finishing touches for passkey auth, oauth and more

2024-12-26 13:12:24 +01:00
parent e8cba3edf6
commit 301c9493b1
9 changed files with 232 additions and 173 deletions
--- a/app-code/api/login/check_passkey.php
+++ b/app-code/api/login/check_passkey.php
@@ -32,36 +32,22 @@ try {
    if ($fn !== 'getStoredDataHtml') {

        // Formats
-        $formats = [];
-        //if (filter_input(INPUT_GET, 'fmt_android-key')) {
-            $formats[] = 'android-key';
-        //}
-        ///if (filter_input(INPUT_GET, 'fmt_android-safetynet')) {
-            $formats[] = 'android-safetynet';
-        //}
-        //if (filter_input(INPUT_GET, 'fmt_apple')) {
-            $formats[] = 'apple';
-        //}
-        //if (filter_input(INPUT_GET, 'fmt_fido-u2f')) {
-            $formats[] = 'fido-u2f';
-        //}
-        //if (filter_input(INPUT_GET, 'fmt_none')) {
-            $formats[] = 'none';
-        //}
-        //if (filter_input(INPUT_GET, 'fmt_packed')) {
-            $formats[] = 'packed';
-        //}
-        //if (filter_input(INPUT_GET, 'fmt_tpm')) {
-            $formats[] = 'tpm';
-        //}
+	$formats = [];
+	$formats[] = 'android-key';
+	$formats[] = 'android-safetynet';
+	$formats[] = 'apple';
+	$formats[] = 'fido-u2f';
+	$formats[] = 'none';
+	$formats[] = 'packed';
+	$formats[] = 'tpm';

-		$rpId=$_SERVER['SERVER_NAME'];
-		
-		$typeUsb = true;
-		$typeNfc = true;
-		$typeBle = true;
-		$typeInt = true;
-		$typeHyb = true;
+	$rpId=$_SERVER['SERVER_NAME'];
+
+	$typeUsb = true;
+	$typeNfc = true;
+	$typeBle = true;
+	$typeInt = true;
+	$typeHyb = true;

        // cross-platform: true, if type internal is not allowed
        //                 false, if only internal is allowed
@@ -80,28 +66,14 @@ try {
        $WebAuthn = new lbuchs\WebAuthn\WebAuthn('WebAuthn Library', $rpId, $formats);

        // add root certificates to validate new registrations
-        //if (filter_input(INPUT_GET, 'solo')) {
-            $WebAuthn->addRootCertificates('rootCertificates/solo.pem');
-        //}
-        //if (filter_input(INPUT_GET, 'apple')) {
-            $WebAuthn->addRootCertificates('rootCertificates/apple.pem');
-        //}
-        //if (filter_input(INPUT_GET, 'yubico')) {
-            $WebAuthn->addRootCertificates('rootCertificates/yubico.pem');
-        //}
-        //if (filter_input(INPUT_GET, 'hypersecu')) {
-            $WebAuthn->addRootCertificates('rootCertificates/hypersecu.pem');
-        //}
-        //if (filter_input(INPUT_GET, 'google')) {
-            $WebAuthn->addRootCertificates('rootCertificates/globalSign.pem');
-            $WebAuthn->addRootCertificates('rootCertificates/googleHardware.pem');
-        //}
-        //if (filter_input(INPUT_GET, 'microsoft')) {
-            $WebAuthn->addRootCertificates('rootCertificates/microsoftTpmCollection.pem');
-        //}
-        //if (filter_input(INPUT_GET, 'mds')) {
-            $WebAuthn->addRootCertificates('rootCertificates/mds');
-        //}
+	$WebAuthn->addRootCertificates('rootCertificates/solo.pem');
+	$WebAuthn->addRootCertificates('rootCertificates/apple.pem');
+	$WebAuthn->addRootCertificates('rootCertificates/yubico.pem');
+	$WebAuthn->addRootCertificates('rootCertificates/hypersecu.pem');
+	$WebAuthn->addRootCertificates('rootCertificates/globalSign.pem');
+	$WebAuthn->addRootCertificates('rootCertificates/googleHardware.pem');
+	$WebAuthn->addRootCertificates('rootCertificates/microsoftTpmCollection.pem');
+	$WebAuthn->addRootCertificates('rootCertificates/mds');

    }