PKCS => Credential Record

src/symfony/src/Controller/AssertionControllerFactory.php

@@ -1,3 +1,3 @@
 <?php
 
 declare(strict_types=1);
@@ -10,7 +10,7 @@
 use Symfony\Component\Serializer\SerializerInterface;
 use Webauthn\AuthenticatorAssertionResponseValidator;
 use Webauthn\Bundle\CredentialOptionsBuilder\PublicKeyCredentialRequestOptionsBuilder;
-use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface;
+use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface;
 use Webauthn\Bundle\Security\Handler\FailureHandler;
 use Webauthn\Bundle\Security\Handler\RequestOptionsHandler;
 use Webauthn\Bundle\Security\Handler\SuccessHandler;
@@ -25,7 +25,7 @@
         private readonly SerializerInterface $serializer,
         private readonly OptionsStorage $optionStorage,
         private readonly AuthenticatorAssertionResponseValidator $authenticatorAssertionResponseValidator,
-        private readonly PublicKeyCredentialSourceRepositoryInterface $publicKeyCredentialSourceRepository,
+        private readonly CredentialRecordRepositoryInterface $credentialRecordRepository,
     ) {
         $this->logger = new NullLogger();
     }
@@ -77,7 +77,7 @@
             $optionStorage ?? $this->optionStorage,
             $successHandler,
             $failureHandler,
-            $this->publicKeyCredentialSourceRepository
+            $this->credentialRecordRepository
         );
     }
 }

src/symfony/src/Controller/AssertionResponseController.php

@@ -1,3 +1,3 @@
 <?php
 
 declare(strict_types=1);
@@ -14,7 +14,7 @@
 use Throwable;
 use Webauthn\AuthenticatorAssertionResponse;
 use Webauthn\AuthenticatorAssertionResponseValidator;
-use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface;
+use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface;
 use Webauthn\Bundle\Security\Handler\FailureHandler;
 use Webauthn\Bundle\Security\Handler\SuccessHandler;
 use Webauthn\Bundle\Security\Storage\OptionsStorage;
@@ -31,7 +31,7 @@
         private OptionsStorage $optionsStorage,
         private SuccessHandler $successHandler,
         private FailureHandler|AuthenticationFailureHandlerInterface $failureHandler,
-        private PublicKeyCredentialSourceRepositoryInterface $publicKeyCredentialSourceRepository
+        private CredentialRecordRepositoryInterface $credentialRecordRepository
     ) {
     }
 
@@ -57,15 +57,15 @@
                 'Invalid response'
             );
             $userEntity = $data->getPublicKeyCredentialUserEntity();
-            $publicKeyCredentialSource = $this->publicKeyCredentialSourceRepository->findOneByCredentialId(
+            $credentialRecord = $this->credentialRecordRepository->findOneByCredentialId(
                 $publicKeyCredential->rawId
             );
-            $publicKeyCredentialSource !== null || throw AuthenticatorResponseVerificationException::create(
+            $credentialRecord !== null || throw AuthenticatorResponseVerificationException::create(
                 'The credential ID is invalid.'
             );
 
             $this->assertionResponseValidator->check(
-                $publicKeyCredentialSource,
+                $credentialRecord,
                 $response,
                 $publicKeyCredentialRequestOptions,
                 $request->getHost(),

src/symfony/src/Controller/AttestationControllerFactory.php

@@ -1,3 +1,3 @@
 <?php
 
 declare(strict_types=1);
@@ -8,7 +8,7 @@
 use Symfony\Component\Serializer\SerializerInterface;
 use Webauthn\AuthenticatorAttestationResponseValidator;
 use Webauthn\Bundle\CredentialOptionsBuilder\PublicKeyCredentialCreationOptionsBuilder;
-use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface;
+use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface;
 use Webauthn\Bundle\Security\Guesser\UserEntityGuesser;
 use Webauthn\Bundle\Security\Handler\CreationOptionsHandler;
 use Webauthn\Bundle\Security\Handler\FailureHandler;
@@ -21,7 +21,7 @@
         private OptionsStorage $optionStorage,
         private SerializerInterface $serializer,
         private AuthenticatorAttestationResponseValidator $attestationResponseValidator,
-        private PublicKeyCredentialSourceRepositoryInterface $publicKeyCredentialSourceRepository
+        private CredentialRecordRepositoryInterface $credentialRecordRepository
     ) {
     }
 
