mirror of
https://github.com/Part-DB/Part-DB-server.git
synced 2025-08-24 03:25:49 +02:00
Allow to register Webauthn Keys
This commit is contained in:
Jan Böhmer
parent
068daeda75
commit
ac978abe1d
11 changed files with 486 additions and 25 deletions
|
|
@ -2,17 +2,21 @@
|
|||
|
||||
namespace App\Controller;
|
||||
|
||||
use App\Entity\UserSystem\WebauthnKey;
|
||||
use Doctrine\ORM\EntityManagerInterface;
|
||||
use Jbtronics\TFAWebauthn\Services\TFAWebauthnRegistrationHelper;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\Routing\Annotation\Route;
|
||||
|
||||
use function Symfony\Component\Translation\t;
|
||||
|
||||
class WebauthnKeyRegistrationController extends AbstractController
|
||||
{
|
||||
/**
|
||||
* @Route("/webauthn/register", name="webauthn_register")
|
||||
*/
|
||||
public function register(Request $request, TFAWebauthnRegistrationHelper $registrationHelper)
|
||||
public function register(Request $request, TFAWebauthnRegistrationHelper $registrationHelper, EntityManagerInterface $em)
|
||||
{
|
||||
|
||||
//If form was submitted, check the auth response
|
||||
|
|
@ -21,18 +25,33 @@ class WebauthnKeyRegistrationController extends AbstractController
|
|||
|
||||
//Retrieve other data from the form, that you want to store with the key
|
||||
$keyName = $request->request->get('keyName');
|
||||
if (empty($keyName)) {
|
||||
$keyName = 'Key ' . date('Y-m-d H:i:s');
|
||||
}
|
||||
|
||||
//Check the response
|
||||
$new_key = $registrationHelper->checkRegistrationResponse($webauthnResponse);
|
||||
try {
|
||||
$new_key = $registrationHelper->checkRegistrationResponse($webauthnResponse);
|
||||
} catch (\Exception $exception) {
|
||||
$this->addFlash('error', t('tfa_u2f.add_key.registration_error'));
|
||||
return $this->redirectToRoute('webauthn_register');
|
||||
}
|
||||
|
||||
$keyEntity = WebauthnKey::fromRegistration($new_key);
|
||||
$keyEntity->setName($keyName);
|
||||
$keyEntity->setUser($this->getUser());
|
||||
|
||||
$em->persist($keyEntity);
|
||||
$em->flush();
|
||||
|
||||
dump($new_key);
|
||||
|
||||
$this->addFlash('success', 'Key registered successfully');
|
||||
return $this->redirectToRoute('user_settings');
|
||||
}
|
||||
|
||||
|
||||
return $this->render(
|
||||
'Security/U2F/u2f_register.html.twig',
|
||||
'Security/Webauthn/webauthn_register.html.twig',
|
||||
[
|
||||
'registrationRequest' => $registrationHelper->generateRegistrationRequestAsJSON(),
|
||||
]
|
||||
|
|
|
|||
|
|
@ -57,6 +57,7 @@ use App\Entity\PriceInformations\Currency;
|
|||
use App\Security\Interfaces\HasPermissionsInterface;
|
||||
use App\Validator\Constraints\Selectable;
|
||||
use App\Validator\Constraints\ValidPermission;
|
||||
use Jbtronics\TFAWebauthn\Model\LegacyU2FKeyInterface;
|
||||
use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
|
||||
use Webauthn\PublicKeyCredentialUserEntity;
|
||||
use function count;
|
||||
|
|
@ -241,11 +242,17 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
|
|||
*/
|
||||
protected ?DateTime $backupCodesGenerationDate = null;
|
||||
|
||||
/** @var Collection<int, TwoFactorKeyInterface>
|
||||
/** @var Collection<int, LegacyU2FKeyInterface>
|
||||
* @ORM\OneToMany(targetEntity="App\Entity\UserSystem\U2FKey", mappedBy="user", cascade={"REMOVE"}, orphanRemoval=true)
|
||||
*/
|
||||
protected $u2fKeys;
|
||||
|
||||
/**
|
||||
* @var Collection<int, WebauthnKey>
|
||||
* @ORM\OneToMany(targetEntity="App\Entity\UserSystem\WebauthnKey", mappedBy="user", cascade={"REMOVE"}, orphanRemoval=true)
|
||||
*/
|
||||
protected $webauthn_keys;
|
||||
|
||||
/**
|
||||
* @var Currency|null The currency the user wants to see prices in.
