PHPXRef 0.7.1 : Joomla 4.2.2 documentation : Detail view of Server.php

Class: Server - X-Ref

Customised WebAuthn server object.

We had to fork the server object from the WebAuthn server package to address an issue with PHP 8.

We are currently using an older version of the WebAuthn library (2.x) which was written before
PHP 8 was developed. We cannot upgrade the WebAuthn library to a newer major version because of
Joomla's Semantic Versioning promise.

The FidoU2FAttestationStatementSupport and AndroidKeyAttestationStatementSupport classes force
an assertion on the result of the openssl_pkey_get_public() function, assuming it will return a
resource. However, starting with PHP 8.0 this function returns an OpenSSLAsymmetricKey object
and the assertion fails. As a result, you cannot use Android or FIDO U2F keys with WebAuthn.

The assertion check is in a private method, therefore we have to fork both attestation support
classes to change the assertion. The assertion takes place through a third party library we
cannot (and should not!) modify.

The assertions objects, however, are injected to the attestation support manager in a private
method of the Server object. Because literally everything in this class is private we have no
option than to fork the entire class to apply our two forked attestation support classes.

This is marked as deprecated because we'll be able to upgrade the WebAuthn library on Joomla 5.

__construct(PublicKeyCredentialRpEntity $relayingParty,PublicKeyCredentialSourceRepository $publicKeyCredentialSourceRepository,?MetadataStatementRepository $metadataStatementRepository) X-Ref

Overridden constructor.

param: PublicKeyCredentialRpEntity          $relayingParty                       Obvious
param: PublicKeyCredentialSourceRepository  $publicKeyCredentialSourceRepository Obvious
param: MetadataStatementRepository|null     $metadataStatementRepository         Obvious

setSelectedAlgorithms(array $selectedAlgorithms) X-Ref

param: string[] $selectedAlgorithms Obvious
return: void

setTokenBindingHandler(TokenBindingNotSupportedHandler $tokenBindingHandler) X-Ref

param: TokenBindingNotSupportedHandler $tokenBindingHandler Obvious
return: void

addAlgorithm(string $alias, Algorithm $algorithm) X-Ref

param: string $alias Obvious
param: Algorithm $algorithm Obvious
return: void

setExtensionOutputCheckerHandler(ExtensionOutputCheckerHandler $extensionOutputCheckerHandler) X-Ref

param: ExtensionOutputCheckerHandler $extensionOutputCheckerHandler Obvious
return: void

generatePublicKeyCredentialRequestOptions(?string $userVerification = PublicKeyCredentialRequestOptions::USER_VERIFICATION_REQUIREMENT_PREFERRED,array $allowedPublicKeyDescriptors = [],?AuthenticationExtensionsClientInputs $extensions = null) X-Ref

param: string|null                                $userVerification             Obvious
param: PublicKeyCredentialDescriptor[]            $allowedPublicKeyDescriptors  Obvious
param: AuthenticationExtensionsClientInputs|null  $extensions                   Obvious
return: PublicKeyCredentialRequestOptions

generatePublicKeyCredentialCreationOptions(PublicKeyCredentialUserEntity $userEntity,?string $attestationMode = PublicKeyCredentialCreationOptions::ATTESTATION_CONVEYANCE_PREFERENCE_NONE,array $excludedPublicKeyDescriptors = [],?AuthenticatorSelectionCriteria $criteria = null,?AuthenticationExtensionsClientInputs $extensions = null) X-Ref

param: PublicKeyCredentialUserEntity              $userEntity                    Obvious
param: string|null                                $attestationMode               Obvious
param: PublicKeyCredentialDescriptor[]            $excludedPublicKeyDescriptors  Obvious
param: AuthenticatorSelectionCriteria|null        $criteria                      Obvious
param: AuthenticationExtensionsClientInputs|null  $extensions                    Obvious
return: PublicKeyCredentialCreationOptions

loadAndCheckAttestationResponse(string $data,PublicKeyCredentialCreationOptions $publicKeyCredentialCreationOptions,ServerRequestInterface $serverRequest) X-Ref

param: string                              $data                                Obvious
param: PublicKeyCredentialCreationOptions  $publicKeyCredentialCreationOptions  Obvious
param: ServerRequestInterface              $serverRequest                       Obvious
return: PublicKeyCredentialSource

loadAndCheckAssertionResponse(string $data,PublicKeyCredentialRequestOptions $publicKeyCredentialRequestOptions,?PublicKeyCredentialUserEntity $userEntity,ServerRequestInterface $serverRequest) X-Ref

param: string                              $data                               Obvious
param: PublicKeyCredentialRequestOptions   $publicKeyCredentialRequestOptions  Obvious
param: PublicKeyCredentialUserEntity|null  $userEntity                         Obvious
param: ServerRequestInterface              $serverRequest                      Obvious
return: PublicKeyCredentialSource

enforceAndroidSafetyNetVerification(ClientInterface $client,string $apiKey,RequestFactoryInterface $requestFactory) X-Ref

param: ClientInterface          $client          Obvious
param: string                   $apiKey          Obvious
param: RequestFactoryInterface  $requestFactory  Obvious
return: void

getAttestationStatementSupportManager() X-Ref

return: AttestationStatementSupportManager

Copyright:	(C) 2022 Open Source Matters, Inc.
Copyright:	(C) 2014-2019 Spomky-Labs
License:	GNU General Public License version 2 or later; see LICENSE.txt
License:	This software may be modified and distributed under the terms
File Size:	449 lines (19 kb)
Included or required:	0 times
Referenced:	0 times
Includes or requires:	0 files

PHP Cross Reference of Joomla 4.2.2 documentation

/plugins/multifactorauth/webauthn/src/Hotfix/ -> Server.php (summary)

Defines 1 class