simplesamlphp /
simplesamlphp-module-webauthn
@@ -414,7 +414,7 @@ |
||
| 414 | 414 | $keyObject = new Ec2Key($this->cborDecode(hex2bin($this->credential))); |
| 415 | 415 | $keyResource = openssl_pkey_get_public($keyObject->asPEM()); |
| 416 | 416 | if ($keyResource === false) { |
| 417 | - $this->fail("Unable to construct ECDSA public key resource from PEM."); |
|
| 417 | + $this->fail("Unable to construct ECDSA public key resource from PEM."); |
|
| 418 | 418 | }; |
| 419 | 419 | break; |
| 420 | 420 | case self::PK_ALGORITHM_RSA: |
@@ -25,7 +25,7 @@ discard block |
||
| 25 | 25 | */ |
| 26 | 26 | public const PK_ALGORITHM_ECDSA = "-7"; |
| 27 | 27 | public const PK_ALGORITHM_RSA = "-257"; |
| 28 | - public const PK_ALGORITHM = [ self::PK_ALGORITHM_ECDSA, self::PK_ALGORITHM_RSA ]; |
|
| 28 | + public const PK_ALGORITHM = [self::PK_ALGORITHM_ECDSA, self::PK_ALGORITHM_RSA]; |
|
| 29 | 29 | public const AAGUID_ASSURANCE_LEVEL_NONE = 0; |
| 30 | 30 | public const AAGUID_ASSURANCE_LEVEL_SELF = 1; |
| 31 | 31 | public const AAGUID_ASSURANCE_LEVEL_BASIC = 2; |
@@ -262,7 +262,7 @@ discard block |
||
| 262 | 262 | $keyDetails = openssl_pkey_get_details($keyResource); |
| 263 | 263 | if ( |
| 264 | 264 | $credentialDetails['bits'] != $keyDetails['bits'] || |
| 265 | - $credentialDetails['key'] != $keyDetails['key'] || |
|
| 265 | + $credentialDetails['key'] != $keyDetails['key'] || |
|
| 266 | 266 | $credentialDetails['type'] != $keyDetails['type'] |
| 267 | 267 | ) { |
| 268 | 268 | $this->fail( |
@@ -574,7 +574,7 @@ discard block |
||
| 574 | 574 | } |
| 575 | 575 | $extensions = substr($attData, 18 + $credIdLen + $credentialLength); |
| 576 | 576 | if (strlen($extensions) !== 0) { |
| 577 | - $this->pass("Found the following extensions (". strlen($extensions) ." bytes) during registration ceremony: " ); |
|
| 577 | + $this->pass("Found the following extensions (" . strlen($extensions) . " bytes) during registration ceremony: "); |
|
| 578 | 578 | } |
| 579 | 579 | |
| 580 | 580 | |
@@ -182,7 +182,7 @@ |
||
| 182 | 182 | return $this->credential; |
| 183 | 183 | } |
| 184 | 184 | |
| 185 | - /** |
|
| 185 | + /** |
|
| 186 | 186 | * @return int |
| 187 | 187 | */ |
| 188 | 188 | public function getAlgo(): int |
@@ -45,7 +45,7 @@ |
||
| 45 | 45 | $config, |
| 46 | 46 | 'authsources[' . var_export($this->authId, true) . ']' |
| 47 | 47 | ); |
| 48 | - $this->authnContextClassRef = $this->authSourceConfig->getOptionalString("authncontextclassref",'urn:rsa:names:tc:SAML:2.0:ac:classes:FIDO'); |
|
| 48 | + $this->authnContextClassRef = $this->authSourceConfig->getOptionalString("authncontextclassref", 'urn:rsa:names:tc:SAML:2.0:ac:classes:FIDO'); |
|
| 49 | 49 | $moduleConfig = Configuration::getOptionalConfig('module_webauthn.php')->toArray(); |
| 50 | 50 | |
| 51 | 51 | $initialStateData = new StateData(); |
@@ -209,7 +209,7 @@ discard block |
||
| 209 | 209 | |
| 210 | 210 | if ($debugEnabled) { |
| 211 | 211 | $response = new RunnableResponse( |
| 212 | - function (WebAuthnAuthenticationEvent $authObject, array $state) { |
|
| 212 | + function(WebAuthnAuthenticationEvent $authObject, array $state) { |
|
| 213 | 213 | echo $authObject->getDebugBuffer(); |
| 214 | 214 | echo $authObject->getValidateBuffer(); |
| 215 | 215 | echo "Debug mode, not continuing to " . ($state['FIDO2WantsRegister'] ? "credential registration page." : "destination."); |
@@ -233,7 +233,7 @@ discard block |
||
| 233 | 233 | * In passwordless, we're on our own. The one thing we know is the |
| 234 | 234 | * username. |
| 235 | 235 | */ |
| 236 | - $state['Attributes'][$state['FIDO2AttributeStoringUsername']] = [ $state['FIDO2Username'] ]; |
|
| 236 | + $state['Attributes'][$state['FIDO2AttributeStoringUsername']] = [$state['FIDO2Username']]; |
|
| 237 | 237 | // now properly return our final state to the framework |
| 238 | 238 | Source::completeAuth($state); |
