly', (bool) !(oxNew(Webauthn::class)->isAvailable())); return $sRet; @@ -58,6 +60,10 @@ class d3_account_webauthn extends AccountController /** * @return publicKeyCredentialList + * @throws ContainerExceptionInterface + * @throws DoctrineDriverException + * @throws DoctrineException + * @throws NotFoundExceptionInterface */ public function getCredentialList(): PublicKeyCredentialList { @@ -71,8 +77,9 @@ class d3_account_webauthn extends AccountController * @throws NotFoundExceptionInterface * @throws DoctrineDriverException * @throws DoctrineException + * @return void */ - public function requestNewCredential() + public function requestNewCredential(): void { try { $this->setAuthnRegister(); @@ -84,7 +91,11 @@ class d3_account_webauthn extends AccountController } } - public function setPageType($pageType) + /** + * @param $pageType + * @return void + */ + public function setPageType($pageType): void { $this->addTplParam('pageType', $pageType); } @@ -95,22 +106,26 @@ class d3_account_webauthn extends AccountController * @throws DoctrineException * @throws ContainerExceptionInterface * @throws NotFoundExceptionInterface + * @return void */ - public function setAuthnRegister() + public function setAuthnRegister(): void { $authn = oxNew(Webauthn::class); $publicKeyCredentialCreationOptions = $authn->getCreationOptions($this->getUser()); - $this->addTplParam( - 'webauthn_publickey_create', - $publicKeyCredentialCreationOptions - ); - + $this->addTplParam('webauthn_publickey_create', $publicKeyCredentialCreationOptions); $this->addTplParam('isAdmin', isAdmin()); $this->addTplParam('keyname', Registry::getRequest()->getRequestEscapedParameter('credenialname')); } - public function saveAuthn() + /** + * @return void + * @throws ContainerExceptionInterface + * @throws DoctrineDriverException + * @throws DoctrineException + * @throws NotFoundExceptionInterface + */ + public function saveAuthn(): void { try { if ( strlen( Registry::getRequest()->getRequestEscapedParameter( 'error' ) ) ) { @@ -129,7 +144,10 @@ class d3_account_webauthn extends AccountController } } - public function deleteKey() + /** + * @return void + */ + public function deleteKey(): void { if (Registry::getRequest()->getRequestEscapedParameter('deleteoxid')) { /** @var PublicKeyCredential $credential */ @@ -137,4 +155,26 @@ class d3_account_webauthn extends AccountController $credential->delete(Registry::getRequest()->getRequestEscapedParameter('deleteoxid')); } } + + /** + * @return array + */ + public function getBreadCrumb(): array + { + $aPaths = []; + $aPath = []; + + $iBaseLanguage = Registry::getLang()->getBaseLanguage(); + /** @var SeoEncoder $oSeoEncoder */ + $oSeoEncoder = Registry::getSeoEncoder(); + $aPath['title'] = Registry::getLang()->translateString('MY_ACCOUNT', $iBaseLanguage, false); + $aPath['link'] = $oSeoEncoder->getStaticUrl($this->getViewConfig()->getSelfLink() . "cl=account"); + $aPaths[] = $aPath; + + $aPath['title'] = Registry::getLang()->translateString('D3_WEBAUTHN_ACCOUNT', $iBaseLanguage, false); + $aPath['link'] = $this->getLink(); + $aPaths[] = $aPath; + + return $aPaths; + } } \ No newline at end of file diff --git a/src/Application/Controller/d3webauthnlogin.php b/src/Application/Controller/d3webauthnlogin.php index 050d8a7..363b6fc 100755 --- a/src/Application/Controller/d3webauthnlogin.php +++ b/src/Application/Controller/d3webauthnlogin.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Application\Controller; use D3\Webauthn\Application\Model\Webauthn; @@ -30,7 +32,10 @@ class d3webauthnlogin extends FrontendController { protected $_sThisTemplate = 'd3webauthnlogin.tpl'; - public function getNavigationParams() + /** + * @return array + */ + public function getNavigationParams(): array { $navparams = Registry::getSession()->getVariable( WebauthnConf::WEBAUTHN_SESSION_NAVPARAMS @@ -43,13 +48,13 @@ class d3webauthnlogin extends FrontendController } /** - * @return null + * @return string * @throws ContainerExceptionInterface * @throws DoctrineDriverException * @throws DoctrineException * @throws NotFoundExceptionInterface */ - public function render() + public function render(): string { if (Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH) || !Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER) @@ -76,7 +81,7 @@ class d3webauthnlogin extends FrontendController * @throws ContainerExceptionInterface * @throws NotFoundExceptionInterface */ - public function generateCredentialRequest() + public function generateCredentialRequest(): void { $userId = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER); @@ -103,11 +108,17 @@ class d3webauthnlogin extends FrontendController return Registry::getUtils(); } - public function getPreviousClass() + /** + * @return string|null + */ + public function getPreviousClass(): ?string { return Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS); } + /** + * @return bool + */ public function previousClassIsOrderStep(): bool { $sClassKey = Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS); @@ -128,8 +139,6 @@ class d3webauthnlogin extends FrontendController } /** - * Returns Bread Crumb - you are here page1/page2/page3... - * * @return array */ public function getBreadCrumb(): array diff --git a/src/Application/Model/Credential/PublicKeyCredential.php b/src/Application/Model/Credential/PublicKeyCredential.php index f2494b8..cbcfbe8 100755 --- a/src/Application/Model/Credential/PublicKeyCredential.php +++ b/src/Application/Model/Credential/PublicKeyCredential.php @@ -15,6 +15,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Application\Model\Credential; use DateTime; @@ -44,9 +46,11 @@ class PublicKeyCredential extends BaseModel /** * @param string $name */ - public function setName(string $name) + public function setName(string $name): void { - $this->assign(['name' => $name]); + $this->assign([ + 'name' => $name + ]); } /** @@ -60,7 +64,7 @@ class PublicKeyCredential extends BaseModel /** * @param string $credentialId */ - public function setCredentialId(string $credentialId) + public function setCredentialId(string $credentialId): void { $this->assign([ 'credentialid' => base64_encode($credentialId) @@ -70,7 +74,7 @@ class PublicKeyCredential extends BaseModel /** * @return false|string */ - public function getCredentialId() + public function getCredentialId(): ?string { return base64_decode($this->__get($this->_getFieldLongName('credentialid'))->rawValue); } @@ -78,7 +82,7 @@ class PublicKeyCredential extends BaseModel /** * @param string $userId */ - public function setUserId(string $userId) + public function setUserId(string $userId): void { $this->assign([ 'oxuserid' => $userId @@ -96,7 +100,7 @@ class PublicKeyCredential extends BaseModel /** * @param PublicKeyCredentialSource $credential */ - public function setCredential(PublicKeyCredentialSource $credential) + public function setCredential(PublicKeyCredentialSource $credential): void { $this->assign([ 'credential' => base64_encode(serialize($credential)) @@ -106,7 +110,7 @@ class PublicKeyCredential extends BaseModel /** * @return false|PublicKeyCredentialSource */ - public function getCredential() + public function getCredential(): ?PublicKeyCredentialSource { return unserialize(base64_decode($this->__get($this->_getFieldLongName('credential'))->rawValue)); } @@ -124,6 +128,7 @@ class PublicKeyCredential extends BaseModel */ public function saveCredentialSource(PublicKeyCredentialSource $publicKeyCredentialSource, string $keyName = null): void { + // item exist already if ((oxNew(PublicKeyCredentialList::class)) ->findOneByCredentialId($publicKeyCredentialSource->getPublicKeyCredentialId()) ) { @@ -150,6 +155,7 @@ class PublicKeyCredential extends BaseModel * * @return string|null * @throws ContainerExceptionInterface + * @throws DoctrineDriverException * @throws DoctrineException * @throws NotFoundExceptionInterface */ diff --git a/src/Application/Model/Credential/PublicKeyCredentialList.php b/src/Application/Model/Credential/PublicKeyCredentialList.php index d96f684..1e3c62a 100755 --- a/src/Application/Model/Credential/PublicKeyCredentialList.php +++ b/src/Application/Model/Credential/PublicKeyCredentialList.php @@ -15,6 +15,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Application\Model\Credential; use Doctrine\DBAL\Driver\Exception as DoctrineDriverException; @@ -112,7 +114,7 @@ class PublicKeyCredentialList extends ListModel implements PublicKeyCredentialSo /** * @param User $user - * @return $this + * @return self * @throws