platine-php /
webauthn
@@ -25,8 +25,7 @@ discard block |
||
| 25 | 25 | * @class Webauthn |
| 26 | 26 | * @package Platine\Webauthn |
| 27 | 27 | */ |
| 28 | -class Webauthn |
|
| 29 | -{ |
|
| 28 | +class Webauthn { |
|
| 30 | 29 | /** |
| 31 | 30 | * The attestation data formats |
| 32 | 31 | * @var array<string> |
@@ -68,8 +67,7 @@ discard block |
||
| 68 | 67 | * @param WebauthnConfiguration $config |
| 69 | 68 | * @param array<string> $allowedFormats |
| 70 | 69 | */ |
| 71 | - public function __construct(WebauthnConfiguration $config, array $allowedFormats = []) |
|
| 72 | - { |
|
| 70 | + public function __construct(WebauthnConfiguration $config, array $allowedFormats = []) { |
|
| 73 | 71 | if (! function_exists('openssl_open')) { |
| 74 | 72 | throw new WebauthnException('OpenSSL module not installed in this platform'); |
| 75 | 73 | } |
@@ -178,15 +178,15 @@ discard block |
||
| 178 | 178 | ); |
| 179 | 179 | |
| 180 | 180 | $publicKey = (new PublicKey()) |
| 181 | - ->setUserInfo($userInfo) |
|
| 182 | - ->setRelyingParty($relyingParty) |
|
| 183 | - ->setAuthenticatorSelection($authenticatorSelection) |
|
| 184 | - ->setExcludeCredentials($excludeCredentials) |
|
| 185 | - ->setChallenge($this->createChallenge()) |
|
| 186 | - ->setTimeout($this->config->get('timeout')) |
|
| 187 | - ->setExtensions() |
|
| 188 | - ->addPublicKeys() |
|
| 189 | - ->setAttestation($attestation); |
|
| 181 | + ->setUserInfo($userInfo) |
|
| 182 | + ->setRelyingParty($relyingParty) |
|
| 183 | + ->setAuthenticatorSelection($authenticatorSelection) |
|
| 184 | + ->setExcludeCredentials($excludeCredentials) |
|
| 185 | + ->setChallenge($this->createChallenge()) |
|
| 186 | + ->setTimeout($this->config->get('timeout')) |
|
| 187 | + ->setExtensions() |
|
| 188 | + ->addPublicKeys() |
|
| 189 | + ->setAttestation($attestation); |
|
| 190 | 190 | |
| 191 | 191 | return $publicKey; |
| 192 | 192 | } |
@@ -215,11 +215,11 @@ discard block |
||
| 215 | 215 | } |
| 216 | 216 | |
| 217 | 217 | $publicKey = (new PublicKey()) |
| 218 | - ->setRelyingPartyId($this->relyingParty->getId()) |
|
| 219 | - ->setAllowCredentials($allowedCredentials) |
|
| 220 | - ->setChallenge($this->createChallenge()) |
|
| 221 | - ->setTimeout($this->config->get('timeout')) |
|
| 222 | - ->setUserVerificationType($userVerificationType); |
|
| 218 | + ->setRelyingPartyId($this->relyingParty->getId()) |
|
| 219 | + ->setAllowCredentials($allowedCredentials) |
|
| 220 | + ->setChallenge($this->createChallenge()) |
|
| 221 | + ->setTimeout($this->config->get('timeout')) |
|
| 222 | + ->setUserVerificationType($userVerificationType); |
|
| 223 | 223 | |
| 224 | 224 | return $publicKey; |
| 225 | 225 | } |
@@ -100,11 +100,11 @@ discard block |
||
| 100 | 100 | */ |
| 101 | 101 | public function __construct(WebauthnConfiguration $config, array $allowedFormats = []) |
| 102 | 102 | { |
| 103 | - if (! function_exists('openssl_open')) { |
|
| 103 | + if (!function_exists('openssl_open')) { |
|
| 104 | 104 | throw new WebauthnException('OpenSSL module not installed in this platform'); |
| 105 | 105 | } |
| 106 | 106 | |
| 107 | - if (! in_array('SHA256', array_map('strtoupper', openssl_get_md_methods()))) { |
