simplesamlphp /
simplesamlphp-module-webauthn
@@ -182,7 +182,7 @@ |
||
| 182 | 182 | return $this->credential; |
| 183 | 183 | } |
| 184 | 184 | |
| 185 | - /** |
|
| 185 | + /** |
|
| 186 | 186 | * @return int |
| 187 | 187 | */ |
| 188 | 188 | public function getAlgo(): int |
@@ -45,7 +45,7 @@ |
||
| 45 | 45 | $config, |
| 46 | 46 | 'authsources[' . var_export($this->authId, true) . ']' |
| 47 | 47 | ); |
| 48 | - $this->authnContextClassRef = $this->authSourceConfig->getOptionalString("authncontextclassref",'urn:rsa:names:tc:SAML:2.0:ac:classes:FIDO'); |
|
| 48 | + $this->authnContextClassRef = $this->authSourceConfig->getOptionalString("authncontextclassref", 'urn:rsa:names:tc:SAML:2.0:ac:classes:FIDO'); |
|
| 49 | 49 | $moduleConfig = Configuration::getOptionalConfig('module_webauthn.php')->toArray(); |
| 50 | 50 | |
| 51 | 51 | $initialStateData = new StateData(); |
@@ -209,7 +209,7 @@ discard block |
||
| 209 | 209 | |
| 210 | 210 | if ($debugEnabled) { |
| 211 | 211 | $response = new RunnableResponse( |
| 212 | - function (WebAuthnAuthenticationEvent $authObject, array $state) { |
|
| 212 | + function(WebAuthnAuthenticationEvent $authObject, array $state) { |
|
| 213 | 213 | echo $authObject->getDebugBuffer(); |
| 214 | 214 | echo $authObject->getValidateBuffer(); |
| 215 | 215 | echo "Debug mode, not continuing to " . ($state['FIDO2WantsRegister'] ? "credential registration page." : "destination."); |
@@ -233,7 +233,7 @@ discard block |
||
| 233 | 233 | * In passwordless, we're on our own. The one thing we know is the |
| 234 | 234 | * username. |
| 235 | 235 | */ |
| 236 | - $state['Attributes'][$state['FIDO2AttributeStoringUsername']] = [ $state['FIDO2Username'] ]; |
|
| 236 | + $state['Attributes'][$state['FIDO2AttributeStoringUsername']] = [$state['FIDO2Username']]; |
|
| 237 | 237 | // now properly return our final state to the framework |
| 238 | 238 | Source::completeAuth($state); |
| 239 | 239 | } |
@@ -177,7 +177,7 @@ discard block |
||
| 177 | 177 | |
| 178 | 178 | // did we get any client extensions? |
| 179 | 179 | $isResidentKey = 0; |
| 180 | - if (strlen($request->request->get('clientext')) > 0 && count(json_decode($request->request->get('clientext'), true)) > 0 ) { |
|
| 180 | + if (strlen($request->request->get('clientext')) > 0 && count(json_decode($request->request->get('clientext'), true)) > 0) { |
|
| 181 | 181 | $extensions = json_decode($request->request->get('clientext'), true); |
| 182 | 182 | if ($extensions['credProps']['rk'] === true) { |
| 183 | 183 | $isResidentKey = 1; |
@@ -216,7 +216,7 @@ discard block |
||
| 216 | 216 | $id = $this->authState::saveState($state, 'webauthn:request'); |
| 217 | 217 | if ($debugEnabled === true) { |
| 218 | 218 | $response = new RunnableResponse( |
| 219 | - function (WebAuthnRegistrationEvent $regObject, string $id) { |
|
| 219 | + function(WebAuthnRegistrationEvent $regObject, string $id) { |
|
| 220 | 220 | echo $regObject->getDebugBuffer(); |
| 221 | 221 | echo $regObject->getValidateBuffer(); |
| 222 | 222 | echo "<form id='regform' method='POST' action='" . |
@@ -93,8 +93,8 @@ discard block |
||
| 93 | 93 | public static function loadState(string $id, string $stage, bool $allowMissing = false): ?array |