ContainerExceptionInterface * @throws DoctrineDriverException * @throws DoctrineException @@ -151,6 +153,10 @@ class PublicKeyCredentialList extends ListModel implements PublicKeyCredentialSo return $this; } + /** + * @param PublicKeyCredentialSource $publicKeyCredentialSource + * @return void + */ public function saveCredentialSource(PublicKeyCredentialSource $publicKeyCredentialSource): void { $this->getBaseObject()->saveCredentialSource($publicKeyCredentialSource); diff --git a/src/Application/Model/Exceptions/WebauthnCreateException.php b/src/Application/Model/Exceptions/WebauthnCreateException.php index 0658ed8..fd1556a 100644 --- a/src/Application/Model/Exceptions/WebauthnCreateException.php +++ b/src/Application/Model/Exceptions/WebauthnCreateException.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Application\Model\Exceptions; use D3\Webauthn\Application\Model\WebauthnConf; diff --git a/src/Application/Model/Exceptions/WebauthnException.php b/src/Application/Model/Exceptions/WebauthnException.php index 94982fa..39fe399 100644 --- a/src/Application/Model/Exceptions/WebauthnException.php +++ b/src/Application/Model/Exceptions/WebauthnException.php @@ -1,5 +1,20 @@ + * @link http://www.oxidmodule.com + */ + +declare(strict_types=1); + namespace D3\Webauthn\Application\Model\Exceptions; use D3\Webauthn\Application\Model\WebauthnErrors; diff --git a/src/Application/Model/Exceptions/WebauthnGetException.php b/src/Application/Model/Exceptions/WebauthnGetException.php index 8527550..38e87a8 100644 --- a/src/Application/Model/Exceptions/WebauthnGetException.php +++ b/src/Application/Model/Exceptions/WebauthnGetException.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Application\Model\Exceptions; use D3\Webauthn\Application\Model\WebauthnConf; diff --git a/src/Application/Model/UserEntity.php b/src/Application/Model/UserEntity.php index 98fab31..b631437 100755 --- a/src/Application/Model/UserEntity.php +++ b/src/Application/Model/UserEntity.php @@ -15,10 +15,13 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Application\Model; use D3\Webauthn\Application\Model\Exceptions\WebauthnException; use OxidEsales\Eshop\Application\Model\User; +use OxidEsales\Eshop\Core\Registry; use Webauthn\PublicKeyCredentialUserEntity; class UserEntity extends PublicKeyCredentialUserEntity @@ -31,7 +34,7 @@ class UserEntity extends PublicKeyCredentialUserEntity { if (!$user->isLoaded() || !$user->getId()) { /** @var WebauthnException $e */ - $e = oxNew(WebauthnException::class, 'can not create webauthn user entity from not loaded user'); + $e = oxNew(WebauthnException::class, 'D3_WEBAUTHN_ERR_NOTLOADEDUSER'); throw $e; } diff --git a/src/Application/Model/Webauthn.php b/src/Application/Model/Webauthn.php index f796b84..9fa3b61 100644 --- a/src/Application/Model/Webauthn.php +++ b/src/Application/Model/Webauthn.php @@ -1,5 +1,20 @@ + * @link http://www.oxidmodule.com + */ + declare(strict_types=1); namespace D3\Webauthn\Application\Model; @@ -29,12 +44,16 @@ class Webauthn public const SESSION_CREATIONS_OPTIONS = 'd3WebAuthnCreationOptions'; public const SESSION_ASSERTION_OPTIONS = 'd3WebAuthnAssertionOptions'; + /** + * @return bool + */ public function isAvailable(): bool { if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' || // is HTTPS !empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https' || !empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on' || - in_array($_SERVER['REMOTE_ADDR'], ['127.0.0.1', '::1']) // is localhost + in_array($_SERVER['REMOTE_ADDR'], ['127.0.0.1', '::1']) || // is localhost + preg_match('/.*\.localhost$/mi', $_SERVER['REMOTE_ADDR']) // localhost is TLD ) { return true; } @@ -47,14 +66,13 @@ class Webauthn /** * @param User $user - * @return false|string + * @return string * @throws ContainerExceptionInterface * @throws DoctrineDriverException * @throws DoctrineException * @throws NotFoundExceptionInterface - * @throws WebauthnException */ - public function getCreationOptions(User $user) + public function getCreationOptions(User $user): string { $userEntity = oxNew(UserEntity::class, $user); @@ -74,18 +92,23 @@ class Webauthn Registry::getSession()->setVariable(self::SESSION_CREATIONS_OPTIONS, $publicKeyCredentialCreationOptions); - return