Skip to content

Commit

Permalink
Fix missing pieces for moving to 5.0.0
Browse files Browse the repository at this point in the history
  • Loading branch information
@Spomky
Spomky committed Oct 22, 2023
1 parent 09644d6 commit a62e883
Show file tree
Hide file tree
Showing 5 changed files with 65 additions and 82 deletions.
84 changes: 22 additions & 62 deletions phpstan-baseline.neon
View file
Original file line number Diff line number Diff line change
Expand Up @@ -933,7 +933,7 @@ parameters:

-
message: "#^Cannot access offset 'options_builder' on mixed\\.$#"
count: 4
count: 2
path: src/symfony/src/DependencyInjection/WebauthnExtension.php

-
Expand Down Expand Up @@ -983,7 +983,7 @@ parameters:

-
message: "#^Cannot access offset 'types' on mixed\\.$#"
count: 3
count: 2
path: src/symfony/src/DependencyInjection/WebauthnExtension.php

-
Expand Down Expand Up @@ -1122,6 +1122,11 @@ parameters:
count: 1
path: src/symfony/src/Repository/DoctrineCredentialSourceRepository.php

-
message: "#^Class Webauthn\\\\Bundle\\\\Repository\\\\PublicKeyCredentialSourceRepository extends generic class Webauthn\\\\Bundle\\\\Repository\\\\DoctrineCredentialSourceRepository but does not specify its types\\: T$#"
count: 1
path: src/symfony/src/Repository/PublicKeyCredentialSourceRepository.php

-
message: "#^Fetching class constant class of deprecated class Webauthn\\\\PublicKeyCredentialSourceRepository\\.$#"
count: 2
Expand Down Expand Up @@ -1462,26 +1467,6 @@ parameters:
count: 1
path: src/symfony/src/Service/AuthenticatorAttestationResponseValidator.php

-
message: "#^@readonly property Webauthn\\\\PublicKeyCredentialCreationOptions\\:\\:\\$attestation is assigned outside of its declaring class\\.$#"
count: 1
path: src/symfony/src/Service/PublicKeyCredentialCreationOptionsFactory.php

-
message: "#^@readonly property Webauthn\\\\PublicKeyCredentialCreationOptions\\:\\:\\$authenticatorSelection is assigned outside of its declaring class\\.$#"
count: 1
path: src/symfony/src/Service/PublicKeyCredentialCreationOptionsFactory.php

-
message: "#^@readonly property Webauthn\\\\PublicKeyCredentialCreationOptions\\:\\:\\$excludeCredentials is assigned outside of its declaring class\\.$#"
count: 1
path: src/symfony/src/Service/PublicKeyCredentialCreationOptionsFactory.php

-
message: "#^@readonly property Webauthn\\\\PublicKeyCredentialOptions\\:\\:\\$timeout is assigned outside of its declaring class\\.$#"
count: 1
path: src/symfony/src/Service/PublicKeyCredentialCreationOptionsFactory.php

-
message: "#^Cannot access offset 'attestation…' on mixed\\.$#"
count: 1
Expand Down Expand Up @@ -1612,21 +1597,6 @@ parameters:
count: 1
path: src/symfony/src/Service/PublicKeyCredentialCreationOptionsFactory.php

-
message: "#^Property Webauthn\\\\PublicKeyCredentialCreationOptions\\:\\:\\$attestation \\(string\\|null\\) does not accept mixed\\.$#"
count: 1
path: src/symfony/src/Service/PublicKeyCredentialCreationOptionsFactory.php

-
message: "#^Property Webauthn\\\\PublicKeyCredentialOptions\\:\\:\\$timeout \\(int\\<1, max\\>\\|null\\) does not accept mixed\\.$#"
count: 1
path: src/symfony/src/Service/PublicKeyCredentialCreationOptionsFactory.php

-
message: "#^@readonly property Webauthn\\\\PublicKeyCredentialOptions\\:\\:\\$timeout is assigned outside of its declaring class\\.$#"
count: 1
path: src/symfony/src/Service/PublicKeyCredentialRequestOptionsFactory.php

-
message: "#^Cannot access offset 'challenge_length' on mixed\\.$#"
count: 1
Expand Down Expand Up @@ -1672,21 +1642,6 @@ parameters:
count: 1
path: src/symfony/src/Service/PublicKeyCredentialRequestOptionsFactory.php

