Commit ⋅ silverstripe/silverstripe-webauthn-authenticator

Showing 3 of 5 files from the diff.

0.00% 0.00% ø 4 0

src/BaseHandlerTrait.php created.

6.12% 0.00% ø 12 0

src/VerifyHandler.php changed.

61.97% 0.00% ø 19 0

src/RegisterHandler.php changed.

Other files ignored by Codecov

tests/RegisterHandlerTest.php has changed.

tests/MethodTest.php is new.

@@ -0,0 +1,63 @@

1	+	<?php declare(strict_types=1);
2	+
3	+	namespace SilverStripe\WebAuthn;
4	+
5	+	use CBOR\Decoder;
6	+	use CBOR\OtherObject\OtherObjectManager;
7	+	use CBOR\Tag\TagObjectManager;
8	+	use Webauthn\AttestationStatement\AttestationObjectLoader;
9	+	use Webauthn\AttestationStatement\AttestationStatementSupportManager;
10	+	use Webauthn\AttestationStatement\FidoU2FAttestationStatementSupport;
11	+	use Webauthn\AttestationStatement\NoneAttestationStatementSupport;
12	+	use Webauthn\PublicKeyCredentialLoader;
13	+
14	+	/**
15	+	* Contains logic which is shared between both WebAuthn's RegisterHandler and VerifyHandler, such as
16	+	* the attestation configuration options.
17	+	*/
18	+	trait BaseHandlerTrait
19	+	{
20	+	/**
21	+	* @return Decoder
22	+	*/
23	+	protected function getDecoder(): Decoder
24	+	{
25	+	return new Decoder(new TagObjectManager(), new OtherObjectManager());
26	+	}
27	+
28	+	/**
29	+	* @param Decoder $decoder
30	+	* @return AttestationStatementSupportManager
31	+	*/
32	+	protected function getAttestationStatementSupportManager(Decoder $decoder): AttestationStatementSupportManager
33	+	{
34	+	$manager = new AttestationStatementSupportManager();
35	+	$manager->add(new NoneAttestationStatementSupport());
36	+	$manager->add(new FidoU2FAttestationStatementSupport($decoder));
37	+	return $manager;
38	+	}
39	+
40	+	/**
41	+	* @param AttestationStatementSupportManager $attestationStatementSupportManager
42	+	* @param Decoder $decoder
43	+	* @return AttestationObjectLoader
44	+	*/
45	+	protected function getAttestationObjectLoader(
46	+	AttestationStatementSupportManager $attestationStatementSupportManager,
47	+	Decoder $decoder
48	+	): AttestationObjectLoader {
49	+	return new AttestationObjectLoader($attestationStatementSupportManager, $decoder);
50	+	}
51	+
52	+	/**
53	+	* @param AttestationObjectLoader $attestationObjectLoader
54	+	* @param Decoder $decoder
55	+	* @return PublicKeyCredentialLoader
56	+	*/
57	+	protected function getPublicKeyCredentialLoader(
58	+	AttestationObjectLoader $attestationObjectLoader,
59	+	Decoder $decoder
60	+	): PublicKeyCredentialLoader {
61	+	return new PublicKeyCredentialLoader($attestationObjectLoader, $decoder);
62	+	}
63	+	}

@@ -2,9 +2,6 @@


namespace SilverStripe\WebAuthn;

use CBOR\Decoder;
use CBOR\OtherObject\OtherObjectManager;
use CBOR\Tag\TagObjectManager;
use Exception;
use GuzzleHttp\Psr7\ServerRequest;
use Psr\Log\LoggerInterface;

@@ -13,20 +10,17 @@

use SilverStripe\MFA\Model\RegisteredMethod;
use SilverStripe\MFA\State\Result;
use SilverStripe\MFA\Store\StoreInterface;
use Webauthn\AttestationStatement\AttestationObjectLoader;
use Webauthn\AttestationStatement\AttestationStatementSupportManager;
use Webauthn\AttestationStatement\FidoU2FAttestationStatementSupport;
use Webauthn\AttestationStatement\NoneAttestationStatementSupport;
use Webauthn\AuthenticationExtensions\ExtensionOutputCheckerHandler;
use Webauthn\AuthenticatorAssertionResponse;
use Webauthn\AuthenticatorAssertionResponseValidator;
use Webauthn\PublicKeyCredentialDescriptor;
use Webauthn\PublicKeyCredentialLoader;
use Webauthn\PublicKeyCredentialRequestOptions;
use Webauthn\TokenBinding\TokenBindingNotSupportedHandler;

class VerifyHandler implements VerifyHandlerInterface
{
    use BaseHandlerTrait;