json_encode($publicKeyCredentialCreationOptions,JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); + $json = json_encode($publicKeyCredentialCreationOptions,JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); + + if ($json === false) { + throw oxNew(Exception::class, "can't encode creation options"); + } + + return $json; } /** - * @return false|string + * @return string * @throws DoctrineDriverException * @throws DoctrineException * @throws ContainerExceptionInterface * @throws NotFoundExceptionInterface - * @throws WebauthnException */ - public function getRequestOptions(string $userId) + public function getRequestOptions(string $userId): string { /** @var d3_User_Webauthn $user */ $user = oxNew(User::class); @@ -111,7 +134,13 @@ class Webauthn Registry::getSession()->setVariable(self::SESSION_ASSERTION_OPTIONS, $publicKeyCredentialRequestOptions); - return json_encode($publicKeyCredentialRequestOptions, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); + $json = json_encode($publicKeyCredentialRequestOptions, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); + + if ($json === false) { + throw oxNew(Exception::class, "can't encode request options"); + } + + return $json; } /** @@ -119,7 +148,9 @@ class Webauthn */ public function getServer(): Server { + /** @var RelyingPartyEntity $rpEntity */ $rpEntity = oxNew(RelyingPartyEntity::class); + /** @var Server $server */ $server = oxNew(Server::class, $rpEntity, oxNew(PublicKeyCredentialList::class)); $server->setLogger(Registry::getLogger()); return $server; @@ -135,7 +166,7 @@ class Webauthn * @throws NotFoundExceptionInterface * @throws Exception */ - public function saveAuthn(string $credential, string $keyName = null) + public function saveAuthn(string $credential, string $keyName = null): void { $psr17Factory = new Psr17Factory(); $creator = new ServerRequestCreator( @@ -173,12 +204,19 @@ class Webauthn ); $serverRequest = $creator->fromGlobals(); + /** @var User $user */ $user = oxNew(User::class); $user->load(Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER)); + /** @var UserEntity $userEntity */ $userEntity = oxNew(UserEntity::class, $user); try { - $this->getServer()->loadAndCheckAssertionResponse( html_entity_decode( $response ), Registry::getSession()->getVariable( self::SESSION_ASSERTION_OPTIONS ), $userEntity, $serverRequest ); + $this->getServer()->loadAndCheckAssertionResponse( + html_entity_decode( $response ), + Registry::getSession()->getVariable( self::SESSION_ASSERTION_OPTIONS ), + $userEntity, + $serverRequest + ); } catch (AssertionFailedException $e) { /** @var WebauthnGetException $exc */ $exc = oxNew(WebauthnGetException::class, $e->getMessage(), 0, $e); @@ -213,10 +251,13 @@ class Webauthn */ public function UserUseWebauthn($userId): bool { + /** @var User $user */ $user = oxNew(User::class); $user->load($userId); + /** @var UserEntity $entity */ $entity = oxNew(UserEntity::class, $user); + /** @var PublicKeyCredentialList $credentialList */ $credentialList = oxNew(PublicKeyCredentialList::class); $list = $credentialList->findAllForUserEntity($entity); diff --git a/src/Application/Model/WebauthnConf.php b/src/Application/Model/WebauthnConf.php index 4c4dd7b..0be1731 100755 --- a/src/Application/Model/WebauthnConf.php +++ b/src/Application/Model/WebauthnConf.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Application\Model; class WebauthnConf diff --git a/src/Application/Model/WebauthnErrors.php b/src/Application/Model/WebauthnErrors.php index 28d1b5f..8641304 100644 --- a/src/Application/Model/WebauthnErrors.php +++ b/src/Application/Model/WebauthnErrors.php @@ -1,5 +1,20 @@ + * @link http://www.oxidmodule.com + */ + +declare(strict_types=1); + namespace D3\Webauthn\Application\Model; use OxidEsales\Eshop\Core\Registry; diff --git a/src/Application/translations/de/d3webauthn_lang.php b/src/Application/translations/de/d3webauthn_lang.php index 4e68c75..36bcbbb 100755 --- a/src/Application/translations/de/d3webauthn_lang.php +++ b/src/Application/translations/de/d3webauthn_lang.php @@ -35,4 +35,5 @@ $aLang = array( 'D3_WEBAUTHN_ERR_UNSECURECONNECTION' => 'Die Verwendung von Sicherheitsschlüsseln ist nur bei lokalen oder gesicherten Verbindungen (https) möglich.', 