diff --git a/.ci-tools/phpstan-baseline.neon b/.ci-tools/phpstan-baseline.neon index eef133d74..35669c002 100644 --- a/.ci-tools/phpstan-baseline.neon +++ b/.ci-tools/phpstan-baseline.neon @@ -60,6 +60,48 @@ parameters: count: 1 path: ../src/symfony/src/Controller/AssertionControllerFactory.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSourceRepository of method Webauthn\Bundle\Controller\AssertionControllerFactory::__construct() has typehint with deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedInterface + count: 1 + path: ../src/symfony/src/Controller/AssertionControllerFactory.php + + - + rawMessage: ''' + Property $publicKeyCredentialSourceRepository references deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface in its type: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: property.deprecatedInterface + count: 1 + path: ../src/symfony/src/Controller/AssertionControllerFactory.php + + - + rawMessage: 'Parameter #1 $publicKeyCredentialSource of method Webauthn\AuthenticatorAssertionResponseValidator::check() expects Webauthn\PublicKeyCredentialSource, Webauthn\CredentialRecord given.' + identifier: argument.type + count: 1 + path: ../src/symfony/src/Controller/AssertionResponseController.php + + - + rawMessage: ''' + Parameter $publicKeyCredentialSourceRepository of method Webauthn\Bundle\Controller\AssertionResponseController::__construct() has typehint with deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedInterface + count: 1 + path: ../src/symfony/src/Controller/AssertionResponseController.php + + - + rawMessage: ''' + Property $publicKeyCredentialSourceRepository references deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface in its type: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: property.deprecatedInterface + count: 1 + path: ../src/symfony/src/Controller/AssertionResponseController.php + - rawMessage: 'Method Webauthn\Bundle\Controller\AttestationControllerFactory::createRequestController() has parameter $optionStorage with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration @@ -84,6 +126,24 @@ parameters: count: 1 path: ../src/symfony/src/Controller/AttestationControllerFactory.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSourceRepository of method Webauthn\Bundle\Controller\AttestationControllerFactory::__construct() has typehint with deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedInterface + count: 1 + path: ../src/symfony/src/Controller/AttestationControllerFactory.php + + - + rawMessage: ''' + Property $publicKeyCredentialSourceRepository references deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface in its type: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: property.deprecatedInterface + count: 1 + path: ../src/symfony/src/Controller/AttestationControllerFactory.php + - rawMessage: Constructor in Webauthn\Bundle\Controller\AttestationRequestController has parameter $hideExistingExcludedCredentials with default value. identifier: ergebnis.noConstructorParameterWithDefaultValue @@ -96,6 +156,66 @@ parameters: count: 1 path: ../src/symfony/src/Controller/AttestationRequestController.php + - + rawMessage: ''' + Instanceof references deprecated interface Webauthn\Bundle\Repository\CanSaveCredentialSource: + since 5.3, use CanSaveCredentialRecord instead. Will be removed in 6.0. + ''' + identifier: instanceof.deprecatedInterface + count: 1 + path: ../src/symfony/src/Controller/AttestationResponseController.php + + - + rawMessage: ''' + Parameter $credentialSourceRepository of method Webauthn\Bundle\Controller\AttestationResponseController::__construct() has typehint with deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedInterface + count: 1 + path: ../src/symfony/src/Controller/AttestationResponseController.php + + - + rawMessage: ''' + Property $credentialSourceRepository references deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface in its type: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: property.deprecatedInterface + count: 1 + path: ../src/symfony/src/Controller/AttestationResponseController.php + + - + rawMessage: 'Parameter #1 $callback of function array_map expects (callable(Webauthn\CredentialRecord): mixed)|null, Closure(Webauthn\PublicKeyCredentialSource): Webauthn\PublicKeyCredentialDescriptor given.' + identifier: argument.type + count: 1 + path: ../src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php + + - + rawMessage: ''' + Parameter $credential of anonymous function has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php + + - + rawMessage: ''' + Parameter $credentialSourceRepository of method Webauthn\Bundle\CredentialOptionsBuilder\ProfileBasedCreationOptionsBuilder::__construct() has typehint with deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedInterface + count: 1 + path: ../src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php + + - + rawMessage: ''' + Property $credentialSourceRepository references deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface in its type: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: property.deprecatedInterface + count: 1 + path: ../src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php + - rawMessage: Constructor in Webauthn\Bundle\CredentialOptionsBuilder\ProfileBasedRequestOptionsBuilder has parameter $fakeCredentialGenerator with default value. identifier: ergebnis.noConstructorParameterWithDefaultValue @@ -132,12 +252,45 @@ parameters: count: 1 path: ../src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php + - + rawMessage: 'Parameter #1 $callback of function array_map expects (callable(Webauthn\CredentialRecord): mixed)|null, Closure(Webauthn\PublicKeyCredentialSource): Webauthn\PublicKeyCredentialDescriptor given.' + identifier: argument.type + count: 1 + path: ../src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php + - rawMessage: 'Parameter #1 $userEntity of method Webauthn\Bundle\CredentialOptionsBuilder\ProfileBasedRequestOptionsBuilder::getCredentials() expects Webauthn\PublicKeyCredentialUserEntity, Webauthn\PublicKeyCredentialUserEntity|null given.' identifier: argument.type count: 1 path: ../src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php + - + rawMessage: ''' + Parameter $credential of anonymous function has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php + + - + rawMessage: ''' + Parameter $credentialSourceRepository of method Webauthn\Bundle\CredentialOptionsBuilder\ProfileBasedRequestOptionsBuilder::__construct() has typehint with deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedInterface + count: 1 + path: ../src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php + + - + rawMessage: ''' + Property $credentialSourceRepository references deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface in its type: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: property.deprecatedInterface + count: 1 + path: ../src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php + - rawMessage: 'Method Webauthn\Bundle\CredentialOptionsBuilder\PublicKeyCredentialRequestOptionsBuilder::getFromRequest() has parameter $userEntity that is passed by reference.' identifier: ergebnis.noParameterPassedByReference @@ -327,6 +480,15 @@ parameters: count: 3 path: ../src/symfony/src/DependencyInjection/Configuration.php + - + rawMessage: ''' + Access to constant on deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: classConstant.deprecatedInterface + count: 2 + path: ../src/symfony/src/DependencyInjection/Factory/Security/WebauthnFactory.php + - rawMessage: Cannot access offset 'enabled' on mixed. identifier: offsetAccess.nonOffsetAccessible @@ -651,6 +813,15 @@ parameters: count: 1 path: ../src/symfony/src/DependencyInjection/Factory/Security/WebauthnServicesFactory.php + - + rawMessage: ''' + Access to constant on deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: classConstant.deprecatedInterface + count: 3 + path: ../src/symfony/src/DependencyInjection/WebauthnExtension.php + - rawMessage: 'Binary operation "+=" between mixed and array{attested_credential_data: ''Webauthn\\Bundle\\Doctrine\\Type\\AttestedCredentialDataType'', aaguid: ''Webauthn\\Bundle\\Doctrine\\Type\\AAGUIDDataType'', base64: ''Webauthn\\Bundle\\Doctrine\\Type\\Base64BinaryDataType'', public_key_credential_descriptor: ''Webauthn\\Bundle\\Doctrine\\Type\\PublicKeyCredentialDescriptorType'', trust_path: ''Webauthn\\Bundle\\Doctrine\\Type\\TrustPathDataType''} results in an error.' identifier: assignOp.invalid @@ -1161,6 +1332,12 @@ parameters: count: 1 path: ../src/symfony/src/Repository/CanGenerateUserEntity.php + - + rawMessage: 'Method Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface::findOneByCredentialId() has a nullable return type declaration.' + identifier: ergebnis.noNullableReturnTypeDeclaration + count: 1 + path: ../src/symfony/src/Repository/CredentialRecordRepositoryInterface.php + - rawMessage: Class "Webauthn\Bundle\Repository\DoctrineCredentialSourceRepository" is not allowed to extend "Doctrine\Bundle\DoctrineBundle\Repository\ServiceEntityRepository". identifier: ergebnis.noExtends @@ -1174,7 +1351,7 @@ parameters: path: ../src/symfony/src/Repository/DoctrineCredentialSourceRepository.php - - rawMessage: 'Method Webauthn\Bundle\Repository\DoctrineCredentialSourceRepository::findAllForUserEntity() should return array but returns mixed.' + rawMessage: 'Method Webauthn\Bundle\Repository\DoctrineCredentialSourceRepository::findAllForUserEntity() should return array but returns mixed.' identifier: return.type count: 1 path: ../src/symfony/src/Repository/DoctrineCredentialSourceRepository.php @@ -1191,6 +1368,15 @@ parameters: count: 1 path: ../src/symfony/src/Repository/DoctrineCredentialSourceRepository.php + - + rawMessage: ''' + Class Webauthn\Bundle\Repository\DummyPublicKeyCredentialSourceRepository implements deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: class.implementsDeprecatedInterface + count: 1 + path: ../src/symfony/src/Repository/DummyPublicKeyCredentialSourceRepository.php + - rawMessage: Class Webauthn\Bundle\Repository\DummyPublicKeyCredentialSourceRepository is neither abstract nor final. identifier: ergebnis.final @@ -1209,6 +1395,15 @@ parameters: count: 1 path: ../src/symfony/src/Repository/DummyPublicKeyCredentialSourceRepository.php + - + rawMessage: ''' + Return type of method Webauthn\Bundle\Repository\DummyPublicKeyCredentialSourceRepository::findOneByCredentialId() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: return.deprecatedClass + count: 1 + path: ../src/symfony/src/Repository/DummyPublicKeyCredentialSourceRepository.php + - rawMessage: Class Webauthn\Bundle\Repository\DummyPublicKeyCredentialUserEntityRepository is neither abstract nor final. identifier: ergebnis.final @@ -1233,12 +1428,6 @@ parameters: count: 1 path: ../src/symfony/src/Repository/DummyPublicKeyCredentialUserEntityRepository.php - - - rawMessage: 'Method Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface::findOneByCredentialId() has a nullable return type declaration.' - identifier: ergebnis.noNullableReturnTypeDeclaration - count: 1 - path: ../src/symfony/src/Repository/PublicKeyCredentialSourceRepositoryInterface.php - - rawMessage: 'Method Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepositoryInterface::findOneByUserHandle() has a nullable return type declaration.' identifier: ergebnis.noNullableReturnTypeDeclaration @@ -1251,6 +1440,15 @@ parameters: count: 1 path: ../src/symfony/src/Repository/PublicKeyCredentialUserEntityRepositoryInterface.php + - + rawMessage: ''' + Access to constant on deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: classConstant.deprecatedInterface + count: 1 + path: ../src/symfony/src/Resources/config/security.php + - rawMessage: Class "Webauthn\Bundle\Routing\Loader" is not allowed to extend "Symfony\Component\Config\Loader\Loader". identifier: ergebnis.noExtends @@ -1644,12 +1842,39 @@ parameters: count: 1 path: ../src/symfony/src/Security/Authentication/WebauthnBadge.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\Bundle\Security\Authentication\WebauthnBadge::markResolved() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/symfony/src/Security/Authentication/WebauthnBadge.php + + - + rawMessage: ''' + Property $publicKeyCredentialSource references deprecated class Webauthn\PublicKeyCredentialSource in its type: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: property.deprecatedClass + count: 1 + path: ../src/symfony/src/Security/Authentication/WebauthnBadge.php + - rawMessage: 'Property Webauthn\Bundle\Security\Authentication\WebauthnBadge::$user (Symfony\Component\Security\Core\User\UserInterface) does not accept mixed.' identifier: assign.propertyType count: 1 path: ../src/symfony/src/Security/Authentication/WebauthnBadge.php + - + rawMessage: ''' + Return type of method Webauthn\Bundle\Security\Authentication\WebauthnBadge::getPublicKeyCredentialSource() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: return.deprecatedClass + count: 1 + path: ../src/symfony/src/Security/Authentication/WebauthnBadge.php + - rawMessage: 'Webauthn\Bundle\Security\Authentication\WebauthnBadge::__construct() does not call parent constructor from Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge.' identifier: constructor.missingParentCall @@ -1671,6 +1896,15 @@ parameters: count: 1 path: ../src/symfony/src/Security/Authentication/WebauthnBadgeListener.php + - + rawMessage: ''' + Instanceof references deprecated interface Webauthn\Bundle\Repository\CanSaveCredentialSource: + since 5.3, use CanSaveCredentialRecord instead. Will be removed in 6.0. + ''' + identifier: instanceof.deprecatedInterface + count: 2 + path: ../src/symfony/src/Security/Authentication/WebauthnBadgeListener.php + - rawMessage: 'Method Webauthn\Bundle\Security\Authentication\WebauthnBadgeListener::__construct() has parameter $userProvider with generic interface Symfony\Component\Security\Core\User\UserProviderInterface but does not specify its types: TUser' identifier: missingType.generics @@ -1689,6 +1923,30 @@ parameters: count: 1 path: ../src/symfony/src/Security/Authentication/WebauthnBadgeListener.php + - + rawMessage: 'Parameter #1 $publicKeyCredentialSource of method Webauthn\AuthenticatorAssertionResponseValidator::check() expects Webauthn\PublicKeyCredentialSource, Webauthn\CredentialRecord given.' + identifier: argument.type + count: 1 + path: ../src/symfony/src/Security/Authentication/WebauthnBadgeListener.php + + - + rawMessage: ''' + Parameter $publicKeyCredentialSourceRepository of method Webauthn\Bundle\Security\Authentication\WebauthnBadgeListener::__construct() has typehint with deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedInterface + count: 1 + path: ../src/symfony/src/Security/Authentication/WebauthnBadgeListener.php + + - + rawMessage: ''' + Property $publicKeyCredentialSourceRepository references deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface in its type: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: property.deprecatedInterface + count: 1 + path: ../src/symfony/src/Security/Authentication/WebauthnBadgeListener.php + - rawMessage: Class "Webauthn\Bundle\Security\Authentication\WebauthnPassport" is not allowed to extend "Symfony\Component\Security\Http\Authenticator\Passport\Passport". identifier: ergebnis.noExtends @@ -1779,6 +2037,33 @@ parameters: count: 1 path: ../src/symfony/src/Security/Http/Authenticator/Passport/Credentials/WebauthnCredentials.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\Bundle\Security\Http\Authenticator\Passport\Credentials\WebauthnCredentials::__construct() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/symfony/src/Security/Http/Authenticator/Passport/Credentials/WebauthnCredentials.php + + - + rawMessage: ''' + Property $publicKeyCredentialSource references deprecated class Webauthn\PublicKeyCredentialSource in its type: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: property.deprecatedClass + count: 1 + path: ../src/symfony/src/Security/Http/Authenticator/Passport/Credentials/WebauthnCredentials.php + + - + rawMessage: ''' + Return type of method Webauthn\Bundle\Security\Http\Authenticator\Passport\Credentials\WebauthnCredentials::getPublicKeyCredentialSource() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: return.deprecatedClass + count: 1 + path: ../src/symfony/src/Security/Http/Authenticator/Passport/Credentials/WebauthnCredentials.php + - rawMessage: ''' Access to deprecated property $name of class Webauthn\PublicKeyCredentialEntity: @@ -1788,6 +2073,15 @@ parameters: count: 3 path: ../src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php + - + rawMessage: ''' + Instanceof references deprecated interface Webauthn\Bundle\Repository\CanSaveCredentialSource: + since 5.3, use CanSaveCredentialRecord instead. Will be removed in 6.0. + ''' + identifier: instanceof.deprecatedInterface + count: 2 + path: ../src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php + - rawMessage: 'Method Webauthn\Bundle\Security\Http\Authenticator\WebauthnAuthenticator::__construct() has parameter $userProvider with generic interface Symfony\Component\Security\Core\User\UserProviderInterface but does not specify its types: TUser' identifier: missingType.generics @@ -1800,6 +2094,30 @@ parameters: count: 1 path: ../src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php + - + rawMessage: 'Parameter #1 $publicKeyCredentialSource of method Webauthn\AuthenticatorAssertionResponseValidator::check() expects Webauthn\PublicKeyCredentialSource, Webauthn\CredentialRecord given.' + identifier: argument.type + count: 1 + path: ../src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php + + - + rawMessage: ''' + Parameter $publicKeyCredentialSourceRepository of method Webauthn\Bundle\Security\Http\Authenticator\WebauthnAuthenticator::__construct() has typehint with deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedInterface + count: 1 + path: ../src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php + + - + rawMessage: ''' + Property $publicKeyCredentialSourceRepository references deprecated interface Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface in its type: + since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + ''' + identifier: property.deprecatedInterface + count: 1 + path: ../src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php + - rawMessage: 'Method Webauthn\Bundle\Security\Storage\Item::__construct() has parameter $publicKeyCredentialUserEntity with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration @@ -3168,6 +3486,42 @@ parameters: count: 1 path: ../src/webauthn/src/AuthenticatorAssertionResponseValidator.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\AuthenticatorAssertionResponseValidator::check() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/AuthenticatorAssertionResponseValidator.php + + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\AuthenticatorAssertionResponseValidator::createAuthenticatorAssertionResponseValidationFailedEvent() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/AuthenticatorAssertionResponseValidator.php + + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\AuthenticatorAssertionResponseValidator::createAuthenticatorAssertionResponseValidationSucceededEvent() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/AuthenticatorAssertionResponseValidator.php + + - + rawMessage: ''' + Return type of method Webauthn\AuthenticatorAssertionResponseValidator::check() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: return.deprecatedClass + count: 1 + path: ../src/webauthn/src/AuthenticatorAssertionResponseValidator.php + - rawMessage: Class "Webauthn\AuthenticatorAttestationResponse" is not allowed to extend "Webauthn\AuthenticatorResponse". identifier: ergebnis.noExtends @@ -3187,26 +3541,62 @@ parameters: path: ../src/webauthn/src/AuthenticatorAttestationResponse.php - - rawMessage: Class Webauthn\AuthenticatorAttestationResponseValidator is neither abstract nor final. - identifier: ergebnis.final + rawMessage: ''' + Call to method create() of deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: staticMethod.deprecatedClass count: 1 path: ../src/webauthn/src/AuthenticatorAttestationResponseValidator.php - - rawMessage: Class Webauthn\AuthenticatorData is neither abstract nor final. + rawMessage: Class Webauthn\AuthenticatorAttestationResponseValidator is neither abstract nor final. identifier: ergebnis.final count: 1 - path: ../src/webauthn/src/AuthenticatorData.php + path: ../src/webauthn/src/AuthenticatorAttestationResponseValidator.php - - rawMessage: 'Method Webauthn\AuthenticatorData::__construct() has parameter $attestedCredentialData with a nullable type declaration.' - identifier: ergebnis.noParameterWithNullableTypeDeclaration + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\AuthenticatorAttestationResponseValidator::createAuthenticatorAttestationResponseValidationSucceededEvent() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass count: 1 - path: ../src/webauthn/src/AuthenticatorData.php + path: ../src/webauthn/src/AuthenticatorAttestationResponseValidator.php - - rawMessage: 'Method Webauthn\AuthenticatorData::__construct() has parameter $extensions with a nullable type declaration.' - identifier: ergebnis.noParameterWithNullableTypeDeclaration + rawMessage: ''' + Return type of method Webauthn\AuthenticatorAttestationResponseValidator::check() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: return.deprecatedClass + count: 1 + path: ../src/webauthn/src/AuthenticatorAttestationResponseValidator.php + + - + rawMessage: ''' + Return type of method Webauthn\AuthenticatorAttestationResponseValidator::createPublicKeyCredentialSource() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: return.deprecatedClass + count: 1 + path: ../src/webauthn/src/AuthenticatorAttestationResponseValidator.php + + - + rawMessage: Class Webauthn\AuthenticatorData is neither abstract nor final. + identifier: ergebnis.final + count: 1 + path: ../src/webauthn/src/AuthenticatorData.php + + - + rawMessage: 'Method Webauthn\AuthenticatorData::__construct() has parameter $attestedCredentialData with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/AuthenticatorData.php + + - + rawMessage: 'Method Webauthn\AuthenticatorData::__construct() has parameter $extensions with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 path: ../src/webauthn/src/AuthenticatorData.php @@ -3336,12 +3726,30 @@ parameters: count: 1 path: ../src/webauthn/src/CeremonyStep/CeremonyStep.