|
| 107 | + if (!in_array('SHA256', array_map('strtoupper', openssl_get_md_methods()))) { |
|
| 108 | 108 | throw new WebauthnException('SHA256 is not supported by this OpenSSL installation'); |
| 109 | 109 | } |
| 110 | 110 | |
@@ -123,7 +123,7 @@ discard block |
||
| 123 | 123 | * @param string|array<string> $path |
| 124 | 124 | * @return $this |
| 125 | 125 | */ |
| 126 | - public function addRootCertificate(string|array $path): self |
|
| 126 | + public function addRootCertificate(string | array $path): self |
|
| 127 | 127 | { |
| 128 | 128 | if (is_array($path)) { |
| 129 | 129 | foreach ($path as $p) { |
@@ -256,14 +256,14 @@ discard block |
||
| 256 | 256 | public function processRegistration( |
| 257 | 257 | string $clientDataJson, |
| 258 | 258 | string $attestationObject, |
| 259 | - ByteBuffer|string $challenge, |
|
| 259 | + ByteBuffer | string $challenge, |
|
| 260 | 260 | bool $requireUserVerification = false, |
| 261 | 261 | bool $requireUserPresent = true, |
| 262 | 262 | bool $failIfRootCertificateMismatch = true |
| 263 | 263 | ): array { |
| 264 | 264 | $clientDataHash = hash('sha256', $clientDataJson, true); |
| 265 | 265 | if (is_string($challenge)) { |
| 266 | - $challenge = new ByteBuffer($challenge); |
|
| 266 | + $challenge = new ByteBuffer($challenge); |
|
| 267 | 267 | } |
| 268 | 268 | |
| 269 | 269 | // security: https://www.w3.org/TR/webauthn/#registering-a-new-credential |
@@ -276,21 +276,21 @@ discard block |
||
| 276 | 276 | } |
| 277 | 277 | |
| 278 | 278 | // 3. Verify that the value of C.type is webauthn.create. |
| 279 | - if (! isset($clientData->type) || $clientData->type !== 'webauthn.create') { |
|
| 279 | + if (!isset($clientData->type) || $clientData->type !== 'webauthn.create') { |
|
| 280 | 280 | throw new WebauthnException('Invalid client type provided'); |
| 281 | 281 | } |
| 282 | 282 | |
| 283 | 283 | // 4. Verify that the value of C.challenge matches the challenge that was |
| 284 | 284 | // sent to the authenticator in the create() call. |
| 285 | 285 | if ( |
| 286 | - ! isset($clientData->challenge) || |
|
| 286 | + !isset($clientData->challenge) || |
|
| 287 | 287 | ByteBuffer::fromBase64Url($clientData->challenge)->getBinaryString() !== $challenge->getBinaryString() |
| 288 | 288 | ) { |
| 289 | 289 | throw new WebauthnException('Invalid challenge provided'); |
| 290 | 290 | } |
| 291 | 291 | |
| 292 | 292 | // 5. Verify that the value of C.origin matches the Relying Party's origin. |
| 293 | - if (! isset($clientData->origin) || $this->checkOrigin($clientData->origin) === false) { |
|
| 293 | + if (!isset($clientData->origin) || $this->checkOrigin($clientData->origin) === false) { |
|
| 294 | 294 | throw new WebauthnException('Invalid origin provided'); |
| 295 | 295 | } |
| 296 | 296 | |
@@ -373,13 +373,13 @@ discard block |
||
| 373 | 373 | string $authenticatorData, |
| 374 | 374 | string $signature, |
| 375 | 375 | string $credentialPublicKey, |
| 376 | - ByteBuffer|string $challenge, |
|
| 376 | + ByteBuffer | string $challenge, |
|
| 377 | 377 | ?int $previousSignatureCount = null, |
| 378 | 378 | bool $requireUserVerification = false, |
| 379 | 379 | bool $requireUserPresent = true |
