janis/ma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update create_acc.php

Browse Source
This commit is contained in:
jakani24
2024-04-26 14:17:52 +02:00
parent 395602320a
commit 6bf9d45a90
1 changed files with 38 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
src/server/cyberhex-code/test/create_acc.php
View File

@@ -238,21 +238,46 @@ try {
// Handle different functions // Handle different functions
if ($fn === 'getCreateArgs') { if ($fn === 'getCreateArgs') {
// Get create arguments $createArgs = $WebAuthn->getCreateArgs(\hex2bin($userId), $userName, $userDisplayName, 60*4, $requireResidentKey, $userVerification, $crossPlatformAttachment);
$createArgs = $WebAuthn->getCreateArgs(\hex2bin($userId), $userName, $userDisplayName, 60*4, $requireResidentKey, $userVerification);
header('Content-Type: application/json'); header('Content-Type: application/json');
print(json_encode($createArgs)); print(json_encode($createArgs));
// Save challenge to session or somewhere else if needed // save challange to session. you have to deliver it to processGet later.
$_SESSION['challenge'] = $WebAuthn->getChallenge();
} else if ($fn === 'getGetArgs') { } else if ($fn === 'getGetArgs') {
// Get get arguments $ids = [];
// Retrieve credential IDs from the database based on $userId
$ids = []; // Fetch credential IDs from the database if ($requireResidentKey) {
$getArgs = $WebAuthn->getGetArgs($ids, 60*4); if (!isset($_SESSION['registrations']) || !is_array($_SESSION['registrations']) || count($_SESSION['registrations']) === 0) {
throw new Exception('we do not have any registrations in session to check the registration');
}
} else {
// load registrations from session stored there by processCreate.
// normaly you have to load the credential Id's for a username
// from the database.
if (isset($_SESSION['registrations']) && is_array($_SESSION['registrations'])) {
foreach ($_SESSION['registrations'] as $reg) {
if ($reg->userId === $userId) {
$ids[] = $reg->credentialId;
}
}
}
if (count($ids) === 0) {
throw new Exception('no registrations in session for userId ' . $userId);
}
}
$getArgs = $WebAuthn->getGetArgs($ids, 60*4, $typeUsb, $typeNfc, $typeBle, $typeHyb, $typeInt, $userVerification);
header('Content-Type: application/json'); header('Content-Type: application/json');
print(json_encode($getArgs)); print(json_encode($getArgs));
// Save challenge to session or somewhere else if needed // save challange to session. you have to deliver it to processGet later.
$_SESSION['challenge'] = $WebAuthn->getChallenge();
} else if ($fn === 'processCreate') { } else if ($fn === 'processCreate') {
// Process create // Process create
$challenge = $_SESSION['challenge']; $challenge = $_SESSION['challenge'];
@@ -262,6 +287,11 @@ try {
// Process create and store data in the database // Process create and store data in the database
$data = $WebAuthn->processCreate($clientDataJSON, $attestationObject, $challenge, $userVerification === 'required', true, false); $data = $WebAuthn->processCreate($clientDataJSON, $attestationObject, $challenge, $userVerification === 'required', true, false);
// add user infos
$data->userId = $userId;
$data->userName = $userName;
$data->userDisplayName = $userDisplayName;
// Store registration data in the database // Store registration data in the database
$stmt = $conn->prepare("INSERT INTO registrations (userId, credentialId, publicKey, counter) VALUES (?, ?, ?, ?)"); $stmt = $conn->prepare("INSERT INTO registrations (userId, credentialId, publicKey, counter) VALUES (?, ?, ?, ?)");
$stmt->execute([$userId, $data->credentialId, $data->publicKey, $data->counter]); $stmt->execute([$userId, $data->credentialId, $data->publicKey, $data->counter]);