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CeremonyStep::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CeremonyStep.php + - rawMessage: 'Method Webauthn\CeremonyStep\CeremonyStepManager::process() has parameter $userHandle with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 path: ../src/webauthn/src/CeremonyStep/CeremonyStepManager.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CeremonyStepManager::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CeremonyStepManager.php + - rawMessage: ''' Call to method __construct() of deprecated class Webauthn\CeremonyStep\CheckOrigin: @@ -3372,12 +3780,30 @@ parameters: count: 1 path: ../src/webauthn/src/CeremonyStep/CheckAlgorithm.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckAlgorithm::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckAlgorithm.php + - rawMessage: 'Method Webauthn\CeremonyStep\CheckAllowedCredentialList::process() has parameter $userHandle with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 path: ../src/webauthn/src/CeremonyStep/CheckAllowedCredentialList.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckAllowedCredentialList::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckAllowedCredentialList.php + - rawMessage: Constructor in Webauthn\CeremonyStep\CheckAllowedOrigins has parameter $allowSubdomains with default value. identifier: ergebnis.noConstructorParameterWithDefaultValue @@ -3396,24 +3822,60 @@ parameters: count: 1 path: ../src/webauthn/src/CeremonyStep/CheckAllowedOrigins.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckAllowedOrigins::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckAllowedOrigins.php + - rawMessage: 'Method Webauthn\CeremonyStep\CheckAttestationFormatIsKnownAndValid::process() has parameter $userHandle with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 path: ../src/webauthn/src/CeremonyStep/CheckAttestationFormatIsKnownAndValid.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckAttestationFormatIsKnownAndValid::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckAttestationFormatIsKnownAndValid.php + - rawMessage: 'Method Webauthn\CeremonyStep\CheckBackupBitsAreConsistent::process() has parameter $userHandle with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 path: ../src/webauthn/src/CeremonyStep/CheckBackupBitsAreConsistent.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckBackupBitsAreConsistent::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckBackupBitsAreConsistent.php + - rawMessage: 'Method Webauthn\CeremonyStep\CheckChallenge::process() has parameter $userHandle with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 path: ../src/webauthn/src/CeremonyStep/CheckChallenge.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckChallenge::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckChallenge.php + - rawMessage: Constructor in Webauthn\CeremonyStep\CheckClientDataCollectorType has parameter $clientDataCollectorManager with default value. identifier: ergebnis.noConstructorParameterWithDefaultValue @@ -3438,12 +3900,30 @@ parameters: count: 1 path: ../src/webauthn/src/CeremonyStep/CheckClientDataCollectorType.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckClientDataCollectorType::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckClientDataCollectorType.php + - rawMessage: 'Method Webauthn\CeremonyStep\CheckCounter::process() has parameter $userHandle with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 path: ../src/webauthn/src/CeremonyStep/CheckCounter.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckCounter::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckCounter.php + - rawMessage: Class Webauthn\CeremonyStep\CheckCredentialId is neither abstract nor final. identifier: ergebnis.final @@ -3456,18 +3936,45 @@ parameters: count: 1 path: ../src/webauthn/src/CeremonyStep/CheckCredentialId.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckCredentialId::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckCredentialId.php + - rawMessage: 'Method Webauthn\CeremonyStep\CheckExtensions::process() has parameter $userHandle with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 path: ../src/webauthn/src/CeremonyStep/CheckExtensions.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckExtensions::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckExtensions.php + - rawMessage: 'Method Webauthn\CeremonyStep\CheckHasAttestedCredentialData::process() has parameter $userHandle with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 path: ../src/webauthn/src/CeremonyStep/CheckHasAttestedCredentialData.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckHasAttestedCredentialData::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckHasAttestedCredentialData.php + - rawMessage: 'Method Webauthn\CeremonyStep\CheckMetadataStatement::checkCertificateChain() has parameter $metadataStatement with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration @@ -3480,6 +3987,15 @@ parameters: count: 1 path: ../src/webauthn/src/CeremonyStep/CheckMetadataStatement.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckMetadataStatement::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckMetadataStatement.php + - rawMessage: 'Method Webauthn\CeremonyStep\CheckOrigin::getFacetId() has parameter $authenticationExtensionsClientOutputs with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration @@ -3504,6 +4020,15 @@ parameters: count: 1 path: ../src/webauthn/src/CeremonyStep/CheckRelyingPartyIdIdHash.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckRelyingPartyIdIdHash::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckRelyingPartyIdIdHash.php + - rawMessage: Constructor in Webauthn\CeremonyStep\CheckSignature has parameter $algorithmManager with default value. identifier: ergebnis.noConstructorParameterWithDefaultValue @@ -3528,6 +4053,15 @@ parameters: count: 1 path: ../src/webauthn/src/CeremonyStep/CheckSignature.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckSignature::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckSignature.php + - rawMessage: Class Webauthn\CeremonyStep\CheckTopOrigin is neither abstract nor final. identifier: ergebnis.final @@ -3558,24 +4092,60 @@ parameters: count: 1 path: ../src/webauthn/src/CeremonyStep/CheckTopOrigin.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckTopOrigin::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckTopOrigin.php + - rawMessage: 'Method Webauthn\CeremonyStep\CheckUserHandle::process() has parameter $userHandle with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 path: ../src/webauthn/src/CeremonyStep/CheckUserHandle.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckUserHandle::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckUserHandle.php + - rawMessage: 'Method Webauthn\CeremonyStep\CheckUserVerification::process() has parameter $userHandle with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 path: ../src/webauthn/src/CeremonyStep/CheckUserVerification.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckUserVerification::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckUserVerification.php + - rawMessage: 'Method Webauthn\CeremonyStep\CheckUserWasPresent::process() has parameter $userHandle with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 path: ../src/webauthn/src/CeremonyStep/CheckUserWasPresent.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\CeremonyStep\CheckUserWasPresent::process() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/CeremonyStep/CheckUserWasPresent.php + - rawMessage: Class Webauthn\CollectedClientData is neither abstract nor final. identifier: ergebnis.final @@ -3600,12 +4170,156 @@ parameters: count: 1 path: ../src/webauthn/src/CollectedClientData.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\Counter\CounterChecker::check() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/Counter/CounterChecker.php + - rawMessage: Constructor in Webauthn\Counter\ThrowExceptionIfInvalid has parameter $logger with default value. identifier: ergebnis.noConstructorParameterWithDefaultValue count: 1 path: ../src/webauthn/src/Counter/ThrowExceptionIfInvalid.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\Counter\ThrowExceptionIfInvalid::check() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/Counter/ThrowExceptionIfInvalid.php + + - + rawMessage: Class Webauthn\CredentialRecord is neither abstract nor final. + identifier: ergebnis.final + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: Constructor in Webauthn\CredentialRecord has parameter $backupEligible with default value. + identifier: ergebnis.noConstructorParameterWithDefaultValue + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: Constructor in Webauthn\CredentialRecord has parameter $backupStatus with default value. + identifier: ergebnis.noConstructorParameterWithDefaultValue + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: Constructor in Webauthn\CredentialRecord has parameter $otherUI with default value. + identifier: ergebnis.noConstructorParameterWithDefaultValue + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: Constructor in Webauthn\CredentialRecord has parameter $uvInitialized with default value. + identifier: ergebnis.noConstructorParameterWithDefaultValue + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: 'Method Webauthn\CredentialRecord::__construct() has parameter $backupEligible with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: 'Method Webauthn\CredentialRecord::__construct() has parameter $backupEligible with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: 'Method Webauthn\CredentialRecord::__construct() has parameter $backupStatus with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: 'Method Webauthn\CredentialRecord::__construct() has parameter $backupStatus with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: 'Method Webauthn\CredentialRecord::__construct() has parameter $otherUI with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: 'Method Webauthn\CredentialRecord::__construct() has parameter $otherUI with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: 'Method Webauthn\CredentialRecord::__construct() has parameter $uvInitialized with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: 'Method Webauthn\CredentialRecord::__construct() has parameter $uvInitialized with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: 'Method Webauthn\CredentialRecord::create() has parameter $backupEligible with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: 'Method Webauthn\CredentialRecord::create() has parameter $backupEligible with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: 'Method Webauthn\CredentialRecord::create() has parameter $backupStatus with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: 'Method Webauthn\CredentialRecord::create() has parameter $backupStatus with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: 'Method Webauthn\CredentialRecord::create() has parameter $otherUI with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: 'Method Webauthn\CredentialRecord::create() has parameter $otherUI with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: 'Method Webauthn\CredentialRecord::create() has parameter $uvInitialized with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + + - + rawMessage: 'Method Webauthn\CredentialRecord::create() has parameter $uvInitialized with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue + count: 1 + path: ../src/webauthn/src/CredentialRecord.php + - rawMessage: Cannot access offset 'authData' on mixed. identifier: offsetAccess.nonOffsetAccessible @@ -3925,220 +4639,436 @@ parameters: path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php - - rawMessage: Cannot access offset 'transports' on mixed. + rawMessage: Cannot access offset 'transports' on mixed. + identifier: offsetAccess.nonOffsetAccessible + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorAttestationResponseDenormalizer::denormalize() has parameter $format with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorAttestationResponseDenormalizer::denormalize() has parameter $format with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorAttestationResponseDenormalizer::getSupportedTypes() has parameter $format with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorAttestationResponseDenormalizer::supportsDenormalization() has parameter $format with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorAttestationResponseDenormalizer::supportsDenormalization() has parameter $format with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + + - + rawMessage: 'Parameter #1 $data of static method Webauthn\Util\Base64::decode() expects string, mixed given.' + identifier: argument.type + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + + - + rawMessage: 'Parameter #1 $encodedString of static method ParagonIE\ConstantTime\Base64::decodeNoPadding() expects string, mixed given.' + identifier: argument.type + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + + - + rawMessage: 'Parameter #3 $transports of static method Webauthn\AuthenticatorAttestationResponse::create() expects array, mixed given.' + identifier: argument.type + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + + - + rawMessage: Cannot access offset 1 on array|false. + identifier: offsetAccess.nonOffsetAccessible + count: 2 + path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorDataDenormalizer::denormalize() has parameter $format with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorDataDenormalizer::denormalize() has parameter $format with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorDataDenormalizer::getSupportedTypes() has parameter $format with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorDataDenormalizer::supportsDenormalization() has parameter $format with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorDataDenormalizer::supportsDenormalization() has parameter $format with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + + - + rawMessage: 'Parameter #1 $data of method Webauthn\Denormalizer\AuthenticatorDataDenormalizer::fixIncorrectEdDSAKey() expects string, mixed given.' + identifier: argument.type + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + + - + rawMessage: 'Parameter #1 $length of method Webauthn\StringStream::read() expects int, mixed given.' + identifier: argument.type + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + + - + rawMessage: 'Parameter #1 $search of function str_replace expects array|string, string|false given.' + identifier: argument.type + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + + - + rawMessage: 'Parameter #2 $callback of function array_reduce expects callable(string, mixed): string, Closure(string, string): non-empty-string given.' + identifier: argument.type + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + + - + rawMessage: 'Parameter #2 $replace of function str_replace expects array|string, string|false given.' + identifier: argument.type + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + + - + rawMessage: 'Parameter #4 $signCount of static method Webauthn\AuthenticatorData::create() expects int, mixed given.' + identifier: argument.type + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorResponseDenormalizer::denormalize() has parameter $format with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorResponseDenormalizer::denormalize() has parameter $format with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorResponseDenormalizer::getSupportedTypes() has parameter $format with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorResponseDenormalizer::supportsDenormalization() has parameter $format with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorResponseDenormalizer::supportsDenormalization() has parameter $format with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue + count: 1 + path: ../src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php + + - + rawMessage: 'Parameter #2 $array of function array_key_exists expects array, mixed given.' + identifier: argument.type + count: 2 + path: ../src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php + + - + rawMessage: Cannot cast mixed to string. + identifier: cast.string + count: 1 + path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + + - + rawMessage: 'Function json_decode() is invoked with named argument for parameter $flags.' + identifier: ergebnis.noNamedArgument + count: 1 + path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\CollectedClientDataDenormalizer::denormalize() has parameter $format with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\CollectedClientDataDenormalizer::denormalize() has parameter $format with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue + count: 1 + path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\CollectedClientDataDenormalizer::getSupportedTypes() has parameter $format with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\CollectedClientDataDenormalizer::supportsDenormalization() has parameter $format with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration + count: 1 + path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + + - + rawMessage: 'Method Webauthn\Denormalizer\CollectedClientDataDenormalizer::supportsDenormalization() has parameter $format with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue + count: 1 + path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + + - + rawMessage: 'Parameter #1 $rawData of static method Webauthn\CollectedClientData::create() expects string, mixed given.' + identifier: argument.type + count: 1 + path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + + - + rawMessage: 'Parameter #2 $data of static method Webauthn\CollectedClientData::create() expects array, mixed given.' + identifier: argument.type + count: 1 + path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + + - + rawMessage: Cannot access offset 'aaguid' on mixed. + identifier: offsetAccess.nonOffsetAccessible + count: 1 + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php + + - + rawMessage: Cannot access offset 'attestationType' on mixed. + identifier: offsetAccess.nonOffsetAccessible + count: 1 + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php + + - + rawMessage: Cannot access offset 'backupEligible' on mixed. + identifier: offsetAccess.nonOffsetAccessible + count: 1 + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php + + - + rawMessage: Cannot access offset 'backupStatus' on mixed. identifier: offsetAccess.nonOffsetAccessible count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorAttestationResponseDenormalizer::denormalize() has parameter $format with a nullable type declaration.' - identifier: ergebnis.noParameterWithNullableTypeDeclaration + rawMessage: Cannot access offset 'counter' on mixed. + identifier: offsetAccess.nonOffsetAccessible count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorAttestationResponseDenormalizer::denormalize() has parameter $format with null as default value.' - identifier: ergebnis.noParameterWithNullDefaultValue + rawMessage: Cannot access offset 'credentialPublicKey' on mixed. + identifier: offsetAccess.nonOffsetAccessible count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorAttestationResponseDenormalizer::getSupportedTypes() has parameter $format with a nullable type declaration.' - identifier: ergebnis.noParameterWithNullableTypeDeclaration + rawMessage: Cannot access offset 'otherUI' on mixed. + identifier: offsetAccess.nonOffsetAccessible count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorAttestationResponseDenormalizer::supportsDenormalization() has parameter $format with a nullable type declaration.' - identifier: ergebnis.noParameterWithNullableTypeDeclaration + rawMessage: Cannot access offset 'publicKeyCredentialId' on mixed. + identifier: offsetAccess.nonOffsetAccessible count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorAttestationResponseDenormalizer::supportsDenormalization() has parameter $format with null as default value.' - identifier: ergebnis.noParameterWithNullDefaultValue + rawMessage: Cannot access offset 'transports' on mixed. + identifier: offsetAccess.nonOffsetAccessible count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Parameter #1 $data of static method Webauthn\Util\Base64::decode() expects string, mixed given.' - identifier: argument.type + rawMessage: Cannot access offset 'trustPath' on mixed. + identifier: offsetAccess.nonOffsetAccessible count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Parameter #1 $encodedString of static method ParagonIE\ConstantTime\Base64::decodeNoPadding() expects string, mixed given.' - identifier: argument.type + rawMessage: Cannot access offset 'type' on mixed. + identifier: offsetAccess.nonOffsetAccessible count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Parameter #3 $transports of static method Webauthn\AuthenticatorAttestationResponse::create() expects array, mixed given.' - identifier: argument.type + rawMessage: Cannot access offset 'userHandle' on mixed. + identifier: offsetAccess.nonOffsetAccessible count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: Cannot access offset 1 on array|false. + rawMessage: Cannot access offset 'uvInitialized' on mixed. identifier: offsetAccess.nonOffsetAccessible - count: 2 - path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + count: 1 + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorDataDenormalizer::denormalize() has parameter $format with a nullable type declaration.' + rawMessage: 'Method Webauthn\Denormalizer\CredentialRecordDenormalizer::denormalize() has parameter $format with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorDataDenormalizer::denormalize() has parameter $format with null as default value.' + rawMessage: 'Method Webauthn\Denormalizer\CredentialRecordDenormalizer::denormalize() has parameter $format with null as default value.' identifier: ergebnis.noParameterWithNullDefaultValue count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorDataDenormalizer::getSupportedTypes() has parameter $format with a nullable type declaration.' + rawMessage: 'Method Webauthn\Denormalizer\CredentialRecordDenormalizer::getSupportedTypes() has parameter $format with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorDataDenormalizer::supportsDenormalization() has parameter $format with a nullable type declaration.' + rawMessage: 'Method Webauthn\Denormalizer\CredentialRecordDenormalizer::normalize() has parameter $format with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorDataDenormalizer::supportsDenormalization() has parameter $format with null as default value.' + rawMessage: 'Method Webauthn\Denormalizer\CredentialRecordDenormalizer::normalize() has parameter $format with null as default value.' identifier: ergebnis.noParameterWithNullDefaultValue count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Parameter #1 $data of method Webauthn\Denormalizer\AuthenticatorDataDenormalizer::fixIncorrectEdDSAKey() expects string, mixed given.' - identifier: argument.type + rawMessage: 'Method Webauthn\Denormalizer\CredentialRecordDenormalizer::supportsDenormalization() has parameter $format with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Parameter #1 $length of method Webauthn\StringStream::read() expects int, mixed given.' - identifier: argument.type + rawMessage: 'Method Webauthn\Denormalizer\CredentialRecordDenormalizer::supportsDenormalization() has parameter $format with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Parameter #1 $search of function str_replace expects array|string, string|false given.' - identifier: argument.type + rawMessage: 'Method Webauthn\Denormalizer\CredentialRecordDenormalizer::supportsNormalization() has parameter $format with a nullable type declaration.' + identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Parameter #2 $callback of function array_reduce expects callable(string, mixed): string, Closure(string, string): non-empty-string given.' - identifier: argument.type + rawMessage: 'Method Webauthn\Denormalizer\CredentialRecordDenormalizer::supportsNormalization() has parameter $format with null as default value.' + identifier: ergebnis.noParameterWithNullDefaultValue count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Parameter #2 $replace of function str_replace expects array|string, string|false given.' + rawMessage: 'Parameter #1 $data of static method Webauthn\Util\Base64::decode() expects string, mixed given.' identifier: argument.type count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Parameter #4 $signCount of static method Webauthn\AuthenticatorData::create() expects int, mixed given.' + rawMessage: 'Parameter #1 $publicKeyCredentialId of static method Webauthn\CredentialRecord::create() expects string, mixed given.' identifier: argument.type count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorResponseDenormalizer::denormalize() has parameter $format with a nullable type declaration.' - identifier: ergebnis.noParameterWithNullableTypeDeclaration + rawMessage: 'Parameter #1 $uuid of static method Symfony\Component\Uid\Uuid::fromString() expects string, mixed given.' + identifier: argument.type count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorResponseDenormalizer::denormalize() has parameter $format with null as default value.' - identifier: ergebnis.noParameterWithNullDefaultValue + rawMessage: 'Parameter #10 $otherUI of static method Webauthn\CredentialRecord::create() expects array|null, mixed given.' + identifier: argument.type count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorResponseDenormalizer::getSupportedTypes() has parameter $format with a nullable type declaration.' - identifier: ergebnis.noParameterWithNullableTypeDeclaration + rawMessage: 'Parameter #11 $backupEligible of static method Webauthn\CredentialRecord::create() expects bool|null, mixed given.' + identifier: argument.type count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorResponseDenormalizer::supportsDenormalization() has parameter $format with a nullable type declaration.' - identifier: ergebnis.noParameterWithNullableTypeDeclaration + rawMessage: 'Parameter #12 $backupStatus of static method Webauthn\CredentialRecord::create() expects bool|null, mixed given.' + identifier: argument.type count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\AuthenticatorResponseDenormalizer::supportsDenormalization() has parameter $format with null as default value.' - identifier: ergebnis.noParameterWithNullDefaultValue + rawMessage: 'Parameter #13 $uvInitialized of static method Webauthn\CredentialRecord::create() expects bool|null, mixed given.' + identifier: argument.type count: 1 - path: ../src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - rawMessage: 'Parameter #2 $array of function array_key_exists expects array, mixed given.' identifier: argument.type - count: 2 - path: ../src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php - - - - rawMessage: Cannot cast mixed to string. - identifier: cast.string - count: 1 - path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php - - - - rawMessage: 'Function json_decode() is invoked with named argument for parameter $flags.' - identifier: ergebnis.noNamedArgument - count: 1 - path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php - - - - rawMessage: 'Method Webauthn\Denormalizer\CollectedClientDataDenormalizer::denormalize() has parameter $format with a nullable type declaration.' - identifier: ergebnis.noParameterWithNullableTypeDeclaration count: 1 - path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\CollectedClientDataDenormalizer::denormalize() has parameter $format with null as default value.' - identifier: ergebnis.noParameterWithNullDefaultValue + rawMessage: 'Parameter #2 $type of static method Webauthn\CredentialRecord::create() expects string, mixed given.' + identifier: argument.type count: 1 - path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\CollectedClientDataDenormalizer::getSupportedTypes() has parameter $format with a nullable type declaration.' - identifier: ergebnis.noParameterWithNullableTypeDeclaration + rawMessage: 'Parameter #3 $transports of static method Webauthn\CredentialRecord::create() expects array, mixed given.' + identifier: argument.type count: 1 - path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\CollectedClientDataDenormalizer::supportsDenormalization() has parameter $format with a nullable type declaration.' - identifier: ergebnis.noParameterWithNullableTypeDeclaration + rawMessage: 'Parameter #4 $attestationType of static method Webauthn\CredentialRecord::create() expects string, mixed given.' + identifier: argument.type count: 1 - path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Method Webauthn\Denormalizer\CollectedClientDataDenormalizer::supportsDenormalization() has parameter $format with null as default value.' - identifier: ergebnis.noParameterWithNullDefaultValue + rawMessage: 'Parameter #7 $credentialPublicKey of static method Webauthn\CredentialRecord::create() expects string, mixed given.' + identifier: argument.type count: 1 - path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Parameter #1 $rawData of static method Webauthn\CollectedClientData::create() expects string, mixed given.' + rawMessage: 'Parameter #8 $userHandle of static method Webauthn\CredentialRecord::create() expects string, mixed given.' identifier: argument.type count: 1 - path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - - rawMessage: 'Parameter #2 $data of static method Webauthn\CollectedClientData::create() expects array, mixed given.' + rawMessage: 'Parameter #9 $counter of static method Webauthn\CredentialRecord::create() expects int, mixed given.' identifier: argument.type count: 1 - path: ../src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + path: ../src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php - rawMessage: 'Method Webauthn\Denormalizer\ExtensionDescriptorDenormalizer::denormalize() has parameter $format with a nullable type declaration.' @@ -4596,6 +5526,24 @@ parameters: count: 1 path: ../src/webauthn/src/Denormalizer/PublicKeyCredentialRpEntityDenormalizer.php + - + rawMessage: ''' + Access to constant on deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: classConstant.deprecatedClass + count: 2 + path: ../src/webauthn/src/Denormalizer/PublicKeyCredentialSourceDenormalizer.php + + - + rawMessage: ''' + Call to method create() of deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: staticMethod.deprecatedClass + count: 1 + path: ../src/webauthn/src/Denormalizer/PublicKeyCredentialSourceDenormalizer.php + - rawMessage: Cannot access offset 'aaguid' on mixed. identifier: offsetAccess.nonOffsetAccessible @@ -4674,6 +5622,15 @@ parameters: count: 1 path: ../src/webauthn/src/Denormalizer/PublicKeyCredentialSourceDenormalizer.php + - + rawMessage: ''' + Instanceof references deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: instanceof.deprecatedClass + count: 2 + path: ../src/webauthn/src/Denormalizer/PublicKeyCredentialSourceDenormalizer.php + - rawMessage: 'Method Webauthn\Denormalizer\PublicKeyCredentialSourceDenormalizer::denormalize() has parameter $format with a nullable type declaration.' identifier: ergebnis.noParameterWithNullableTypeDeclaration @@ -5205,6 +6162,24 @@ parameters: count: 1 path: ../src/webauthn/src/Event/AuthenticatorAssertionResponseValidationFailedEvent.php + - + rawMessage: ''' + Parameter $credentialSource of method Webauthn\Event\AuthenticatorAssertionResponseValidationFailedEvent::__construct() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/Event/AuthenticatorAssertionResponseValidationFailedEvent.php + + - + rawMessage: ''' + Property $credentialSource references deprecated class Webauthn\PublicKeyCredentialSource in its type: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: property.deprecatedClass + count: 1 + path: ../src/webauthn/src/Event/AuthenticatorAssertionResponseValidationFailedEvent.php + - rawMessage: Class Webauthn\Event\AuthenticatorAssertionResponseValidationSucceededEvent is neither abstract nor final. identifier: ergebnis.final @@ -5217,6 +6192,24 @@ parameters: count: 1 path: ../src/webauthn/src/Event/AuthenticatorAssertionResponseValidationSucceededEvent.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\Event\AuthenticatorAssertionResponseValidationSucceededEvent::__construct() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/Event/AuthenticatorAssertionResponseValidationSucceededEvent.php + + - + rawMessage: ''' + Property $publicKeyCredentialSource references deprecated class Webauthn\PublicKeyCredentialSource in its type: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: property.deprecatedClass + count: 1 + path: ../src/webauthn/src/Event/AuthenticatorAssertionResponseValidationSucceededEvent.php + - rawMessage: Class Webauthn\Event\AuthenticatorAttestationResponseValidationFailedEvent is neither abstract nor final. identifier: ergebnis.final @@ -5229,6 +6222,24 @@ parameters: count: 1 path: ../src/webauthn/src/Event/AuthenticatorAttestationResponseValidationSucceededEvent.php + - + rawMessage: ''' + Parameter $publicKeyCredentialSource of method Webauthn\Event\AuthenticatorAttestationResponseValidationSucceededEvent::__construct() has typehint with deprecated class Webauthn\PublicKeyCredentialSource: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: parameter.deprecatedClass + count: 1 + path: ../src/webauthn/src/Event/AuthenticatorAttestationResponseValidationSucceededEvent.php + + - + rawMessage: ''' + Property $publicKeyCredentialSource references deprecated class Webauthn\PublicKeyCredentialSource in its type: + since 5.3, use CredentialRecord instead. Will be removed in 6.0. + ''' + identifier: property.deprecatedClass + count: 1 + path: ../src/webauthn/src/Event/AuthenticatorAttestationResponseValidationSucceededEvent.php + - rawMessage: Class "Webauthn\Exception\AttestationStatementException" is not allowed to extend "Webauthn\Exception\WebauthnException". identifier: ergebnis.noExtends @@ -7864,80 +8875,14 @@ parameters: path: ../src/webauthn/src/PublicKeyCredentialRpEntity.php - - rawMessage: Class Webauthn\PublicKeyCredentialSource is neither abstract nor final. - identifier: ergebnis.final - count: 1 - path: ../src/webauthn/src/PublicKeyCredentialSource.php - - - - rawMessage: Constructor in Webauthn\PublicKeyCredentialSource has parameter $backupEligible with default value. - identifier: ergebnis.noConstructorParameterWithDefaultValue - count: 1 - path: ../src/webauthn/src/PublicKeyCredentialSource.php - - - - rawMessage: Constructor in Webauthn\PublicKeyCredentialSource has parameter $backupStatus with default value. - identifier: ergebnis.noConstructorParameterWithDefaultValue - count: 1 - path: ../src/webauthn/src/PublicKeyCredentialSource.php - - - - rawMessage: Constructor in Webauthn\PublicKeyCredentialSource has parameter $otherUI with default value. - identifier: ergebnis.noConstructorParameterWithDefaultValue - count: 1 - path: ../src/webauthn/src/PublicKeyCredentialSource.php - - - - rawMessage: Constructor in Webauthn\PublicKeyCredentialSource has parameter $uvInitialized with default value. - identifier: ergebnis.noConstructorParameterWithDefaultValue - count: 1 - path: ../src/webauthn/src/PublicKeyCredentialSource.php - - - - rawMessage: 'Method Webauthn\PublicKeyCredentialSource::__construct() has parameter $backupEligible with a nullable type declaration.' - identifier: ergebnis.noParameterWithNullableTypeDeclaration - count: 1 - path: ../src/webauthn/src/PublicKeyCredentialSource.php - - - - rawMessage: 'Method Webauthn\PublicKeyCredentialSource::__construct() has parameter $backupEligible with null as default value.' - identifier: ergebnis.noParameterWithNullDefaultValue - count: 1 - path: ../src/webauthn/src/PublicKeyCredentialSource.php - - - - rawMessage: 'Method Webauthn\PublicKeyCredentialSource::__construct() has parameter $backupStatus with a nullable type declaration.' - identifier: ergebnis.noParameterWithNullableTypeDeclaration - count: 1 - path: ../src/webauthn/src/PublicKeyCredentialSource.php - - - - rawMessage: 'Method Webauthn\PublicKeyCredentialSource::__construct() has parameter $backupStatus with null as default value.' - identifier: ergebnis.noParameterWithNullDefaultValue - count: 1 - path: ../src/webauthn/src/PublicKeyCredentialSource.php - - - - rawMessage: 'Method Webauthn\PublicKeyCredentialSource::__construct() has parameter $otherUI with a nullable type declaration.' - identifier: ergebnis.noParameterWithNullableTypeDeclaration - count: 1 - path: ../src/webauthn/src/PublicKeyCredentialSource.php - - - - rawMessage: 'Method Webauthn\PublicKeyCredentialSource::__construct() has parameter $otherUI with null as default value.' - identifier: ergebnis.noParameterWithNullDefaultValue - count: 1 - path: ../src/webauthn/src/PublicKeyCredentialSource.php - - - - rawMessage: 'Method Webauthn\PublicKeyCredentialSource::__construct() has parameter $uvInitialized with a nullable type declaration.' - identifier: ergebnis.noParameterWithNullableTypeDeclaration + rawMessage: Class "Webauthn\PublicKeyCredentialSource" is not allowed to extend "Webauthn\CredentialRecord". + identifier: ergebnis.noExtends count: 1 path: ../src/webauthn/src/PublicKeyCredentialSource.php - - rawMessage: 'Method Webauthn\PublicKeyCredentialSource::__construct() has parameter $uvInitialized with null as default value.' - identifier: ergebnis.noParameterWithNullDefaultValue + rawMessage: Class Webauthn\PublicKeyCredentialSource is neither abstract nor final. + identifier: ergebnis.final count: 1 path: ../src/webauthn/src/PublicKeyCredentialSource.php diff --git a/src/symfony/src/Controller/AssertionControllerFactory.php b/src/symfony/src/Controller/AssertionControllerFactory.php index c62e62c0d..c8a2f7d98 100644 --- a/src/symfony/src/Controller/AssertionControllerFactory.php +++ b/src/symfony/src/Controller/AssertionControllerFactory.php @@ -10,7 +10,7 @@ use Symfony\Component\Serializer\SerializerInterface; use Webauthn\AuthenticatorAssertionResponseValidator; use Webauthn\Bundle\CredentialOptionsBuilder\PublicKeyCredentialRequestOptionsBuilder; -use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; +use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface; use Webauthn\Bundle\Security\Handler\FailureHandler; use Webauthn\Bundle\Security\Handler\RequestOptionsHandler; use Webauthn\Bundle\Security\Handler\SuccessHandler; @@ -25,7 +25,7 @@ public function __construct( private readonly SerializerInterface $serializer, private readonly OptionsStorage $optionStorage, private readonly AuthenticatorAssertionResponseValidator $authenticatorAssertionResponseValidator, - private readonly PublicKeyCredentialSourceRepositoryInterface $publicKeyCredentialSourceRepository, + private readonly CredentialRecordRepositoryInterface $credentialRecordRepository, ) { $this->logger = new NullLogger(); } @@ -77,7 +77,7 @@ public function createResponseController( $optionStorage ?? $this->optionStorage, $successHandler, $failureHandler, - $this->publicKeyCredentialSourceRepository + $this->credentialRecordRepository ); } } diff --git a/src/symfony/src/Controller/AssertionResponseController.php b/src/symfony/src/Controller/AssertionResponseController.php index ae3c6eb61..3da894dd5 100644 --- a/src/symfony/src/Controller/AssertionResponseController.php +++ b/src/symfony/src/Controller/AssertionResponseController.php @@ -14,7 +14,7 @@ use Throwable; use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAssertionResponseValidator; -use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; +use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface; use Webauthn\Bundle\Security\Handler\FailureHandler; use Webauthn\Bundle\Security\Handler\SuccessHandler; use Webauthn\Bundle\Security\Storage\OptionsStorage; @@ -31,7 +31,7 @@ public function __construct( private OptionsStorage $optionsStorage, private SuccessHandler $successHandler, private FailureHandler|AuthenticationFailureHandlerInterface $failureHandler, - private PublicKeyCredentialSourceRepositoryInterface $publicKeyCredentialSourceRepository + private CredentialRecordRepositoryInterface $credentialRecordRepository ) { } @@ -57,15 +57,15 @@ public function __invoke(Request $request): Response 'Invalid response' ); $userEntity = $data->getPublicKeyCredentialUserEntity(); - $publicKeyCredentialSource = $this->publicKeyCredentialSourceRepository->findOneByCredentialId( + $credentialRecord = $this->credentialRecordRepository->findOneByCredentialId( $publicKeyCredential->rawId ); - $publicKeyCredentialSource !== null || throw AuthenticatorResponseVerificationException::create( + $credentialRecord !== null || throw AuthenticatorResponseVerificationException::create( 'The credential ID is invalid.' ); $this->assertionResponseValidator->check( - $publicKeyCredentialSource, + $credentialRecord, $response, $publicKeyCredentialRequestOptions, $request->getHost(), diff --git a/src/symfony/src/Controller/AttestationControllerFactory.php b/src/symfony/src/Controller/AttestationControllerFactory.php index a18f29eee..6393bf74b 100644 --- a/src/symfony/src/Controller/AttestationControllerFactory.php +++ b/src/symfony/src/Controller/AttestationControllerFactory.php @@ -8,7 +8,7 @@ use Symfony\Component\Serializer\SerializerInterface; use Webauthn\AuthenticatorAttestationResponseValidator; use Webauthn\Bundle\CredentialOptionsBuilder\PublicKeyCredentialCreationOptionsBuilder; -use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; +use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface; use Webauthn\Bundle\Security\Guesser\UserEntityGuesser; use Webauthn\Bundle\Security\Handler\CreationOptionsHandler; use Webauthn\Bundle\Security\Handler\FailureHandler; @@ -21,7 +21,7 @@ public function __construct( private OptionsStorage $optionStorage, private SerializerInterface $serializer, private AuthenticatorAttestationResponseValidator $attestationResponseValidator, - private PublicKeyCredentialSourceRepositoryInterface $publicKeyCredentialSourceRepository + private CredentialRecordRepositoryInterface $credentialRecordRepository ) { } @@ -66,7 +66,7 @@ public function createResponseController( return new AttestationResponseController( $this->serializer, $attestationResponseValidator ?? $this->attestationResponseValidator, - $this->publicKeyCredentialSourceRepository, + $this->credentialRecordRepository, $optionStorage ?? $this->optionStorage, $successHandler, $failureHandler, diff --git a/src/symfony/src/Controller/AttestationResponseController.php b/src/symfony/src/Controller/AttestationResponseController.php index 0373e6237..bf456340a 100644 --- a/src/symfony/src/Controller/AttestationResponseController.php +++ b/src/symfony/src/Controller/AttestationResponseController.php @@ -15,8 +15,8 @@ use Webauthn\AuthenticatorAttestationResponseValidator; use Webauthn\Bundle\Exception\HttpNotImplementedException; use Webauthn\Bundle\Exception\MissingFeatureException; -use Webauthn\Bundle\Repository\CanSaveCredentialSource; -use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; +use Webauthn\Bundle\Repository\CanSaveCredentialRecord; +use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface; use Webauthn\Bundle\Security\Handler\FailureHandler; use Webauthn\Bundle\Security\Handler\SuccessHandler; use Webauthn\Bundle\Security\Storage\OptionsStorage; @@ -29,7 +29,7 @@ public function __construct( private SerializerInterface $publicKeyCredentialLoader, private AuthenticatorAttestationResponseValidator $attestationResponseValidator, - private PublicKeyCredentialSourceRepositoryInterface $credentialSourceRepository, + private CredentialRecordRepositoryInterface $credentialRecordRepository, private OptionsStorage $optionStorage, private SuccessHandler $successHandler, private FailureHandler|AuthenticationFailureHandlerInterface $failureHandler, @@ -39,7 +39,7 @@ public function __construct( public function __invoke(Request $request): Response { try { - if (! $this->credentialSourceRepository instanceof CanSaveCredentialSource) { + if (! $this->credentialRecordRepository instanceof CanSaveCredentialRecord) { throw MissingFeatureException::create('Unable to register the credential.'); } $format = $request->getContentTypeFormat(); @@ -63,17 +63,17 @@ public function __invoke(Request $request): Response $userEntity instanceof PublicKeyCredentialUserEntity || throw new BadRequestHttpException( 'Unable to find the public key credential user entity' ); - $credentialSource = $this->attestationResponseValidator->check( + $credentialRecord = $this->attestationResponseValidator->check( $response, $publicKeyCredentialCreationOptions, $request->getHost(), ); - if ($this->credentialSourceRepository->findOneByCredentialId( - $credentialSource->publicKeyCredentialId + if ($this->credentialRecordRepository->findOneByCredentialId( + $credentialRecord->publicKeyCredentialId ) !== null) { throw new BadRequestHttpException('The credentials already exists'); } - $this->credentialSourceRepository->saveCredentialSource($credentialSource); + $this->credentialRecordRepository->saveCredentialSource($credentialRecord); return $this->successHandler->onSuccess($request); } catch (Throwable $throwable) { if ($throwable instanceof MissingFeatureException) { diff --git a/src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php b/src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php index 2ea4e2bb6..bb5338474 100644 --- a/src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php +++ b/src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php @@ -14,11 +14,11 @@ use Webauthn\AuthenticationExtensions\AuthenticationExtensions; use Webauthn\AuthenticatorSelectionCriteria; use Webauthn\Bundle\Dto\PublicKeyCredentialCreationOptionsRequest; -use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; +use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface; use Webauthn\Bundle\Service\PublicKeyCredentialCreationOptionsFactory; +use Webauthn\CredentialRecord; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialDescriptor; -use Webauthn\PublicKeyCredentialSource; use Webauthn\PublicKeyCredentialUserEntity; use function count; use function is_array; @@ -28,7 +28,7 @@ public function __construct( private SerializerInterface $serializer, private ValidatorInterface $validator, - private PublicKeyCredentialSourceRepositoryInterface $credentialSourceRepository, + private CredentialRecordRepositoryInterface $credentialRecordRepository, private PublicKeyCredentialCreationOptionsFactory $publicKeyCredentialCreationOptionsFactory, private string $profile, ) { @@ -79,11 +79,11 @@ public function getFromRequest( */ private function getCredentials(PublicKeyCredentialUserEntity $userEntity): array { - $credentialSources = $this->credentialSourceRepository->findAllForUserEntity($userEntity); + $credentialRecords = $this->credentialRecordRepository->findAllForUserEntity($userEntity); return array_map( - static fn (PublicKeyCredentialSource $credential): PublicKeyCredentialDescriptor => $credential->getPublicKeyCredentialDescriptor(), - $credentialSources + static fn (CredentialRecord $credential): PublicKeyCredentialDescriptor => $credential->getPublicKeyCredentialDescriptor(), + $credentialRecords ); } diff --git a/src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php b/src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php index e7b2735db..ea7c2be62 100644 --- a/src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php +++ b/src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php @@ -13,13 +13,13 @@ use Webauthn\AuthenticationExtensions\AuthenticationExtension; use Webauthn\AuthenticationExtensions\AuthenticationExtensions; use Webauthn\Bundle\Dto\ServerPublicKeyCredentialRequestOptionsRequest; -use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; +use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface; use Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepositoryInterface; use Webauthn\Bundle\Service\PublicKeyCredentialRequestOptionsFactory; +use Webauthn\CredentialRecord; use Webauthn\FakeCredentialGenerator; use Webauthn\PublicKeyCredentialDescriptor; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; use Webauthn\PublicKeyCredentialUserEntity; use function count; use function is_array; @@ -30,7 +30,7 @@ public function __construct( private SerializerInterface $serializer, private ValidatorInterface $validator, private PublicKeyCredentialUserEntityRepositoryInterface $userEntityRepository, - private PublicKeyCredentialSourceRepositoryInterface $credentialSourceRepository, + private CredentialRecordRepositoryInterface $credentialRecordRepository, private PublicKeyCredentialRequestOptionsFactory $publicKeyCredentialRequestOptionsFactory, private string $profile, private null|FakeCredentialGenerator $fakeCredentialGenerator = null, @@ -82,11 +82,11 @@ public function getFromRequest( */ private function getCredentials(PublicKeyCredentialUserEntity $userEntity): array { - $credentialSources = $this->credentialSourceRepository->findAllForUserEntity($userEntity); + $credentialRecords = $this->credentialRecordRepository->findAllForUserEntity($userEntity); return array_map( - static fn (PublicKeyCredentialSource $credential): PublicKeyCredentialDescriptor => $credential->getPublicKeyCredentialDescriptor(), - $credentialSources + static fn (CredentialRecord $credential): PublicKeyCredentialDescriptor => $credential->getPublicKeyCredentialDescriptor(), + $credentialRecords ); } diff --git a/src/symfony/src/DataCollector/WebauthnCollector.php b/src/symfony/src/DataCollector/WebauthnCollector.php index 9972f0b6c..337795478 100644 --- a/src/symfony/src/DataCollector/WebauthnCollector.php +++ b/src/symfony/src/DataCollector/WebauthnCollector.php @@ -145,7 +145,7 @@ public function addAuthenticatorAttestationResponseValidationSucceeded( JsonEncode::OPTIONS => JSON_THROW_ON_ERROR | JSON_PRETTY_PRINT, ] ), - 'credential_source' => $cloner->cloneVar($event->publicKeyCredentialSource), + 'credential_record' => $cloner->cloneVar($event->credentialRecord), ]; } @@ -190,7 +190,7 @@ public function addAuthenticatorAssertionResponseValidationSucceeded( $cloner = new VarCloner(); $this->authenticatorAssertionResponseValidationSucceeded[] = [ 'user_handle' => $cloner->cloneVar($event->userHandle), - 'credential_id' => $cloner->cloneVar($event->publicKeyCredentialSource->publicKeyCredentialId), + 'credential_id' => $cloner->cloneVar($event->credentialRecord->publicKeyCredentialId), 'assertion_response' => $cloner->cloneVar($event->authenticatorAssertionResponse), 'options' => $cloner->cloneVar($event->publicKeyCredentialRequestOptions), 'options_json' => $this->serializer->serialize( @@ -201,7 +201,7 @@ public function addAuthenticatorAssertionResponseValidationSucceeded( JsonEncode::OPTIONS => JSON_THROW_ON_ERROR | JSON_PRETTY_PRINT, ] ), - 'credential_source' => $cloner->cloneVar($event->publicKeyCredentialSource), + 'credential_record' => $cloner->cloneVar($event->credentialRecord), ]; } @@ -211,7 +211,7 @@ public function addAuthenticatorAssertionResponseValidationFailed( $cloner = new VarCloner(); $this->authenticatorAssertionResponseValidationFailed[] = [ 'user_handle' => $cloner->cloneVar($event->userHandle), - 'credential_id' => $cloner->cloneVar($event->credentialSource->publicKeyCredentialId), + 'credential_id' => $cloner->cloneVar($event->credentialRecord->publicKeyCredentialId), 'assertion_response' => $cloner->cloneVar($event->authenticatorAssertionResponse), 'options' => $cloner->cloneVar($event->publicKeyCredentialRequestOptions), 'options_json' => $this->serializer->serialize( diff --git a/src/symfony/src/DependencyInjection/Configuration.php b/src/symfony/src/DependencyInjection/Configuration.php index 25a3206e2..25c2fd65a 100644 --- a/src/symfony/src/DependencyInjection/Configuration.php +++ b/src/symfony/src/DependencyInjection/Configuration.php @@ -10,7 +10,7 @@ use Symfony\Component\Config\Definition\ConfigurationInterface; use Symfony\Component\HttpFoundation\Request; use Webauthn\AuthenticatorSelectionCriteria; -use Webauthn\Bundle\Repository\DummyPublicKeyCredentialSourceRepository; +use Webauthn\Bundle\Repository\DummyCredentialRecordRepository; use Webauthn\Bundle\Repository\DummyPublicKeyCredentialUserEntityRepository; use Webauthn\Bundle\Security\Handler\DefaultCreationOptionsHandler; use Webauthn\Bundle\Security\Handler\DefaultRequestOptionsHandler; @@ -83,7 +83,7 @@ public function getConfigTreeBuilder(): TreeBuilder ->end() ->scalarNode('credential_repository') ->cannotBeEmpty() - ->defaultValue(DummyPublicKeyCredentialSourceRepository::class) + ->defaultValue(DummyCredentialRecordRepository::class) ->info('This repository is responsible of the credential storage') ->end() ->scalarNode('user_repository') diff --git a/src/symfony/src/DependencyInjection/Factory/Security/WebauthnFactory.php b/src/symfony/src/DependencyInjection/Factory/Security/WebauthnFactory.php index 960695b73..ec4ec4137 100644 --- a/src/symfony/src/DependencyInjection/Factory/Security/WebauthnFactory.php +++ b/src/symfony/src/DependencyInjection/Factory/Security/WebauthnFactory.php @@ -25,7 +25,7 @@ use Webauthn\Bundle\CredentialOptionsBuilder\ProfileBasedCreationOptionsBuilder; use Webauthn\Bundle\CredentialOptionsBuilder\ProfileBasedRequestOptionsBuilder; use Webauthn\Bundle\DependencyInjection\Compiler\DynamicRouteCompilerPass; -use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; +use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface; use Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepositoryInterface; use Webauthn\Bundle\Security\Guesser\RequestBodyUserEntityGuesser; use Webauthn\Bundle\Security\Handler\DefaultCreationOptionsHandler; @@ -488,7 +488,7 @@ private function getAssertionOptionsBuilderId( new Reference(SerializerInterface::class), new Reference(ValidatorInterface::class), new Reference(PublicKeyCredentialUserEntityRepositoryInterface::class), - new Reference(PublicKeyCredentialSourceRepositoryInterface::class), + new Reference(CredentialRecordRepositoryInterface::class), new Reference(PublicKeyCredentialRequestOptionsFactory::class), $config['profile'], new Reference(FakeCredentialGenerator::class, ContainerInterface::NULL_ON_INVALID_REFERENCE), @@ -515,7 +515,7 @@ private function getAttestationOptionsBuilderId( ->setArguments([ new Reference(SerializerInterface::class), new Reference(ValidatorInterface::class), - new Reference(PublicKeyCredentialSourceRepositoryInterface::class), + new Reference(CredentialRecordRepositoryInterface::class), new Reference(PublicKeyCredentialCreationOptionsFactory::class), $config['profile'], new Reference(WebauthnSerializerFactory::class), diff --git a/src/symfony/src/DependencyInjection/WebauthnExtension.php b/src/symfony/src/DependencyInjection/WebauthnExtension.php index 8950360d8..0fda22d6d 100644 --- a/src/symfony/src/DependencyInjection/WebauthnExtension.php +++ b/src/symfony/src/DependencyInjection/WebauthnExtension.php @@ -37,7 +37,7 @@ use Webauthn\Bundle\DependencyInjection\Compiler\ExtensionOutputCheckerCompilerPass; use Webauthn\Bundle\DependencyInjection\Compiler\LoggerSetterCompilerPass; use Webauthn\Bundle\Doctrine\Type as DbalType; -use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; +use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface; use Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepositoryInterface; use Webauthn\Bundle\Security\Storage\OptionsStorage; use Webauthn\Bundle\Service\PublicKeyCredentialCreationOptionsFactory; @@ -103,7 +103,7 @@ public function load(array $configs, ContainerBuilder $container): void $container->setAlias('webauthn.logger', $config['logger']); $container->setAlias(FakeCredentialGenerator::class, $config['fake_credential_generator']); - $container->setAlias(PublicKeyCredentialSourceRepositoryInterface::class, $config['credential_repository']); + $container->setAlias(CredentialRecordRepositoryInterface::class, $config['credential_repository']); $container->setAlias(PublicKeyCredentialUserEntityRepositoryInterface::class, $config['user_repository']); $container->setAlias(CounterChecker::class, $config['counter_checker']); @@ -192,7 +192,7 @@ private function loadCreationControllersSupport(ContainerBuilder $container, arr ->setArguments([ new Reference(SerializerInterface::class), new Reference(ValidatorInterface::class), - new Reference(PublicKeyCredentialSourceRepositoryInterface::class), + new Reference(CredentialRecordRepositoryInterface::class), new Reference(PublicKeyCredentialCreationOptionsFactory::class), $creationConfig['profile'], ]); @@ -276,7 +276,7 @@ private function loadRequestControllersSupport(ContainerBuilder $container, arra new Reference(SerializerInterface::class), new Reference(ValidatorInterface::class), new Reference(PublicKeyCredentialUserEntityRepositoryInterface::class), - new Reference(PublicKeyCredentialSourceRepositoryInterface::class), + new Reference(CredentialRecordRepositoryInterface::class), new Reference(PublicKeyCredentialRequestOptionsFactory::class), $requestConfig['profile'], new Reference(FakeCredentialGenerator::class, ContainerInterface::NULL_ON_INVALID_REFERENCE), diff --git a/src/symfony/src/Repository/CanSaveCredentialRecord.php b/src/symfony/src/Repository/CanSaveCredentialRecord.php new file mode 100644 index 000000000..73582c003 --- /dev/null +++ b/src/symfony/src/Repository/CanSaveCredentialRecord.php @@ -0,0 +1,15 @@ + * * @deprecated since 5.2.0, to be removed in 6.0.0. Please create your own doctrine-based repository. */ -class DoctrineCredentialSourceRepository extends ServiceEntityRepository implements PublicKeyCredentialSourceRepositoryInterface, CanSaveCredentialSource +class DoctrineCredentialSourceRepository extends ServiceEntityRepository implements CredentialRecordRepositoryInterface, CanSaveCredentialSource { /** * @var class-string @@ -29,18 +29,18 @@ class DoctrineCredentialSourceRepository extends ServiceEntityRepository impleme */ public function __construct(ManagerRegistry $registry, string $class) { - is_subclass_of($class, PublicKeyCredentialSource::class) || throw new InvalidArgumentException(sprintf( - 'Invalid class. Must be an instance of "Webauthn\PublicKeyCredentialSource", got "%s" instead.', + is_subclass_of($class, CredentialRecord::class) || throw new InvalidArgumentException(sprintf( + 'Invalid class. Must be an instance of "Webauthn\CredentialRecord", got "%s" instead.', $class )); $this->class = $class; parent::__construct($registry, $class); } - public function saveCredentialSource(PublicKeyCredentialSource $publicKeyCredentialSource): void + public function saveCredentialSource(CredentialRecord $credentialRecord): void { $this->getEntityManager() - ->persist($publicKeyCredentialSource); + ->persist($credentialRecord); $this->getEntityManager() ->flush(); } @@ -57,7 +57,7 @@ public function findAllForUserEntity(PublicKeyCredentialUserEntity $publicKeyCre ->execute(); } - public function findOneByCredentialId(string $publicKeyCredentialId): ?PublicKeyCredentialSource + public function findOneByCredentialId(string $publicKeyCredentialId): ?CredentialRecord { return $this->getEntityManager() ->createQueryBuilder() diff --git a/src/symfony/src/Repository/DummyCredentialRecordRepository.php b/src/symfony/src/Repository/DummyCredentialRecordRepository.php new file mode 100644 index 000000000..c8630ccbb --- /dev/null +++ b/src/symfony/src/Repository/DummyCredentialRecordRepository.php @@ -0,0 +1,49 @@ +logger = $logger; + } + + public function findAllForUserEntity(PublicKeyCredentialUserEntity $publicKeyCredentialUserEntity): array + { + $this->throwException(); + } + + public function findOneByCredentialId(string $publicKeyCredentialId): ?CredentialRecord + { + $this->throwException(); + } + + private function throwException(): never + { + $this->logger->critical( + 'Please change the Credential Record Repository in the bundle configuration. See https://webauthn-doc.spomky-labs.com/the-webauthn-server/the-symfony-way#repositories-1' + ); + throw new LogicException( + 'You are using the DummyCredentialRecordRepository service. Please create your own repository' + ); + } +} diff --git a/src/symfony/src/Repository/DummyPublicKeyCredentialSourceRepository.php b/src/symfony/src/Repository/DummyPublicKeyCredentialSourceRepository.php index 9ec45ebce..e8694514e 100644 --- a/src/symfony/src/Repository/DummyPublicKeyCredentialSourceRepository.php +++ b/src/symfony/src/Repository/DummyPublicKeyCredentialSourceRepository.php @@ -4,46 +4,9 @@ namespace Webauthn\Bundle\Repository; -use LogicException; -use Psr\Log\LoggerInterface; -use Psr\Log\NullLogger; -use Webauthn\MetadataService\CanLogData; -use Webauthn\PublicKeyCredentialSource; -use Webauthn\PublicKeyCredentialUserEntity; - /** - * This dummy Public Key Credential Source Repository is set to allow the bundle to be installed even if the real - * repository is not set in the configuration file. This class shall be replaced in favour of your own implementation. + * @deprecated since 5.3, use DummyCredentialRecordRepository instead. Will be removed in 6.0. */ -class DummyPublicKeyCredentialSourceRepository implements PublicKeyCredentialSourceRepositoryInterface, CanLogData +class DummyPublicKeyCredentialSourceRepository extends DummyCredentialRecordRepository { - public function __construct( - private LoggerInterface $logger = new NullLogger() - ) { - } - - public function setLogger(LoggerInterface $logger): void - { - $this->logger = $logger; - } - - public function findAllForUserEntity(PublicKeyCredentialUserEntity $publicKeyCredentialUserEntity): array - { - $this->throwException(); - } - - public function findOneByCredentialId(string $publicKeyCredentialId): ?PublicKeyCredentialSource - { - $this->throwException(); - } - - private function throwException(): never - { - $this->logger->critical( - 'Please change the Public Key Credential Source Repository in the bundle configuration. See https://webauthn-doc.spomky-labs.com/the-webauthn-server/the-symfony-way#repositories-1' - ); - throw new LogicException( - 'You are using the DummyPublicKeyCredentialSourceRepository service. Please create your own repository' - ); - } } diff --git a/src/symfony/src/Repository/PublicKeyCredentialSourceRepositoryInterface.php b/src/symfony/src/Repository/PublicKeyCredentialSourceRepositoryInterface.php index b8f25f0a6..a01edf84f 100644 --- a/src/symfony/src/Repository/PublicKeyCredentialSourceRepositoryInterface.php +++ b/src/symfony/src/Repository/PublicKeyCredentialSourceRepositoryInterface.php @@ -4,15 +4,9 @@ namespace Webauthn\Bundle\Repository; -use Webauthn\PublicKeyCredentialSource; -use Webauthn\PublicKeyCredentialUserEntity; - -interface PublicKeyCredentialSourceRepositoryInterface +/** + * @deprecated since 5.3, use CredentialRecordRepositoryInterface instead. Will be removed in 6.0. + */ +interface PublicKeyCredentialSourceRepositoryInterface extends CredentialRecordRepositoryInterface { - /** - * @return PublicKeyCredentialSource[] - */ - public function findAllForUserEntity(PublicKeyCredentialUserEntity $publicKeyCredentialUserEntity): array; - - public function findOneByCredentialId(string $publicKeyCredentialId): ?PublicKeyCredentialSource; } diff --git a/src/symfony/src/Resources/config/doctrine-mapping/CredentialRecord.orm.xml b/src/symfony/src/Resources/config/doctrine-mapping/CredentialRecord.orm.xml new file mode 100644 index 000000000..a3dd2abb8 --- /dev/null +++ b/src/symfony/src/Resources/config/doctrine-mapping/CredentialRecord.orm.xml @@ -0,0 +1,22 @@ + + + + + + + + + + + + + + + + + + diff --git a/src/symfony/src/Resources/config/doctrine-mapping/PublicKeyCredentialSource.orm.xml b/src/symfony/src/Resources/config/doctrine-mapping/PublicKeyCredentialSource.orm.xml index f3329c092..5a403a413 100644 --- a/src/symfony/src/Resources/config/doctrine-mapping/PublicKeyCredentialSource.orm.xml +++ b/src/symfony/src/Resources/config/doctrine-mapping/PublicKeyCredentialSource.orm.xml @@ -5,18 +5,5 @@ xsi:schemaLocation="http://doctrine-project.org/schemas/orm/doctrine-mapping https://raw.github.com/doctrine/doctrine2/master/doctrine-mapping.xsd" > - - - - - - - - - - - - - diff --git a/src/symfony/src/Resources/config/security.php b/src/symfony/src/Resources/config/security.php index 577a365ab..ace2da772 100644 --- a/src/symfony/src/Resources/config/security.php +++ b/src/symfony/src/Resources/config/security.php @@ -6,7 +6,7 @@ use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator; use Symfony\Component\Serializer\SerializerInterface; use Webauthn\Bundle\DependencyInjection\Factory\Security\WebauthnFactory; -use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; +use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface; use Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepositoryInterface; use Webauthn\Bundle\Security\Authentication\WebauthnBadgeListener; use Webauthn\Bundle\Security\Authorization\Voter\IsUserPresentVoter; @@ -48,7 +48,7 @@ abstract_arg('Success handler'), abstract_arg('Failure handler'), abstract_arg('Options Storage'), - service(PublicKeyCredentialSourceRepositoryInterface::class), + service(CredentialRecordRepositoryInterface::class), service(PublicKeyCredentialUserEntityRepositoryInterface::class), service(SerializerInterface::class), abstract_arg('Authenticator Assertion Response Validator'), diff --git a/src/symfony/src/Resources/config/services.php b/src/symfony/src/Resources/config/services.php index 75957b173..02585bd02 100644 --- a/src/symfony/src/Resources/config/services.php +++ b/src/symfony/src/Resources/config/services.php @@ -15,7 +15,7 @@ use Webauthn\Bundle\Controller\AssertionControllerFactory; use Webauthn\Bundle\Controller\AttestationControllerFactory; use Webauthn\Bundle\Controller\DummyControllerFactory; -use Webauthn\Bundle\Repository\DummyPublicKeyCredentialSourceRepository; +use Webauthn\Bundle\Repository\DummyCredentialRecordRepository; use Webauthn\Bundle\Repository\DummyPublicKeyCredentialUserEntityRepository; use Webauthn\Bundle\Routing\Loader; use Webauthn\Bundle\Service\DefaultFailureHandler; @@ -35,12 +35,12 @@ use Webauthn\Denormalizer\AuthenticatorDataDenormalizer; use Webauthn\Denormalizer\AuthenticatorResponseDenormalizer; use Webauthn\Denormalizer\CollectedClientDataDenormalizer; +use Webauthn\Denormalizer\CredentialRecordDenormalizer; use Webauthn\Denormalizer\ExtensionDescriptorDenormalizer; use Webauthn\Denormalizer\PublicKeyCredentialDenormalizer; use Webauthn\Denormalizer\PublicKeyCredentialDescriptorNormalizer; use Webauthn\Denormalizer\PublicKeyCredentialOptionsDenormalizer; use Webauthn\Denormalizer\PublicKeyCredentialRpEntityDenormalizer; -use Webauthn\Denormalizer\PublicKeyCredentialSourceDenormalizer; use Webauthn\Denormalizer\PublicKeyCredentialUserEntityDenormalizer; use Webauthn\Denormalizer\SignalAllAcceptedCredentialsDenormalizer; use Webauthn\Denormalizer\SignalCurrentUserDetailsDenormalizer; @@ -117,7 +117,7 @@ $service->set(AssertionControllerFactory::class); $service - ->set(DummyPublicKeyCredentialSourceRepository::class) + ->set(DummyCredentialRecordRepository::class) ->autowire(false); $service ->set(DummyPublicKeyCredentialUserEntityRepository::class) @@ -210,7 +210,7 @@ 'priority' => 1024, ]); $service - ->set(PublicKeyCredentialSourceDenormalizer::class) + ->set(CredentialRecordDenormalizer::class) ->tag('serializer.normalizer', [ 'priority' => 1024, ]); diff --git a/src/symfony/src/Resources/views/data_collector/tab/attestation.html.twig b/src/symfony/src/Resources/views/data_collector/tab/attestation.html.twig index 6d83c9e05..56bb450ca 100644 --- a/src/symfony/src/Resources/views/data_collector/tab/attestation.html.twig +++ b/src/symfony/src/Resources/views/data_collector/tab/attestation.html.twig @@ -79,7 +79,7 @@ - {{ profiler_dump(data.credential_source) }} + {{ profiler_dump(data.credential_record) }} {% endfor %} diff --git a/src/symfony/src/Resources/views/data_collector/tab/request.html.twig b/src/symfony/src/Resources/views/data_collector/tab/request.html.twig index 1fad1b756..7ef169f9f 100644 --- a/src/symfony/src/Resources/views/data_collector/tab/request.html.twig +++ b/src/symfony/src/Resources/views/data_collector/tab/request.html.twig @@ -83,7 +83,7 @@ - {{ profiler_dump(data.credential_source) }} + {{ profiler_dump(data.credential_record) }} {% endfor %} diff --git a/src/symfony/src/Security/Authentication/WebauthnAuthenticator.php b/src/symfony/src/Security/Authentication/WebauthnAuthenticator.php index f12a17399..b3ebddeee 100644 --- a/src/symfony/src/Security/Authentication/WebauthnAuthenticator.php +++ b/src/symfony/src/Security/Authentication/WebauthnAuthenticator.php @@ -30,7 +30,7 @@ public function createToken(Passport $passport, string $firewallName): TokenInte $token = new WebauthnToken( $webauthnBadge->getPublicKeyCredentialUserEntity(), $webauthnBadge->getPublicKeyCredentialOptions(), - $webauthnBadge->getPublicKeyCredentialSource() + $webauthnBadge->getCredentialRecord() ->getPublicKeyCredentialDescriptor(), $authData->isUserPresent(), $authData->isUserVerified(), diff --git a/src/symfony/src/Security/Authentication/WebauthnBadge.php b/src/symfony/src/Security/Authentication/WebauthnBadge.php index 2fa5831b0..cdb70c262 100644 --- a/src/symfony/src/Security/Authentication/WebauthnBadge.php +++ b/src/symfony/src/Security/Authentication/WebauthnBadge.php @@ -9,8 +9,8 @@ use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge; use Webauthn\AuthenticatorResponse; +use Webauthn\CredentialRecord; use Webauthn\PublicKeyCredentialOptions; -use Webauthn\PublicKeyCredentialSource; use Webauthn\PublicKeyCredentialUserEntity; use function sprintf; @@ -24,7 +24,7 @@ final class WebauthnBadge extends UserBadge private PublicKeyCredentialUserEntity $publicKeyCredentialUserEntity; - private PublicKeyCredentialSource $publicKeyCredentialSource; + private CredentialRecord $credentialRecord; private UserInterface $user; @@ -72,12 +72,17 @@ public function getPublicKeyCredentialUserEntity(): PublicKeyCredentialUserEntit return $this->publicKeyCredentialUserEntity; } - public function getPublicKeyCredentialSource(): PublicKeyCredentialSource + public function getCredentialRecord(): CredentialRecord { if (! $this->isResolved) { throw new LogicException('The badge is not resolved.'); } - return $this->publicKeyCredentialSource; + return $this->credentialRecord; + } + + public function getPublicKeyCredentialSource(): CredentialRecord + { + return $this->getCredentialRecord(); } public function getUser(): UserInterface @@ -92,7 +97,7 @@ public function markResolved( AuthenticatorResponse $authenticatorResponse, PublicKeyCredentialOptions $publicKeyCredentialOptions, PublicKeyCredentialUserEntity $publicKeyCredentialUserEntity, - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, ): void { if ($this->userLoader === null) { throw new LogicException(sprintf( @@ -103,11 +108,11 @@ public function markResolved( $this->authenticatorResponse = $authenticatorResponse; $this->publicKeyCredentialOptions = $publicKeyCredentialOptions; $this->publicKeyCredentialUserEntity = $publicKeyCredentialUserEntity; - $this->publicKeyCredentialSource = $publicKeyCredentialSource; + $this->credentialRecord = $credentialRecord; $user = ($this->userLoader)($publicKeyCredentialUserEntity->name, $this->attributes); if ($user === null) { $exception = new UserNotFoundException(); - $exception->setUserIdentifier($publicKeyCredentialSource->userHandle); + $exception->setUserIdentifier($credentialRecord->userHandle); throw $exception; } diff --git a/src/symfony/src/Security/Authentication/WebauthnBadgeListener.php b/src/symfony/src/Security/Authentication/WebauthnBadgeListener.php index 01ca8ae86..e56e116bd 100644 --- a/src/symfony/src/Security/Authentication/WebauthnBadgeListener.php +++ b/src/symfony/src/Security/Authentication/WebauthnBadgeListener.php @@ -15,8 +15,8 @@ use Webauthn\AuthenticatorAttestationResponse; use Webauthn\AuthenticatorAttestationResponseValidator; use Webauthn\Bundle\Repository\CanRegisterUserEntity; -use Webauthn\Bundle\Repository\CanSaveCredentialSource; -use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; +use Webauthn\Bundle\Repository\CanSaveCredentialRecord; +use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface; use Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepositoryInterface; use Webauthn\Bundle\Security\Storage\OptionsStorage; use Webauthn\Exception\InvalidDataException; @@ -32,7 +32,7 @@ public function __construct( private OptionsStorage $optionsStorage, private SerializerInterface $publicKeyCredentialLoader, private PublicKeyCredentialUserEntityRepositoryInterface $credentialUserEntityRepository, - private PublicKeyCredentialSourceRepositoryInterface $publicKeyCredentialSourceRepository, + private CredentialRecordRepositoryInterface $credentialRecordRepository, private AuthenticatorAssertionResponseValidator $assertionResponseValidator, private AuthenticatorAttestationResponseValidator $attestationResponseValidator, private UserProviderInterface $userProvider, @@ -95,35 +95,26 @@ private function processRequest( string $publicKeyCredentialId, AuthenticatorAssertionResponse $response, ): void { - $publicKeyCredentialSource = $this->publicKeyCredentialSourceRepository->findOneByCredentialId( - $publicKeyCredentialId - ); - if ($publicKeyCredentialSource === null) { - throw InvalidDataException::create($publicKeyCredentialSource, 'The credential ID is invalid.'); + $credentialRecord = $this->credentialRecordRepository->findOneByCredentialId($publicKeyCredentialId); + if ($credentialRecord === null) { + throw InvalidDataException::create($credentialRecord, 'The credential ID is invalid.'); } - $publicKeyCredentialSource = $this->assertionResponseValidator->check( - $publicKeyCredentialSource, + $credentialRecord = $this->assertionResponseValidator->check( + $credentialRecord, $response, $publicKeyCredentialRequestOptions, $badge->host, $userEntity?->id ); - $userEntity = $this->credentialUserEntityRepository->findOneByUserHandle( - $publicKeyCredentialSource->userHandle - ); + $userEntity = $this->credentialUserEntityRepository->findOneByUserHandle($credentialRecord->userHandle); if (! $userEntity instanceof PublicKeyCredentialUserEntity) { throw InvalidDataException::create($userEntity, 'Invalid user entity'); } - if ($this->publicKeyCredentialSourceRepository instanceof CanSaveCredentialSource) { - $this->publicKeyCredentialSourceRepository->saveCredentialSource($publicKeyCredentialSource); + if ($this->credentialRecordRepository instanceof CanSaveCredentialRecord) { + $this->credentialRecordRepository->saveCredentialSource($credentialRecord); } - $badge->markResolved( - $response, - $publicKeyCredentialRequestOptions, - $userEntity, - $publicKeyCredentialSource, - ); + $badge->markResolved($response, $publicKeyCredentialRequestOptions, $userEntity, $credentialRecord); } private function processCreation( @@ -135,7 +126,7 @@ private function processCreation( if (! $this->credentialUserEntityRepository instanceof CanRegisterUserEntity) { throw UnsupportedFeatureException::create('The user entity repository does not support registration.'); } - if (! $this->publicKeyCredentialSourceRepository instanceof CanSaveCredentialSource) { + if (! $this->credentialRecordRepository instanceof CanSaveCredentialRecord) { throw UnsupportedFeatureException::create( 'The credential source repository does not support registration.' ); @@ -146,24 +137,19 @@ private function processCreation( if ($this->credentialUserEntityRepository->findOneByUsername($userEntity->name) !== null) { throw InvalidDataException::create($userEntity, 'The username already exists'); } - $publicKeyCredentialSource = $this->attestationResponseValidator->check( + $credentialRecord = $this->attestationResponseValidator->check( $response, $publicKeyCredentialCreationOptions, $badge->host, ); - if ($this->publicKeyCredentialSourceRepository->findOneByCredentialId( - $publicKeyCredentialSource->publicKeyCredentialId + if ($this->credentialRecordRepository->findOneByCredentialId( + $credentialRecord->publicKeyCredentialId ) !== null) { - throw InvalidDataException::create($publicKeyCredentialSource, 'The credentials already exists'); + throw InvalidDataException::create($credentialRecord, 'The credentials already exists'); } $this->credentialUserEntityRepository->saveUserEntity($userEntity); - $this->publicKeyCredentialSourceRepository->saveCredentialSource($publicKeyCredentialSource); + $this->credentialRecordRepository->saveCredentialSource($credentialRecord); - $badge->markResolved( - $response, - $publicKeyCredentialCreationOptions, - $userEntity, - $publicKeyCredentialSource, - ); + $badge->markResolved($response, $publicKeyCredentialCreationOptions, $userEntity, $credentialRecord); } } diff --git a/src/symfony/src/Security/Http/Authenticator/Passport/Credentials/WebauthnCredentials.php b/src/symfony/src/Security/Http/Authenticator/Passport/Credentials/WebauthnCredentials.php index af114b65a..9d137653b 100644 --- a/src/symfony/src/Security/Http/Authenticator/Passport/Credentials/WebauthnCredentials.php +++ b/src/symfony/src/Security/Http/Authenticator/Passport/Credentials/WebauthnCredentials.php @@ -6,8 +6,8 @@ use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\CredentialsInterface; use Webauthn\AuthenticatorResponse; +use Webauthn\CredentialRecord; use Webauthn\PublicKeyCredentialOptions; -use Webauthn\PublicKeyCredentialSource; use Webauthn\PublicKeyCredentialUserEntity; class WebauthnCredentials implements CredentialsInterface @@ -16,7 +16,7 @@ public function __construct( private readonly AuthenticatorResponse $authenticatorResponse, private readonly PublicKeyCredentialOptions $publicKeyCredentialOptions, private readonly PublicKeyCredentialUserEntity $publicKeyCredentialUserEntity, - private readonly PublicKeyCredentialSource $publicKeyCredentialSource, + private readonly CredentialRecord $credentialRecord, private readonly string $firewallName, ) { } @@ -36,9 +36,14 @@ public function getPublicKeyCredentialUserEntity(): ?PublicKeyCredentialUserEnti return $this->publicKeyCredentialUserEntity; } - public function getPublicKeyCredentialSource(): PublicKeyCredentialSource + public function getPublicKeyCredentialSource(): CredentialRecord { - return $this->publicKeyCredentialSource; + return $this->getCredentialRecord(); + } + + public function getCredentialRecord(): CredentialRecord + { + return $this->credentialRecord; } public function getFirewallName(): string diff --git a/src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php b/src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php index 2d9502890..95d3e119a 100644 --- a/src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php +++ b/src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php @@ -29,8 +29,8 @@ use Webauthn\Bundle\Exception\MissingFeatureException; use Webauthn\Bundle\Exception\MissingUserEntityException; use Webauthn\Bundle\Repository\CanRegisterUserEntity; -use Webauthn\Bundle\Repository\CanSaveCredentialSource; -use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; +use Webauthn\Bundle\Repository\CanSaveCredentialRecord; +use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface; use Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepositoryInterface; use Webauthn\Bundle\Security\Authentication\Token\WebauthnToken; use Webauthn\Bundle\Security\Http\Authenticator\Passport\Credentials\WebauthnCredentials; @@ -54,7 +54,7 @@ public function __construct( private readonly AuthenticationSuccessHandlerInterface $successHandler, private readonly AuthenticationFailureHandlerInterface $failureHandler, private readonly OptionsStorage $optionsStorage, - private readonly PublicKeyCredentialSourceRepositoryInterface $publicKeyCredentialSourceRepository, + private readonly CredentialRecordRepositoryInterface $credentialRecordRepository, private readonly PublicKeyCredentialUserEntityRepositoryInterface $credentialUserEntityRepository, private readonly SerializerInterface $publicKeyCredentialLoader, private readonly AuthenticatorAssertionResponseValidator $assertionResponseValidator, @@ -116,7 +116,7 @@ public function createToken(Passport $passport, string $firewallName): TokenInte $token = new WebauthnToken( $userEntity, $credentialsBadge->getPublicKeyCredentialOptions(), - $credentialsBadge->getPublicKeyCredentialSource() + $credentialsBadge->getCredentialRecord() ->getPublicKeyCredentialDescriptor(), $authData->isUserPresent(), $authData->isUserVerified(), @@ -182,25 +182,23 @@ private function processWithAssertion(Request $request): Passport ); $userEntity = $data->getPublicKeyCredentialUserEntity(); - $publicKeyCredentialSource = $this->publicKeyCredentialSourceRepository->findOneByCredentialId( + $credentialRecord = $this->credentialRecordRepository->findOneByCredentialId( $publicKeyCredential->rawId ); - $publicKeyCredentialSource !== null || throw AuthenticatorResponseVerificationException::create( + $credentialRecord !== null || throw AuthenticatorResponseVerificationException::create( 'The credential ID is invalid.' ); - $publicKeyCredentialSource = $this->assertionResponseValidator->check( - $publicKeyCredentialSource, + $credentialRecord = $this->assertionResponseValidator->check( + $credentialRecord, $response, $publicKeyCredentialRequestOptions, $request->getHost(), $userEntity?->id ); - if ($this->publicKeyCredentialSourceRepository instanceof CanSaveCredentialSource) { - $this->publicKeyCredentialSourceRepository->saveCredentialSource($publicKeyCredentialSource); + if ($this->credentialRecordRepository instanceof CanSaveCredentialRecord) { + $this->credentialRecordRepository->saveCredentialSource($credentialRecord); } - $userEntity = $this->credentialUserEntityRepository->findOneByUserHandle( - $publicKeyCredentialSource->userHandle - ); + $userEntity = $this->credentialUserEntityRepository->findOneByUserHandle($credentialRecord->userHandle); $userEntity instanceof PublicKeyCredentialUserEntity || throw InvalidDataException::create( $userEntity, 'Invalid user entity' @@ -209,7 +207,7 @@ private function processWithAssertion(Request $request): Passport $response, $publicKeyCredentialRequestOptions, $userEntity, - $publicKeyCredentialSource, + $credentialRecord, $this->firewallConfig->getFirewallName() ); $userBadge = new UserBadge($userEntity->name, $this->userProvider->loadUserByIdentifier(...)); @@ -225,7 +223,7 @@ private function processWithAttestation(Request $request): Passport if (! $this->credentialUserEntityRepository instanceof CanRegisterUserEntity) { throw MissingFeatureException::create('Unable to register the user.'); } - if (! $this->publicKeyCredentialSourceRepository instanceof CanSaveCredentialSource) { + if (! $this->credentialRecordRepository instanceof CanSaveCredentialRecord) { throw MissingFeatureException::create('Unable to register the credential.'); } $format = $request->getContentTypeFormat(); @@ -252,7 +250,7 @@ private function processWithAttestation(Request $request): Passport $userEntity, 'Unable to find the public key credential user entity' ); - $credentialSource = $this->attestationResponseValidator->check( + $credentialRecord = $this->attestationResponseValidator->check( $response, $publicKeyCredentialCreationOptions, $request->getHost() @@ -260,18 +258,18 @@ private function processWithAttestation(Request $request): Passport if ($this->credentialUserEntityRepository->findOneByUsername($userEntity->name) !== null) { throw InvalidDataException::create($userEntity, 'The username already exists'); } - if ($this->publicKeyCredentialSourceRepository->findOneByCredentialId( - $credentialSource->publicKeyCredentialId + if ($this->credentialRecordRepository->findOneByCredentialId( + $credentialRecord->publicKeyCredentialId ) !== null) { - throw InvalidDataException::create($credentialSource, 'The credentials already exists'); + throw InvalidDataException::create($credentialRecord, 'The credentials already exists'); } $this->credentialUserEntityRepository->saveUserEntity($userEntity); - $this->publicKeyCredentialSourceRepository->saveCredentialSource($credentialSource); + $this->credentialRecordRepository->saveCredentialRecord($credentialRecord); $credentials = new WebauthnCredentials( $response, $publicKeyCredentialCreationOptions, $userEntity, - $credentialSource, + $credentialRecord, $this->firewallConfig->getFirewallName() ); $userBadge = new UserBadge($userEntity->name, $this->userProvider->loadUserByIdentifier(...)); diff --git a/src/webauthn/src/AuthenticatorAssertionResponseValidator.php b/src/webauthn/src/AuthenticatorAssertionResponseValidator.php index 9ec1279b4..f8daa5f4b 100644 --- a/src/webauthn/src/AuthenticatorAssertionResponseValidator.php +++ b/src/webauthn/src/AuthenticatorAssertionResponseValidator.php @@ -38,15 +38,15 @@ public static function create(CeremonyStepManager $ceremonyStepManager): self * @see https://www.w3.org/TR/webauthn/#verifying-assertion */ public function check( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse $authenticatorAssertionResponse, PublicKeyCredentialRequestOptions $publicKeyCredentialRequestOptions, string $host, ?string $userHandle, - ): PublicKeyCredentialSource { + ): CredentialRecord { try { $this->logger->info('Checking the authenticator assertion response', [ - 'publicKeyCredentialSource' => $publicKeyCredentialSource, + 'credentialRecord' => $credentialRecord, 'authenticatorAssertionResponse' => $authenticatorAssertionResponse, 'publicKeyCredentialRequestOptions' => $publicKeyCredentialRequestOptions, 'host' => $host, @@ -54,18 +54,18 @@ public function check( ]); $this->ceremonyStepManager->process( - $publicKeyCredentialSource, + $credentialRecord, $authenticatorAssertionResponse, $publicKeyCredentialRequestOptions, $userHandle, $host ); - $publicKeyCredentialSource->counter = $authenticatorAssertionResponse->authenticatorData->signCount; //26.1. - $publicKeyCredentialSource->backupEligible = $authenticatorAssertionResponse->authenticatorData->isBackupEligible(); //26.2. - $publicKeyCredentialSource->backupStatus = $authenticatorAssertionResponse->authenticatorData->isBackedUp(); //26.2. - if ($publicKeyCredentialSource->uvInitialized === false) { - $publicKeyCredentialSource->uvInitialized = $authenticatorAssertionResponse->authenticatorData->isUserVerified(); //26.3. + $credentialRecord->counter = $authenticatorAssertionResponse->authenticatorData->signCount; //26.1. + $credentialRecord->backupEligible = $authenticatorAssertionResponse->authenticatorData->isBackupEligible(); //26.2. + $credentialRecord->backupStatus = $authenticatorAssertionResponse->authenticatorData->isBackedUp(); //26.2. + if ($credentialRecord->uvInitialized === false) { + $credentialRecord->uvInitialized = $authenticatorAssertionResponse->authenticatorData->isUserVerified(); //26.3. } /* * 26.3. @@ -75,7 +75,7 @@ public function check( //All good. We can continue. $this->logger->info('The assertion is valid'); $this->logger->debug('Public Key Credential Source', [ - 'publicKeyCredentialSource' => $publicKeyCredentialSource, + 'credentialRecord' => $credentialRecord, ]); $this->eventDispatcher->dispatch( $this->createAuthenticatorAssertionResponseValidationSucceededEvent( @@ -83,18 +83,18 @@ public function check( $publicKeyCredentialRequestOptions, $host, $userHandle, - $publicKeyCredentialSource + $credentialRecord ) ); // 27. - return $publicKeyCredentialSource; + return $credentialRecord; } catch (AuthenticatorResponseVerificationException $throwable) { $this->logger->error('An error occurred', [ 'exception' => $throwable, ]); $this->eventDispatcher->dispatch( $this->createAuthenticatorAssertionResponseValidationFailedEvent( - $publicKeyCredentialSource, + $credentialRecord, $authenticatorAssertionResponse, $publicKeyCredentialRequestOptions, $host, @@ -121,19 +121,19 @@ protected function createAuthenticatorAssertionResponseValidationSucceededEvent( PublicKeyCredentialRequestOptions $publicKeyCredentialRequestOptions, string $host, ?string $userHandle, - PublicKeyCredentialSource $publicKeyCredentialSource + CredentialRecord $credentialRecord ): AuthenticatorAssertionResponseValidationSucceededEvent { return new AuthenticatorAssertionResponseValidationSucceededEvent( $authenticatorAssertionResponse, $publicKeyCredentialRequestOptions, $host, $userHandle, - $publicKeyCredentialSource + $credentialRecord ); } protected function createAuthenticatorAssertionResponseValidationFailedEvent( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse $authenticatorAssertionResponse, PublicKeyCredentialRequestOptions $publicKeyCredentialRequestOptions, string $host, @@ -141,7 +141,7 @@ protected function createAuthenticatorAssertionResponseValidationFailedEvent( Throwable $throwable ): AuthenticatorAssertionResponseValidationFailedEvent { return new AuthenticatorAssertionResponseValidationFailedEvent( - $publicKeyCredentialSource, + $credentialRecord, $authenticatorAssertionResponse, $publicKeyCredentialRequestOptions, $host, diff --git a/src/webauthn/src/AuthenticatorAttestationResponseValidator.php b/src/webauthn/src/AuthenticatorAttestationResponseValidator.php index a032b5c31..41ce7f35d 100644 --- a/src/webauthn/src/AuthenticatorAttestationResponseValidator.php +++ b/src/webauthn/src/AuthenticatorAttestationResponseValidator.php @@ -51,7 +51,7 @@ public function check( AuthenticatorAttestationResponse $authenticatorAttestationResponse, PublicKeyCredentialCreationOptions $publicKeyCredentialCreationOptions, string $host, - ): PublicKeyCredentialSource { + ): CredentialRecord { try { $this->logger->info('Checking the authenticator attestation response', [ 'authenticatorAttestationResponse' => $authenticatorAttestationResponse, @@ -59,37 +59,37 @@ public function check( 'host' => $host, ]); - $publicKeyCredentialSource = $this->createPublicKeyCredentialSource( + $credentialRecord = $this->createCredentialRecord( $authenticatorAttestationResponse, $publicKeyCredentialCreationOptions ); $this->ceremonyStepManager->process( - $publicKeyCredentialSource, + $credentialRecord, $authenticatorAttestationResponse, $publicKeyCredentialCreationOptions, $publicKeyCredentialCreationOptions->user->id, $host ); - $publicKeyCredentialSource->counter = $authenticatorAttestationResponse->attestationObject->authData->signCount; - $publicKeyCredentialSource->backupEligible = $authenticatorAttestationResponse->attestationObject->authData->isBackupEligible(); - $publicKeyCredentialSource->backupStatus = $authenticatorAttestationResponse->attestationObject->authData->isBackedUp(); - $publicKeyCredentialSource->uvInitialized = $authenticatorAttestationResponse->attestationObject->authData->isUserVerified(); + $credentialRecord->counter = $authenticatorAttestationResponse->attestationObject->authData->signCount; + $credentialRecord->backupEligible = $authenticatorAttestationResponse->attestationObject->authData->isBackupEligible(); + $credentialRecord->backupStatus = $authenticatorAttestationResponse->attestationObject->authData->isBackedUp(); + $credentialRecord->uvInitialized = $authenticatorAttestationResponse->attestationObject->authData->isUserVerified(); $this->logger->info('The attestation is valid'); $this->logger->debug('Public Key Credential Source', [ - 'publicKeyCredentialSource' => $publicKeyCredentialSource, + 'credentialRecord' => $credentialRecord, ]); $this->eventDispatcher->dispatch( $this->createAuthenticatorAttestationResponseValidationSucceededEvent( $authenticatorAttestationResponse, $publicKeyCredentialCreationOptions, $host, - $publicKeyCredentialSource + $credentialRecord ) ); - return $publicKeyCredentialSource; + return $credentialRecord; } catch (Throwable $throwable) { $this->logger->error('An error occurred', [ 'exception' => $throwable, @@ -110,13 +110,13 @@ protected function createAuthenticatorAttestationResponseValidationSucceededEven AuthenticatorAttestationResponse $authenticatorAttestationResponse, PublicKeyCredentialCreationOptions $publicKeyCredentialCreationOptions, string $host, - PublicKeyCredentialSource $publicKeyCredentialSource + CredentialRecord $credentialRecord ): AuthenticatorAttestationResponseValidationSucceededEvent { return new AuthenticatorAttestationResponseValidationSucceededEvent( $authenticatorAttestationResponse, $publicKeyCredentialCreationOptions, $host, - $publicKeyCredentialSource + $credentialRecord ); } @@ -134,10 +134,10 @@ protected function createAuthenticatorAttestationResponseValidationFailedEvent( ); } - private function createPublicKeyCredentialSource( + private function createCredentialRecord( AuthenticatorAttestationResponse $authenticatorAttestationResponse, PublicKeyCredentialCreationOptions $publicKeyCredentialCreationOptions, - ): PublicKeyCredentialSource { + ): CredentialRecord { $attestationObject = $authenticatorAttestationResponse->attestationObject; $attestedCredentialData = $attestationObject->authData->attestedCredentialData; $attestedCredentialData !== null || throw AuthenticatorResponseVerificationException::create( @@ -151,7 +151,7 @@ private function createPublicKeyCredentialSource( $userHandle = $publicKeyCredentialCreationOptions->user->id; $transports = $authenticatorAttestationResponse->transports; - return PublicKeyCredentialSource::create( + return CredentialRecord::create( $credentialId, PublicKeyCredentialDescriptor::CREDENTIAL_TYPE_PUBLIC_KEY, $transports, diff --git a/src/webauthn/src/CeremonyStep/CeremonyStep.php b/src/webauthn/src/CeremonyStep/CeremonyStep.php index d015e00a0..34921c6f3 100644 --- a/src/webauthn/src/CeremonyStep/CeremonyStep.php +++ b/src/webauthn/src/CeremonyStep/CeremonyStep.php @@ -6,14 +6,14 @@ use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; interface CeremonyStep { public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, diff --git a/src/webauthn/src/CeremonyStep/CeremonyStepManager.php b/src/webauthn/src/CeremonyStep/CeremonyStepManager.php index 745c89b98..14e9bc18f 100644 --- a/src/webauthn/src/CeremonyStep/CeremonyStepManager.php +++ b/src/webauthn/src/CeremonyStep/CeremonyStepManager.php @@ -6,9 +6,9 @@ use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; final readonly class CeremonyStepManager { @@ -21,7 +21,7 @@ public function __construct( } public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, @@ -29,7 +29,7 @@ public function process( ): void { foreach ($this->steps as $step) { $step->process( - $publicKeyCredentialSource, + $credentialRecord, $authenticatorResponse, $publicKeyCredentialOptions, $userHandle, diff --git a/src/webauthn/src/CeremonyStep/CheckAlgorithm.php b/src/webauthn/src/CeremonyStep/CheckAlgorithm.php index 74a221e14..0753edc3a 100644 --- a/src/webauthn/src/CeremonyStep/CheckAlgorithm.php +++ b/src/webauthn/src/CeremonyStep/CheckAlgorithm.php @@ -10,10 +10,10 @@ use Cose\Key\Key; use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; use Webauthn\StringStream; use Webauthn\U2FPublicKey; use function count; @@ -24,7 +24,7 @@ class CheckAlgorithm implements CeremonyStep { public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, @@ -33,7 +33,7 @@ public function process( if (! $publicKeyCredentialOptions instanceof PublicKeyCredentialCreationOptions) { return; } - $credentialPublicKey = $publicKeyCredentialSource->getAttestedCredentialData() + $credentialPublicKey = $credentialRecord->getAttestedCredentialData() ->credentialPublicKey; $credentialPublicKey !== null || throw AuthenticatorResponseVerificationException::create( 'No public key available.' diff --git a/src/webauthn/src/CeremonyStep/CheckAllowedCredentialList.php b/src/webauthn/src/CeremonyStep/CheckAllowedCredentialList.php index bd51f61e6..5d6b0ec13 100644 --- a/src/webauthn/src/CeremonyStep/CheckAllowedCredentialList.php +++ b/src/webauthn/src/CeremonyStep/CheckAllowedCredentialList.php @@ -6,16 +6,16 @@ use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; use function count; final class CheckAllowedCredentialList implements CeremonyStep { public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, @@ -29,7 +29,7 @@ public function process( } foreach ($publicKeyCredentialOptions->allowCredentials as $allowedCredential) { - if (hash_equals($allowedCredential->id, $publicKeyCredentialSource->publicKeyCredentialId)) { + if (hash_equals($allowedCredential->id, $credentialRecord->publicKeyCredentialId)) { return; } } diff --git a/src/webauthn/src/CeremonyStep/CheckAllowedOrigins.php b/src/webauthn/src/CeremonyStep/CheckAllowedOrigins.php index 3dc08c080..762f00bb7 100644 --- a/src/webauthn/src/CeremonyStep/CheckAllowedOrigins.php +++ b/src/webauthn/src/CeremonyStep/CheckAllowedOrigins.php @@ -8,10 +8,10 @@ use Webauthn\AuthenticationExtensions\AuthenticationExtensions; use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; use function count; use function in_array; use function is_array; @@ -50,7 +50,7 @@ public function __construct( } public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, diff --git a/src/webauthn/src/CeremonyStep/CheckAttestationFormatIsKnownAndValid.php b/src/webauthn/src/CeremonyStep/CheckAttestationFormatIsKnownAndValid.php index 2c022938c..a673774dd 100644 --- a/src/webauthn/src/CeremonyStep/CheckAttestationFormatIsKnownAndValid.php +++ b/src/webauthn/src/CeremonyStep/CheckAttestationFormatIsKnownAndValid.php @@ -7,10 +7,10 @@ use Webauthn\AttestationStatement\AttestationStatementSupportManager; use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; final readonly class CheckAttestationFormatIsKnownAndValid implements CeremonyStep { @@ -20,7 +20,7 @@ public function __construct( } public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, diff --git a/src/webauthn/src/CeremonyStep/CheckBackupBitsAreConsistent.php b/src/webauthn/src/CeremonyStep/CheckBackupBitsAreConsistent.php index dffa239c6..11888525a 100644 --- a/src/webauthn/src/CeremonyStep/CheckBackupBitsAreConsistent.php +++ b/src/webauthn/src/CeremonyStep/CheckBackupBitsAreConsistent.php @@ -6,15 +6,15 @@ use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; final class CheckBackupBitsAreConsistent implements CeremonyStep { public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, diff --git a/src/webauthn/src/CeremonyStep/CheckChallenge.php b/src/webauthn/src/CeremonyStep/CheckChallenge.php index a1c059706..9c756fbf9 100644 --- a/src/webauthn/src/CeremonyStep/CheckChallenge.php +++ b/src/webauthn/src/CeremonyStep/CheckChallenge.php @@ -6,15 +6,15 @@ use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; final class CheckChallenge implements CeremonyStep { public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, diff --git a/src/webauthn/src/CeremonyStep/CheckClientDataCollectorType.php b/src/webauthn/src/CeremonyStep/CheckClientDataCollectorType.php index 8a4f22fdc..293190f18 100644 --- a/src/webauthn/src/CeremonyStep/CheckClientDataCollectorType.php +++ b/src/webauthn/src/CeremonyStep/CheckClientDataCollectorType.php @@ -8,9 +8,9 @@ use Webauthn\AuthenticatorAttestationResponse; use Webauthn\ClientDataCollector\ClientDataCollectorManager; use Webauthn\ClientDataCollector\WebauthnAuthenticationCollector; +use Webauthn\CredentialRecord; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; final readonly class CheckClientDataCollectorType implements CeremonyStep { @@ -24,7 +24,7 @@ public function __construct(null|ClientDataCollectorManager $clientDataCollector } public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, diff --git a/src/webauthn/src/CeremonyStep/CheckCounter.php b/src/webauthn/src/CeremonyStep/CheckCounter.php index 788287458..ba391b387 100644 --- a/src/webauthn/src/CeremonyStep/CheckCounter.php +++ b/src/webauthn/src/CeremonyStep/CheckCounter.php @@ -7,9 +7,9 @@ use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; use Webauthn\Counter\CounterChecker; +use Webauthn\CredentialRecord; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; final readonly class CheckCounter implements CeremonyStep { @@ -19,18 +19,18 @@ public function __construct( } public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, string $host ): void { $authData = $authenticatorResponse instanceof AuthenticatorAssertionResponse ? $authenticatorResponse->authenticatorData : $authenticatorResponse->attestationObject->authData; - $storedCounter = $publicKeyCredentialSource->counter; + $storedCounter = $credentialRecord->counter; $responseCounter = $authData->signCount; if ($responseCounter !== 0 || $storedCounter !== 0) { - $this->counterChecker->check($publicKeyCredentialSource, $responseCounter); + $this->counterChecker->check($credentialRecord, $responseCounter); } - $publicKeyCredentialSource->counter = $responseCounter; + $credentialRecord->counter = $responseCounter; } } diff --git a/src/webauthn/src/CeremonyStep/CheckCredentialId.php b/src/webauthn/src/CeremonyStep/CheckCredentialId.php index 5b58da887..a0e6b5ea6 100644 --- a/src/webauthn/src/CeremonyStep/CheckCredentialId.php +++ b/src/webauthn/src/CeremonyStep/CheckCredentialId.php @@ -6,22 +6,22 @@ use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; use function strlen; class CheckCredentialId implements CeremonyStep { public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, string $host ): void { - $credentialId = $publicKeyCredentialSource->publicKeyCredentialId; + $credentialId = $credentialRecord->publicKeyCredentialId; strlen($credentialId) <= 1023 || throw new AuthenticatorResponseVerificationException( 'Credential ID too long.' ); diff --git a/src/webauthn/src/CeremonyStep/CheckExtensions.php b/src/webauthn/src/CeremonyStep/CheckExtensions.php index fd40fdf9e..40f36457a 100644 --- a/src/webauthn/src/CeremonyStep/CheckExtensions.php +++ b/src/webauthn/src/CeremonyStep/CheckExtensions.php @@ -7,9 +7,9 @@ use Webauthn\AuthenticationExtensions\ExtensionOutputCheckerHandler; use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; final readonly class CheckExtensions implements CeremonyStep { @@ -19,7 +19,7 @@ public function __construct( } public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, diff --git a/src/webauthn/src/CeremonyStep/CheckHasAttestedCredentialData.php b/src/webauthn/src/CeremonyStep/CheckHasAttestedCredentialData.php index cf1cd23dd..c76f876b9 100644 --- a/src/webauthn/src/CeremonyStep/CheckHasAttestedCredentialData.php +++ b/src/webauthn/src/CeremonyStep/CheckHasAttestedCredentialData.php @@ -6,15 +6,15 @@ use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; final class CheckHasAttestedCredentialData implements CeremonyStep { public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, diff --git a/src/webauthn/src/CeremonyStep/CheckMetadataStatement.php b/src/webauthn/src/CeremonyStep/CheckMetadataStatement.php index 356e1288d..3b86fa02d 100644 --- a/src/webauthn/src/CeremonyStep/CheckMetadataStatement.php +++ b/src/webauthn/src/CeremonyStep/CheckMetadataStatement.php @@ -9,6 +9,7 @@ use Webauthn\AttestationStatement\AttestationStatement; use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\MetadataService\CanLogData; use Webauthn\MetadataService\CertificateChain\CertificateChainValidator; @@ -18,7 +19,6 @@ use Webauthn\MetadataService\StatusReportRepository; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; use Webauthn\TrustPath\CertificateTrustPath; use function count; use function in_array; @@ -60,7 +60,7 @@ public function setLogger(LoggerInterface $logger): void } public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, diff --git a/src/webauthn/src/CeremonyStep/CheckOrigin.php b/src/webauthn/src/CeremonyStep/CheckOrigin.php index 1453b3223..7f6f84005 100644 --- a/src/webauthn/src/CeremonyStep/CheckOrigin.php +++ b/src/webauthn/src/CeremonyStep/CheckOrigin.php @@ -7,10 +7,10 @@ use Webauthn\AuthenticationExtensions\AuthenticationExtensions; use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; use function in_array; use function is_array; use function is_string; @@ -30,7 +30,7 @@ public function __construct( } public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, diff --git a/src/webauthn/src/CeremonyStep/CheckRelyingPartyIdIdHash.php b/src/webauthn/src/CeremonyStep/CheckRelyingPartyIdIdHash.php index 8465a01d5..ee5e0c704 100644 --- a/src/webauthn/src/CeremonyStep/CheckRelyingPartyIdIdHash.php +++ b/src/webauthn/src/CeremonyStep/CheckRelyingPartyIdIdHash.php @@ -7,17 +7,17 @@ use Webauthn\AuthenticationExtensions\AuthenticationExtensions; use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; use Webauthn\U2FPublicKey; use function is_string; final class CheckRelyingPartyIdIdHash implements CeremonyStep { public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, @@ -25,7 +25,7 @@ public function process( ): void { $authData = $authenticatorResponse instanceof AuthenticatorAssertionResponse ? $authenticatorResponse->authenticatorData : $authenticatorResponse->attestationObject->authData; $C = $authenticatorResponse->clientDataJSON; - $attestedCredentialData = $publicKeyCredentialSource->getAttestedCredentialData(); + $attestedCredentialData = $credentialRecord->getAttestedCredentialData(); $credentialPublicKey = $attestedCredentialData->credentialPublicKey; $credentialPublicKey !== null || throw AuthenticatorResponseVerificationException::create( 'No public key available.' diff --git a/src/webauthn/src/CeremonyStep/CheckSignature.php b/src/webauthn/src/CeremonyStep/CheckSignature.php index d9caa1c23..5d64bfcc8 100644 --- a/src/webauthn/src/CeremonyStep/CheckSignature.php +++ b/src/webauthn/src/CeremonyStep/CheckSignature.php @@ -13,10 +13,10 @@ use Cose\Key\Key; use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; use Webauthn\StringStream; use Webauthn\U2FPublicKey; use Webauthn\Util\CoseSignatureFixer; @@ -32,7 +32,7 @@ public function __construct(null|Manager $algorithmManager = null) } public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, @@ -41,7 +41,7 @@ public function process( if (! $authenticatorResponse instanceof AuthenticatorAssertionResponse) { return; } - $credentialPublicKey = $publicKeyCredentialSource->getAttestedCredentialData() + $credentialPublicKey = $credentialRecord->getAttestedCredentialData() ->credentialPublicKey; $credentialPublicKey !== null || throw AuthenticatorResponseVerificationException::create( 'No public key available.' diff --git a/src/webauthn/src/CeremonyStep/CheckTopOrigin.php b/src/webauthn/src/CeremonyStep/CheckTopOrigin.php index bb9a55547..54f42c7e8 100644 --- a/src/webauthn/src/CeremonyStep/CheckTopOrigin.php +++ b/src/webauthn/src/CeremonyStep/CheckTopOrigin.php @@ -6,10 +6,10 @@ use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; class CheckTopOrigin implements CeremonyStep { @@ -19,7 +19,7 @@ public function __construct( } public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, diff --git a/src/webauthn/src/CeremonyStep/CheckUserHandle.php b/src/webauthn/src/CeremonyStep/CheckUserHandle.php index 27585754e..c16c42bed 100644 --- a/src/webauthn/src/CeremonyStep/CheckUserHandle.php +++ b/src/webauthn/src/CeremonyStep/CheckUserHandle.php @@ -6,15 +6,15 @@ use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\Exception\InvalidUserHandleException; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; final class CheckUserHandle implements CeremonyStep { public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, @@ -23,7 +23,7 @@ public function process( if (! $authenticatorResponse instanceof AuthenticatorAssertionResponse) { return; } - $credentialUserHandle = $publicKeyCredentialSource->userHandle; + $credentialUserHandle = $credentialRecord->userHandle; $responseUserHandle = $authenticatorResponse->userHandle; if ($userHandle !== null) { //If the user was identified before the authentication ceremony was initiated, $credentialUserHandle === $userHandle || throw InvalidUserHandleException::create(); diff --git a/src/webauthn/src/CeremonyStep/CheckUserVerification.php b/src/webauthn/src/CeremonyStep/CheckUserVerification.php index 392eca8bb..9f1cb8b2e 100644 --- a/src/webauthn/src/CeremonyStep/CheckUserVerification.php +++ b/src/webauthn/src/CeremonyStep/CheckUserVerification.php @@ -7,15 +7,15 @@ use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; use Webauthn\AuthenticatorSelectionCriteria; +use Webauthn\CredentialRecord; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; final class CheckUserVerification implements CeremonyStep { public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, diff --git a/src/webauthn/src/CeremonyStep/CheckUserWasPresent.php b/src/webauthn/src/CeremonyStep/CheckUserWasPresent.php index 32fd7fff6..2b68a6199 100644 --- a/src/webauthn/src/CeremonyStep/CheckUserWasPresent.php +++ b/src/webauthn/src/CeremonyStep/CheckUserWasPresent.php @@ -6,15 +6,15 @@ use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; final class CheckUserWasPresent implements CeremonyStep { public function process( - PublicKeyCredentialSource $publicKeyCredentialSource, + CredentialRecord $credentialRecord, AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse, PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions, ?string $userHandle, diff --git a/src/webauthn/src/Counter/CounterChecker.php b/src/webauthn/src/Counter/CounterChecker.php index a23d7ee48..e73fd01ef 100644 --- a/src/webauthn/src/Counter/CounterChecker.php +++ b/src/webauthn/src/Counter/CounterChecker.php @@ -4,9 +4,9 @@ namespace Webauthn\Counter; -use Webauthn\PublicKeyCredentialSource; +use Webauthn\CredentialRecord; interface CounterChecker { - public function check(PublicKeyCredentialSource $publicKeyCredentialSource, int $currentCounter): void; + public function check(CredentialRecord $credentialRecord, int $currentCounter): void; } diff --git a/src/webauthn/src/Counter/ThrowExceptionIfInvalid.php b/src/webauthn/src/Counter/ThrowExceptionIfInvalid.php index bf411d2a4..3f1547b79 100644 --- a/src/webauthn/src/Counter/ThrowExceptionIfInvalid.php +++ b/src/webauthn/src/Counter/ThrowExceptionIfInvalid.php @@ -6,9 +6,9 @@ use Psr\Log\LoggerInterface; use Psr\Log\NullLogger; +use Webauthn\CredentialRecord; use Webauthn\Exception\CounterException; use Webauthn\MetadataService\CanLogData; -use Webauthn\PublicKeyCredentialSource; final class ThrowExceptionIfInvalid implements CounterChecker, CanLogData { @@ -22,18 +22,18 @@ public function setLogger(LoggerInterface $logger): void $this->logger = $logger; } - public function check(PublicKeyCredentialSource $publicKeyCredentialSource, int $currentCounter): void + public function check(CredentialRecord $credentialRecord, int $currentCounter): void { try { - $currentCounter > $publicKeyCredentialSource->counter || throw CounterException::create( + $currentCounter > $credentialRecord->counter || throw CounterException::create( $currentCounter, - $publicKeyCredentialSource->counter, + $credentialRecord->counter, 'Invalid counter.' ); } catch (CounterException $throwable) { $this->logger->error('The counter is invalid', [ 'current' => $currentCounter, - 'new' => $publicKeyCredentialSource->counter, + 'new' => $credentialRecord->counter, ]); throw $throwable; } diff --git a/src/webauthn/src/CredentialRecord.php b/src/webauthn/src/CredentialRecord.php new file mode 100644 index 000000000..8bc787098 --- /dev/null +++ b/src/webauthn/src/CredentialRecord.php @@ -0,0 +1,84 @@ +|null $otherUI + */ + public function __construct( + public string $publicKeyCredentialId, + public string $type, + public array $transports, + public string $attestationType, + public TrustPath $trustPath, + public Uuid $aaguid, + public string $credentialPublicKey, + public string $userHandle, + public int $counter, + public ?array $otherUI = null, + public ?bool $backupEligible = null, + public ?bool $backupStatus = null, + public ?bool $uvInitialized = null, + ) { + } + + /** + * @param string[] $transports + * @param array|null $otherUI + */ + public static function create( + string $publicKeyCredentialId, + string $type, + array $transports, + string $attestationType, + TrustPath $trustPath, + Uuid $aaguid, + string $credentialPublicKey, + string $userHandle, + int $counter, + ?array $otherUI = null, + ?bool $backupEligible = null, + ?bool $backupStatus = null, + ?bool $uvInitialized = null, + ): self { + return new self( + $publicKeyCredentialId, + $type, + $transports, + $attestationType, + $trustPath, + $aaguid, + $credentialPublicKey, + $userHandle, + $counter, + $otherUI, + $backupEligible, + $backupStatus, + $uvInitialized + ); + } + + public function getPublicKeyCredentialDescriptor(): PublicKeyCredentialDescriptor + { + return PublicKeyCredentialDescriptor::create($this->type, $this->publicKeyCredentialId, $this->transports); + } + + public function getAttestedCredentialData(): AttestedCredentialData + { + return AttestedCredentialData::create($this->aaguid, $this->publicKeyCredentialId, $this->credentialPublicKey); + } +} diff --git a/src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php b/src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php new file mode 100644 index 000000000..a05add3af --- /dev/null +++ b/src/webauthn/src/Denormalizer/CredentialRecordDenormalizer.php @@ -0,0 +1,103 @@ +denormalizer->denormalize($data['trustPath'], TrustPath::class, $format, $context), + Uuid::fromString($data['aaguid']), + $data['credentialPublicKey'], + $data['userHandle'], + $data['counter'], + $data['otherUI'] ?? null, + $data['backupEligible'] ?? null, + $data['backupStatus'] ?? null, + $data['uvInitialized'] ?? null, + ); + } + + public function supportsDenormalization( + mixed $data, + string $type, + ?string $format = null, + array $context = [] + ): bool { + return $type === CredentialRecord::class; + } + + /** + * @return array + */ + public function getSupportedTypes(?string $format): array + { + return [ + CredentialRecord::class => true, + ]; + } + + /** + * @return array + */ + public function normalize(mixed $data, ?string $format = null, array $context = []): array + { + assert($data instanceof CredentialRecord); + $result = [ + 'publicKeyCredentialId' => Base64UrlSafe::encodeUnpadded($data->publicKeyCredentialId), + 'type' => $data->type, + 'transports' => $data->transports, + 'attestationType' => $data->attestationType, + 'trustPath' => $this->normalizer->normalize($data->trustPath, $format, $context), + 'aaguid' => $this->normalizer->normalize($data->aaguid, $format, $context), + 'credentialPublicKey' => Base64UrlSafe::encodeUnpadded($data->credentialPublicKey), + 'userHandle' => Base64UrlSafe::encodeUnpadded($data->userHandle), + 'counter' => $data->counter, + 'otherUI' => $data->otherUI, + 'backupEligible' => $data->backupEligible, + 'backupStatus' => $data->backupStatus, + 'uvInitialized' => $data->uvInitialized, + ]; + + return array_filter($result, static fn ($value): bool => $value !