    /**
     * Dependency injection configuration
     *

@@ -85,18 +79,10 @@


        $data = json_decode($request->getBody(), true);

        // CBOR
        $decoder = new Decoder(new TagObjectManager(), new OtherObjectManager());

        // Attestation statement support manager
        $attestationStatementSupportManager = new AttestationStatementSupportManager();
        $attestationStatementSupportManager->add(new NoneAttestationStatementSupport());
        $attestationStatementSupportManager->add(new FidoU2FAttestationStatementSupport($decoder));

        // Attestation object loader
        $attestationObjectLoader = new AttestationObjectLoader($attestationStatementSupportManager, $decoder);

        $publicKeyCredentialLoader = new PublicKeyCredentialLoader($attestationObjectLoader, $decoder);
        $decoder = $this->getDecoder();
        $attestationStatementSupportManager = $this->getAttestationStatementSupportManager($decoder);
        $attestationObjectLoader = $this->getAttestationObjectLoader($attestationStatementSupportManager, $decoder);
        $publicKeyCredentialLoader = $this->getPublicKeyCredentialLoader($attestationObjectLoader, $decoder);

        $credentialRepository = new CredentialRepository($store->getMember(), $registeredMethod);


@@ -155,6 +141,13 @@

        return 'WebAuthnVerify';
    }

    /**
     * @param StoreInterface $store
     * @param RegisteredMethod $registeredMethod
     * @param bool $reset
     * @return PublicKeyCredentialRequestOptions
     * @throws Exception
     */
    protected function getCredentialRequestOptions(
        StoreInterface $store,
        RegisteredMethod $registeredMethod,

@@ -2,9 +2,6 @@


namespace SilverStripe\WebAuthn;

use CBOR\Decoder;
use CBOR\OtherObject\OtherObjectManager;
use CBOR\Tag\TagObjectManager;
use Cose\Algorithms;
use Exception;
use GuzzleHttp\Psr7\ServerRequest;

@@ -18,17 +15,12 @@

use SilverStripe\MFA\Store\StoreInterface;
use SilverStripe\Security\Member;
use SilverStripe\SiteConfig\SiteConfig;
use Webauthn\AttestationStatement\AttestationObjectLoader;
use Webauthn\AttestationStatement\AttestationStatementSupportManager;
use Webauthn\AttestationStatement\FidoU2FAttestationStatementSupport;
use Webauthn\AttestationStatement\NoneAttestationStatementSupport;
use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientInputs;
use Webauthn\AuthenticationExtensions\ExtensionOutputCheckerHandler;
use Webauthn\AuthenticatorAttestationResponse;
use Webauthn\AuthenticatorAttestationResponseValidator;
use Webauthn\AuthenticatorSelectionCriteria;
use Webauthn\PublicKeyCredentialCreationOptions;
use Webauthn\PublicKeyCredentialLoader;
use Webauthn\PublicKeyCredentialParameters;
use Webauthn\PublicKeyCredentialRpEntity;
use Webauthn\PublicKeyCredentialUserEntity;

@@ -36,6 +28,7 @@


class RegisterHandler implements RegisterHandlerInterface
{
    use BaseHandlerTrait;
    use Extensible;
    use Configurable;


@@ -115,18 +108,10 @@

        $options = $this->getCredentialCreationOptions($store);
        $data = json_decode($request->getBody(), true);

        // CBOR
        $decoder = new Decoder(new TagObjectManager(), new OtherObjectManager());

        // Attestation statement support manager
        $attestationStatementSupportManager = new AttestationStatementSupportManager();
        $attestationStatementSupportManager->add(new NoneAttestationStatementSupport());
        $attestationStatementSupportManager->add(new FidoU2FAttestationStatementSupport($decoder));