| 380 | 380 | ): bool { |
| 381 | 381 | if (is_string($challenge)) { |
| 382 | - $challenge = new ByteBuffer($challenge); |
|
| 382 | + $challenge = new ByteBuffer($challenge); |
|
| 383 | 383 | } |
| 384 | 384 | $clientDataHash = hash('sha256', $clientDataJson, true); |
| 385 | 385 | $authenticator = $this->createAuthenticatorData($authenticatorData); |
@@ -407,21 +407,21 @@ discard block |
||
| 407 | 407 | // -> TO BE LOOKED UP BY IMPLEMENTATION |
| 408 | 408 | |
| 409 | 409 | // 7. Verify that the value of C.type is the string webauthn.get. |
| 410 | - if (! isset($clientData->type) || $clientData->type !== 'webauthn.get') { |
|
| 410 | + if (!isset($clientData->type) || $clientData->type !== 'webauthn.get') { |
|
| 411 | 411 | throw new WebauthnException('Invalid client type provided'); |
| 412 | 412 | } |
| 413 | 413 | |
| 414 | 414 | // 8. Verify that the value of C.challenge matches the challenge that was sent to the |
| 415 | 415 | // authenticator in the PublicKeyCredentialRequestOptions passed to the get() call. |
| 416 | 416 | if ( |
| 417 | - ! isset($clientData->challenge) || |
|
| 417 | + !isset($clientData->challenge) || |
|
| 418 | 418 | ByteBuffer::fromBase64Url($clientData->challenge)->getBinaryString() !== $challenge->getBinaryString() |
| 419 | 419 | ) { |
| 420 | 420 | throw new WebauthnException('Invalid challenge provided'); |
| 421 | 421 | } |
| 422 | 422 | |
| 423 | 423 | // 9. Verify that the value of C.origin matches the Relying Party's origin. |
| 424 | - if (! isset($clientData->origin) || $this->checkOrigin($clientData->origin) === false) { |
|
| 424 | + if (!isset($clientData->origin) || $this->checkOrigin($clientData->origin) === false) { |
|
| 425 | 425 | throw new WebauthnException('Invalid origin provided'); |
| 426 | 426 | } |
| 427 | 427 | |
@@ -539,7 +539,7 @@ discard block |
||
| 539 | 539 | // The origin's scheme must be https and not be ignored/whitelisted |
| 540 | 540 | $url = new Uri($origin); |
| 541 | 541 | if ( |
| 542 | - ! in_array($this->relyingParty->getId(), $this->config->get('ignore_origins')) && |
|
| 542 | + !in_array($this->relyingParty->getId(), $this->config->get('ignore_origins')) && |
|
| 543 | 543 | $url->getScheme() !== 'https' |
| 544 | 544 | ) { |
| 545 | 545 | return false; |
@@ -576,7 +576,7 @@ discard block |
||
| 576 | 576 | return $supportedFormats; |
| 577 | 577 | } |
| 578 | 578 | |
| 579 | - $desiredFormats = array_filter($formats, function ($entry) use ($supportedFormats) { |
|
| 579 | + $desiredFormats = array_filter($formats, function($entry) use ($supportedFormats) { |
|
| 580 | 580 | return in_array($entry, $supportedFormats); |
| 581 | 581 | }); |
| 582 | 582 | |
@@ -8,8 +8,7 @@ |
||
| 8 | 8 | * @class KeyFormat |
| 9 | 9 | * @package Platine\Webauthn\Enum |
| 10 | 10 | */ |
| 11 | -class KeyFormat extends BaseEnum |
|
| 12 | -{ |
|
| 11 | +class KeyFormat extends BaseEnum { |
|
| 13 | 12 | public const ANDROID_KEY = 'android-key'; |
| 14 | 13 | public const ANDROID_SAFETYNET = 'android-safetynet'; |
| 15 | 14 | public const APPLE = 'apple'; |
@@ -8,8 +8,7 @@ |
||
| 8 | 8 | * @class UserVerificationType |
| 9 | 9 | * @package Platine\Webauthn\Enum |
