[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  /**
   4   * @package     Joomla.Plugin
   5   * @subpackage  System.Webauthn
   6   *
   7   * @copyright   (C) 2020 Open Source Matters, Inc. <https://www.joomla.org>
   8   * @license     GNU General Public License version 2 or later; see LICENSE.txt
   9   */
  10  
  11  namespace Joomla\Plugin\System\Webauthn\PluginTraits;
  12  
  13  use Exception;
  14  use Joomla\CMS\Event\Plugin\System\Webauthn\AjaxChallenge;
  15  use Joomla\CMS\Factory;
  16  use Joomla\CMS\Uri\Uri;
  17  use Joomla\CMS\User\User;
  18  use Joomla\CMS\User\UserFactoryInterface;
  19  use Joomla\CMS\User\UserHelper;
  20  use Joomla\Event\Event;
  21  
  22  // phpcs:disable PSR1.Files.SideEffects
  23  \defined('_JEXEC') or die;
  24  // phpcs:enable PSR1.Files.SideEffects
  25  
  26  /**
  27   * Ajax handler for akaction=challenge
  28   *
  29   * Generates the public key and challenge which is used by the browser when logging in with Webauthn. This is the bit
  30   * which prevents tampering with the login process and replay attacks.
  31   *
  32   * @since   4.0.0
  33   */
  34  trait AjaxHandlerChallenge
  35  {
  36      /**
  37       * Returns the public key set for the user and a unique challenge in a Public Key Credential Request encoded as
  38       * JSON.
  39       *
  40       * @param   AjaxChallenge  $event  The event we are handling
  41       *
  42       * @return  void
  43       *
  44       * @throws  Exception
  45       * @since   4.0.0
  46       */
  47      public function onAjaxWebauthnChallenge(AjaxChallenge $event): void
  48      {
  49          // Initialize objects
  50          $session    = $this->getApplication()->getSession();
  51          $input      = $this->getApplication()->input;
  52  
  53          // Retrieve data from the request
  54          $username  = $input->getUsername('username', '');
  55          $returnUrl = base64_encode(
  56              $session->get('plg_system_webauthn.returnUrl', Uri::current())
  57          );
  58          $returnUrl = $input->getBase64('returnUrl', $returnUrl);
  59          $returnUrl = base64_decode($returnUrl);
  60  
  61          // For security reasons the post-login redirection URL must be internal to the site.
  62          if (!Uri::isInternal($returnUrl)) {
  63              // If the URL wasn't internal redirect to the site's root.
  64              $returnUrl = Uri::base();
  65          }
  66  
  67          $session->set('plg_system_webauthn.returnUrl', $returnUrl);
  68  
  69          // Do I have a username?
  70          if (empty($username)) {
  71              $event->addResult(false);
  72  
  73              return;
  74          }
  75  
  76          // Is the username valid?
  77          try {
  78              $userId = UserHelper::getUserId($username);
  79          } catch (Exception $e) {
  80              $userId = 0;
  81          }
  82  
  83          if ($userId <= 0) {
  84              $event->addResult(false);
  85  
  86              return;
  87          }
  88  
  89          try {
  90              $myUser = Factory::getContainer()->get(UserFactoryInterface::class)->loadUserById($userId);
  91          } catch (Exception $e) {
  92              $myUser = new User();
  93          }
  94  
  95          if ($myUser->id != $userId || $myUser->guest) {
  96              $event->addResult(false);
  97  
  98              return;
  99          }
 100  
 101          $publicKeyCredentialRequestOptions = $this->authenticationHelper->getPubkeyRequestOptions($myUser);
 102  
 103          $session->set('plg_system_webauthn.userId', $userId);
 104  
 105          // Return the JSON encoded data to the caller
 106          $event->addResult(json_encode($publicKeyCredentialRequestOptions, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE));
 107      }
 108  }