-
message: "#^Property Webauthn\\\\PublicKeyCredentialOptions\\:\\:\\$timeout \\(int\\<1, max\\>\\|null\\) does not accept mixed\\.$#"
count: 1
path: src/symfony/src/Service/PublicKeyCredentialRequestOptionsFactory.php

-
message: "#^Property Webauthn\\\\PublicKeyCredentialRequestOptions\\:\\:\\$rpId \\(string\\|null\\) does not accept mixed\\.$#"
count: 1
path: src/symfony/src/Service/PublicKeyCredentialRequestOptionsFactory.php

-
message: "#^Property Webauthn\\\\PublicKeyCredentialRequestOptions\\:\\:\\$userVerification \\(string\\|null\\) does not accept mixed\\.$#"
count: 1
path: src/symfony/src/Service/PublicKeyCredentialRequestOptionsFactory.php

-
message: "#^Cannot access offset 'x5c' on mixed\\.$#"
count: 1
Expand Down Expand Up @@ -1742,11 +1697,6 @@ parameters:
count: 1
path: src/webauthn/src/AttestationStatement/AndroidSafetyNetAttestationStatementSupport.php

-
message: "#^Cannot access offset 'response'\\|'ver' on mixed\\.$#"
count: 1
path: src/webauthn/src/AttestationStatement/AndroidSafetyNetAttestationStatementSupport.php

-
message: "#^Cannot call method createRequest\\(\\) on Psr\\\\Http\\\\Message\\\\RequestFactoryInterface\\|null\\.$#"
count: 1
Expand Down Expand Up @@ -2448,11 +2398,6 @@ parameters:
count: 1
path: src/webauthn/src/Denormalizer/PublicKeyCredentialOptionsDenormalizer.php

-
message: "#^Cannot access offset 'credentialPublicKey'\\|'publicKeyCredential…'\\|'userHandle' on mixed\\.$#"
count: 2
path: src/webauthn/src/Denormalizer/PublicKeyCredentialSourceDenormalizer.php

-
message: "#^Method Webauthn\\\\Denormalizer\\\\PublicKeyCredentialSourceDenormalizer\\:\\:denormalize\\(\\) has parameter \\$context with no value type specified in iterable type array\\.$#"
count: 1
Expand Down Expand Up @@ -2488,6 +2433,21 @@ parameters:
count: 1
path: src/webauthn/src/Denormalizer/PublicKeyCredentialUserEntityDenormalizer.php

-
message: "#^Method Webauthn\\\\Denormalizer\\\\TrustPathDenormalizer\\:\\:denormalize\\(\\) has parameter \\$context with no value type specified in iterable type array\\.$#"
count: 1
path: src/webauthn/src/Denormalizer/TrustPathDenormalizer.php

-
message: "#^Method Webauthn\\\\Denormalizer\\\\TrustPathDenormalizer\\:\\:supportsDenormalization\\(\\) has parameter \\$context with no value type specified in iterable type array\\.$#"
count: 1
path: src/webauthn/src/Denormalizer/TrustPathDenormalizer.php

-
message: "#^Parameter \\#2 \\$array of function array_key_exists expects array, mixed given\\.$#"
count: 1
path: src/webauthn/src/Denormalizer/TrustPathDenormalizer.php

-
message: "#^@readonly property Webauthn\\\\PublicKeyCredentialCreationOptions\\:\\:\\$attestation is assigned outside of the constructor\\.$#"
count: 1
Expand Down
20 changes: 18 additions & 2 deletions src/symfony/src/Service/PublicKeyCredentialCreationOptionsFactory.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,9 @@
use Webauthn\PublicKeyCredentialRpEntity;
use Webauthn\PublicKeyCredentialUserEntity;
use function array_key_exists;
use function gettype;
use function is_int;
use function is_string;

final class PublicKeyCredentialCreationOptionsFactory implements CanDispatchEvents
{
Expand Down Expand Up @@ -64,6 +67,19 @@ public function create(
));
$profile = $this->profiles[$key];