        // Attestation object loader
        $attestationObjectLoader = new AttestationObjectLoader($attestationStatementSupportManager, $decoder);

        $publicKeyCredentialLoader = new PublicKeyCredentialLoader($attestationObjectLoader, $decoder);
        $decoder = $this->getDecoder();
        $attestationStatementSupportManager = $this->getAttestationStatementSupportManager($decoder);
        $attestationObjectLoader = $this->getAttestationObjectLoader($attestationStatementSupportManager, $decoder);
        $publicKeyCredentialLoader = $this->getPublicKeyCredentialLoader($attestationObjectLoader, $decoder);

        $credentialRepository = new CredentialRepository($store->getMember());


@@ -138,7 +123,7 @@

        );

        // Create a PSR-7 request
        $request = ServerRequest::fromGlobals();
        $psrRequest = ServerRequest::fromGlobals();

        try {
            $publicKeyCredential = $publicKeyCredentialLoader->load(base64_decode($data['credentials']));

@@ -152,7 +137,7 @@

                throw new ResponseDataException('Incomplete data, required information missing');
            }

            $authenticatorAttestationResponseValidator->check($response, $options, $request);
            $authenticatorAttestationResponseValidator->check($response, $options, $psrRequest);
        } catch (Exception $e) {
            $this->logger->error($e->getMessage());
            return Result::create(false, 'Registration failed: ' . $e->getMessage());

Files		•	•	•	Complexity	Coverage
client/src	142	48	4	90	0	33.80%
src	179	94	0	85	54	52.51%
Project Totals (14 files)	321	142	4	175	54	44.24%

TRAVIS_NODE_VERSION=10
TRAVIS_OS_NAME=linux

View CI Build Download

TRAVIS_NODE_VERSION=10
TRAVIS_OS_NAME=linux

View CI Build Download

No yaml found.

Create your codecov.yml to customize your Codecov experience

Read the docs

Interact now

The inner-most circle is the entire project, moving away from the center are folders then, finally, a single file. The size and color of each slice is representing the number of statements and the coverage, respectively.

SVG

The top section represents the entire project. Proceeding with folders and finally individual files. The size and color of each slice is representing the number of statements and the coverage, respectively.

SVG

Each block represents a single file in the project. The size and color of each block is represented by the number of statements and the coverage, respectively.

SVG

Learn more about the coverage sunburst graph

115	108		$options = $this->getCredentialCreationOptions($store);
116	109		$data = json_decode($request->getBody(), true);
117	110
118		-	// CBOR
119		-	$decoder = new Decoder(new TagObjectManager(), new OtherObjectManager());
120		-
121		-	// Attestation statement support manager
122		-	$attestationStatementSupportManager = new AttestationStatementSupportManager();
123		-	$attestationStatementSupportManager->add(new NoneAttestationStatementSupport());
124		-	$attestationStatementSupportManager->add(new FidoU2FAttestationStatementSupport($decoder));
125		-
126		-	// Attestation object loader
127		-	$attestationObjectLoader = new AttestationObjectLoader($attestationStatementSupportManager, $decoder);
128		-
129		-	$publicKeyCredentialLoader = new PublicKeyCredentialLoader($attestationObjectLoader, $decoder);
	111	+	$decoder = $this->getDecoder();
	112	+	$attestationStatementSupportManager = $this->getAttestationStatementSupportManager($decoder);
	113	+	$attestationObjectLoader = $this->getAttestationObjectLoader($attestationStatementSupportManager, $decoder);
	114	+	$publicKeyCredentialLoader = $this->getPublicKeyCredentialLoader($attestationObjectLoader, $decoder);
130	115
131	116		$credentialRepository = new CredentialRepository($store->getMember());
132	117

Navigation	Overlay
`t` Navigate files	`h` Toggle hits
`y` Change url to tip of branch	`m` Toggle misses
`b / v` Jump to prev/next hit line	`p` Toggle partial
`z / x` Jump to prev/next missed or partial line	`1..9` Toggle flags
`shift + o` Open current page in GitHub	`a` Toggle all on
`/ or ?` Show keyboard shortcuts dialog	`c` Toggle context lines or commits