|
||||
* Dont use fetch=EAGER here, this will cause problems with setting the currency setting.
|
||||
|
|
@ -274,6 +281,7 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
|
|||
parent::__construct();
|
||||
$this->permissions = new PermissionsEmbed();
|
||||
$this->u2fKeys = new ArrayCollection();
|
||||
$this->webauthn_keys = new ArrayCollection();
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -851,7 +859,8 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
|
|||
|
||||
public function isWebAuthnAuthenticatorEnabled(): bool
|
||||
{
|
||||
return count($this->u2fKeys) > 0;
|
||||
return count($this->u2fKeys) > 0
|
||||
|| count($this->webauthn_keys) > 0;
|
||||
}
|
||||
|
||||
public function getLegacyU2FKeys(): iterable
|
||||
|
|
@ -870,6 +879,11 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
|
|||
|
||||
public function getWebauthnKeys(): iterable
|
||||
{
|
||||
return [];
|
||||
return $this->webauthn_keys;
|
||||
}
|
||||
|
||||
public function addWebauthnKey(WebauthnKey $webauthnKey): void
|
||||
{
|
||||
$this->webauthn_keys->add($webauthnKey);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
98
src/Entity/UserSystem/WebauthnKey.php
Normal file
98
src/Entity/UserSystem/WebauthnKey.php
Normal file
|
|
@ -0,0 +1,98 @@
|
|||
<?php
|
||||
|
||||
namespace App\Entity\UserSystem;
|
||||
|
||||
use App\Entity\Base\TimestampTrait;
|
||||
use Doctrine\ORM\Mapping as ORM;
|
||||
use Webauthn\PublicKeyCredentialSource as BasePublicKeyCredentialSource;
|
||||
|
||||
/**
|
||||
* @ORM\Table(name="webauthn_keys")
|
||||
* @ORM\Entity()
|
||||
* @ORM\HasLifecycleCallbacks()
|
||||
*/
|
||||
class WebauthnKey extends BasePublicKeyCredentialSource
|
||||
{
|
||||
use TimestampTrait;
|
||||
|
||||
/**
|
||||
* @ORM\Id
|
||||
* @ORM\Column(type="integer")
|
||||
* @ORM\GeneratedValue(strategy="AUTO")
|
||||
*/
|
||||
protected int $id;
|
||||
|
||||
/**
|
||||
* @ORM\Column(type="string")
|
||||
*/
|
||||
protected string $name;
|
||||
|
||||
/**
|
||||
* @ORM\ManyToOne(targetEntity="App\Entity\UserSystem\User", inversedBy="webauthn_keys")
|
||||
**/
|
||||
protected ?User $user = null;
|
||||
|
||||
/**
|
||||
* @return string
|
||||
*/
|
||||
public function getName(): string
|
||||
{
|
||||
return $this->name;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $name
|
||||
* @return WebauthnKey
|
||||
*/
|
||||
public function setName(string $name): WebauthnKey
|
||||
{
|
||||
$this->name = $name;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return User|null
|
||||
*/
|
||||
public function getUser(): ?User
|
||||
{
|
||||
return $this->user;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param User|null $user
|
||||
* @return WebauthnKey
|
||||
*/
|
||||
public function setUser(?User $user): WebauthnKey
|
||||
{
|
||||
$this->user = $user;
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return int
|
||||
*/
|
||||
public function getId(): int
|
||||
{
|
||||
return $this->id;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
public static function fromRegistration(BasePublicKeyCredentialSource $registration): self
|
||||
{
|
||||
return new static(
|
||||
$registration->getPublicKeyCredentialId(),
|
||||
$registration->getType(),
|
||||
$registration->getTransports(),
|
||||
$registration->getAttestationType(),
|
||||
$registration->getTrustPath(),
|
||||
$registration->getAaguid(),
|
||||
$registration->getCredentialPublicKey(),
|
||||
$registration->getUserHandle(),
|
||||
$registration->getCounter(),
|
||||
$registration->getOtherUI()
|
||||
);
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue