View GitHub Repository webauthn

Schedule Inspection
Subscribe
Passed
Push — develop ( d68d1b...4b2eb4 )
by nguereza
01:51
created
Status
Category
Toggle Patches
src/Webauthn.php 1 patch
Spacing   +12 added lines, -12 removed lines patch added patch discarded remove patch 
@@ -100,11 +100,11 @@  discard block
 
 block discarded – undo
100 100 
      */
101 101 
     public function __construct(WebauthnConfiguration $config, array $allowedFormats = [])
102 102 
     {
103 
-        if (! function_exists('openssl_open')) {
103 
+        if (!function_exists('openssl_open')) {
104 104 
             throw new WebauthnException('OpenSSL module not installed in this platform');
105 105 
         }
106 106
107 
-        if (! in_array('SHA256', array_map('strtoupper', openssl_get_md_methods()))) {
107 
+        if (!in_array('SHA256', array_map('strtoupper', openssl_get_md_methods()))) {
108 108 
             throw new WebauthnException('SHA256 is not supported by this OpenSSL installation');
109 109 
         }
110 110 
 
@@ -263,7 +263,7 @@  discard block
 
 block discarded – undo
263 263 
     ): array {
264 264 
         $clientDataHash = hash('sha256', $clientDataJson, true);
265 265 
         if (is_string($challenge)) {
266 
-            $challenge =  new ByteBuffer($challenge);
266 
+            $challenge = new ByteBuffer($challenge);
267 267 
         }
268 268
269 269 
         // security: https://www.w3.org/TR/webauthn/#registering-a-new-credential
 
@@ -276,21 +276,21 @@  discard block
 
 block discarded – undo
276 276 
         }
277 277
278 278 
         // 3. Verify that the value of C.type is webauthn.create.
279 
-        if (! isset($clientData->type) || $clientData->type !== 'webauthn.create') {
279 
+        if (!isset($clientData->type) || $clientData->type !== 'webauthn.create') {
280 280 
             throw new WebauthnException('Invalid client type provided');
281 281 
         }
282 282
283 283 
         // 4. Verify that the value of C.challenge matches the challenge that was
284 284 
         // sent to the authenticator in the create() call.
285 285 
         if (
286 
-            ! isset($clientData->challenge) ||
286 
+            !isset($clientData->challenge) ||
287 287 
             ByteBuffer::fromBase64Url($clientData->challenge)->getBinaryString() !== $challenge->getBinaryString()
288 288 
         ) {
289 289 
             throw new WebauthnException('Invalid challenge provided');
290 290 
         }
291 291
292 292 
         // 5. Verify that the value of C.origin matches the Relying Party's origin.
293 
-        if (! isset($clientData->origin) || $this->checkOrigin($clientData->origin) === false) {
293 
+        if (!isset($clientData->origin) || $this->checkOrigin($clientData->origin) === false) {
294 294 
             throw new WebauthnException('Invalid origin provided');
295 295 
         }
296 296 
 
@@ -379,7 +379,7 @@  discard block
 
 block discarded – undo
379 379 
         bool $requireUserPresent = true
380 380 
     ): bool {
381 381 
         if (is_string($challenge)) {
382 
-            $challenge =  new ByteBuffer($challenge);
382 
+            $challenge = new ByteBuffer($challenge);
383 383 
         }
384 384 
         $clientDataHash = hash('sha256', $clientDataJson, true);
385 385 
         $authenticator = $this->createAuthenticatorData($authenticatorData);
 
@@ -407,21 +407,21 @@  discard block
 
 block discarded – undo
407 407 
         //    -> TO BE LOOKED UP BY IMPLEMENTATION
408 408
409 409 
         // 7. Verify that the value of C.type is the string webauthn.get.
410 
-        if (! isset($clientData->type) || $clientData->type !== 'webauthn.get') {
410 
+        if (!isset($clientData->type) || $clientData->type !== 'webauthn.get') {
411 411 
             throw new WebauthnException('Invalid client type provided');
412 412 
         }
413 413
414 414 
         // 8. Verify that the value of C.challenge matches the challenge that was sent to the
415 415 
         //    authenticator in the PublicKeyCredentialRequestOptions passed to the get() call.
416 416 
         if (
417 
-            ! isset($clientData->challenge) ||
417 
+            !isset($clientData->challenge) ||
418 418 
             ByteBuffer::fromBase64Url($clientData->challenge)->getBinaryString() !== $challenge->getBinaryString()
419 419 
         ) {
420 420 
             throw new WebauthnException('Invalid challenge provided');
421 421 
         }
422 422
423 423 
         // 9. Verify that the value of C.origin matches the Relying Party's origin.
424 
-        if (! isset($clientData->origin) || $this->checkOrigin($clientData->origin) === false) {
424 
+        if (!isset($clientData->origin) || $this->checkOrigin($clientData->origin) === false) {
425 425 
             throw new WebauthnException('Invalid origin provided');
426 426 
         }
427 427 
 
@@ -530,7 +530,7 @@  discard block
 
 block discarded – undo
530 530 
         // The origin's scheme must be https and not be ignored/whitelisted
531 531 
         $url = new Uri($origin);
532 532 
         if (
533 
-            ! in_array($this->relyingParty->getId(), $this->config->get('ignore_origins')) &&
533 
+            !in_array($this->relyingParty->getId(), $this->config->get('ignore_origins')) &&
534 534 
             $url->getScheme() !== 'https'
535 535 
         ) {
536 536 
             return false;
 
@@ -567,7 +567,7 @@  discard block
 
 block discarded – undo
567 567 
             return $supportedFormats;
568 568 
         }
569 569
570 
-        $desiredFormats = array_filter($formats, function ($entry) use ($supportedFormats) {
570 
+        $desiredFormats = array_filter($formats, function($entry) use ($supportedFormats) {
571 571 
             return in_array($entry, $supportedFormats);
572 572 
         });
573 573
Please login to merge, or discard this patch.