13	10		use SilverStripe\MFA\Model\RegisteredMethod;
14	11		use SilverStripe\MFA\State\Result;
15	12		use SilverStripe\MFA\Store\StoreInterface;
16		-	use Webauthn\AttestationStatement\AttestationObjectLoader;
17		-	use Webauthn\AttestationStatement\AttestationStatementSupportManager;
18		-	use Webauthn\AttestationStatement\FidoU2FAttestationStatementSupport;
19		-	use Webauthn\AttestationStatement\NoneAttestationStatementSupport;
20	13		use Webauthn\AuthenticationExtensions\ExtensionOutputCheckerHandler;
21	14		use Webauthn\AuthenticatorAssertionResponse;
22	15		use Webauthn\AuthenticatorAssertionResponseValidator;
23	16		use Webauthn\PublicKeyCredentialDescriptor;
24		-	use Webauthn\PublicKeyCredentialLoader;
25	17		use Webauthn\PublicKeyCredentialRequestOptions;
26	18		use Webauthn\TokenBinding\TokenBindingNotSupportedHandler;
27	19
28	20		class VerifyHandler implements VerifyHandlerInterface
29	21		{
	22	+	use BaseHandlerTrait;
	23	+
30	24		/**
31	25		* Dependency injection configuration
32	26		*

155	141		return 'WebAuthnVerify';
156	142		}
157	143
	144	+	/**
	145	+	* @param StoreInterface $store
	146	+	* @param RegisteredMethod $registeredMethod
	147	+	* @param bool $reset
	148	+	* @return PublicKeyCredentialRequestOptions
	149	+	* @throws Exception
	150	+	*/
158	151		protected function getCredentialRequestOptions(
159	152		StoreInterface $store,
160	153		RegisteredMethod $registeredMethod,

18	15		use SilverStripe\MFA\Store\StoreInterface;
19	16		use SilverStripe\Security\Member;
20	17		use SilverStripe\SiteConfig\SiteConfig;
21		-	use Webauthn\AttestationStatement\AttestationObjectLoader;
22		-	use Webauthn\AttestationStatement\AttestationStatementSupportManager;
23		-	use Webauthn\AttestationStatement\FidoU2FAttestationStatementSupport;
24		-	use Webauthn\AttestationStatement\NoneAttestationStatementSupport;
25	18		use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientInputs;
26	19		use Webauthn\AuthenticationExtensions\ExtensionOutputCheckerHandler;
27	20		use Webauthn\AuthenticatorAttestationResponse;
28	21		use Webauthn\AuthenticatorAttestationResponseValidator;
29	22		use Webauthn\AuthenticatorSelectionCriteria;
30	23		use Webauthn\PublicKeyCredentialCreationOptions;
31		-	use Webauthn\PublicKeyCredentialLoader;
32	24		use Webauthn\PublicKeyCredentialParameters;
33	25		use Webauthn\PublicKeyCredentialRpEntity;
34	26		use Webauthn\PublicKeyCredentialUserEntity;

36	28
37	29		class RegisterHandler implements RegisterHandlerInterface
38	30		{
	31	+	use BaseHandlerTrait;
39	32		use Extensible;
40	33		use Configurable;
41	34

138	123		);
139	124
140	125		// Create a PSR-7 request
141		-	$request = ServerRequest::fromGlobals();
	126	+	$psrRequest = ServerRequest::fromGlobals();
142	127
143	128		try {
144	129		$publicKeyCredential = $publicKeyCredentialLoader->load(base64_decode($data['credentials']));

152	137		throw new ResponseDataException('Incomplete data, required information missing');
153	138		}
154	139
155		-	$authenticatorAttestationResponseValidator->check($response, $options, $request);
	140	+	$authenticatorAttestationResponseValidator->check($response, $options, $psrRequest);
156	141		} catch (Exception $e) {
157	142		$this->logger->error($e->getMessage());
158	143		return Result::create(false, 'Registration failed: ' . $e->getMessage());

Updating our web app

No yaml found.