| 94 | 94 | { |
| 95 | 95 | return [ |
| 96 | - 'FIDO2AuthSuccessful' => true, |
|
| 97 | - 'FIDO2PasswordlessAuthMode' => false, |
|
| 96 | + 'FIDO2AuthSuccessful' => true, |
|
| 97 | + 'FIDO2PasswordlessAuthMode' => false, |
|
| 98 | 98 | ]; |
| 99 | 99 | } |
| 100 | 100 | }); |
@@ -154,8 +154,8 @@ discard block |
||
| 154 | 154 | public static function loadState(string $id, string $stage, bool $allowMissing = false): ?array |
| 155 | 155 | { |
| 156 | 156 | return [ |
| 157 | - 'FIDO2AuthSuccessful' => true, |
|
| 158 | - 'FIDO2PasswordlessAuthMode' => false, |
|
| 157 | + 'FIDO2AuthSuccessful' => true, |
|
| 158 | + 'FIDO2PasswordlessAuthMode' => false, |
|
| 159 | 159 | ]; |
| 160 | 160 | } |
| 161 | 161 | }); |
@@ -189,8 +189,8 @@ discard block |
||
| 189 | 189 | 'FIDO2AuthSuccessful' => false, |
| 190 | 190 | 'FIDO2Tokens' => [0 => "foo"], |
| 191 | 191 | 'FIDO2WantsRegister' => false, |
| 192 | - 'UseInflowRegistration' => false, |
|
| 193 | - 'FIDO2PasswordlessAuthMode' => false, |
|
| 192 | + 'UseInflowRegistration' => false, |
|
| 193 | + 'FIDO2PasswordlessAuthMode' => false, |
|
| 194 | 194 | ]; |
| 195 | 195 | } |
| 196 | 196 | }); |
@@ -85,8 +85,8 @@ |
||
| 85 | 85 | 'FIDO2Scope' => 'Ducktown', |
| 86 | 86 | 'FIDO2Tokens' => [], |
| 87 | 87 | 'FIDO2SignupChallenge' => 'abc123', |
| 88 | - 'FIDO2AuthSuccessful' => true, |
|
| 89 | - 'FIDO2PasswordlessAuthMode' => false, |
|
| 88 | + 'FIDO2AuthSuccessful' => true, |
|
| 89 | + 'FIDO2PasswordlessAuthMode' => false, |
|
| 90 | 90 | 'requestTokenModel' => 'something', |
| 91 | 91 | ]; |
| 92 | 92 | } |
@@ -53,11 +53,11 @@ discard block |
||
| 53 | 53 | 'simplesaml' |
| 54 | 54 | ); |
| 55 | 55 | |
| 56 | - $this->module_config = []; |
|
| 57 | - $this->module_config = Configuration::loadFromArray( |
|
| 58 | - [ |
|
| 59 | - 'registration' => ['use_inflow_registration' => true], |
|
| 60 | - ]); |
|
| 56 | + $this->module_config = []; |
|
| 57 | + $this->module_config = Configuration::loadFromArray( |
|
| 58 | + [ |
|
| 59 | + 'registration' => ['use_inflow_registration' => true], |
|
| 60 | + ]); |
|
| 61 | 61 | |
| 62 | 62 | $this->session = Session::getSessionFromRequest(); |
| 63 | 63 | |
@@ -66,7 +66,7 @@ discard block |
||
| 66 | 66 | { |
| 67 | 67 | // do nothing |
| 68 | 68 | } |
| 69 | - }; |
|
| 69 | + }; |
|
| 70 | 70 | Configuration::setPreLoadedConfig($this->config, 'config.php'); |
| 71 | 71 | Configuration::setPreLoadedConfig($this->module_config, 'module_webauthn.php'); |
| 72 | 72 | } |
@@ -96,11 +96,11 @@ discard block |
||
| 96 | 96 | 'FIDO2Scope' => 'Ducktown', |
| 97 | 97 | 'FIDO2Tokens' => [0 => 'A1B2C3', 1 => 'D4E5F6'], |
| 98 | 98 | 'FIDO2SignupChallenge' => 'A1B2C3', |
| 99 | - 'FIDO2WantsRegister' => false, |
|
| 100 | - 'FIDO2PasswordlessAuthMode' => false, |
|
| 99 | + 'FIDO2WantsRegister' => false, |
|
| 100 | + 'FIDO2PasswordlessAuthMode' => false, |
|
| 101 | 101 | 'FIDO2AuthSuccessful' => false, |
| 102 | - 'requestTokenModel' => 'something', |
|
| 103 | - 'Source' => 'There is no real auth source in this test.', |
|
| 102 | + 'requestTokenModel' => 'something', |
|
| 103 | + 'Source' => 'There is no real auth source in this test.', |
|
| 104 | 104 | ]; |
