[ Index ] |
PHP Cross Reference of Joomla 4.2.2 documentation |
[Summary view] [Print] [Text view]
1 <?php 2 3 /** 4 * @package Joomla.Plugin 5 * @subpackage System.Webauthn 6 * 7 * @copyright (C) 2020 Open Source Matters, Inc. <https://www.joomla.org> 8 * @license GNU General Public License version 2 or later; see LICENSE.txt 9 */ 10 11 namespace Joomla\Plugin\System\Webauthn\PluginTraits; 12 13 use Exception; 14 use Joomla\CMS\Event\Plugin\System\Webauthn\AjaxChallenge; 15 use Joomla\CMS\Factory; 16 use Joomla\CMS\Uri\Uri; 17 use Joomla\CMS\User\User; 18 use Joomla\CMS\User\UserFactoryInterface; 19 use Joomla\CMS\User\UserHelper; 20 use Joomla\Event\Event; 21 22 // phpcs:disable PSR1.Files.SideEffects 23 \defined('_JEXEC') or die; 24 // phpcs:enable PSR1.Files.SideEffects 25 26 /** 27 * Ajax handler for akaction=challenge 28 * 29 * Generates the public key and challenge which is used by the browser when logging in with Webauthn. This is the bit 30 * which prevents tampering with the login process and replay attacks. 31 * 32 * @since 4.0.0 33 */ 34 trait AjaxHandlerChallenge 35 { 36 /** 37 * Returns the public key set for the user and a unique challenge in a Public Key Credential Request encoded as 38 * JSON. 39 * 40 * @param AjaxChallenge $event The event we are handling 41 * 42 * @return void 43 * 44 * @throws Exception 45 * @since 4.0.0 46 */ 47 public function onAjaxWebauthnChallenge(AjaxChallenge $event): void 48 { 49 // Initialize objects 50 $session = $this->getApplication()->getSession(); 51 $input = $this->getApplication()->input; 52 53 // Retrieve data from the request 54 $username = $input->getUsername('username', ''); 55 $returnUrl = base64_encode( 56 $session->get('plg_system_webauthn.returnUrl', Uri::current()) 57 ); 58 $returnUrl = $input->getBase64('returnUrl', $returnUrl); 59 $returnUrl = base64_decode($returnUrl); 60 61 // For security reasons the post-login redirection URL must be internal to the site. 62 if (!Uri::isInternal($returnUrl)) { 63 // If the URL wasn't internal redirect to the site's root. 64 $returnUrl = Uri::base(); 65 } 66 67 $session->set('plg_system_webauthn.returnUrl', $returnUrl); 68 69 // Do I have a username? 70 if (empty($username)) { 71 $event->addResult(false); 72 73 return; 74 } 75 76 // Is the username valid? 77 try { 78 $userId = UserHelper::getUserId($username); 79 } catch (Exception $e) { 80 $userId = 0; 81 } 82 83 if ($userId <= 0) { 84 $event->addResult(false); 85 86 return; 87 } 88 89 try { 90 $myUser = Factory::getContainer()->get(UserFactoryInterface::class)->loadUserById($userId); 91 } catch (Exception $e) { 92 $myUser = new User(); 93 } 94 95 if ($myUser->id != $userId || $myUser->guest) { 96 $event->addResult(false); 97 98 return; 99 } 100 101 $publicKeyCredentialRequestOptions = $this->authenticationHelper->getPubkeyRequestOptions($myUser); 102 103 $session->set('plg_system_webauthn.userId', $userId); 104 105 // Return the JSON encoded data to the caller 106 $event->addResult(json_encode($publicKeyCredentialRequestOptions, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE)); 107 } 108 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Wed Sep 7 05:41:13 2022 | Chilli.vc Blog - For Webmaster,Blog-Writer,System Admin and Domainer |