| 10 | 10 | */ |
| 11 | -class UserVerificationType extends BaseEnum |
|
| 12 | -{ |
|
| 11 | +class UserVerificationType extends BaseEnum { |
|
| 13 | 12 | public const REQUIRED = 'required'; |
| 14 | 13 | public const PREFERRED = 'preferred'; |
| 15 | 14 | public const DISCOURAGED = 'discouraged'; |
@@ -8,8 +8,7 @@ |
||
| 8 | 8 | * @class AttestationType |
| 9 | 9 | * @package Platine\Webauthn\Enum |
| 10 | 10 | */ |
| 11 | -class AttestationType extends BaseEnum |
|
| 12 | -{ |
|
| 11 | +class AttestationType extends BaseEnum { |
|
| 13 | 12 | public const NONE = 'none'; |
| 14 | 13 | public const DIRECT = 'direct'; |
| 15 | 14 | public const INDIRECT = 'indirect'; |
@@ -8,8 +8,7 @@ |
||
| 8 | 8 | * @class TransportType |
| 9 | 9 | * @package Platine\Webauthn\Enum |
| 10 | 10 | */ |
| 11 | -class TransportType extends BaseEnum |
|
| 12 | -{ |
|
| 11 | +class TransportType extends BaseEnum { |
|
| 13 | 12 | public const NFC = 'nfc'; |
| 14 | 13 | public const BLE = 'ble'; |
| 15 | 14 | public const USB = 'usb'; |
@@ -39,8 +39,7 @@ |
||
| 39 | 39 | * @class BaseEnum |
| 40 | 40 | * @package Platine\Webauthn\Enum |
| 41 | 41 | */ |
| 42 | -class BaseEnum |
|
| 43 | -{ |
|
| 42 | +class BaseEnum { |
|
| 44 | 43 | /** |
| 45 | 44 | * Return this class all the enumerations |
| 46 | 45 | * @return array<string> |
@@ -37,6 +37,5 @@ |
||
| 37 | 37 | * @class PublicKeyAuthParam |
| 38 | 38 | * @package Platine\Webauthn\Entity |
| 39 | 39 | */ |
| 40 | -class PublicKeyAuthParam extends BaseCredential |
|
| 41 | -{ |
|
| 40 | +class PublicKeyAuthParam extends BaseCredential { |
|
| 42 | 41 | } |
@@ -37,6 +37,5 @@ |
||
| 37 | 37 | * @class UserCredential |
| 38 | 38 | * @package Platine\Webauthn\Entity |
| 39 | 39 | */ |
| 40 | -class UserCredential extends BaseCredential |
|
| 41 | -{ |
|
| 40 | +class UserCredential extends BaseCredential { |
|
| 42 | 41 | } |
@@ -55,9 +55,9 @@ discard block |
||
| 55 | 55 | * @param ByteBuffer|string $data |
| 56 | 56 | * @return mixed |
| 57 | 57 | */ |
| 58 | - public static function decode(ByteBuffer|string $data): mixed |
|
| 58 | + public static function decode(ByteBuffer | string $data): mixed |
|
| 59 | 59 | { |
| 60 | - if (! $data instanceof ByteBuffer) { |
|
| 60 | + if (!$data instanceof ByteBuffer) { |
|
| 61 | 61 | $data = new ByteBuffer($data); |
| 62 | 62 | } |
| 63 | 63 | |
@@ -81,11 +81,11 @@ discard block |
||
| 81 | 81 | * @return mixed |
| 82 | 82 | */ |
| 83 | 83 | public static function decodeInPlace( |
| 84 | - ByteBuffer|string $data, |
|
| 84 | + ByteBuffer | string $data, |
|
| 85 | 85 | int $startoffset, |
| 86 | 86 | ?int $endOffset = null |
| 87 | 87 | ): mixed { |
| 88 | - if (! $data instanceof ByteBuffer) { |
|
| 88 | + if (!$data instanceof ByteBuffer) { |
|
| 89 | 89 | $data = new ByteBuffer($data); |
| 90 | 90 | } |
| 91 | 91 | |
@@ -39,8 +39,7 @@ |
||
| 39 | 39 | * @class CborDecoder |
| 40 | 40 | * @package Platine\Webauthn\Helper |
| 41 | 41 | */ |
| 42 | -class CborDecoder |
|
| 43 | -{ |
|
| 42 | +class CborDecoder { |
|
| 44 | 43 | public const CBOR_MAJOR_UNSIGNED_INT = 0; |
| 45 | 44 | public const CBOR_MAJOR_NEGATIVE_INT = 1; |
| 46 | 45 | public const CBOR_MAJOR_BYTE_STRING = 2; |
