forked from D3Public/oxtotp
117 lines
4.5 KiB
PHP
117 lines
4.5 KiB
PHP
<?php
|
|
|
|
namespace D3\Totp\Application\Model\Webauthn;
|
|
|
|
use Doctrine\DBAL\Query\QueryBuilder;
|
|
use OxidEsales\Eshop\Core\Model\BaseModel;
|
|
use OxidEsales\Eshop\Core\Registry;
|
|
use OxidEsales\EshopCommunity\Internal\Container\ContainerFactory;
|
|
use OxidEsales\EshopCommunity\Internal\Framework\Database\QueryBuilderFactoryInterface;
|
|
use Webauthn\PublicKeyCredentialSource;
|
|
use Webauthn\PublicKeyCredentialSourceRepository;
|
|
use Webauthn\PublicKeyCredentialUserEntity;
|
|
|
|
class PublicKeyCredentials extends BaseModel implements PublicKeyCredentialSourceRepository
|
|
{
|
|
protected $_sCoreTable = 'd3wa_usercredentials';
|
|
|
|
public function findOneByCredentialId(string $publicKeyCredentialId): ?PublicKeyCredentialSource
|
|
{
|
|
/** @var QueryBuilder $qb */
|
|
$qb = ContainerFactory::getInstance()->getContainer()->get(QueryBuilderFactoryInterface::class)->create();
|
|
$qb->select('credential')
|
|
->from($this->getViewName())
|
|
->where(
|
|
$qb->expr()->and(
|
|
$qb->expr()->eq(
|
|
'credid_hex',
|
|
$qb->createNamedParameter(bin2hex($publicKeyCredentialId))
|
|
),
|
|
$qb->expr()->eq(
|
|
'oxshopid',
|
|
$qb->createNamedParameter(Registry::getConfig()->getShopId())
|
|
)
|
|
)
|
|
);
|
|
$credential = $qb->execute()->fetchOne();
|
|
|
|
if (!strlen($credential)) {
|
|
return null;
|
|
}
|
|
|
|
$credential = unserialize(hex2bin($credential));
|
|
|
|
return $credential instanceof PublicKeyCredentialSource ? $credential : null;
|
|
}
|
|
|
|
public function getIdByCredentialId(string $publicKeyCredentialId): ?string
|
|
{
|
|
/** @var QueryBuilder $qb */
|
|
$qb = ContainerFactory::getInstance()->getContainer()->get(QueryBuilderFactoryInterface::class)->create();
|
|
$qb->select('oxid')
|
|
->from($this->getViewName())
|
|
->where(
|
|
$qb->expr()->and(
|
|
$qb->expr()->eq(
|
|
'credid_hex',
|
|
$qb->createNamedParameter(bin2hex($publicKeyCredentialId))
|
|
),
|
|
$qb->expr()->eq(
|
|
'oxshopid',
|
|
$qb->createNamedParameter(Registry::getConfig()->getShopId())
|
|
)
|
|
)
|
|
);
|
|
$oxid = $qb->execute()->fetchOne();
|
|
|
|
return strlen($oxid) ? $oxid : null;
|
|
}
|
|
|
|
public function findAllForUserEntity(PublicKeyCredentialUserEntity $publicKeyCredentialUserEntity): array
|
|
{
|
|
/** @var QueryBuilder $qb */
|
|
$qb = ContainerFactory::getInstance()->getContainer()->get(QueryBuilderFactoryInterface::class)->create();
|
|
$qb->select('credential')
|
|
->from($this->getViewName())
|
|
->where(
|
|
$qb->expr()->and(
|
|
$qb->expr()->eq(
|
|
'oxuserid',
|
|
$qb->createNamedParameter($publicKeyCredentialUserEntity->getId())
|
|
),
|
|
$qb->expr()->eq(
|
|
'oxshopid',
|
|
$qb->createNamedParameter(Registry::getConfig()->getShopId())
|
|
)
|
|
)
|
|
);
|
|
|
|
// generate decoded credentials list
|
|
return array_map(function (array $fields) {
|
|
return unserialize(hex2bin($fields['credential']));
|
|
}, $qb->execute()->fetchAllAssociative());
|
|
}
|
|
|
|
/**
|
|
* @param PublicKeyCredentialSource $publicKeyCredentialSource
|
|
* @return void
|
|
* @throws \Exception
|
|
*/
|
|
public function saveCredentialSource(PublicKeyCredentialSource $publicKeyCredentialSource): void
|
|
{
|
|
// will saved on every successfully assertion, set id to prevent duplicated database entries
|
|
$id = $this->getIdByCredentialId($publicKeyCredentialSource->getPublicKeyCredentialId());
|
|
$this->setId($id);
|
|
|
|
$this->assign([
|
|
'oxshopid' => Registry::getConfig()->getShopId(),
|
|
'oxuserid' => $publicKeyCredentialSource->getUserHandle(),
|
|
'credid_bin' => $publicKeyCredentialSource->getPublicKeyCredentialId(),
|
|
'credid_hex' => bin2hex($publicKeyCredentialSource->getPublicKeyCredentialId()),
|
|
'pubkey_bin' => $publicKeyCredentialSource->getCredentialPublicKey(),
|
|
'pubkey_hex' => bin2hex($publicKeyCredentialSource->getCredentialPublicKey()),
|
|
'credential' => bin2hex(serialize($publicKeyCredentialSource)),
|
|
]);
|
|
$this->save();
|
|
}
|
|
} |