@@ -66,7 +66,7 @@
         return new AttestationResponseController(
             $this->serializer,
             $attestationResponseValidator ?? $this->attestationResponseValidator,
-            $this->publicKeyCredentialSourceRepository,
+            $this->credentialRecordRepository,
             $optionStorage ?? $this->optionStorage,
             $successHandler,
             $failureHandler,

src/symfony/src/Controller/AttestationResponseController.php

@@ -1,3 +1,3 @@
 <?php
 
 declare(strict_types=1);
@@ -15,8 +15,8 @@
 use Webauthn\AuthenticatorAttestationResponseValidator;
 use Webauthn\Bundle\Exception\HttpNotImplementedException;
 use Webauthn\Bundle\Exception\MissingFeatureException;
-use Webauthn\Bundle\Repository\CanSaveCredentialSource;
-use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface;
+use Webauthn\Bundle\Repository\CanSaveCredentialRecord;
+use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface;
 use Webauthn\Bundle\Security\Handler\FailureHandler;
 use Webauthn\Bundle\Security\Handler\SuccessHandler;
 use Webauthn\Bundle\Security\Storage\OptionsStorage;
@@ -29,7 +29,7 @@
     public function __construct(
         private SerializerInterface $publicKeyCredentialLoader,
         private AuthenticatorAttestationResponseValidator $attestationResponseValidator,
-        private PublicKeyCredentialSourceRepositoryInterface $credentialSourceRepository,
+        private CredentialRecordRepositoryInterface $credentialRecordRepository,
         private OptionsStorage $optionStorage,
         private SuccessHandler $successHandler,
         private FailureHandler|AuthenticationFailureHandlerInterface $failureHandler,
@@ -39,7 +39,7 @@
     public function __invoke(Request $request): Response
     {
         try {
-            if (! $this->credentialSourceRepository instanceof CanSaveCredentialSource) {
+            if (! $this->credentialRecordRepository instanceof CanSaveCredentialRecord) {
                 throw MissingFeatureException::create('Unable to register the credential.');
             }
             $format = $request->getContentTypeFormat();
@@ -63,17 +63,17 @@
             $userEntity instanceof PublicKeyCredentialUserEntity || throw new BadRequestHttpException(
                 'Unable to find the public key credential user entity'
             );
-            $credentialSource = $this->attestationResponseValidator->check(
+            $credentialRecord = $this->attestationResponseValidator->check(
                 $response,
                 $publicKeyCredentialCreationOptions,
                 $request->getHost(),
             );
-            if ($this->credentialSourceRepository->findOneByCredentialId(
-                $credentialSource->publicKeyCredentialId
+            if ($this->credentialRecordRepository->findOneByCredentialId(
+                $credentialRecord->publicKeyCredentialId
             ) !== null) {
                 throw new BadRequestHttpException('The credentials already exists');
             }
-            $this->credentialSourceRepository->saveCredentialSource($credentialSource);
+            $this->credentialRecordRepository->saveCredentialSource($credentialRecord);
             return $this->successHandler->onSuccess($request);
         } catch (Throwable $throwable) {
             if ($throwable instanceof MissingFeatureException) {

