zydronium/getnamingo-registry
1
0
Fork 0
mirror of https://github.com/getnamingo/registry.git synced 2025-07-24 19:38:26 +02:00
Code Issues Projects Releases Packages Wiki Activity

Updates for WebAuthn

Browse source
This commit is contained in:
Pinga 2024-02-03 16:20:40 +02:00
parent 3bf29a8ca1
commit 5b18318ab6
2 changed files with 9 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

26
cp/app/Controllers/Auth/AuthController.php
View file

@ -20,25 +20,7 @@ class AuthController extends Controller
public function __construct() {
$rpName = 'Namingo';
$rpId = envi('APP_DOMAIN');
$formats = [
'android-key',
'android-safetynet',
'apple',
'fido-u2f',
'none',
'packed',
'tpm'
];
$this->webAuthn = new \lbuchs\WebAuthn\WebAuthn($rpName, $rpId, $formats);
$this->webAuthn->addRootCertificates(envi('APP_ROOT').'/vendor/lbuchs/webauthn/_test/rootCertificates/solo.pem');
$this->webAuthn->addRootCertificates(envi('APP_ROOT').'/vendor/lbuchs/webauthn/_test/rootCertificates/apple.pem');
$this->webAuthn->addRootCertificates(envi('APP_ROOT').'/vendor/lbuchs/webauthn/_test/rootCertificates/yubico.pem');
$this->webAuthn->addRootCertificates(envi('APP_ROOT').'/vendor/lbuchs/webauthn/_test/rootCertificates/hypersecu.pem');
$this->webAuthn->addRootCertificates(envi('APP_ROOT').'/vendor/lbuchs/webauthn/_test/rootCertificates/globalSign.pem');
$this->webAuthn->addRootCertificates(envi('APP_ROOT').'/vendor/lbuchs/webauthn/_test/rootCertificates/googleHardware.pem');
$this->webAuthn->addRootCertificates(envi('APP_ROOT').'/vendor/lbuchs/webauthn/_test/rootCertificates/microsoftTpmCollection.pem');
$this->webAuthn->addRootCertificates(envi('APP_ROOT').'/vendor/lbuchs/webauthn/_test/rootCertificates/mds');
$this->webAuthn = new \lbuchs\WebAuthn\WebAuthn($rpName, $rpId, ['none']);
}
/**
@ -135,11 +117,11 @@ class AuthController extends Controller
if ($user) {
// User found, get the user ID
$userId = $user;
$registrations = $db->select('SELECT id FROM users_webauthn WHERE user_id = ?', [$user]);
$registrations = $db->select('SELECT id,credential_id FROM users_webauthn WHERE user_id = ?', [$user]);
if ($registrations) {
foreach ($registrations as $reg) {
$ids[] = $reg['credentialId'];
$ids[] = $reg['credential_id'];
}
}
@ -203,7 +185,7 @@ class AuthController extends Controller
}
// process the get request. throws WebAuthnException if it fails
$this->webAuthn->processGet($clientDataJSON, $authenticatorData, $signature, $credentialPublicKey, $challenge, null, $userVerification === 'required');
$this->webAuthn->processGet($clientDataJSON, $authenticatorData, $signature, $credentialPublicKey, $challengeData, null, 'required');
$return = new \stdClass();
$return->success = true;

28
cp/app/Controllers/ProfileController.php
View file

@ -13,25 +13,7 @@ class ProfileController extends Controller
public function __construct() {
$rpName = 'Namingo';
$rpId = envi('APP_DOMAIN');
$formats = [
'android-key',
'android-safetynet',
'apple',
'fido-u2f',
'none',
'packed',
'tpm'
];
$this->webAuthn = new \lbuchs\WebAuthn\WebAuthn($rpName, $rpId, $formats);
$this->webAuthn->addRootCertificates(envi('APP_ROOT').'/vendor/lbuchs/webauthn/_test/rootCertificates/solo.pem');
$this->webAuthn->addRootCertificates(envi('APP_ROOT').'/vendor/lbuchs/webauthn/_test/rootCertificates/apple.pem');
$this->webAuthn->addRootCertificates(envi('APP_ROOT').'/vendor/lbuchs/webauthn/_test/rootCertificates/yubico.pem');
$this->webAuthn->addRootCertificates(envi('APP_ROOT').'/vendor/lbuchs/webauthn/_test/rootCertificates/hypersecu.pem');
$this->webAuthn->addRootCertificates(envi('APP_ROOT').'/vendor/lbuchs/webauthn/_test/rootCertificates/globalSign.pem');
$this->webAuthn->addRootCertificates(envi('APP_ROOT').'/vendor/lbuchs/webauthn/_test/rootCertificates/googleHardware.pem');
$this->webAuthn->addRootCertificates(envi('APP_ROOT').'/vendor/lbuchs/webauthn/_test/rootCertificates/microsoftTpmCollection.pem');
$this->webAuthn->addRootCertificates(envi('APP_ROOT').'/vendor/lbuchs/webauthn/_test/rootCertificates/mds');
$this->webAuthn = new \lbuchs\WebAuthn\WebAuthn($rpName, $rpId, ['none']);
}
public function profile(Request $request, Response $response)
@ -163,7 +145,7 @@ class ProfileController extends Controller
if(strlen($hexUserId) % 2 != 0){
$hexUserId = '0' . $hexUserId;
}
$createArgs = $this->webAuthn->getCreateArgs(\hex2bin($hexUserId), $userName, $userName, 60*4, true, 'required', null);
$createArgs = $this->webAuthn->getCreateArgs(\hex2bin($hexUserId), $userEmail, $userName, 60*4, null, 'required', null);
$response->getBody()->write(json_encode($createArgs));
$challenge = $this->webAuthn->getChallenge();
@ -175,7 +157,7 @@ class ProfileController extends Controller
public function verifyRegistration(Request $request, Response $response)
{
$challengeData = $_SESSION['challenge_data'];
$challenge = new \lbuchs\WebAuthn\Binary\ByteBuffer($challengeData);
//$challenge = new \lbuchs\WebAuthn\Binary\ByteBuffer($challengeData);
global $container;
$data = json_decode($request->getBody()->getContents(), null, 512, JSON_THROW_ON_ERROR);
@ -192,11 +174,11 @@ class ProfileController extends Controller
//$challenge = $_SESSION['challenge'];
// Process the WebAuthn response
$credential = $this->webAuthn->processCreate($clientDataJSON, $attestationObject, $challenge, 'required', true, false);
$credential = $this->webAuthn->processCreate($clientDataJSON, $attestationObject, $challengeData, 'required', true, false);
// add user infos
$credential->userId = $userId;
$credential->userName = $userName;
$credential->userName = $userEmail;
$credential->userDisplayName = $userName;
// Store the credential data in the database