$timeout = $profile['timeout'] ?? null;
$timeout === null || (is_int($timeout) && $timeout > 1) || throw new InvalidArgumentException(sprintf(
'The profile with key "%s" has an invalid timeout value. Expected a positive integer greater than 0, got "%s".',
$key,
gettype($timeout)
));
$attestation = $attestationConveyance ?? $profile['attestation_conveyance'] ?? null;
$attestation === null || is_string($attestation) || throw new InvalidArgumentException(sprintf(
'The profile with key "%s" has an invalid attestation_conveyance value. Expected a string or null, got "%s".',
$key,
gettype($attestation)
));

$options = PublicKeyCredentialCreationOptions
::create(
$this->createRpEntity($profile),
Expand All @@ -73,9 +89,9 @@ public function create(
authenticatorSelection: $authenticatorSelection ?? $this->createAuthenticatorSelectionCriteria(
$profile
),
attestation: $attestationConveyance ?? $profile['attestation_conveyance'],
attestation: $attestation,
excludeCredentials: $excludeCredentials,
timeout: $profile['timeout'],
timeout: $timeout,
extensions: $authenticationExtensionsClientInputs ?? $this->createExtensions($profile)
);
$this->eventDispatcher->dispatch(PublicKeyCredentialCreationOptionsCreatedEvent::create($options));
Expand Down
27 changes: 24 additions & 3 deletions src/symfony/src/Service/PublicKeyCredentialRequestOptionsFactory.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,9 @@
use Webauthn\PublicKeyCredentialDescriptor;
use Webauthn\PublicKeyCredentialRequestOptions;
use function array_key_exists;
use function gettype;
use function is_int;
use function is_string;

final class PublicKeyCredentialRequestOptionsFactory implements CanDispatchEvents
{
Expand Down Expand Up @@ -52,13 +55,31 @@ public function create(
$key
));
$profile = $this->profiles[$key];
$rpId = $profile['rp_id'] ?? null;
$rpId === null || is_string($rpId) || throw new InvalidArgumentException(sprintf(
'The profile with key "%s" has an invalid rp_id value. Expected a string or null, got "%s".',
$key,
gettype($rpId)
));
$timeout = $profile['timeout'] ?? null;
$timeout === null || (is_int($timeout) && $timeout > 1) || throw new InvalidArgumentException(sprintf(
'The profile with key "%s" has an invalid timeout value. Expected a positive integer greater than 0, got "%s".',
$key,
gettype($timeout)
));
$userVerification ??= $profile['user_verification'] ?? null;
$userVerification === null || is_string($userVerification) || throw new InvalidArgumentException(sprintf(
'The profile with key "%s" has an invalid attestation_conveyance value. Expected a string or null, got "%s".',
$key,
gettype($userVerification)
));

$options = PublicKeyCredentialRequestOptions::create(
random_bytes($profile['challenge_length']),
rpId: $profile['rp_id'],
rpId: $rpId,
allowCredentials: $allowCredentials,
userVerification: $userVerification ?? $profile['user_verification'],
timeout: $profile['timeout'],
userVerification: $userVerification,
timeout: $timeout,
extensions: $authenticationExtensionsClientInputs ?? $this->createExtensions($profile)
);
$this->eventDispatcher->dispatch(PublicKeyCredentialRequestOptionsCreatedEvent::create($options));
Expand Down
6 changes: 0 additions & 6 deletions src/webauthn/src/Denormalizer/TrustPathDenormalizer.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,6 @@ final class TrustPathDenormalizer implements DenormalizerInterface, Denormalizer

private const ALREADY_CALLED = 'TRUST_PATH_PREPROCESS_ALREADY_CALLED';

/**
* @param array<string, mixed> $context
*/
public function denormalize(mixed $data, string $type, string $format = null, array $context = [])
{
if ($this->denormalizer === null) {
Expand All @@ -47,9 +44,6 @@ public function denormalize(mixed $data, string $type, string $format = null, ar
return $this->denormalizer->denormalize($data, $className, $format, $context);
}