| 105 | 105 | } |
| 106 | 106 | }); |
@@ -109,7 +109,7 @@ discard block |
||
| 109 | 109 | } |
| 110 | 110 | return self::STATE_AUTH_ALLOWMGMT; |
| 111 | 111 | } else { // in inflow, allow to check the management box; otherwise, |
| 112 | - // only auth |
|
| 112 | + // only auth |
|
| 113 | 113 | $moduleConfig = Configuration::getOptionalConfig('module_webauthn.php')->toArray(); |
| 114 | 114 | return $moduleConfig['registration']['use_inflow_registration'] ? self::STATE_AUTH_ALLOWMGMT : self::STATE_AUTH_NOMGMT; |
| 115 | 115 | } |
@@ -213,8 +213,8 @@ discard block |
||
| 213 | 213 | $t->data['showExitButton'] = !array_key_exists('Registration', $state); |
| 214 | 214 | $frontendData['usernameEncoded'] = $usernameEncoded; |
| 215 | 215 | $frontendData['attestation'] = $state['requestTokenModel'] ? "indirect" : "none"; |
| 216 | - $frontendData['credentialIdEncoded'] = $credentialIdEncoded; |
|
| 217 | - $frontendData['FIDO2PasswordlessAuthMode'] = $state['FIDO2PasswordlessAuthMode']; |
|
| 216 | + $frontendData['credentialIdEncoded'] = $credentialIdEncoded; |
|
| 217 | + $frontendData['FIDO2PasswordlessAuthMode'] = $state['FIDO2PasswordlessAuthMode']; |
|
| 218 | 218 | $t->data['frontendData'] = json_encode($frontendData); |
| 219 | 219 | |
| 220 | 220 | $t->data['FIDO2AuthSuccessful'] = $state['FIDO2AuthSuccessful']; |
@@ -166,7 +166,7 @@ discard block |
||
| 166 | 166 | |
| 167 | 167 | $state = $this->authState::loadState($stateId, 'webauthn:request'); |
| 168 | 168 | |
| 169 | - if ( $this->workflowStateMachine($state) != self::STATE_AUTH_NOMGMT ) { |
|
| 169 | + if ($this->workflowStateMachine($state) != self::STATE_AUTH_NOMGMT) { |
|
| 170 | 170 | $templateFile = 'webauthn:webauthn.twig'; |
| 171 | 171 | } else { |
| 172 | 172 | $templateFile = 'webauthn:authentication.twig'; |
@@ -206,7 +206,7 @@ discard block |
||
| 206 | 206 | $frontendData = []; |
| 207 | 207 | $frontendData['challengeEncoded'] = $challengeEncoded; |
| 208 | 208 | $frontendData['state'] = []; |
| 209 | - foreach (['FIDO2Scope','FIDO2Username','FIDO2Displayname','requestTokenModel'] as $stateItem) { |
|
| 209 | + foreach (['FIDO2Scope', 'FIDO2Username', 'FIDO2Displayname', 'requestTokenModel'] as $stateItem) { |
|
| 210 | 210 | $frontendData['state'][$stateItem] = $state[$stateItem]; |
| 211 | 211 | } |
| 212 | 212 | |
@@ -218,7 +218,7 @@ discard block |
||
| 218 | 218 | $t->data['frontendData'] = json_encode($frontendData); |
| 219 | 219 | |
| 220 | 220 | $t->data['FIDO2AuthSuccessful'] = $state['FIDO2AuthSuccessful']; |
| 221 | - if ( $this->workflowStateMachine($state) == self::STATE_MGMT ) { |
|
| 221 | + if ($this->workflowStateMachine($state) == self::STATE_MGMT) { |
|
| 222 | 222 | $t->data['regURL'] = Module::getModuleURL('webauthn/regprocess?StateId=' . urlencode($stateId)); |
| 223 | 223 | $t->data['delURL'] = Module::getModuleURL('webauthn/managetoken?StateId=' . urlencode($stateId)); |
| 224 | 224 | |
@@ -76,7 +76,7 @@ |
||
| 76 | 76 | * exception. |
| 77 | 77 | * |
| 78 | 78 | */ |
| 79 | - 'aaguid_whitelist' => [ ], |
|
| 79 | + 'aaguid_whitelist' => [], |
|
| 80 | 80 | |
| 81 | 81 | /* |
| 82 | 82 | * Some authenticators are more equal than others. Apple TouchID and |