src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php

@@ -14,11 +14,11 @@
 use Webauthn\AuthenticationExtensions\AuthenticationExtensions;
 use Webauthn\AuthenticatorSelectionCriteria;
 use Webauthn\Bundle\Dto\PublicKeyCredentialCreationOptionsRequest;
-use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface;
+use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface;
 use Webauthn\Bundle\Service\PublicKeyCredentialCreationOptionsFactory;
+use Webauthn\CredentialRecord;
 use Webauthn\PublicKeyCredentialCreationOptions;
 use Webauthn\PublicKeyCredentialDescriptor;
-use Webauthn\PublicKeyCredentialSource;
 use Webauthn\PublicKeyCredentialUserEntity;
 use function count;
 use function is_array;
@@ -28,7 +28,7 @@
     public function __construct(
         private SerializerInterface $serializer,
         private ValidatorInterface $validator,
-        private PublicKeyCredentialSourceRepositoryInterface $credentialSourceRepository,
+        private CredentialRecordRepositoryInterface $credentialRecordRepository,
         private PublicKeyCredentialCreationOptionsFactory $publicKeyCredentialCreationOptionsFactory,
         private string $profile,
     ) {
@@ -79,11 +79,11 @@ public function getFromRequest(
      */
     private function getCredentials(PublicKeyCredentialUserEntity $userEntity): array
     {
-        $credentialSources = $this->credentialSourceRepository->findAllForUserEntity($userEntity);
+        $credentialRecords = $this->credentialRecordRepository->findAllForUserEntity($userEntity);
 
         return array_map(
-            static fn (PublicKeyCredentialSource $credential): PublicKeyCredentialDescriptor => $credential->getPublicKeyCredentialDescriptor(),
-            $credentialSources
+            static fn (CredentialRecord $credential): PublicKeyCredentialDescriptor => $credential->getPublicKeyCredentialDescriptor(),
+            $credentialRecords
         );
     }
 

src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php

@@ -13,13 +13,13 @@
 use Webauthn\AuthenticationExtensions\AuthenticationExtension;
 use Webauthn\AuthenticationExtensions\AuthenticationExtensions;
 use Webauthn\Bundle\Dto\ServerPublicKeyCredentialRequestOptionsRequest;
-use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface;
+use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface;
 use Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepositoryInterface;
 use Webauthn\Bundle\Service\PublicKeyCredentialRequestOptionsFactory;
+use Webauthn\CredentialRecord;
 use Webauthn\FakeCredentialGenerator;
 use Webauthn\PublicKeyCredentialDescriptor;
 use Webauthn\PublicKeyCredentialRequestOptions;
-use Webauthn\PublicKeyCredentialSource;
 use Webauthn\PublicKeyCredentialUserEntity;
 use function count;
 use function is_array;
@@ -30,7 +30,7 @@ public function __construct(
         private SerializerInterface $serializer,
         private ValidatorInterface $validator,
         private PublicKeyCredentialUserEntityRepositoryInterface $userEntityRepository,
-        private PublicKeyCredentialSourceRepositoryInterface $credentialSourceRepository,
+        private CredentialRecordRepositoryInterface $credentialRecordRepository,
         private PublicKeyCredentialRequestOptionsFactory $publicKeyCredentialRequestOptionsFactory,
         private string $profile,
         private null|FakeCredentialGenerator $fakeCredentialGenerator = null,
@@ -82,11 +82,11 @@ public function getFromRequest(
      */
     private function getCredentials(PublicKeyCredentialUserEntity $userEntity): array
     {
-        $credentialSources = $this->credentialSourceRepository->findAllForUserEntity($userEntity);
+        $credentialRecords = $this->credentialRecordRepository->findAllForUserEntity($userEntity);
 
         return array_map(
-            static fn (PublicKeyCredentialSource $credential): PublicKeyCredentialDescriptor => $credential->getPublicKeyCredentialDescriptor(),
-            $credentialSources
+            static fn (CredentialRecord $credential): PublicKeyCredentialDescriptor => $credential->getPublicKeyCredentialDescriptor(),
+            $credentialRecords
         );
     }
 

src/symfony/src/DataCollector/WebauthnCollector.php

@@ -145,7 +145,7 @@ public function addAuthenticatorAttestationResponseValidationSucceeded(
                     JsonEncode::OPTIONS => JSON_THROW_ON_ERROR | JSON_PRETTY_PRINT,
                 ]
             ),
-            'credential_source' => $cloner->cloneVar($event->publicKeyCredentialSource),
+            'credential_record' => $cloner->cloneVar($event->credentialRecord),
         ];
     }
 
