simplesamlphp /
simplesamlphp-module-webauthn
@@ -130,7 +130,7 @@ |
||
| 130 | 130 | $frontendData = []; |
| 131 | 131 | $frontendData['challengeEncoded'] = $challengeEncoded; |
| 132 | 132 | $frontendData['state'] = []; |
| 133 | - foreach (['Source', 'FIDO2Scope','FIDO2Username','FIDO2Displayname','requestTokenModel'] as $stateItem) { |
|
| 133 | + foreach (['Source', 'FIDO2Scope', 'FIDO2Username', 'FIDO2Displayname', 'requestTokenModel'] as $stateItem) { |
|
| 134 | 134 | $frontendData['state'][$stateItem] = $state[$stateItem]; |
| 135 | 135 | } |
| 136 | 136 | |
@@ -181,7 +181,7 @@ discard block |
||
| 181 | 181 | // Found the root CA with Google, see above, and will perform chain validation even if the spec doesn't say so. |
| 182 | 182 | |
| 183 | 183 | // first, clear the openssl error backlog. We might need error data in case things go sideways. |
| 184 | - while(openssl_error_string() !== false); |
|
| 184 | + while (openssl_error_string() !== false); |
|
| 185 | 185 | |
| 186 | 186 | $stmtDecoded = $attestationArray['attStmt']; |
| 187 | 187 | if (!isset($stmtDecoded['x5c'])) { |
@@ -197,7 +197,7 @@ discard block |
||
| 197 | 197 | !isset($certProps['extensions']['1.2.840.113635.100.8.2']) |
| 198 | 198 | || empty($certProps['extensions']['1.2.840.113635.100.8.2']) |
| 199 | 199 | ) { |
| 200 | - $this->fail( "The required nonce value is not present in the OID." ); |
|
| 200 | + $this->fail("The required nonce value is not present in the OID."); |
|
| 201 | 201 | } |
| 202 | 202 | $toCompare = substr($certProps['extensions']['1.2.840.113635.100.8.2'], 6); |
| 203 | 203 | if ($nonce != $toCompare) { |
@@ -205,7 +205,7 @@ discard block |
||
| 205 | 205 | } |
| 206 | 206 | |
| 207 | 207 | // chain validation first |
| 208 | - foreach ( $stmtDecoded['x5c'] as $runIndex => $runCert ) { |
|
| 208 | + foreach ($stmtDecoded['x5c'] as $runIndex => $runCert) { |
|
| 209 | 209 | if (isset($stmtDecoded['x5c'][$runIndex + 1])) { // there is a next cert, so follow the chain |
| 210 | 210 | $certResource = openssl_x509_read(Utils\Crypto::der2pem($runCert)); |
| 211 | 211 | $signerPubKey = openssl_pkey_get_public(Utils\Crypto::der2pem($stmtDecoded['x5c'][$runIndex + 1])); |
@@ -219,7 +219,7 @@ discard block |
||
| 219 | 219 | $certResource = openssl_x509_read(Utils\Crypto::der2pem($runCert)); |
| 220 | 220 | $signerPubKey = openssl_pkey_get_public($APPLE_WEBAUTHN_ROOT_CA); |
| 221 | 221 | if (openssl_x509_verify($certResource, $signerPubKey) != 1) { |
| 222 | - $this->fail("Error during root CA validation of the attestation chain certificate, which is ".Utils\Crypto::der2pem($runCert)); |
|
| 222 | + $this->fail("Error during root CA validation of the attestation chain certificate, which is " . Utils\Crypto::der2pem($runCert)); |
|
| 223 | 223 | } |
| 224 | 224 | } |
| 225 | 225 | } |
@@ -251,9 +251,9 @@ discard block |
||
| 251 | 251 | // § 8.8 Bullet 5 |
| 252 | 252 | $credentialDetails = openssl_pkey_get_details($credentialResource); |
| 253 | 253 | $keyDetails = openssl_pkey_get_details($keyResource); |
| 254 | - if ( $credentialDetails['bits'] != $keyDetails['bits'] || |
|
| 255 | - $credentialDetails['key'] != $keyDetails['key'] || |
|
| 256 | - $credentialDetails['type'] != $keyDetails['type'] ) { |
|
| 254 | + if ($credentialDetails['bits'] != $keyDetails['bits'] || |
|
| 255 | + $credentialDetails['key'] != $keyDetails['key'] || |
|
| 256 | + $credentialDetails['type'] != $keyDetails['type']) { |
|
| 257 | 257 | $this->fail("The credential public key does not match the certificate public key in attestationData. (" |
| 258 | 258 | . $credentialDetails['key'] |
| 259 | 259 | . " - " |
@@ -196,7 +196,7 @@ |
||
| 196 | 196 | $id = $this->authState::saveState($state, 'webauthn:request'); |
| 197 | 197 | if ($debugEnabled === true) { |
| 198 | 198 | $response = new RunnableResponse( |
| 199 | - function ($regObject, $id) { |
|
| 199 | + function($regObject, $id) { |
|
| 200 | 200 | echo $regObject->getDebugBuffer(); |
| 201 | 201 | echo $regObject->getValidateBuffer(); |
| 202 | 202 | echo "<form id='regform' method='POST' action='" . |
@@ -7,7 +7,7 @@ |
||
| 7 | 7 | <?php $this->includeAtTemplateBase('includes/header.php'); ?> |
| 8 | 8 | |
| 9 | 9 | <h1><?php echo htmlspecialchars($this->t('{webauthn:webauthn:heading1}')); ?></h1> |
| 10 | - <?php if((isset($this->data['authURL'])?((is_array($this->data['authURL']) || $this->data['authURL'] instanceof Countable)?count($this->data['authURL']):strlen($this->data['authURL'])):0) > 0): ?> |
|
| 10 | + <?php if ((isset($this->data['authURL']) ? ((is_array($this->data['authURL']) || $this->data['authURL'] instanceof Countable) ?count($this->data['authURL']) : strlen($this->data['authURL'])) : 0) > 0) : ?> |
|
| 11 | 11 | <form id='authform' method='POST' action='<?php echo $this->data['authURL']; ?>'> |
| 12 | 12 | <input type='hidden' id='resp' name='response_id' value='0'/> |
| 13 | 13 | <input type='hidden' id='data' name='attestation_client_data_json' value='nix'/> |
@@ -176,7 +176,7 @@ |
||
| 176 | 176 | |
| 177 | 177 | if ($debugEnabled) { |
| 178 | 178 | $response = new RunnableResponse(; |
| 179 | - function ($authObject, $state) { |
|
| 179 | + function($authObject, $state) { |
|
| 180 | 180 | echo $authObject->getDebugBuffer(); |
| 181 | 181 | echo $authObject->getValidateBuffer(); |
| 182 | 182 | echo "Debug mode, not continuing to " . ($state['FIDO2WantsRegister'] ? "credential registration page." : "destination."); |
