[ Index ] |
PHP Cross Reference of Joomla 4.2.2 documentation |
[Source view] [Print] [Project Stats]
(no description)
Copyright: | (C) 2020 Open Source Matters, Inc. |
License: | GNU General Public License version 2 or later; see LICENSE.txt |
File Size: | 654 lines (22 kb) |
Included or required: | 0 times |
Referenced: | 0 times |
Includes or requires: | 0 files |
__construct(DatabaseInterface $db = null) X-Ref |
Public constructor. param: DatabaseInterface|null $db The database driver object to use for persistence. |
findOneByCredentialId(string $publicKeyCredentialId) X-Ref |
Returns a PublicKeyCredentialSource object given the public key credential ID param: string $publicKeyCredentialId The identified of the public key credential we're searching for return: PublicKeyCredentialSource|null |
findAllForUserEntity(PublicKeyCredentialUserEntity $publicKeyCredentialUserEntity) X-Ref |
Returns all PublicKeyCredentialSource objects given a user entity. We only use the `id` property of the user entity, cast to integer, as the Joomla user ID by which records are keyed in the database table. param: PublicKeyCredentialUserEntity $publicKeyCredentialUserEntity Public key credential user entity record return: PublicKeyCredentialSource[] |
saveCredentialSource(PublicKeyCredentialSource $publicKeyCredentialSource) X-Ref |
Add or update an attested credential for a given user. param: PublicKeyCredentialSource $publicKeyCredentialSource The public key credential return: void |
getAll(int $userId) X-Ref |
Get all credential information for a given user ID. This is meant to only be used for displaying records. param: int $userId The user ID return: array |
has(string $credentialId) X-Ref |
Do we have stored credentials under the specified Credential ID? param: string $credentialId The ID of the credential to check for existence return: boolean |
setLabel(string $credentialId, string $label) X-Ref |
Update the human readable label of a credential param: string $credentialId The credential ID param: string $label The human readable label to set return: void |
remove(string $credentialId) X-Ref |
Remove stored credentials param: string $credentialId The credentials ID to remove return: void |
getUserHandleFor(string $credentialId) X-Ref |
Return the user handle for the stored credential given its ID. The user handle must not be personally identifiable. Per https://w3c.github.io/webauthn/#user-handle it is acceptable to have a salted hash with a salt private to our server, e.g. Joomla's secret. The only immutable information in Joomla is the user ID so that's what we will be using. param: string $credentialId The credential ID to get the user handle for return: string |
getHandleFromUserId(int $id) X-Ref |
Return a user handle given an integer Joomla user ID. We use the HMAC-SHA-256 of the user ID with the site's secret as the key. Using it instead of SHA-512 is on purpose! WebAuthn only allows user handles up to 64 bytes long. param: int $id The user ID to convert return: string The user handle (HMAC-SHA-256 of the user ID) |
getUserIdFromHandle(?string $userHandle) X-Ref |
Get the user ID from the user handle This is a VERY inefficient method. Since the user handle is an HMAC-SHA-256 of the user ID we can't just go directly from a handle back to an ID. We have to iterate all user IDs, calculate their handles and compare them to the given handle. To prevent a lengthy infinite loop in case of an invalid user handle we don't iterate the entire 2+ billion valid 32-bit integer range. We load the user IDs of active users (not blocked, not pending activation) and iterate through them. To avoid memory outage on large sites with thousands of active user records we load up to 10000 users at a time. Each block of 10,000 user IDs takes about 60-80 msec to iterate. On a site with 200,000 active users this method will take less than 1.5 seconds. This is slow but not impractical, even on crowded shared hosts with a quarter of the performance of my test subject (a mid-range, shared hosting server). param: string|null $userHandle The user handle which will be converted to a user ID. return: integer|null |
encryptCredential(string $credential) X-Ref |
Encrypt the credential source before saving it to the database param: string $credential The unencrypted, JSON-encoded credential source return: string The encrypted credential source, base64 encoded |
decryptCredential(string $credential) X-Ref |
Decrypt the credential source if it was already encrypted in the database param: string $credential The encrypted credential source, base64 encoded return: string The decrypted, JSON-encoded credential source |
getEncryptionKey() X-Ref |
Get the site's secret, used as an encryption key return: string |
formatDate($date, ?string $format = null, bool $tzAware = true) X-Ref |
Format a date for display. The $tzAware parameter defines whether the formatted date will be timezone-aware. If set to false the formatted date will be rendered in the UTC timezone. If set to true the code will automatically try to use the logged in user's timezone or, if none is set, the site's default timezone (Server Timezone). If set to a positive integer the same thing will happen but for the specified user ID instead of the currently logged in user. param: string|\DateTime $date The date to format param: string|null $format The format string, default is Joomla's DATE_FORMAT_LC6 (usually "Y-m-d param: bool $tzAware Should the format be timezone aware? See notes above. return: string |
Generated: Wed Sep 7 05:41:13 2022 | Chilli.vc Blog - For Webmaster,Blog-Writer,System Admin and Domainer |