'D3_WEBAUTHN_ERR_LOGINPROHIBITED' => 'Die Anmeldung mit Sicherheitsschlüssel ist aus technischen Gründen derzeit leider nicht möglich. Bitte verwenden Sie statt dessen Ihr Passwort.', + 'D3_WEBAUTHN_ERR_NOTLOADEDUSER' => "Kann keine Anmeldedaten von nicht geladenem Kundenkonto beziehen.", ); diff --git a/src/Application/views/admin/de/d3webauthn_lang.php b/src/Application/views/admin/de/d3webauthn_lang.php index aec4159..074ce75 100755 --- a/src/Application/views/admin/de/d3webauthn_lang.php +++ b/src/Application/views/admin/de/d3webauthn_lang.php @@ -50,6 +50,7 @@ $aLang = [ 'D3_WEBAUTHN_ERR_UNKNOWN' => 'Die Aktion wurde wegen eines unbekannten Fehlers abgebrochen.', 'D3_WEBAUTHN_ERR_NOPUBKEYSUPPORT' => 'Ihr Browser unterstützt die Verwendung von Hardwareschlüsseln leider nicht.', 'D3_WEBAUTHN_ERR_TECHNICALERROR' => 'Beim Prüfen der Zugangsdaten ist ein technischer Fehler aufgetreten.', + 'D3_WEBAUTHN_ERR_NOTLOADEDUSER' => "Kann keine Anmeldedaten von nicht geladenem Kundenkonto beziehen.", 'D3_WEBAUTHN_ERR_LOGINPROHIBITED' => 'Die Anmeldung mit Sicherheitsschlüssel ist aus technischen Gründen derzeit leider nicht möglich. Bitte verwenden Sie statt dessen Ihr Passwort.', diff --git a/src/Application/views/admin/en/d3webauthn_lang.php b/src/Application/views/admin/en/d3webauthn_lang.php index 16e3552..ad9ed62 100755 --- a/src/Application/views/admin/en/d3webauthn_lang.php +++ b/src/Application/views/admin/en/d3webauthn_lang.php @@ -50,6 +50,7 @@ $aLang = [ 'D3_WEBAUTHN_ERR_UNKNOWN' => 'The action was cancelled due to an unknown error.', 'D3_WEBAUTHN_ERR_NOPUBKEYSUPPORT' => 'Unfortunately, your browser does not support the use of hardware keys.', 'D3_WEBAUTHN_ERR_TECHNICALERROR' => 'A technical error occurred while checking the access data.', + 'D3_WEBAUTHN_ERR_NOTLOADEDUSER' => "Can't create webauthn user entity from not loaded user", 'D3_WEBAUTHN_ERR_LOGINPROHIBITED' => 'Unfortunately, logging in with a security key is currently not possible for technical reasons. Please use your password instead.', diff --git a/src/Application/views/tpl/d3webauthnlogin.tpl b/src/Application/views/tpl/d3webauthnlogin.tpl index 46ae04d..6f61453 100755 --- a/src/Application/views/tpl/d3webauthnlogin.tpl +++ b/src/Application/views/tpl/d3webauthnlogin.tpl @@ -24,7 +24,7 @@
[{$oViewConf->getHiddenSid()}] - + [{$navFormParams}] diff --git a/src/Application/views/tpl/inc/js_create.tpl b/src/Application/views/tpl/inc/js_create.tpl index d72b6fe..0688fcf 100644 --- a/src/Application/views/tpl/inc/js_create.tpl +++ b/src/Application/views/tpl/inc/js_create.tpl @@ -1,5 +1,3 @@ -[{*** require creationOptions variable containing ... ***}] - [{oxscript include=$oViewConf->getModuleUrl('d3webauthn', 'out/src/js/webauthn.js')}] [{capture name="d3script"}] diff --git a/src/Application/views/tpl/inc/js_login.tpl b/src/Application/views/tpl/inc/js_login.tpl index 29d77ab..eed57f1 100644 --- a/src/Application/views/tpl/inc/js_login.tpl +++ b/src/Application/views/tpl/inc/js_login.tpl @@ -1,5 +1,3 @@ -[{*** require creationOptions variable containing ... ***}] - [{oxscript include=$oViewConf->getModuleUrl('d3webauthn', 'out/src/js/webauthn.js')}] [{capture name="d3script"}] diff --git a/src/Modules/Application/Component/d3_webauthn_UserComponent.php b/src/Modules/Application/Component/d3_webauthn_UserComponent.php index ef49df7..4d11c06 100755 --- a/src/Modules/Application/Component/d3_webauthn_UserComponent.php +++ b/src/Modules/Application/Component/d3_webauthn_UserComponent.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Modules\Application\Component; use Assert\AssertionFailedException; @@ -93,50 +95,16 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent return Registry::getUtilsView(); } - public function cancelWebauthnLogin(): bool + public function d3CancelWebauthnLogin(): void { $this->d3WebauthnClearSessionVariables(); - - return false; - } - - /** - * @param Webauthn $webauthn - * @param $userId - * @return bool - * @throws ContainerExceptionInterface - * @throws DoctrineDriverException - * @throws Exception - * @throws NotFoundExceptionInterface - */ - public function isNoWebauthnOrNoLogin(Webauthn $webauthn, $userId): bool - { - return false == $this->d3GetSession()->getVariable("auth") - || false == $webauthn->isActive($userId); - } - - /** - * @param string $sWebauth - * @param Webauthn $webauthn - * @return bool - */ - public function hasValidWebauthn(string $sWebauth, Webauthn $webauthn): bool - { - try { - return Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH) || - ( - $sWebauth && $webauthn->assertAuthn($sWebauth) - ); - } catch (WebauthnException $e) { - return false; - } } /** * @param User $user * @param $sWebauthn */ - public function d3WebauthnRelogin(User $user, $sWebauthn) + public function d3WebauthnRelogin(User $user, $sWebauthn): void { $setSessionCookie = Registry::getRequest()->getRequestParameter('lgn_cook'); $this->d3GetSession()->setVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH, $sWebauthn); @@ -149,16 +117,17 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent Registry::getUtilsServer()->setUserCookie( $user->oxuser__oxusername->value, $user->oxuser__oxpassword->value, - Registry::getConfig()->getShopId(), - 31536000, - User::USER_COOKIE_SALT + Registry::getConfig()->getShopId() ); } $this->_afterLogin($user); } - public function d3WebauthnClearSessionVariables() + /** + * @return void + */ + public function d3WebauthnClearSessionVariables(): void { $this->d3GetSession()->deleteVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTCLASS); $this->d3GetSession()->deleteVariable(WebauthnConf::WEBAUTHN_SESSION_CURRENTUSER); @@ -174,7 +143,10 @@ class d3_webauthn_UserComponent extends d3_webauthn_UserComponent_parent return Registry::getSession(); } - public function d3AssertAuthn() + /** + * @return void + */ + public function d3AssertAuthn(): void { /** @var d3_User_Webauthn $user */ $user = oxNew(User::class); diff --git a/src/Modules/Application/Controller/Admin/d3_LoginController_Webauthn.php b/src/Modules/Application/Controller/Admin/d3_LoginController_Webauthn.php index fd8e20b..05635f2 100755 --- a/src/Modules/Application/Controller/Admin/d3_LoginController_Webauthn.php +++ b/src/Modules/Application/Controller/Admin/d3_LoginController_Webauthn.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Modules\Application\Controller\Admin; use D3\Webauthn\Application\Model\Webauthn; @@ -88,7 +90,10 @@ class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent return parent::checklogin(); } - public function d3WebauthnCancelLogin() + /** + * @return void + */ + public function d3WebauthnCancelLogin(): void { $oUser = $this->d3GetUserObject(); $oUser->logout(); diff --git a/src/Modules/Application/Controller/d3_AccountController_Webauthn.php b/src/Modules/Application/Controller/d3_AccountController_Webauthn.php index 96da8d8..3c90aaa 100644 --- a/src/Modules/Application/Controller/d3_AccountController_Webauthn.php +++ b/src/Modules/Application/Controller/d3_AccountController_Webauthn.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Modules\Application\Controller; use D3\Webauthn\Application\Controller\Traits\accountTrait; diff --git a/src/Modules/Application/Controller/d3_AccountDownloadsController_Webauthn.php b/src/Modules/Application/Controller/d3_AccountDownloadsController_Webauthn.php index acc78fd..b4b7369 100644 --- a/src/Modules/Application/Controller/d3_AccountDownloadsController_Webauthn.php +++ b/src/Modules/Application/Controller/d3_AccountDownloadsController_Webauthn.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Modules\Application\Controller; use D3\Webauthn\Application\Controller\Traits\accountTrait; diff --git a/src/Modules/Application/Controller/d3_AccountNewsletterController_Webauthn.php b/src/Modules/Application/Controller/d3_AccountNewsletterController_Webauthn.php index cc8f00c..6d1ce80 100644 --- a/src/Modules/Application/Controller/d3_AccountNewsletterController_Webauthn.php +++ b/src/Modules/Application/Controller/d3_AccountNewsletterController_Webauthn.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Modules\Application\Controller; use D3\Webauthn\Application\Controller\Traits\accountTrait; diff --git a/src/Modules/Application/Controller/d3_AccountNoticeListController_Webauthn.php b/src/Modules/Application/Controller/d3_AccountNoticeListController_Webauthn.php index f2ba210..cf36a70 100644 --- a/src/Modules/Application/Controller/d3_AccountNoticeListController_Webauthn.php +++ b/src/Modules/Application/Controller/d3_AccountNoticeListController_Webauthn.