== null); + } + + public function supportsNormalization(mixed $data, ?string $format = null, array $context = []): bool + { + return $data instanceof CredentialRecord; + } +} diff --git a/src/webauthn/src/Denormalizer/PublicKeyCredentialSourceDenormalizer.php b/src/webauthn/src/Denormalizer/PublicKeyCredentialSourceDenormalizer.php index 3a963afa6..4507aaec5 100644 --- a/src/webauthn/src/Denormalizer/PublicKeyCredentialSourceDenormalizer.php +++ b/src/webauthn/src/Denormalizer/PublicKeyCredentialSourceDenormalizer.php @@ -4,97 +4,9 @@ namespace Webauthn\Denormalizer; -use ParagonIE\ConstantTime\Base64UrlSafe; -use Symfony\Component\Serializer\Normalizer\DenormalizerAwareInterface; -use Symfony\Component\Serializer\Normalizer\DenormalizerAwareTrait; -use Symfony\Component\Serializer\Normalizer\DenormalizerInterface; -use Symfony\Component\Serializer\Normalizer\NormalizerAwareInterface; -use Symfony\Component\Serializer\Normalizer\NormalizerAwareTrait; -use Symfony\Component\Serializer\Normalizer\NormalizerInterface; -use Symfony\Component\Uid\Uuid; -use Webauthn\Exception\InvalidDataException; -use Webauthn\PublicKeyCredentialSource; -use Webauthn\TrustPath\TrustPath; -use Webauthn\Util\Base64; -use function array_key_exists; -use function assert; - -final class PublicKeyCredentialSourceDenormalizer implements DenormalizerInterface, DenormalizerAwareInterface, NormalizerInterface, NormalizerAwareInterface +/** + * @deprecated since 5.3, use CredentialRecordDenormalizer instead. Will be removed in 6.0. + */ +class PublicKeyCredentialSourceDenormalizer extends CredentialRecordDenormalizer { - use NormalizerAwareTrait; - use DenormalizerAwareTrait; - - public function denormalize(mixed $data, string $type, ?string $format = null, array $context = []): mixed - { - $keys = ['publicKeyCredentialId', 'credentialPublicKey', 'userHandle']; - foreach ($keys as $key) { - array_key_exists($key, $data) || throw InvalidDataException::create($data, 'Missing ' . $key); - $data[$key] = Base64::decode($data[$key]); - } - - return PublicKeyCredentialSource::create( - $data['publicKeyCredentialId'], - $data['type'], - $data['transports'], - $data['attestationType'], - $this->denormalizer->denormalize($data['trustPath'], TrustPath::class, $format, $context), - Uuid::fromString($data['aaguid']), - $data['credentialPublicKey'], - $data['userHandle'], - $data['counter'], - $data['otherUI'] ?? null, - $data['backupEligible'] ?? null, - $data['backupStatus'] ?? null, - $data['uvInitialized'] ?? null, - ); - } - - public function supportsDenormalization( - mixed $data, - string $type, - ?string $format = null, - array $context = [] - ): bool { - return $type === PublicKeyCredentialSource::class; - } - - /** - * @return array - */ - public function getSupportedTypes(?string $format): array - { - return [ - PublicKeyCredentialSource::class => true, - ]; - } - - /** - * @return array - */ - public function normalize(mixed $data, ?string $format = null, array $context = []): array - { - assert($data instanceof PublicKeyCredentialSource); - $result = [ - 'publicKeyCredentialId' => Base64UrlSafe::encodeUnpadded($data->publicKeyCredentialId), - 'type' => $data->type, - 'transports' => $data->transports, - 'attestationType' => $data->attestationType, - 'trustPath' => $this->normalizer->normalize($data->trustPath, $format, $context), - 'aaguid' => $this->normalizer->normalize($data->aaguid, $format, $context), - 'credentialPublicKey' => Base64UrlSafe::encodeUnpadded($data->credentialPublicKey), - 'userHandle' => Base64UrlSafe::encodeUnpadded($data->userHandle), - 'counter' => $data->counter, - 'otherUI' => $data->otherUI, - 'backupEligible' => $data->backupEligible, - 'backupStatus' => $data->backupStatus, - 'uvInitialized' => $data->uvInitialized, - ]; - - return array_filter($result, static fn ($value): bool => $value !== null); - } - - public function supportsNormalization(mixed $data, ?string $format = null, array $context = []): bool - { - return $data instanceof PublicKeyCredentialSource; - } } diff --git a/src/webauthn/src/Denormalizer/WebauthnSerializerFactory.php b/src/webauthn/src/Denormalizer/WebauthnSerializerFactory.php index 21daf33ed..aa5beb4fd 100644 --- a/src/webauthn/src/Denormalizer/WebauthnSerializerFactory.php +++ b/src/webauthn/src/Denormalizer/WebauthnSerializerFactory.php @@ -59,7 +59,7 @@ public function create(): SerializerInterface new CollectedClientDataDenormalizer(), new PublicKeyCredentialDenormalizer(), new PublicKeyCredentialOptionsDenormalizer(), - new PublicKeyCredentialSourceDenormalizer(), + new CredentialRecordDenormalizer(), new PublicKeyCredentialRpEntityDenormalizer(), new PublicKeyCredentialUserEntityDenormalizer(), new SignalAllAcceptedCredentialsDenormalizer(), diff --git a/src/webauthn/src/Event/AuthenticatorAssertionResponseValidationFailedEvent.php b/src/webauthn/src/Event/AuthenticatorAssertionResponseValidationFailedEvent.php index 371b6ad98..24a637cfd 100644 --- a/src/webauthn/src/Event/AuthenticatorAssertionResponseValidationFailedEvent.php +++ b/src/webauthn/src/Event/AuthenticatorAssertionResponseValidationFailedEvent.php @@ -6,13 +6,13 @@ use Throwable; use Webauthn\AuthenticatorAssertionResponse; +use Webauthn\CredentialRecord; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; readonly class AuthenticatorAssertionResponseValidationFailedEvent { public function __construct( - public PublicKeyCredentialSource $credentialSource, + public CredentialRecord $credentialRecord, public AuthenticatorAssertionResponse $authenticatorAssertionResponse, public PublicKeyCredentialRequestOptions $publicKeyCredentialRequestOptions, public string $host, diff --git a/src/webauthn/src/Event/AuthenticatorAssertionResponseValidationSucceededEvent.php b/src/webauthn/src/Event/AuthenticatorAssertionResponseValidationSucceededEvent.php index d77972984..6bc0b955b 100644 --- a/src/webauthn/src/Event/AuthenticatorAssertionResponseValidationSucceededEvent.php +++ b/src/webauthn/src/Event/AuthenticatorAssertionResponseValidationSucceededEvent.php @@ -5,8 +5,8 @@ namespace Webauthn\Event; use Webauthn\AuthenticatorAssertionResponse; +use Webauthn\CredentialRecord; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; class AuthenticatorAssertionResponseValidationSucceededEvent { @@ -15,7 +15,7 @@ public function __construct( public readonly PublicKeyCredentialRequestOptions $publicKeyCredentialRequestOptions, public readonly string $host, public readonly ?string $userHandle, - public readonly PublicKeyCredentialSource $publicKeyCredentialSource + public readonly CredentialRecord $credentialRecord ) { } } diff --git a/src/webauthn/src/Event/AuthenticatorAttestationResponseValidationSucceededEvent.php b/src/webauthn/src/Event/AuthenticatorAttestationResponseValidationSucceededEvent.php index be5604d52..02f7fd607 100644 --- a/src/webauthn/src/Event/AuthenticatorAttestationResponseValidationSucceededEvent.php +++ b/src/webauthn/src/Event/AuthenticatorAttestationResponseValidationSucceededEvent.php @@ -5,8 +5,8 @@ namespace Webauthn\Event; use Webauthn\AuthenticatorAttestationResponse; +use Webauthn\CredentialRecord; use Webauthn\PublicKeyCredentialCreationOptions; -use Webauthn\PublicKeyCredentialSource; readonly class AuthenticatorAttestationResponseValidationSucceededEvent { @@ -14,7 +14,7 @@ public function __construct( public AuthenticatorAttestationResponse $authenticatorAttestationResponse, public PublicKeyCredentialCreationOptions $publicKeyCredentialCreationOptions, public string $host, - public PublicKeyCredentialSource $publicKeyCredentialSource + public CredentialRecord $credentialRecord ) { } } diff --git a/src/webauthn/src/PublicKeyCredentialSource.php b/src/webauthn/src/PublicKeyCredentialSource.php index bbf6a107b..cf629bbf9 100644 --- a/src/webauthn/src/PublicKeyCredentialSource.php +++ b/src/webauthn/src/PublicKeyCredentialSource.php @@ -9,30 +9,11 @@ /** * @see https://www.w3.org/TR/webauthn/#iface-pkcredential + * + * @deprecated since 5.3, use CredentialRecord instead. Will be removed in 6.0. */ -class PublicKeyCredentialSource +class PublicKeyCredentialSource extends CredentialRecord { - /** - * @param string[] $transports - * @param array|null $otherUI - */ - public function __construct( - public string $publicKeyCredentialId, - public string $type, - public array $transports, - public string $attestationType, - public TrustPath $trustPath, - public Uuid $aaguid, - public string $credentialPublicKey, - public string $userHandle, - public int $counter, - public ?array $otherUI = null, - public ?bool $backupEligible = null, - public ?bool $backupStatus = null, - public ?bool $uvInitialized = null, - ) { - } - /** * @param string[] $transports * @param array|null $otherUI @@ -68,14 +49,4 @@ public static function create( $uvInitialized ); } - - public function getPublicKeyCredentialDescriptor(): PublicKeyCredentialDescriptor - { - return PublicKeyCredentialDescriptor::create($this->type, $this->publicKeyCredentialId, $this->transports); - } - - public function getAttestedCredentialData(): AttestedCredentialData - { - return AttestedCredentialData::create($this->aaguid, $this->publicKeyCredentialId, $this->credentialPublicKey); - } } diff --git a/tests/framework/MockedPublicKeyCredentialSourceTrait.php b/tests/framework/MockedCredentialRecordTrait.php similarity index 77% rename from tests/framework/MockedPublicKeyCredentialSourceTrait.php rename to tests/framework/MockedCredentialRecordTrait.php index b2fef79cd..2cf295b5c 100644 --- a/tests/framework/MockedPublicKeyCredentialSourceTrait.php +++ b/tests/framework/MockedCredentialRecordTrait.php @@ -5,14 +5,14 @@ namespace Webauthn\Tests; use Symfony\Component\Uid\AbstractUid; +use Webauthn\CredentialRecord; use Webauthn\PublicKeyCredentialDescriptor; -use Webauthn\PublicKeyCredentialSource; use Webauthn\TrustPath\EmptyTrustPath; use Webauthn\TrustPath\TrustPath; -trait MockedPublicKeyCredentialSourceTrait +trait MockedCredentialRecordTrait { - protected function createPublicKeyCredentialSource( + protected function createCredentialRecord( string $id, string $userHandle, int $counter, @@ -21,8 +21,8 @@ protected function createPublicKeyCredentialSource( array $transport = [], string $attestationType = 'none', ?TrustPath $trustPath = null - ): PublicKeyCredentialSource { - return PublicKeyCredentialSource::create( + ): CredentialRecord { + return CredentialRecord::create( $id, PublicKeyCredentialDescriptor::CREDENTIAL_TYPE_PUBLIC_KEY, $transport, diff --git a/tests/library/AbstractTestCase.php b/tests/library/AbstractTestCase.php index 09bd12398..d1d0df6af 100644 --- a/tests/library/AbstractTestCase.php +++ b/tests/library/AbstractTestCase.php @@ -44,7 +44,7 @@ abstract class AbstractTestCase extends TestCase { use MockedRequestTrait; - use MockedPublicKeyCredentialSourceTrait; + use MockedCredentialRecordTrait; protected MockClock $clock; diff --git a/tests/library/Functional/AssertionTest.php b/tests/library/Functional/AssertionTest.php index 1e73f6068..4d83a6f91 100644 --- a/tests/library/Functional/AssertionTest.php +++ b/tests/library/Functional/AssertionTest.php @@ -45,7 +45,7 @@ public function anAssertionCanBeVerified(): void 'json' ); static::assertInstanceOf(AuthenticatorAssertionResponse::class, $publicKeyCredential->response); - $publicKeyCredentialSource = $this->createPublicKeyCredentialSource( + $credentialRecord = $this->createCredentialRecord( base64_decode( 'eHouz/Zi7+BmByHjJ/tx9h4a1WZsK4IzUmgGjkhyOodPGAyUqUp/B9yUkflXY3yHWsNtsrgCXQ3HjAIFUeZB+w==', true @@ -58,15 +58,15 @@ public function anAssertionCanBeVerified(): void true ) ); - $publicKeyCredentialSource = $this->getAuthenticatorAssertionResponseValidator() + $credentialRecord = $this->getAuthenticatorAssertionResponseValidator() ->check( - $publicKeyCredentialSource, + $credentialRecord, $publicKeyCredential->response, $publicKeyCredentialRequestOptions, 'localhost', 'foo' ); - static::assertSame(123, $publicKeyCredentialSource->counter); + static::assertSame(123, $credentialRecord->counter); } #[Test] @@ -94,7 +94,7 @@ public function anAssertionWithTokenBindingCanBeVerified(): void 'json' ); static::assertInstanceOf(AuthenticatorAssertionResponse::class, $publicKeyCredential->response); - $publicKeyCredentialSource = $this->createPublicKeyCredentialSource( + $credentialRecord = $this->createCredentialRecord( base64_decode( '+uZVS9+4JgjAYI49YhdzTgHmbn638+ZNSvC0UtHkWTVS+CtTjnaSbqtzdzijByOAvEAsh+TaQJAr43FRj+dYag==', true @@ -107,15 +107,15 @@ public function anAssertionWithTokenBindingCanBeVerified(): void true ) ); - $publicKeyCredentialSource = $this->getAuthenticatorAssertionResponseValidator() + $credentialRecord = $this->getAuthenticatorAssertionResponseValidator() ->check( - $publicKeyCredentialSource, + $credentialRecord, $publicKeyCredential->response, $publicKeyCredentialRequestOptions, 'localhost', 'foo' ); - static::assertSame(148, $publicKeyCredentialSource->counter); + static::assertSame(148, $credentialRecord->counter); } #[Test] @@ -143,7 +143,7 @@ public function anAssertionWithUserHandleCanBeVerified(): void 'json' ); static::assertInstanceOf(AuthenticatorAssertionResponse::class, $publicKeyCredential->response); - $publicKeyCredentialSource = $this->createPublicKeyCredentialSource( + $credentialRecord = $this->createCredentialRecord( base64_decode( 'ADqYfFWXiscOCOPCd9OLiBtSGhletNPKlSOELS0Nuwj/uCzf9s3trLUK9ockO8xa8jBAYdKixLZYOAezy0FJiV1bnTCty/LiInWWJlov', true @@ -156,15 +156,15 @@ public function anAssertionWithUserHandleCanBeVerified(): void true ) ); - $publicKeyCredentialSource = $this->getAuthenticatorAssertionResponseValidator() + $credentialRecord = $this->getAuthenticatorAssertionResponseValidator() ->check( - $publicKeyCredentialSource, + $credentialRecord, $publicKeyCredential->response, $publicKeyCredentialRequestOptions, 'spomky-webauthn.herokuapp.com', null ); - static::assertSame(1_548_765_641, $publicKeyCredentialSource->counter); + static::assertSame(1_548_765_641, $credentialRecord->counter); } #[Test] diff --git a/tests/library/Functional/AttestationTest.php b/tests/library/Functional/AttestationTest.php index 2af222293..907573d94 100644 --- a/tests/library/Functional/AttestationTest.php +++ b/tests/library/Functional/AttestationTest.php @@ -45,7 +45,7 @@ public function anAttestationSignedWithEcDSA521ShouldBeVerified(): void $publicKeyCredential = $serializer->deserialize($response, PublicKeyCredential::class, 'json'); // When - $publicKeyCredentialSource = $this->getAuthenticatorAttestationResponseValidator() + $credentialRecord = $this->getAuthenticatorAttestationResponseValidator() ->check( $publicKeyCredential->response, $publicKeyCredentialCreationOptions, @@ -53,7 +53,7 @@ public function anAttestationSignedWithEcDSA521ShouldBeVerified(): void ); // Then static::assertInstanceOf(AuthenticatorAttestationResponse::class, $publicKeyCredential->response); - static::assertSame(['usb'], $publicKeyCredentialSource->transports); + static::assertSame(['usb'], $credentialRecord->transports); $publicKeyCredentialDescriptor = $publicKeyCredential->getPublicKeyCredentialDescriptor(); static::assertSame( hex2bin('4787c0563f68b2055564bef21dfb4f7953a68e89b7c70e192caec3b7ff26cce3'), diff --git a/tests/library/Functional/CheckAllowedOriginsTest.php b/tests/library/Functional/CheckAllowedOriginsTest.php index 6db3b4535..01c9a389f 100644 --- a/tests/library/Functional/CheckAllowedOriginsTest.php +++ b/tests/library/Functional/CheckAllowedOriginsTest.php @@ -7,10 +7,10 @@ use PHPUnit\Framework\Attributes\Test; use Symfony\Component\Uid\Uuid; use Webauthn\CeremonyStep\CheckAllowedOrigins; +use Webauthn\CredentialRecord; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\PublicKeyCredential; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSource; use Webauthn\Tests\AbstractTestCase; final class CheckAllowedOriginsTest extends AbstractTestCase @@ -24,13 +24,13 @@ public function theOriginIsNotInAllowedOrigins(): void //Given $checkOrigins = new CheckAllowedOrigins(['https://example.org']); - $publicKeyCredentialSource = $this->getPublicKeyCredentialSource(); + $credentialRecord = $this->getCredentialRecord(); $publicKeyCredentialRequestOptions = $this->getPublicKeyCredentialRequestOptions(); $publicKeyCredential = $this->getPublicKeyCredential(); //When $checkOrigins->process( - $publicKeyCredentialSource, + $credentialRecord, $publicKeyCredential->response, $publicKeyCredentialRequestOptions, null, @@ -43,13 +43,13 @@ public function theOriginIsValid(): void { //Given $checkOrigins = new CheckAllowedOrigins(['https://webauthn.spomky-labs.com']); - $publicKeyCredentialSource = $this->getPublicKeyCredentialSource(); + $credentialRecord = $this->getCredentialRecord(); $publicKeyCredentialRequestOptions = $this->getPublicKeyCredentialRequestOptions(); $publicKeyCredential = $this->getPublicKeyCredential(); //When $checkOrigins->process( - $publicKeyCredentialSource, + $credentialRecord, $publicKeyCredential->response, $publicKeyCredentialRequestOptions, null, @@ -65,13 +65,13 @@ public function validSubdomainWithAllowSubdomains(): void { //Given $checkOrigins = new CheckAllowedOrigins(['spomky-labs.com'], true); - $publicKeyCredentialSource = $this->getPublicKeyCredentialSource(); + $credentialRecord = $this->getCredentialRecord(); $publicKeyCredentialRequestOptions = $this->getPublicKeyCredentialRequestOptions(); $publicKeyCredential = $this->getPublicKeyCredential(); //When $checkOrigins->process( - $publicKeyCredentialSource, + $credentialRecord, $publicKeyCredential->response, $publicKeyCredentialRequestOptions, null, @@ -91,13 +91,13 @@ public function invalidSubdomainWithoutAllowSubdomains(): void //Given $checkOrigins = new CheckAllowedOrigins(['https://spomky-labs.com']); - $publicKeyCredentialSource = $this->getPublicKeyCredentialSource(); + $credentialRecord = $this->getCredentialRecord(); $publicKeyCredentialRequestOptions = $this->getPublicKeyCredentialRequestOptions(); $publicKeyCredential = $this->getPublicKeyCredential(); //When $checkOrigins->process( - $publicKeyCredentialSource, + $credentialRecord, $publicKeyCredential->response, $publicKeyCredentialRequestOptions, null, @@ -110,13 +110,13 @@ public function emptyAllowedOriginsDefaultsToHttps(): void { //Given $checkOrigins = new CheckAllowedOrigins([]); - $publicKeyCredentialSource = $this->getPublicKeyCredentialSource(); + $credentialRecord = $this->getCredentialRecord(); $publicKeyCredentialRequestOptions = $this->getPublicKeyCredentialRequestOptions(); $publicKeyCredential = $this->getPublicKeyCredential(); //When $checkOrigins->process( - $publicKeyCredentialSource, + $credentialRecord, $publicKeyCredential->response, $publicKeyCredentialRequestOptions, null, @@ -136,13 +136,13 @@ public function emptyAllowedOriginsWithoutSubdomains(): void //Given $checkOrigins = new CheckAllowedOrigins([], false); - $publicKeyCredentialSource = $this->getPublicKeyCredentialSource(); + $credentialRecord = $this->getCredentialRecord(); $publicKeyCredentialRequestOptions = $this->getPublicKeyCredentialRequestOptions(); $publicKeyCredential = $this->getPublicKeyCredential(); //When $checkOrigins->process( - $publicKeyCredentialSource, + $credentialRecord, $publicKeyCredential->response, $publicKeyCredentialRequestOptions, null, @@ -155,13 +155,13 @@ public function emptyAllowedOriginsWithSubdomains(): void { //Given $checkOrigins = new CheckAllowedOrigins([], true); - $publicKeyCredentialSource = $this->getPublicKeyCredentialSource(); + $credentialRecord = $this->getCredentialRecord(); $publicKeyCredentialRequestOptions = $this->getPublicKeyCredentialRequestOptions(); $publicKeyCredential = $this->getPublicKeyCredential(); //When $checkOrigins->process( - $publicKeyCredentialSource, + $credentialRecord, $publicKeyCredential->response, $publicKeyCredentialRequestOptions, null, @@ -177,13 +177,13 @@ public function emptyAllowedOriginsWithoutSubdomainsAndValidHost(): void { //Given $checkOrigins = new CheckAllowedOrigins([], false); - $publicKeyCredentialSource = $this->getPublicKeyCredentialSource(); + $credentialRecord = $this->getCredentialRecord(); $publicKeyCredentialRequestOptions = $this->getPublicKeyCredentialRequestOptions(); $publicKeyCredential = $this->getPublicKeyCredential(); //When $checkOrigins->process( - $publicKeyCredentialSource, + $credentialRecord, $publicKeyCredential->response, $publicKeyCredentialRequestOptions, null, @@ -203,13 +203,13 @@ public function emptyAllowedOriginsWithSubdomainsAndInvalidHost(): void //Given $checkOrigins = new CheckAllowedOrigins([], false); - $publicKeyCredentialSource = $this->getPublicKeyCredentialSource(); + $credentialRecord = $this->getCredentialRecord(); $publicKeyCredentialRequestOptions = $this->getPublicKeyCredentialRequestOptions(); $publicKeyCredential = $this->getPublicKeyCredential(); //When $checkOrigins->process( - $publicKeyCredentialSource, + $credentialRecord, $publicKeyCredential->response, $publicKeyCredentialRequestOptions, null, @@ -217,9 +217,9 @@ public function emptyAllowedOriginsWithSubdomainsAndInvalidHost(): void ); } - private function getPublicKeyCredentialSource(): PublicKeyCredentialSource + private function getCredentialRecord(): CredentialRecord { - return $this->createPublicKeyCredentialSource( + return $this->createCredentialRecord( base64_decode( 'eHouz/Zi7+BmByHjJ/tx9h4a1WZsK4IzUmgGjkhyOodPGAyUqUp/B9yUkflXY3yHWsNtsrgCXQ3HjAIFUeZB+w==', true diff --git a/tests/library/Functional/W10Test.php b/tests/library/Functional/W10Test.php index 75e70fdb1..2f97a56cc 100644 --- a/tests/library/Functional/W10Test.php +++ b/tests/library/Functional/W10Test.php @@ -42,7 +42,7 @@ public function anAttestationCanBeVerified( $publicKeyCredential = $this->getSerializer() ->deserialize($publicKeyCredentialData, PublicKeyCredential::class, 'json'); static::assertInstanceOf(AuthenticatorAttestationResponse::class, $publicKeyCredential->response); - $publicKeyCredentialSource = $this->getAuthenticatorAttestationResponseValidator() + $credentialRecord = $this->getAuthenticatorAttestationResponseValidator() ->check($publicKeyCredential->response, $publicKeyCredentialCreationOptions, $host); $publicKeyCredentialDescriptor = $publicKeyCredential->getPublicKeyCredentialDescriptor(); static::assertSame($credentialId, $publicKeyCredential->rawId); @@ -66,9 +66,9 @@ public function anAttestationCanBeVerified( static::assertInstanceOf(AttestedCredentialData::class, $authenticatorData->attestedCredentialData); static::assertFalse($authenticatorData->hasExtensions()); if ($publicKeyCredentialCreationOptions->attestation === null || $publicKeyCredentialCreationOptions->attestation === PublicKeyCredentialCreationOptions::ATTESTATION_CONVEYANCE_PREFERENCE_NONE) { - static::assertSame($aaguid, $publicKeyCredentialSource->aaguid ->__toString()); - static::assertSame($attestationType, $publicKeyCredentialSource->attestationType); - static::assertInstanceOf($trustPath, $publicKeyCredentialSource->trustPath); + static::assertSame($aaguid, $credentialRecord->aaguid ->__toString()); + static::assertSame($attestationType, $credentialRecord->attestationType); + static::assertInstanceOf($trustPath, $credentialRecord->trustPath); } } @@ -130,7 +130,7 @@ public function anAssertionCanBeVerified(): void 'json' ); static::assertInstanceOf(AuthenticatorAssertionResponse::class, $publicKeyCredential->response); - $publicKeyCredentialSource = $this->createPublicKeyCredentialSource( + $credentialRecord = $this->createCredentialRecord( base64_decode('6oRgydKXdC3LtZBDoAXxKnWte68elEQejDrYOV9x+18=', true), 'ee13d4f1-4863-47dd-a407-097cb49ac822', 0, @@ -140,14 +140,14 @@ public function anAssertionCanBeVerified(): void true ) ); - $publicKeyCredentialSource = $this->getAuthenticatorAssertionResponseValidator() + $credentialRecord = $this->getAuthenticatorAssertionResponseValidator() ->check( - $publicKeyCredentialSource, + $credentialRecord, $publicKeyCredential->response, $publicKeyCredentialRequestOptions, 'webauthn.spomky-labs.com', 'ee13d4f1-4863-47dd-a407-097cb49ac822' ); - static::assertSame(4, $publicKeyCredentialSource->counter); + static::assertSame(4, $credentialRecord->counter); } } diff --git a/tests/library/Unit/CredentialRecordTest.php b/tests/library/Unit/CredentialRecordTest.php new file mode 100644 index 000000000..1b643034c --- /dev/null +++ b/tests/library/Unit/CredentialRecordTest.php @@ -0,0 +1,180 @@ +publicKeyCredentialId); + static::assertSame(PublicKeyCredentialDescriptor::CREDENTIAL_TYPE_PUBLIC_KEY, $credentialRecord->type); + static::assertSame($transports, $credentialRecord->transports); + static::assertSame('none', $credentialRecord->attestationType); + static::assertInstanceOf(EmptyTrustPath::class, $credentialRecord->trustPath); + static::assertSame($aaguid, $credentialRecord->aaguid); + static::assertSame($publicKey, $credentialRecord->credentialPublicKey); + static::assertSame($userHandle, $credentialRecord->userHandle); + static::assertSame($counter, $credentialRecord->counter); + } + + #[Test] + public function aCredentialRecordCanBeSerializedAndDeserialized(): void + { + $credentialId = 'credential-id'; + $userHandle = 'user-handle'; + $counter = 10; + $aaguid = Uuid::v4(); + $publicKey = 'public-key'; + $transports = ['usb', 'nfc']; + + $credentialRecord = CredentialRecord::create( + $credentialId, + PublicKeyCredentialDescriptor::CREDENTIAL_TYPE_PUBLIC_KEY, + $transports, + 'none', + EmptyTrustPath::create(), + $aaguid, + $publicKey, + $userHandle, + $counter, + null, + true, + false, + true + ); + + $json = $this->getSerializer() + ->serialize($credentialRecord, 'json', [ + AbstractObjectNormalizer::SKIP_NULL_VALUES => true, + ]); + + $deserialized = $this->getSerializer() + ->deserialize($json, CredentialRecord::class, 'json'); + + static::assertInstanceOf(CredentialRecord::class, $deserialized); + static::assertSame($credentialId, $deserialized->publicKeyCredentialId); + static::assertSame($userHandle, $deserialized->userHandle); + static::assertSame($counter, $deserialized->counter); + static::assertTrue($deserialized->backupEligible); + static::assertFalse($deserialized->backupStatus); + static::assertTrue($deserialized->uvInitialized); + } + + #[Test] + public function publicKeyCredentialSourceIsCompatibleWithCredentialRecord(): void + { + $credentialId = 'credential-id'; + $userHandle = 'user-handle'; + $counter = 10; + $aaguid = Uuid::v4(); + $publicKey = 'public-key'; + + $credentialRecord = PublicKeyCredentialSource::create( + $credentialId, + PublicKeyCredentialDescriptor::CREDENTIAL_TYPE_PUBLIC_KEY, + [], + 'none', + EmptyTrustPath::create(), + $aaguid, + $publicKey, + $userHandle, + $counter + ); + + // PublicKeyCredentialSource should extend CredentialRecord + static::assertInstanceOf(CredentialRecord::class, $credentialRecord); + static::assertInstanceOf(PublicKeyCredentialSource::class, $credentialRecord); + } + + #[Test] + public function credentialRecordCanGetPublicKeyCredentialDescriptor(): void + { + $credentialId = 'credential-id'; + $userHandle = 'user-handle'; + $counter = 10; + $aaguid = Uuid::v4(); + $publicKey = 'public-key'; + $transports = ['usb', 'nfc']; + + $credentialRecord = CredentialRecord::create( + $credentialId, + PublicKeyCredentialDescriptor::CREDENTIAL_TYPE_PUBLIC_KEY, + $transports, + 'none', + EmptyTrustPath::create(), + $aaguid, + $publicKey, + $userHandle, + $counter + ); + + $descriptor = $credentialRecord->getPublicKeyCredentialDescriptor(); + + static::assertInstanceOf(PublicKeyCredentialDescriptor::class, $descriptor); + static::assertSame(PublicKeyCredentialDescriptor::CREDENTIAL_TYPE_PUBLIC_KEY, $descriptor->type); + static::assertSame($credentialId, $descriptor->id); + static::assertSame($transports, $descriptor->transports); + } + + #[Test] + public function credentialRecordCanGetAttestedCredentialData(): void + { + $credentialId = 'credential-id'; + $userHandle = 'user-handle'; + $counter = 10; + $aaguid = Uuid::v4(); + $publicKey = 'public-key'; + + $credentialRecord = CredentialRecord::create( + $credentialId, + PublicKeyCredentialDescriptor::CREDENTIAL_TYPE_PUBLIC_KEY, + [], + 'none', + EmptyTrustPath::create(), + $aaguid, + $publicKey, + $userHandle, + $counter + ); + + $attestedCredentialData = $credentialRecord->getAttestedCredentialData(); + + static::assertSame($aaguid, $attestedCredentialData->aaguid); + static::assertSame($credentialId, $attestedCredentialData->credentialId); + static::assertSame($publicKey, $attestedCredentialData->credentialPublicKey); + } +} diff --git a/tests/symfony/config/config.yml b/tests/symfony/config/config.yml index 295908256..d69eec3a8 100644 --- a/tests/symfony/config/config.yml +++ b/tests/symfony/config/config.yml @@ -47,7 +47,7 @@ services: Webauthn\Tests\Bundle\Functional\PublicKeyCredentialUserEntityRepository: autowire: true - Webauthn\Tests\Bundle\Functional\PublicKeyCredentialSourceRepository: + Webauthn\Tests\Bundle\Functional\CredentialRecordRepository: autowire: true Webauthn\Tests\Bundle\Functional\UserProvider: @@ -116,7 +116,7 @@ doctrine: alias: App webauthn: - credential_repository: 'Webauthn\Tests\Bundle\Functional\PublicKeyCredentialSourceRepository' + credential_repository: 'Webauthn\Tests\Bundle\Functional\CredentialRecordRepository' user_repository: 'Webauthn\Tests\Bundle\Functional\PublicKeyCredentialUserEntityRepository' options_storage: 'Webauthn\Tests\Bundle\Functional\CustomSessionStorage' allowed_origins: diff --git a/tests/symfony/functional/Assertion/AssertionTest.php b/tests/symfony/functional/Assertion/AssertionTest.php index c97c98d41..5ec63b1a8 100644 --- a/tests/symfony/functional/Assertion/AssertionTest.php +++ b/tests/symfony/functional/Assertion/AssertionTest.php @@ -10,7 +10,7 @@ use Webauthn\AuthenticationExtensions\AuthenticationExtensions; use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAssertionResponseValidator; -use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; +use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface; use Webauthn\Bundle\Service\PublicKeyCredentialRequestOptionsFactory; use Webauthn\PublicKeyCredential; use Webauthn\PublicKeyCredentialDescriptor; @@ -54,8 +54,8 @@ public function anAssertionResponseCanBeLoadedAndVerified(): void PublicKeyCredential::class, 'json' ); - $publicKeyCredentialSource = self::getContainer()->get( - PublicKeyCredentialSourceRepositoryInterface::class + $credentialRecord = self::getContainer()->get( + CredentialRecordRepositoryInterface::class )->findOneByCredentialId($publicKeyCredential->rawId); $descriptor = $publicKeyCredential->getPublicKeyCredentialDescriptor(); static::assertSame(PublicKeyCredentialDescriptor::CREDENTIAL_TYPE_PUBLIC_KEY, $descriptor->type); @@ -71,7 +71,7 @@ public function anAssertionResponseCanBeLoadedAndVerified(): void static::assertInstanceOf(AuthenticatorAssertionResponse::class, $response); static::assertNull($response->userHandle); self::getContainer()->get(AuthenticatorAssertionResponseValidator::class)->check( - $publicKeyCredentialSource, + $credentialRecord, $publicKeyCredential->response, $publicKeyCredentialRequestOptions, 'localhost', diff --git a/tests/symfony/functional/Attestation/AdditionalAuthenticatorTest.php b/tests/symfony/functional/Attestation/AdditionalAuthenticatorTest.php index a06a756a4..ff44a6b89 100644 --- a/tests/symfony/functional/Attestation/AdditionalAuthenticatorTest.php +++ b/tests/symfony/functional/Attestation/AdditionalAuthenticatorTest.php @@ -20,8 +20,8 @@ use Webauthn\PublicKeyCredentialParameters; use Webauthn\PublicKeyCredentialRpEntity; use Webauthn\PublicKeyCredentialUserEntity; +use Webauthn\Tests\Bundle\Functional\CredentialRecordRepository; use Webauthn\Tests\Bundle\Functional\CustomSessionStorage; -use Webauthn\Tests\Bundle\Functional\PublicKeyCredentialSourceRepository; use Webauthn\Tests\Bundle\Functional\User; use Webauthn\Tests\Bundle\Functional\WebauthnTestCase; use function base64_decode; @@ -84,9 +84,9 @@ public function withTheOptionAnExistingUserCanRegisterNewAnotherAuthenticator(): $client = static::createClient([], [ 'HTTPS' => 'on', ]); - /** @var PublicKeyCredentialSourceRepository $publicKeyCredentialSourceRepository */ - $publicKeyCredentialSourceRepository = $client->getContainer() - ->get(PublicKeyCredentialSourceRepository::class); + /** @var CredentialRecordRepository $credentialRecordRepository */ + $credentialRecordRepository = $client->getContainer() + ->get(CredentialRecordRepository::class); $this->logIn($client); $publicKeyCredentialUserEntity = PublicKeyCredentialUserEntity::create('test@foo.com', random_bytes( @@ -108,12 +108,12 @@ public function withTheOptionAnExistingUserCanRegisterNewAnotherAuthenticator(): $publicKeyCredentialCreationOptions, $publicKeyCredentialCreationOptions->user )); - $publicKeyCredentialSourceRepository->removeCredentialWithId( + $credentialRecordRepository->removeCredentialWithId( 'mMihuIx9LukswxBOMjMHDf6EAONOy7qdWhaQQ7dOtViR2cVB_MNbZxURi2cvgSvKSILb3mISe9lPNG9sYgojuY5iNinYOg6hRVxmm0VssuNG2pm1-RIuTF9DUtEJZEEK' ); $numberOfRegisteredCredentials = count( - $publicKeyCredentialSourceRepository->findAllForUserEntity($publicKeyCredentialCreationOptions->user) + $credentialRecordRepository->findAllForUserEntity($publicKeyCredentialCreationOptions->user) ); $body = '{"id":"mMihuIx9LukswxBOMjMHDf6EAONOy7qdWhaQQ7dOtViR2cVB_MNbZxURi2cvgSvKSILb3mISe9lPNG9sYgojuY5iNinYOg6hRVxmm0VssuNG2pm1-RIuTF9DUtEJZEEK","type":"public-key","rawId":"mMihuIx9LukswxBOMjMHDf6EAONOy7qdWhaQQ7dOtViR2cVB/MNbZxURi2cvgSvKSILb3mISe9lPNG9sYgojuY5iNinYOg6hRVxmm0VssuNG2pm1+RIuTF9DUtEJZEEK","response":{"clientDataJSON":"eyJjaGFsbGVuZ2UiOiI5V3FncFJJWXZHTUNVWWlGVDIwbzFVN2hTRDE5M2sxMXp1NHRLUDd3UmNyRTI2enMxemM0TEh5UGludlBHUzg2d3U2YkR2cHdidDhYcDJiUTNWQlJTUSIsImNsaWVudEV4dGVuc2lvbnMiOnt9LCJoYXNoQWxnb3JpdGhtIjoiU0hBLTI1NiIsIm9yaWdpbiI6Imh0dHBzOi8vbG9jYWxob3N0Ojg0NDMiLCJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIn0","attestationObject":"o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YVjkSZYN5YgOjGh0NBcPZHZgW4/krrmihjLHmVzzuoMdl2NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJjIobiMfS7pLMMQTjIzBw3+hADjTsu6nVoWkEO3TrVYkdnFQfzDW2cVEYtnL4ErykiC295iEnvZTzRvbGIKI7mOYjYp2DoOoUVcZptFbLLjRtqZtfkSLkxfQ1LRCWRBCqUBAgMmIAEhWCAcPxwKyHADVjTgTsat4R/Jax6PWte50A8ZasMm4w6RxCJYILt0FCiGwC6rBrh3ySNy0yiUjZpNGAhW+aM9YYyYnUTJ"}}'; $client->request( @@ -139,7 +139,7 @@ public function withTheOptionAnExistingUserCanRegisterNewAnotherAuthenticator(): static::assertSame('ok', $data['status']); $newNumberOfRegisteredCredentials = count( - $publicKeyCredentialSourceRepository->findAllForUserEntity($publicKeyCredentialCreationOptions->user) + $credentialRecordRepository->findAllForUserEntity($publicKeyCredentialCreationOptions->user) ); static::assertSame($numberOfRegisteredCredentials + 1, $newNumberOfRegisteredCredentials); } diff --git a/tests/symfony/functional/Attestation/AttestationTest.php b/tests/symfony/functional/Attestation/AttestationTest.php index 32d61c4c0..9d64d9ae4 100644 --- a/tests/symfony/functional/Attestation/AttestationTest.php +++ b/tests/symfony/functional/Attestation/AttestationTest.php @@ -17,7 +17,7 @@ use Webauthn\PublicKeyCredentialDescriptor; use Webauthn\PublicKeyCredentialRpEntity; use Webauthn\PublicKeyCredentialUserEntity; -use Webauthn\Tests\Bundle\Functional\PublicKeyCredentialSourceRepository; +use Webauthn\Tests\Bundle\Functional\CredentialRecordRepository; use Webauthn\Tests\MockedRequestTrait; use Webauthn\TrustPath\CertificateTrustPath; use Webauthn\TrustPath\EmptyTrustPath; @@ -34,7 +34,7 @@ final class AttestationTest extends KernelTestCase public function foo(): void { self::bootKernel(); - self::$kernel->getContainer()->get(PublicKeyCredentialSourceRepository::class)->clearCredentials(); + self::$kernel->getContainer()->get(CredentialRecordRepository::class)->clearCredentials(); $publicKeyCredentialCreationOptions = PublicKeyCredentialCreationOptions::create( PublicKeyCredentialRpEntity::create(), PublicKeyCredentialUserEntity::create( @@ -72,7 +72,7 @@ public function foo(): void public function anAttestationResponseCanBeLoadedAndVerified(): void { self::bootKernel(); - self::$kernel->getContainer()->get(PublicKeyCredentialSourceRepository::class)->clearCredentials(); + self::$kernel->getContainer()->get(CredentialRecordRepository::class)->clearCredentials(); $publicKeyCredentialCreationOptions = PublicKeyCredentialCreationOptions::create( PublicKeyCredentialRpEntity::create(), PublicKeyCredentialUserEntity::create( @@ -161,7 +161,7 @@ public function eddsa(): void $serializer = self::getContainer()->get(SerializerInterface::class); self::bootKernel(); - self::$kernel->getContainer()->get(PublicKeyCredentialSourceRepository::class)->clearCredentials(); + self::$kernel->getContainer()->get(CredentialRecordRepository::class)->clearCredentials(); $options = '{"status":"ok","errorMessage":"","rp":{"name":"Webauthn Demo","id":"webauthn.spomky-labs.com"},"pubKeyCredParams":[{"type":"public-key","alg":-8},{"type":"public-key","alg":-7},{"type":"public-key","alg":-43},{"type":"public-key","alg":-35},{"type":"public-key","alg":-36},{"type":"public-key","alg":-257},{"type":"public-key","alg":-258},{"type":"public-key","alg":-259},{"type":"public-key","alg":-37},{"type":"public-key","alg":-38},{"type":"public-key","alg":-39}],"challenge":"EhNVt3T8V12FJvSAc50nhKnZ-MEc-kf84xepDcGyN1g","attestation":"direct","user":{"name":"XY5nn3p_6olTLjoB2Jbb","id":"OTI5ZmJhMmYtMjM2MS00YmM2LWE5MTctYmI3NmFhMTRjN2Y5","displayName":"Bennie Moneypenny"},"authenticatorSelection":{"userVerification":"preferred"},"timeout":60000}'; $publicKeyCredentialCreationOptions = $serializer->deserialize( $options, diff --git a/tests/symfony/functional/PublicKeyCredentialSourceRepository.php b/tests/symfony/functional/CredentialRecordRepository.php similarity index 77% rename from tests/symfony/functional/PublicKeyCredentialSourceRepository.php rename to tests/symfony/functional/CredentialRecordRepository.php index e25e76f51..63e42e19b 100644 --- a/tests/symfony/functional/PublicKeyCredentialSourceRepository.php +++ b/tests/symfony/functional/CredentialRecordRepository.php @@ -9,18 +9,18 @@ use Symfony\Component\Uid\Uuid; use Webauthn\AttestationStatement\AttestationStatement; use Webauthn\Bundle\Repository\CanSaveCredentialSource; -use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; +use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface; +use Webauthn\CredentialRecord; use Webauthn\PublicKeyCredentialDescriptor; -use Webauthn\PublicKeyCredentialSource; use Webauthn\PublicKeyCredentialUserEntity; use Webauthn\TrustPath\EmptyTrustPath; -final readonly class PublicKeyCredentialSourceRepository implements PublicKeyCredentialSourceRepositoryInterface, CanSaveCredentialSource +final readonly class CredentialRecordRepository implements CredentialRecordRepositoryInterface, CanSaveCredentialSource { public function __construct( private CacheItemPoolInterface $cacheItemPool ) { - $publicKeyCredentialSource1 = PublicKeyCredentialSource::create( + $credentialRecord1 = CredentialRecord::create( base64_decode( 'eHouz/Zi7+BmByHjJ/tx9h4a1WZsK4IzUmgGjkhyOodPGAyUqUp/B9yUkflXY3yHWsNtsrgCXQ3HjAIFUeZB+w==', true @@ -37,8 +37,8 @@ public function __construct( 'foo', 100 ); - $this->saveCredentialSource($publicKeyCredentialSource1); - $publicKeyCredentialSource2 = PublicKeyCredentialSource::create( + $this->saveCredentialSource($credentialRecord1); + $credentialRecord2 = CredentialRecord::create( base64_decode( 'Ac8zKrpVWv9UCwxY1FyMqkESz2lV4CNwTk2+Hp19LgKbvh5uQ2/i6AMbTbTz1zcNapCEeiLJPlAAVM4L7AIow6I=', true @@ -55,7 +55,7 @@ public function __construct( '929fba2f-2361-4bc6-a917-bb76aa14c7f9', 100 ); - $this->saveCredentialSource($publicKeyCredentialSource2); + $this->saveCredentialSource($credentialRecord2); } public function ensureCredentialNotExist(string $publicKeyCredentialId): void @@ -63,7 +63,7 @@ public function ensureCredentialNotExist(string $publicKeyCredentialId): void $this->cacheItemPool->deleteItem('pks-' . Base64UrlSafe::encodeUnpadded($publicKeyCredentialId)); } - public function findOneByCredentialId(string $publicKeyCredentialId): ?PublicKeyCredentialSource + public function findOneByCredentialId(string $publicKeyCredentialId): ?CredentialRecord { $item = $this->cacheItemPool->getItem('pks-' . Base64UrlSafe::encodeUnpadded($publicKeyCredentialId)); if (! $item->isHit()) { @@ -90,22 +90,22 @@ public function clearCredentials(): void $this->cacheItemPool->clear(); } - public function saveCredentialSource(PublicKeyCredentialSource $publicKeyCredentialSource): void + public function saveCredentialSource(CredentialRecord $credentialRecord): void { $item = $this->cacheItemPool->getItem( - 'pks-' . Base64UrlSafe::encodeUnpadded($publicKeyCredentialSource->publicKeyCredentialId) + 'pks-' . Base64UrlSafe::encodeUnpadded($credentialRecord->publicKeyCredentialId) ); - $item->set($publicKeyCredentialSource); + $item->set($credentialRecord); $this->cacheItemPool->save($item); $item = $this->cacheItemPool->getItem( - 'user-pks-' . Base64UrlSafe::encodeUnpadded($publicKeyCredentialSource->userHandle) + 'user-pks-' . Base64UrlSafe::encodeUnpadded($credentialRecord->userHandle) ); $pks = []; if ($item->isHit()) { $pks = $item->get(); } - $pks[] = $publicKeyCredentialSource; + $pks[] = $credentialRecord; $item->set($pks); $this->cacheItemPool->save($item); } diff --git a/tests/symfony/functional/Firewall/RegistrationAreaTest.php b/tests/symfony/functional/Firewall/RegistrationAreaTest.php index f9285b39f..84c0c107d 100644 --- a/tests/symfony/functional/Firewall/RegistrationAreaTest.php +++ b/tests/symfony/functional/Firewall/RegistrationAreaTest.php @@ -12,8 +12,8 @@ use Webauthn\PublicKeyCredentialParameters; use Webauthn\PublicKeyCredentialRpEntity; use Webauthn\PublicKeyCredentialUserEntity; +use Webauthn\Tests\Bundle\Functional\CredentialRecordRepository; use Webauthn\Tests\Bundle\Functional\CustomSessionStorage; -use Webauthn\Tests\Bundle\Functional\PublicKeyCredentialSourceRepository; use Webauthn\Tests\Bundle\Functional\PublicKeyCredentialUserEntityRepository; use Webauthn\Tests\Bundle\Functional\User; use Webauthn\Tests\Bundle\Functional\WebauthnTestCase; @@ -254,7 +254,7 @@ public function aValidRegistrationResultRequestIsCorrectlyManaged(): void 'HTTPS' => 'on', ]); $pkcsRepository = $client->getContainer() - ->get(PublicKeyCredentialSourceRepository::class); + ->get(CredentialRecordRepository::class); $pkcsRepository->clearCredentials(); $storage = static::getContainer()->get(CustomSessionStorage::class); diff --git a/tests/symfony/functional/Firewall/SecuredAreaTest.php b/tests/symfony/functional/Firewall/SecuredAreaTest.php index 88fb5dec5..6907f78b3 100644 --- a/tests/symfony/functional/Firewall/SecuredAreaTest.php +++ b/tests/symfony/functional/Firewall/SecuredAreaTest.php @@ -8,7 +8,7 @@ use PHPUnit\Framework\Attributes\Test; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Serializer\SerializerInterface; -use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; +use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface; use Webauthn\Bundle\Security\Storage\Item; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialDescriptor; @@ -163,7 +163,7 @@ public function aUserCanBeRegistered(): void $client->disableReboot(); $userEntityRepository = static::getContainer()->get(PublicKeyCredentialUserEntityRepository::class); $userEntityRepository->ensureUserDoesNotExist('john'); - $credentialRepository = static::getContainer()->get(PublicKeyCredentialSourceRepositoryInterface::class); + $credentialRepository = static::getContainer()->get(CredentialRecordRepositoryInterface::class); $credentialRepository->ensureCredentialNotExist( base64_decode('WT7a99M1zA3XUBBvEwXqPzP0C3zNoS/SpmMpv2sG2YM=', true) );