@@ -190,7 +190,7 @@ public function addAuthenticatorAssertionResponseValidationSucceeded(
         $cloner = new VarCloner();
         $this->authenticatorAssertionResponseValidationSucceeded[] = [
             'user_handle' => $cloner->cloneVar($event->userHandle),
-            'credential_id' => $cloner->cloneVar($event->publicKeyCredentialSource->publicKeyCredentialId),
+            'credential_id' => $cloner->cloneVar($event->credentialRecord->publicKeyCredentialId),
             'assertion_response' => $cloner->cloneVar($event->authenticatorAssertionResponse),
             'options' => $cloner->cloneVar($event->publicKeyCredentialRequestOptions),
             'options_json' => $this->serializer->serialize(
@@ -201,7 +201,7 @@ public function addAuthenticatorAssertionResponseValidationSucceeded(
                     JsonEncode::OPTIONS => JSON_THROW_ON_ERROR | JSON_PRETTY_PRINT,
                 ]
             ),
-            'credential_source' => $cloner->cloneVar($event->publicKeyCredentialSource),
+            'credential_record' => $cloner->cloneVar($event->credentialRecord),
         ];
     }
 
@@ -211,7 +211,7 @@ public function addAuthenticatorAssertionResponseValidationFailed(
         $cloner = new VarCloner();
         $this->authenticatorAssertionResponseValidationFailed[] = [
             'user_handle' => $cloner->cloneVar($event->userHandle),
-            'credential_id' => $cloner->cloneVar($event->credentialSource->publicKeyCredentialId),
+            'credential_id' => $cloner->cloneVar($event->credentialRecord->publicKeyCredentialId),
             'assertion_response' => $cloner->cloneVar($event->authenticatorAssertionResponse),
             'options' => $cloner->cloneVar($event->publicKeyCredentialRequestOptions),
             'options_json' => $this->serializer->serialize(

src/symfony/src/DependencyInjection/Configuration.php

@@ -10,7 +10,7 @@
 use Symfony\Component\Config\Definition\ConfigurationInterface;
 use Symfony\Component\HttpFoundation\Request;
 use Webauthn\AuthenticatorSelectionCriteria;
-use Webauthn\Bundle\Repository\DummyPublicKeyCredentialSourceRepository;
+use Webauthn\Bundle\Repository\DummyCredentialRecordRepository;
 use Webauthn\Bundle\Repository\DummyPublicKeyCredentialUserEntityRepository;
 use Webauthn\Bundle\Security\Handler\DefaultCreationOptionsHandler;
 use Webauthn\Bundle\Security\Handler\DefaultRequestOptionsHandler;
@@ -83,7 +83,7 @@ public function getConfigTreeBuilder(): TreeBuilder
             ->end()
             ->scalarNode('credential_repository')
             ->cannotBeEmpty()
-            ->defaultValue(DummyPublicKeyCredentialSourceRepository::class)
+            ->defaultValue(DummyCredentialRecordRepository::class)
             ->info('This repository is responsible of the credential storage')
             ->end()
             ->scalarNode('user_repository')

src/symfony/src/DependencyInjection/Factory/Security/WebauthnFactory.php

@@ -25,7 +25,7 @@
 use Webauthn\Bundle\CredentialOptionsBuilder\ProfileBasedCreationOptionsBuilder;
 use Webauthn\Bundle\CredentialOptionsBuilder\ProfileBasedRequestOptionsBuilder;
 use Webauthn\Bundle\DependencyInjection\Compiler\DynamicRouteCompilerPass;
-use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface;
+use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface;
 use Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepositoryInterface;
 use Webauthn\Bundle\Security\Guesser\RequestBodyUserEntityGuesser;
 use Webauthn\Bundle\Security\Handler\DefaultCreationOptionsHandler;
@@ -488,7 +488,7 @@ private function getAssertionOptionsBuilderId(
                 new Reference(SerializerInterface::class),
                 new Reference(ValidatorInterface::class),
                 new Reference(PublicKeyCredentialUserEntityRepositoryInterface::class),
-                new Reference(PublicKeyCredentialSourceRepositoryInterface::class),
+                new Reference(CredentialRecordRepositoryInterface::class),
                 new Reference(PublicKeyCredentialRequestOptionsFactory::class),
                 $config['profile'],
                 new Reference(FakeCredentialGenerator::class, ContainerInterface::NULL_ON_INVALID_REFERENCE),
@@ -515,7 +515,7 @@ private function getAttestationOptionsBuilderId(
             ->setArguments([
                 new Reference(SerializerInterface::class),
                 new Reference(ValidatorInterface::class),
-                new Reference(PublicKeyCredentialSourceRepositoryInterface::class),
+                new Reference(CredentialRecordRepositoryInterface::class),
                 new Reference(PublicKeyCredentialCreationOptionsFactory::class),
                 $config['profile'],
                 new Reference(WebauthnSerializerFactory::class),

