zydronium/getnamingo-registry
1
0
Fork 0
mirror of https://github.com/getnamingo/registry.git synced 2025-07-22 10:36:03 +02:00
Code Issues Projects Releases Packages Wiki Activity

Some more fine-tuning of the WebAuthn code

Browse source
This commit is contained in:
Pinga 2024-02-27 08:06:44 +02:00
parent e032e7575b
commit f3b798db38
3 changed files with 27 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

6
cp/app/Controllers/ProfileController.php
View file

@ -15,7 +15,7 @@ class ProfileController extends Controller
public function __construct() {
$rpName = 'Namingo';
$rpId = envi('APP_DOMAIN');
$this->webAuthn = new \lbuchs\WebAuthn\WebAuthn($rpName, $rpId, ['none']);
$this->webAuthn = new \lbuchs\WebAuthn\WebAuthn($rpName, $rpId, ['android-key', 'android-safetynet', 'apple', 'fido-u2f', 'packed', 'tpm']);
}
public function profile(Request $request, Response $response)
@ -153,7 +153,7 @@ class ProfileController extends Controller
if(strlen($hexUserId) % 2 != 0){
$hexUserId = '0' . $hexUserId;
}
$createArgs = $this->webAuthn->getCreateArgs(\hex2bin($hexUserId), $userEmail, $userName, 30, false, true);
$createArgs = $this->webAuthn->getCreateArgs(\hex2bin($hexUserId), $userEmail, $userName, 60*4, false, 'discouraged', null);
$response->getBody()->write(json_encode($createArgs));
$_SESSION["challenge"] = ($this->webAuthn->getChallenge())->getBinaryString();
@ -178,7 +178,7 @@ class ProfileController extends Controller
$challenge = $_SESSION['challenge'];
// Process the WebAuthn response
$credential = $this->webAuthn->processCreate($clientDataJSON, $attestationObject, $challenge, true, true, false);
$credential = $this->webAuthn->processCreate($clientDataJSON, $attestationObject, $challenge, 'discouraged', true, false);
// add user infos
$credential->userId = $userId;