simplesamlphp /
simplesamlphp-module-webauthn
@@ -117,7 +117,7 @@ |
||
| 117 | 117 | } |
| 118 | 118 | |
| 119 | 119 | if (!is_array($config)) { |
| 120 | - throw new \Exception('Invalid configuration for consent store option: '.var_export($config, true)); |
|
| 120 | + throw new \Exception('Invalid configuration for consent store option: ' . var_export($config, true)); |
|
| 121 | 121 | } |
| 122 | 122 | |
| 123 | 123 | if (!array_key_exists(0, $config)) { |
@@ -106,13 +106,13 @@ |
||
| 106 | 106 | }, |
| 107 | 107 | pubKeyCredParams: [{alg: -7, type: 'public-key'}], |
| 108 | 108 | timeout: 60000, |
| 109 | - attestation: '".($state['requestTokenModel'] ? "indirect" : "none")."', |
|
| 109 | + attestation: '".($state['requestTokenModel'] ? "indirect" : "none") . "', |
|
| 110 | 110 | } |
| 111 | 111 | };"; |
| 112 | 112 | } |
| 113 | 113 | |
| 114 | 114 | $t->data['authForm'] = ""; |
| 115 | -if (count($state['FIDO2Tokens']) > 0 && ($state['FIDO2WantsRegister'] !== true || $state['FIDO2AuthSuccessful'] === false )) { |
|
| 115 | +if (count($state['FIDO2Tokens']) > 0 && ($state['FIDO2WantsRegister'] !== true || $state['FIDO2AuthSuccessful'] === false)) { |
|
| 116 | 116 | $t->data['authURL'] = \SimpleSAML\Module::getModuleURL('webauthn/authprocess.php?StateId=' . urlencode($id)); |
| 117 | 117 | $t->data['authForm'] = "navigator.credentials.get(publicKeyCredentialRequestOptions) |
| 118 | 118 | .then((cred) => { |
@@ -71,10 +71,10 @@ |
||
| 71 | 71 | if ($debugEnabled) { |
| 72 | 72 | echo $authObject->debugBuffer; |
| 73 | 73 | echo $authObject->validateBuffer; |
| 74 | - echo "Debug mode, not continuing to ". ($state['FIDO2WantsRegister'] ? "credential registration page." : "destination."); |
|
| 74 | + echo "Debug mode, not continuing to " . ($state['FIDO2WantsRegister'] ? "credential registration page." : "destination."); |
|
| 75 | 75 | } else { |
| 76 | 76 | if ($state['FIDO2WantsRegister']) { |
| 77 | - header("Location: ".\SimpleSAML\Module::getModuleURL('webauthn/webauthn.php?StateId=' . urlencode($id))); |
|
| 77 | + header("Location: " . \SimpleSAML\Module::getModuleURL('webauthn/webauthn.php?StateId=' . urlencode($id))); |
|
| 78 | 78 | } else { |
| 79 | 79 | \SimpleSAML\Auth\ProcessingChain::resumeProcessing($state); |
| 80 | 80 | } |
@@ -170,16 +170,16 @@ |
||
| 170 | 170 | */ |
| 171 | 171 | $certProps = openssl_x509_parse($this->der2pem($stmtDecoded['x5c'][0])); |
| 172 | 172 | $this->debugBuffer .= "Attestation Certificate:" . print_r($certProps, true) . "<br/>"; |
| 173 | - if ($certProps['version'] != 2 || /** §8.2.1 Bullet 1 */ |
|
| 174 | - $certProps['subject']['OU'] != "Authenticator Attestation" || /** §8.2.1 Bullet 2 [Subject-OU] */ |
|
| 175 | - !isset($certProps['subject']['CN']) || /** §8.2.1 Bullet 2 [Subject-CN] */ |
|
| 173 | + if ($certProps['version'] != 2 || /** §8.2.1 Bullet 1 */ |
|
| 174 | + $certProps['subject']['OU'] != "Authenticator Attestation" || /** §8.2.1 Bullet 2 [Subject-OU] */ |
|
| 175 | + !isset($certProps['subject']['CN']) || /** §8.2.1 Bullet 2 [Subject-CN] */ |
|
| 176 | 176 | !isset($certProps['extensions']['basicConstraints']) || |
| 177 | 177 | strstr("CA:FALSE", $certProps['extensions']['basicConstraints']) === false /** §8.2.1 Bullet 4 */ |
| 178 | 178 | ) { |
| 179 | 179 | $this->fail("Attestation certificate properties are no good."); |
| 180 | 180 | } |
| 181 | 181 | if (isset(AAGUID::AAGUID_DICTIONARY[strtolower($this->AAGUID)])) { |
| 182 | - if ($certProps['subject']['O'] != AAGUID::AAGUID_DICTIONARY[strtolower($this->AAGUID)]['O'] || /** §8.2.1 Bullet 2 [Subject-O] */ |
|
| 182 | + if ($certProps['subject']['O'] != AAGUID::AAGUID_DICTIONARY[strtolower($this->AAGUID)]['O'] || /** §8.2.1 Bullet 2 [Subject-O] */ |
|
| 183 | 183 | $certProps['subject']['C'] != AAGUID::AAGUID_DICTIONARY[strtolower($this->AAGUID)]['C']) { /** §8.2.1 Bullet 2 [Subject-C] */ |
| 184 | 184 | $this->fail("AAGUID does not match vendor data."); |
| 185 | 185 | } |
