simplesamlphp /
simplesamlphp-module-webauthn
@@ -196,7 +196,7 @@ |
||
| 196 | 196 | $id = $this->authState::saveState($state, 'webauthn:request'); |
| 197 | 197 | if ($debugEnabled === true) { |
| 198 | 198 | $response = new RunnableResponse( |
| 199 | - function (WebAuthnRegistrationEvent $regObject, string $id) { |
|
| 199 | + function(WebAuthnRegistrationEvent $regObject, string $id) { |
|
| 200 | 200 | echo $regObject->getDebugBuffer(); |
| 201 | 201 | echo $regObject->getValidateBuffer(); |
| 202 | 202 | echo "<form id='regform' method='POST' action='" . |
@@ -131,7 +131,7 @@ |
||
| 131 | 131 | // this is the confirmed username, we store it just like the Passwordless |
| 132 | 132 | // one would have been |
| 133 | 133 | |
| 134 | - $state['Attributes'][$state['FIDO2AttributeStoringUsername']] = [ $request->request->get("username") ]; |
|
| 134 | + $state['Attributes'][$state['FIDO2AttributeStoringUsername']] = [$request->request->get("username")]; |
|
| 135 | 135 | |
| 136 | 136 | // we deliberately do not store any additional attributes - these have |
| 137 | 137 | // to be retrieved from the same authproc that would retrieve them |
@@ -215,7 +215,7 @@ |
||
| 215 | 215 | $frontendData = []; |
| 216 | 216 | $frontendData['challengeEncoded'] = $challengeEncoded; |
| 217 | 217 | $frontendData['state'] = []; |
| 218 | - foreach (['FIDO2Scope','FIDO2Username','FIDO2Displayname','requestTokenModel'] as $stateItem) { |
|
| 218 | + foreach (['FIDO2Scope', 'FIDO2Username', 'FIDO2Displayname', 'requestTokenModel'] as $stateItem) { |
|
| 219 | 219 | $frontendData['state'][$stateItem] = $state[$stateItem]; |
| 220 | 220 | } |
| 221 | 221 | |
@@ -152,7 +152,7 @@ |
||
| 152 | 152 | * |
| 153 | 153 | * @throws \Exception if the configuration is invalid. |
| 154 | 154 | */ |
| 155 | - public static function parseStoreConfig(string|array $config): Store |
|
| 155 | + public static function parseStoreConfig(string | array $config): Store |
|
| 156 | 156 | { |
| 157 | 157 | if (is_string($config)) { |
| 158 | 158 | $arrayUtils = new Utils\Arrays(); |
@@ -154,7 +154,7 @@ discard block |
||
| 154 | 154 | base64_decode($request->request->get('client_data_raw')), |
| 155 | 155 | $oneToken[0], |
| 156 | 156 | $oneToken[1], |
| 157 | - (int)$oneToken[4], // algo |
|
| 157 | + (int) $oneToken[4], // algo |
|
| 158 | 158 | base64_decode($request->request->get('signature')), |
| 159 | 159 | $debugEnabled, |
| 160 | 160 | ); |
@@ -217,7 +217,7 @@ discard block |
||
| 217 | 217 | |
| 218 | 218 | if ($debugEnabled) { |
| 219 | 219 | $response = new RunnableResponse( |
| 220 | - function (WebAuthnAuthenticationEvent $authObject, array $state) { |
|
| 220 | + function(WebAuthnAuthenticationEvent $authObject, array $state) { |
|
| 221 | 221 | echo $authObject->getDebugBuffer(); |
| 222 | 222 | echo $authObject->getValidateBuffer(); |
| 223 | 223 | echo "Debug mode, not continuing to " . ($state['FIDO2WantsRegister'] ? |
@@ -248,7 +248,7 @@ discard block |
||
| 248 | 248 | * In passwordless, we're on our own. The one thing we know is the |
| 249 | 249 | * username. |
| 250 | 250 | */ |
| 251 | - $state['Attributes'][$state['FIDO2AttributeStoringUsername']] = [ $state['FIDO2Username'] ]; |
|
| 251 | + $state['Attributes'][$state['FIDO2AttributeStoringUsername']] = [$state['FIDO2Username']]; |
|
| 252 | 252 | // in case this authentication happened in the Supercharged context |
| 253 | 253 | // it may be that there is an authprocfilter for WebAuthN, too. |
| 254 | 254 | |
@@ -266,7 +266,7 @@ discard block |
||
| 266 | 266 | } |
