Skip to content
This repository has been archived by the owner on Mar 25, 2024. It is now read-only.

Commit

Permalink
Permit any ChallengeProviderInterface in new registration flow (#35)
Browse files Browse the repository at this point in the history
  • Loading branch information
Firehed authored Oct 27, 2021
1 parent 990be79 commit bbe2e40
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 9 deletions.
2 changes: 1 addition & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- ChallengeProviderInterface (will replace ChallengeProvider)
- Server::generateChallenge(): ChallengeProviderInterface (now public; signature changed from previous private implementation)
- Server::validateLogin(ChallengeProviderInterface, LoginResponseInterface, RegistrationInterface[]): RegistrationInterface (will replace Server::setRegistrations + Server::setSignRequests + Server::authenticate)
- Server::validateRegistration(RegisterRequest, RegistrationResponseInterface): RegistrationInterface (will replace Server::setRegisterRequest + Server::register)
- Server::validateRegistration(ChallengeProviderInterface, RegistrationResponseInterface): RegistrationInterface (will replace Server::setRegisterRequest + Server::register)

### Changed
- Server's constructor now can take `string $appId` as a parameter
Expand Down
14 changes: 7 additions & 7 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -85,11 +85,11 @@ Start by generating a challenge.
You will need to store this temporarily (e.g. in a session), then send it to the user:

```php
$request = $server->generateRegisterRequest();
$_SESSION['registration_request'] = $request;
$challenge = $server->generateChallenge();
$_SESSION['registration_challenge'] = $challenge;

header('Content-type: application/json');
echo json_encode($request->getChallenge());
echo json_encode($challenge);
```

#### Client-side registration
Expand Down Expand Up @@ -149,8 +149,8 @@ $rawPostBody = trim(file_get_contents('php://input'));
$data = json_decode($rawPostBody, true);
$response = \Firehed\U2F\WebAuthn\RegistrationResponse::fromDecodedJson($data);

$request = $_SESSION['registration_request'];
$registration = $server->validateRegistration($request, $response);
$challenge = $_SESSION['registration_challenge'];
$registration = $server->validateRegistration($challenge, $response);
```

#### Persist the `$registration`
Expand Down Expand Up @@ -217,7 +217,7 @@ After doing so, send them to the user:
$registrations = $user->getU2FRegistrations(); // this must be an array of Registration objects

$challenge = $server->generateChallenge();
$_SESSION['challenge'] = $challenge;
$_SESSION['login_challenge'] = $challenge;

// WebAuthn expects a single challenge for all key handles, and the Server generates the requests accordingly.
header('Content-type: application/json');
Expand Down Expand Up @@ -280,7 +280,7 @@ $response = \Firehed\U2F\WebAuthn\LoginResponse::fromDecodedJson($data);

$registrations = $user->getU2FRegistrations(); // Registration[]
$registration = $server->validateLogin(
$_SESSION['challenge'],
$_SESSION['login_challenge'],
$response,
$registrations
);
Expand Down
2 changes: 1 addition & 1 deletion src/Server.php
Original file line number Diff line number Diff line change
Expand Up @@ -227,7 +227,7 @@ public function authenticate(LoginResponseInterface $response): RegistrationInte
* @throws BadMethodCallException if a precondition is not met
*/
public function validateRegistration(
RegisterRequest $request,
ChallengeProviderInterface $request,
RegistrationResponseInterface $response
): RegistrationInterface {
$this->validateChallenge($request, $response);
Expand Down

0 comments on commit bbe2e40

Please sign in to comment.