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Modules\Application\Controller; use D3\Webauthn\Application\Controller\Traits\accountTrait; diff --git a/src/Modules/Application/Controller/d3_AccountOrderController_Webauthn.php b/src/Modules/Application/Controller/d3_AccountOrderController_Webauthn.php index 15fdae9..ef91539 100644 --- a/src/Modules/Application/Controller/d3_AccountOrderController_Webauthn.php +++ b/src/Modules/Application/Controller/d3_AccountOrderController_Webauthn.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Modules\Application\Controller; use D3\Webauthn\Application\Controller\Traits\accountTrait; diff --git a/src/Modules/Application/Controller/d3_AccountPasswordController_Webauthn.php b/src/Modules/Application/Controller/d3_AccountPasswordController_Webauthn.php index b2ceefe..bdbb649 100644 --- a/src/Modules/Application/Controller/d3_AccountPasswordController_Webauthn.php +++ b/src/Modules/Application/Controller/d3_AccountPasswordController_Webauthn.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Modules\Application\Controller; use D3\Webauthn\Application\Controller\Traits\accountTrait; diff --git a/src/Modules/Application/Controller/d3_AccountRecommlistController_Webauthn.php b/src/Modules/Application/Controller/d3_AccountRecommlistController_Webauthn.php index 78505a9..3b950d0 100644 --- a/src/Modules/Application/Controller/d3_AccountRecommlistController_Webauthn.php +++ b/src/Modules/Application/Controller/d3_AccountRecommlistController_Webauthn.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Modules\Application\Controller; use D3\Webauthn\Application\Controller\Traits\accountTrait; diff --git a/src/Modules/Application/Controller/d3_AccountReviewController_Webauthn.php b/src/Modules/Application/Controller/d3_AccountReviewController_Webauthn.php index cf81695..d38f322 100644 --- a/src/Modules/Application/Controller/d3_AccountReviewController_Webauthn.php +++ b/src/Modules/Application/Controller/d3_AccountReviewController_Webauthn.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Modules\Application\Controller; use D3\Webauthn\Application\Controller\Traits\accountTrait; diff --git a/src/Modules/Application/Controller/d3_AccountUserController_Webauthn.php b/src/Modules/Application/Controller/d3_AccountUserController_Webauthn.php index c7f9c36..a60e1f8 100644 --- a/src/Modules/Application/Controller/d3_AccountUserController_Webauthn.php +++ b/src/Modules/Application/Controller/d3_AccountUserController_Webauthn.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Modules\Application\Controller; use D3\Webauthn\Application\Controller\Traits\accountTrait; diff --git a/src/Modules/Application/Controller/d3_AccountWishlistController_Webauthn.php b/src/Modules/Application/Controller/d3_AccountWishlistController_Webauthn.php index 38629c0..6965a02 100644 --- a/src/Modules/Application/Controller/d3_AccountWishlistController_Webauthn.php +++ b/src/Modules/Application/Controller/d3_AccountWishlistController_Webauthn.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Modules\Application\Controller; use D3\Webauthn\Application\Controller\Traits\accountTrait; diff --git a/src/Modules/Application/Controller/d3_webauthn_OrderController.php b/src/Modules/Application/Controller/d3_webauthn_OrderController.php index 9e3522c..7290ec5 100755 --- a/src/Modules/Application/Controller/d3_webauthn_OrderController.php +++ b/src/Modules/Application/Controller/d3_webauthn_OrderController.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Modules\Application\Controller; use D3\Webauthn\Application\Controller\Traits\checkoutGetUserTrait; diff --git a/src/Modules/Application/Controller/d3_webauthn_PaymentController.php b/src/Modules/Application/Controller/d3_webauthn_PaymentController.php index 778ff94..de96b43 100755 --- a/src/Modules/Application/Controller/d3_webauthn_PaymentController.php +++ b/src/Modules/Application/Controller/d3_webauthn_PaymentController.