src/symfony/src/DependencyInjection/WebauthnExtension.php

@@ -37,7 +37,7 @@
 use Webauthn\Bundle\DependencyInjection\Compiler\ExtensionOutputCheckerCompilerPass;
 use Webauthn\Bundle\DependencyInjection\Compiler\LoggerSetterCompilerPass;
 use Webauthn\Bundle\Doctrine\Type as DbalType;
-use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface;
+use Webauthn\Bundle\Repository\CredentialRecordRepositoryInterface;
 use Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepositoryInterface;
 use Webauthn\Bundle\Security\Storage\OptionsStorage;
 use Webauthn\Bundle\Service\PublicKeyCredentialCreationOptionsFactory;
@@ -103,7 +103,7 @@ public function load(array $configs, ContainerBuilder $container): void
         $container->setAlias('webauthn.logger', $config['logger']);
 
         $container->setAlias(FakeCredentialGenerator::class, $config['fake_credential_generator']);
-        $container->setAlias(PublicKeyCredentialSourceRepositoryInterface::class, $config['credential_repository']);
+        $container->setAlias(CredentialRecordRepositoryInterface::class, $config['credential_repository']);
         $container->setAlias(PublicKeyCredentialUserEntityRepositoryInterface::class, $config['user_repository']);
 
         $container->setAlias(CounterChecker::class, $config['counter_checker']);
@@ -192,7 +192,7 @@ private function loadCreationControllersSupport(ContainerBuilder $container, arr
                     ->setArguments([
                         new Reference(SerializerInterface::class),
                         new Reference(ValidatorInterface::class),
-                        new Reference(PublicKeyCredentialSourceRepositoryInterface::class),
+                        new Reference(CredentialRecordRepositoryInterface::class),
                         new Reference(PublicKeyCredentialCreationOptionsFactory::class),
                         $creationConfig['profile'],
                     ]);
@@ -276,7 +276,7 @@ private function loadRequestControllersSupport(ContainerBuilder $container, arra
                         new Reference(SerializerInterface::class),
                         new Reference(ValidatorInterface::class),
                         new Reference(PublicKeyCredentialUserEntityRepositoryInterface::class),
-                        new Reference(PublicKeyCredentialSourceRepositoryInterface::class),
+                        new Reference(CredentialRecordRepositoryInterface::class),
                         new Reference(PublicKeyCredentialRequestOptionsFactory::class),
                         $requestConfig['profile'],
                         new Reference(FakeCredentialGenerator::class, ContainerInterface::NULL_ON_INVALID_REFERENCE),

src/symfony/src/Repository/CanSaveCredentialRecord.php

@@ -0,0 +1,15 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Webauthn\Bundle\Repository;
+
+use Webauthn\CredentialRecord;
+
+/**
+ * Interface for repositories that can save credential records.
+ */
+interface CanSaveCredentialRecord
+{
+    public function saveCredentialSource(CredentialRecord $credentialRecord): void;
+}

src/symfony/src/Repository/CanSaveCredentialSource.php

@@ -4,9 +4,9 @@
 
 namespace Webauthn\Bundle\Repository;
 
-use Webauthn\PublicKeyCredentialSource;
-
-interface CanSaveCredentialSource
+/**
+ * @deprecated since 5.3, use CanSaveCredentialRecord instead. Will be removed in 6.0.
+ */
+interface CanSaveCredentialSource extends CanSaveCredentialRecord
 {
-    public function saveCredentialSource(PublicKeyCredentialSource $publicKeyCredentialSource): void;
 }