| 267 | 267 | // set an internal "authenticated passwordless" hint somewhere else |
| 268 | 268 | // in $state, which the authproc can react upon |
| 269 | - $state['Attributes']['internal:FIDO2PasswordlessAuthentication'] = [ $state['FIDO2Username'] ]; |
|
| 269 | + $state['Attributes']['internal:FIDO2PasswordlessAuthentication'] = [$state['FIDO2Username']]; |
|
| 270 | 270 | |
| 271 | 271 | $this->authState::saveState($state, 'webauthn:request'); |
| 272 | 272 | |
@@ -101,7 +101,7 @@ |
||
| 101 | 101 | } |
| 102 | 102 | return self::STATE_AUTH_ALLOWMGMT; |
| 103 | 103 | } else { // in inflow, allow to check the management box; otherwise, |
| 104 | - // only auth |
|
| 104 | + // only auth |
|
| 105 | 105 | $moduleConfig = Configuration::getOptionalConfig('module_webauthn.php')->toArray(); |
| 106 | 106 | return $moduleConfig['registration']['use_inflow_registration'] ? |
| 107 | 107 | self::STATE_AUTH_ALLOWMGMT : self::STATE_AUTH_NOMGMT; |
@@ -113,7 +113,7 @@ discard block |
||
| 113 | 113 | } |
| 114 | 114 | |
| 115 | 115 | |
| 116 | - public static function loadModuleConfig(array $moduleConfig, StateData &$stateData): void |
|
| 116 | + public static function loadModuleConfig(array $moduleConfig, StateData & $stateData): void |
|
| 117 | 117 | { |
| 118 | 118 | $stateData->store = Store::parseStoreConfig($moduleConfig['store']); |
| 119 | 119 | |
@@ -219,7 +219,7 @@ discard block |
||
| 219 | 219 | $frontendData = []; |
| 220 | 220 | $frontendData['challengeEncoded'] = $challengeEncoded; |
| 221 | 221 | $frontendData['state'] = []; |
| 222 | - foreach (['FIDO2Scope','FIDO2Username','FIDO2Displayname','requestTokenModel'] as $stateItem) { |
|
| 222 | + foreach (['FIDO2Scope', 'FIDO2Username', 'FIDO2Displayname', 'requestTokenModel'] as $stateItem) { |
|
| 223 | 223 | $frontendData['state'][$stateItem] = $state[$stateItem]; |
| 224 | 224 | } |
| 225 | 225 | |
@@ -151,8 +151,8 @@ |
||
| 151 | 151 | $session = Session::getSessionFromRequest(); |
| 152 | 152 | $lastSecondFactor = $session->getData("DateTime", 'LastSuccessfulSecondFactor'); |
| 153 | 153 | if // do we need to do secondFactor in interval, or even every time? |
| 154 | - // we skip only if an interval is configured AND we did successfully authenticate, |
|
| 155 | - // AND are within the interval |
|
| 154 | + // we skip only if an interval is configured AND we did successfully authenticate, |
|
| 155 | + // AND are within the interval |
|
| 156 | 156 | ( |
| 157 | 157 | $this->SecondFactorMaxAge >= 0 && $lastSecondFactor instanceof \DateTime |
| 158 | 158 | ) { |
@@ -59,7 +59,7 @@ discard block |
||
| 59 | 59 | public const FIDO_CERTIFIED_L3PLUS = "FIDO_CERTIFIED_L3plus"; |
| 60 | 60 | |
| 61 | 61 | // Keymaster 3 - KeyMint ??? |
| 62 | - private const ORIGINS_3 = [ // https://source.android.com/docs/security/features/keystore/tags#origin |
|
| 62 | + private const ORIGINS_3 = [// https://source.android.com/docs/security/features/keystore/tags#origin |
|
| 63 | 63 | 0 => "GENERATED", |
| 64 | 64 | 1 => "DERIVED", |
| 65 | 65 | 2 => "IMPORTED", |
@@ -755,7 +755,7 @@ discard block |
||
| 755 | 755 | * STEP 13 of the validation procedure in § 7.1 of the spec: is the algorithm the expected one? |
| 756 | 756 | */ |
| 757 | 757 | if (in_array($arrayPK['3'], self::PK_ALGORITHM)) { // we requested -7 or -257, so want to see it here |
| 758 | - $this->algo = (int)$arrayPK['3']; |
|
| 758 | + $this->algo = (int) $arrayPK['3']; |
|
| 759 | 759 | $this->pass("Public Key Algorithm is expected (" . |
| 760 | 760 | implode(' or ', WebAuthnRegistrationEvent::PK_ALGORITHM) . |
| 761 | 761 | ")."); |