/**
* @param array<string, mixed> $context
*/
public function supportsDenormalization(mixed $data, string $type, string $format = null, array $context = []): bool
{
if ($context[self::ALREADY_CALLED] ?? false) {
Expand Down
10 changes: 1 addition & 9 deletions tests/library/Functional/AttestationTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,8 @@

namespace Webauthn\Tests\Functional;

use Cose\Algorithm\Manager;
use Cose\Algorithm\Signature\ECDSA\ES256;
use ParagonIE\ConstantTime\Base64UrlSafe;
use PHPUnit\Framework\Attributes\Test;
use Webauthn\AttestationStatement\AttestationStatementSupportManager;
use Webauthn\AttestationStatement\PackedAttestationStatementSupport;
use Webauthn\AttestedCredentialData;
use Webauthn\AuthenticatorAttestationResponse;
use Webauthn\AuthenticatorData;
Expand All @@ -36,13 +32,9 @@ public function aResponseCannotBeLoaded(): void
#[Test]
public function anAttestationSignedWithEcDSA521ShouldBeVerified(): void
{
// Given
$attestationSupportManager = AttestationStatementSupportManager::create([
PackedAttestationStatementSupport::create(Manager::create()->add(ES256::create())),
]);
$serializer = $this->getSerializer();
$options = '{"rp":{"name":"Webauthn Demo","id":"webauthn.spomky-labs.com"},"pubKeyCredParams":[{"type":"public-key","alg":-8},{"type":"public-key","alg":-7},{"type":"public-key","alg":-46},{"type":"public-key","alg":-35},{"type":"public-key","alg":-36},{"type":"public-key","alg":-257},{"type":"public-key","alg":-258},{"type":"public-key","alg":-259},{"type":"public-key","alg":-37},{"type":"public-key","alg":-38},{"type":"public-key","alg":-39}],"challenge":"MJr5sD0WitVwZM0eoSO6kWhyseT67vc3oQdk_k1VdZQ","attestation":"direct","user":{"name":"zOEOkAZGg3ZrD8l_TFwD","id":"ZDYzNGZlZGQtMGZiNi00ZDY3LWI5OGEtNDk2OWY2ZTMwNTY1","displayName":"Shenika Olin"},"authenticatorSelection":{"requireResidentKey":false,"userVerification":"preferred"},"timeout":60000}';
$response = '{"id":"R4fAVj9osgVVZL7yHftPeVOmjom3xw4ZLK7Dt_8mzOM","rawId":"R4fAVj9osgVVZL7yHftPeVOmjom3xw4ZLK7Dt/8mzOM","response":{"attestationObject":"o2NmbXRmcGFja2VkZ2F0dFN0bXSiY2FsZzgjY3NpZ1iLMIGIAkIA-KkXe-BmfxZgJNet2JPOZ6-fjPQskjnqOYWf7LW2iMFDbbZ3_oU18m0IGVksCPOaSsDs6MC14CQSqcQpvo0YxHMCQgFKm882cBfrPs4zM7piS3bM3yG6W4OrS9bbIj34e7b9JNH0Ee-w0cAeUaxQNyyedC4y4fSqvUjDT0f0Mj-iE0-pa2hhdXRoRGF0YVjplgTqgoJOmKStoUtEYtDXOo7EaRMNqRsZMHRZIp90o1lBAAAAlSOIq42JFUFGk7rUPmcdJTgAIEeHwFY_aLIFVWS-8h37T3lTpo6Jt8cOGSyuw7f_JszjpQECAzgjIAMhWEIA6Q6fXXQzt2RH6cq4eKJpfFU4nhmCWH2DKAa33T-uGStxA0zaA3goYphgRW6PkgyETh-Q4I3-NJ6KCx-5QV39v50iWEIAA9xyNnqltQaG2UuiLtuSNM59PLv3skYKKmnAvUDT7J6YwPwVyzOWKOyIfgQc9oPO9dRQ21Da498iOhx5qA5gbRo","clientDataJSON":"eyJvcmlnaW4iOiJodHRwczovL3dlYmF1dGhuLnNwb21reS1sYWJzLmNvbSIsImNoYWxsZW5nZSI6Ik1KcjVzRDBXaXRWd1pNMGVvU082a1doeXNlVDY3dmMzb1Fka19rMVZkWlEiLCJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIn0","transports":["usb"]},"type":"public-key"}';
$serializer = $this->getSerializer();
$publicKeyCredentialCreationOptions = $serializer->deserialize(
$options,
PublicKeyCredentialCreationOptions::class,
Expand Down

0 comments on commit a62e883

Please sign in to comment.