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Modules\Application\Controller; use D3\Webauthn\Application\Controller\Traits\checkoutGetUserTrait; diff --git a/src/Modules/Application/Controller/d3_webauthn_UserController.php b/src/Modules/Application/Controller/d3_webauthn_UserController.php index 807b687..ad435f0 100755 --- a/src/Modules/Application/Controller/d3_webauthn_UserController.php +++ b/src/Modules/Application/Controller/d3_webauthn_UserController.php @@ -13,6 +13,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Modules\Application\Controller; use D3\Webauthn\Application\Controller\Traits\checkoutGetUserTrait; diff --git a/src/Modules/Application/Model/d3_User_Webauthn.php b/src/Modules/Application/Model/d3_User_Webauthn.php index 63f0277..36e419e 100755 --- a/src/Modules/Application/Model/d3_User_Webauthn.php +++ b/src/Modules/Application/Model/d3_User_Webauthn.php @@ -13,19 +13,22 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Modules\Application\Model; use D3\Webauthn\Application\Model\WebauthnConf; use Doctrine\DBAL\Driver\Exception as DoctrineDriverException; use Doctrine\DBAL\Exception; use Doctrine\DBAL\Query\QueryBuilder; -use OxidEsales\Eshop\Application\Model\User; +use OxidEsales\Eshop\Core\Exception\UserException; use OxidEsales\Eshop\Core\Registry; use OxidEsales\EshopCommunity\Internal\Container\ContainerFactory; use OxidEsales\EshopCommunity\Internal\Framework\Database\QueryBuilderFactoryInterface; use Psr\Container\ContainerExceptionInterface; use Psr\Container\NotFoundExceptionInterface; use ReflectionClass; +use ReflectionException; class d3_User_Webauthn extends d3_User_Webauthn_parent { @@ -43,6 +46,14 @@ class d3_User_Webauthn extends d3_User_Webauthn_parent return $return; } + /** + * @param $userName + * @param $password + * @param $setSessionCookie + * @return bool + * @throws UserException + * @throws ReflectionException + */ public function login($userName, $password, $setSessionCookie = false) { if (Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_SESSION_AUTH)) { @@ -68,7 +79,7 @@ class d3_User_Webauthn extends d3_User_Webauthn_parent /** * @param string $username - * @param ?string $rights + * @param string|null $rights * @return string|null * @throws ContainerExceptionInterface * @throws DoctrineDriverException diff --git a/src/Setup/Events.php b/src/Setup/Events.php index 71d0d16..6385f95 100755 --- a/src/Setup/Events.php +++ b/src/Setup/Events.php @@ -15,6 +15,8 @@ * @link http://www.oxidmodule.com */ +declare(strict_types=1); + namespace D3\Webauthn\Setup; use Doctrine\DBAL\Driver\Exception as DoctrineDriverException; diff --git a/src/metadata.php b/src/metadata.php index 8f13106..bfb9bf6 100755 --- a/src/metadata.php +++ b/src/metadata.php @@ -15,9 +15,7 @@ * @link http://www.oxidmodule.com */ -// https://github.com/web-auth/webauthn-framework/tree/master/doc -// https://webauthn-doc.spomky-labs.com/ -// https://docs.solokeys.io/solo/ +declare(strict_types=1); use D3\Webauthn\Application\Controller\Admin\d3user_webauthn; use D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin; @@ -39,7 +37,6 @@ use D3\Webauthn\Modules\Application\Controller\d3_webauthn_OrderController; use D3\Webauthn\Modules\Application\Controller\d3_webauthn_PaymentController; use D3\Webauthn\Modules\Application\Controller\d3_webauthn_UserController; use D3\Webauthn\Modules\Application\Model\d3_User_Webauthn; -use D3\Webauthn\Modules\Core\d3_webauthn_utils; use OxidEsales\Eshop\Application\Component\UserComponent; use OxidEsales\Eshop\Application\Controller\AccountController; use OxidEsales\Eshop\Application\Controller\AccountDownloadsController; @@ -55,7 +52,6 @@ use OxidEsales\Eshop\Application\Controller\Admin\LoginController; use OxidEsales\Eshop\Application\Controller\OrderController; use OxidEsales\Eshop\Application\Controller\PaymentController; use OxidEsales\Eshop\Application\Controller\UserController; -use OxidEsales\Eshop\Core\Utils; use OxidEsales\Eshop\Application\Model as OxidModel; /** @@ -76,10 +72,10 @@ $aModule = array( 'de' => 'Webauthn für OXID eSales Shop', 'en' => 'Webauthn for OXID eSales shop', ], - 'version' => '0.0.1', + 'version' => '1.0.0.0', 'author' => 'D³ Data Development (Inh.: Thomas Dartsch)', 'email' => 'support@shopmodule.com', - 'url' => 'http://www.oxidmodule.com/', + 'url' => 'https://www.oxidmodule.com/', 'extend' => [ UserController::class => d3_webauthn_UserController::class, PaymentController::class => d3_webauthn_PaymentController::class,