| 239 | 239 | } |
@@ -109,7 +109,7 @@ |
||
| 109 | 109 | } |
| 110 | 110 | return self::STATE_AUTH_ALLOWMGMT; |
| 111 | 111 | } else { // in inflow, allow to check the management box; otherwise, |
| 112 | - // only auth |
|
| 112 | + // only auth |
|
| 113 | 113 | $moduleConfig = Configuration::getOptionalConfig('module_webauthn.php')->toArray(); |
| 114 | 114 | return $moduleConfig['registration']['use_inflow_registration'] ? self::STATE_AUTH_ALLOWMGMT : self::STATE_AUTH_NOMGMT; |
| 115 | 115 | } |
@@ -166,7 +166,7 @@ discard block |
||
| 166 | 166 | |
| 167 | 167 | $state = $this->authState::loadState($stateId, 'webauthn:request'); |
| 168 | 168 | |
| 169 | - if ( $this->workflowStateMachine($state) != self::STATE_AUTH_NOMGMT ) { |
|
| 169 | + if ($this->workflowStateMachine($state) != self::STATE_AUTH_NOMGMT) { |
|
| 170 | 170 | $templateFile = 'webauthn:webauthn.twig'; |
| 171 | 171 | } else { |
| 172 | 172 | $templateFile = 'webauthn:authentication.twig'; |
@@ -206,7 +206,7 @@ discard block |
||
| 206 | 206 | $frontendData = []; |
| 207 | 207 | $frontendData['challengeEncoded'] = $challengeEncoded; |
| 208 | 208 | $frontendData['state'] = []; |
| 209 | - foreach (['Source', 'FIDO2Scope','FIDO2Username','FIDO2Displayname','requestTokenModel'] as $stateItem) { |
|
| 209 | + foreach (['Source', 'FIDO2Scope', 'FIDO2Username', 'FIDO2Displayname', 'requestTokenModel'] as $stateItem) { |
|
| 210 | 210 | $frontendData['state'][$stateItem] = $state[$stateItem]; |
| 211 | 211 | } |
| 212 | 212 | |
@@ -218,7 +218,7 @@ discard block |
||
| 218 | 218 | |
| 219 | 219 | $t->data['FIDO2AuthSuccessful'] = $state['FIDO2AuthSuccessful']; |
| 220 | 220 | $frontendData['FIDO2PasswordlessAuthMode'] = $state['FIDO2PasswordlessAuthMode']; |
| 221 | - if ( $this->workflowStateMachine($state) == self::STATE_MGMT ) { |
|
| 221 | + if ($this->workflowStateMachine($state) == self::STATE_MGMT) { |
|
| 222 | 222 | $t->data['regURL'] = Module::getModuleURL('webauthn/regprocess?StateId=' . urlencode($stateId)); |
| 223 | 223 | $t->data['delURL'] = Module::getModuleURL('webauthn/managetoken?StateId=' . urlencode($stateId)); |
| 224 | 224 | |
@@ -177,7 +177,7 @@ discard block |
||
| 177 | 177 | |
| 178 | 178 | // did we get any client extensions? |
| 179 | 179 | $isResidentKey = 0; |
| 180 | - if (strlen($request->request->get('clientext')) > 0 && count(json_decode($request->request->get('clientext'), true)) > 0 ) { |
|
| 180 | + if (strlen($request->request->get('clientext')) > 0 && count(json_decode($request->request->get('clientext'), true)) > 0) { |
|
| 181 | 181 | $extensions = json_decode($request->request->get('clientext'), true); |
| 182 | 182 | if ($extensions['credProps']['rk'] === true) { |
| 183 | 183 | $isResidentKey = 1; |
@@ -216,7 +216,7 @@ discard block |
||
| 216 | 216 | $id = $this->authState::saveState($state, 'webauthn:request'); |
| 217 | 217 | if ($debugEnabled === true) { |
| 218 | 218 | $response = new RunnableResponse( |
| 219 | - function (WebAuthnRegistrationEvent $regObject, string $id) { |
|
| 219 | + function(WebAuthnRegistrationEvent $regObject, string $id) { |
|
| 220 | 220 | echo $regObject->getDebugBuffer(); |
| 221 | 221 | echo $regObject->getValidateBuffer(); |
| 222 | 222 | echo "<form id='regform' method='POST' action='" . |
@@ -216,7 +216,7 @@ |
||
| 216 | 216 | $this->db->write( |
| 217 | 217 | 'INSERT INTO credentials ' . |
| 218 | 218 | '(user_id, credentialId, credential, algo, presenceLevel, isResidentKey, signCounter, friendlyName, hashedId) VALUES ' |
| 219 | - . '(:userId,:credentialId,:credential,:algo,:presenceLevel,:isResidentKey,:signCounter,:friendlyName,:hashedId)', |
|
| 219 | + . '(:userId,:credentialId,:credential,:algo,:presenceLevel,:isResidentKey,:signCounter,:friendlyName,:hashedId)', |
|
| 220 | 220 | [ |
| 221 | 221 | 'userId' => $userId, |
| 222 | 222 | 'credentialId' => $credentialId, |
