simplesamlphp /
simplesamlphp-module-webauthn
@@ -170,16 +170,16 @@ |
||
| 170 | 170 | */ |
| 171 | 171 | $certProps = openssl_x509_parse($this->der2pem($stmtDecoded['x5c'][0])); |
| 172 | 172 | $this->debugBuffer .= "Attestation Certificate:" . print_r($certProps, true) . "<br/>"; |
| 173 | - if ($certProps['version'] != 2 || /** §8.2.1 Bullet 1 */ |
|
| 174 | - $certProps['subject']['OU'] != "Authenticator Attestation" || /** §8.2.1 Bullet 2 [Subject-OU] */ |
|
| 175 | - !isset($certProps['subject']['CN']) || /** §8.2.1 Bullet 2 [Subject-CN] */ |
|
| 173 | + if ($certProps['version'] != 2 || /** §8.2.1 Bullet 1 */ |
|
| 174 | + $certProps['subject']['OU'] != "Authenticator Attestation" || /** §8.2.1 Bullet 2 [Subject-OU] */ |
|
| 175 | + !isset($certProps['subject']['CN']) || /** §8.2.1 Bullet 2 [Subject-CN] */ |
|
| 176 | 176 | !isset($certProps['extensions']['basicConstraints']) || |
| 177 | 177 | strstr("CA:FALSE", $certProps['extensions']['basicConstraints']) === false /** §8.2.1 Bullet 4 */ |
| 178 | 178 | ) { |
| 179 | 179 | $this->fail("Attestation certificate properties are no good."); |
| 180 | 180 | } |
| 181 | 181 | if (isset(AAGUID::AAGUID_DICTIONARY[strtolower($this->AAGUID)])) { |
| 182 | - if ($certProps['subject']['O'] != AAGUID::AAGUID_DICTIONARY[strtolower($this->AAGUID)]['O'] || /** §8.2.1 Bullet 2 [Subject-O] */ |
|
| 182 | + if ($certProps['subject']['O'] != AAGUID::AAGUID_DICTIONARY[strtolower($this->AAGUID)]['O'] || /** §8.2.1 Bullet 2 [Subject-O] */ |
|
| 183 | 183 | $certProps['subject']['C'] != AAGUID::AAGUID_DICTIONARY[strtolower($this->AAGUID)]['C']) { /** §8.2.1 Bullet 2 [Subject-C] */ |
| 184 | 184 | $this->fail("AAGUID does not match vendor data."); |
| 185 | 185 | } |
@@ -120,7 +120,7 @@ |
||
| 120 | 120 | } |
| 121 | 121 | |
| 122 | 122 | if (!is_array($config)) { |
| 123 | - throw new Exception('Invalid configuration for consent store option: '.var_export($config, true)); |
|
| 123 | + throw new Exception('Invalid configuration for consent store option: ' . var_export($config, true)); |
|
| 124 | 124 | } |
| 125 | 125 | |
| 126 | 126 | if (!array_key_exists(0, $config)) { |
@@ -26,18 +26,18 @@ |
||
| 26 | 26 | throw new Exception("Attempt to access the token management page unauthenticated."); |
| 27 | 27 | } |
| 28 | 28 | switch ($_POST['submit']) { |
| 29 | - case "NEVERMIND": |
|
| 30 | - Auth\ProcessingChain::resumeProcessing($state); |
|
| 31 | - break; |
|
| 32 | - case "DELETE": |
|
| 33 | - if ($state['FIDO2AuthSuccessful'] == $_POST['credId']) { |
|
| 34 | - throw new Exception("Attempt to delete the currently used credential despite UI preventing this."); |
|
| 35 | - } |
|
| 36 | - $store = $state['webauthn:store']; |
|
| 37 | - $store->deleteTokenData($_POST['credId']); |
|
| 38 | - Auth\ProcessingChain::resumeProcessing($state); |
|
| 39 | - break; |
|
| 40 | - default: |
|
| 41 | - throw new Exception("Unknown submit button state."); |
|
| 29 | + case "NEVERMIND": |
|
| 30 | + Auth\ProcessingChain::resumeProcessing($state); |
|
| 31 | + break; |
|
| 32 | + case "DELETE": |
|
| 33 | + if ($state['FIDO2AuthSuccessful'] == $_POST['credId']) { |
|
| 34 | + throw new Exception("Attempt to delete the currently used credential despite UI preventing this."); |
|
| 35 | + } |
|
| 36 | + $store = $state['webauthn:store']; |
|
| 37 | + $store->deleteTokenData($_POST['credId']); |
|
| 38 | + Auth\ProcessingChain::resumeProcessing($state); |
|
| 39 | + break; |
|
| 40 | + default: |
|
| 41 | + throw new Exception("Unknown submit button state."); |
|
| 42 | 42 | } |
| 43 | 43 | |
@@ -13,7 +13,7 @@ |
||
| 13 | 13 | use SimpleSAML\Logger; |
| 14 | 14 | use SimpleSAML\Module; |
| 15 | 15 | use SimpleSAML\Utils; |
| 16 | -use SimpleSAML\XHTML\Template;; |
|
| 16 | +use SimpleSAML\XHTML\Template; ; |
|
| 17 | 17 | |
| 18 | 18 | $globalConfig = Configuration::getInstance(); |
| 19 | 19 | |
@@ -82,10 +82,10 @@ |
||
| 82 | 82 | if ($debugEnabled) { |
| 83 | 83 | echo $authObject->debugBuffer; |
| 84 | 84 | echo $authObject->validateBuffer; |
| 85 | - echo "Debug mode, not continuing to ". ($state['FIDO2WantsRegister'] ? "credential registration page." : "destination."); |
|
| 85 | + echo "Debug mode, not continuing to " . ($state['FIDO2WantsRegister'] ? "credential registration page." : "destination."); |
|
| 86 | 86 | } else { |
| 87 | 87 | if ($state['FIDO2WantsRegister']) { |
| 88 | - header("Location: ".Module::getModuleURL('webauthn/webauthn.php?StateId='.urlencode($id))); |
|
| 88 | + header("Location: " . Module::getModuleURL('webauthn/webauthn.php?StateId=' . urlencode($id))); |
|
| 89 | 89 | } else { |
| 90 | 90 | Auth\ProcessingChain::resumeProcessing($state); |
| 91 | 91 | } |
@@ -76,7 +76,7 @@ |
||
| 76 | 76 | $this->store = Store::parseStoreConfig($config['store']); |
| 77 | 77 | } catch (\Exception $e) { |
| 78 | 78 | Logger::error( |
| 79 | - 'webauthn: Could not create storage: '. |
|
| 79 | + 'webauthn: Could not create storage: ' . |
|
| 80 | 80 | $e->getMessage() |
| 81 | 81 | ); |
| 82 | 82 | } |
