You've already forked lubo_comment_query
111 lines
4.5 KiB
PHP
111 lines
4.5 KiB
PHP
<?php
|
|
|
|
namespace App\WebAuthn;
|
|
|
|
use App\WebAuthn\Repository\PublicKeyCredentialSourceRepositoryImpl;
|
|
use Cose\Algorithm\Manager;
|
|
use Cose\Algorithm\Signature\ECDSA\ES256;
|
|
use Cose\Algorithm\Signature\RSA\RS256;
|
|
use Cose\Algorithms;
|
|
use Webauthn\AttestationStatement\AttestationObjectLoader;
|
|
use Webauthn\AttestationStatement\AttestationStatementSupportManager;
|
|
use Webauthn\AttestationStatement\NoneAttestationStatementSupport;
|
|
use Webauthn\AuthenticationExtensions\ExtensionOutputCheckerHandler;
|
|
use Webauthn\AuthenticatorAssertionResponseValidator;
|
|
use Webauthn\AuthenticatorAttestationResponseValidator;
|
|
use Webauthn\AuthenticatorSelectionCriteria;
|
|
use Webauthn\PublicKeyCredentialCreationOptions;
|
|
use Webauthn\PublicKeyCredentialLoader;
|
|
use Webauthn\PublicKeyCredentialParameters;
|
|
use Webauthn\PublicKeyCredentialRpEntity;
|
|
use Webauthn\PublicKeyCredentialSourceRepository;
|
|
use Webauthn\PublicKeyCredentialUserEntity;
|
|
use Webauthn\TokenBinding\IgnoreTokenBindingHandler;
|
|
|
|
class WebAuthnService
|
|
{
|
|
private static $rpName = "开心鄢的录播查询小站";
|
|
private static $rpId = "comment.sc.jerryyan.top";
|
|
private static $timeout = 45000;
|
|
private static $publicKeyCredentialSourceRepositoryInstance = null;
|
|
private static $authenticatorAssertionResponseValidator = null;
|
|
private static $attestationStatementSupportManager = null;
|
|
public static function createRequestOptions(PublicKeyCredentialUserEntity $userEntity, string $challenge): PublicKeyCredentialCreationOptions
|
|
{
|
|
$publicKeyCredentialParametersList = [
|
|
new PublicKeyCredentialParameters("public-key", Algorithms::COSE_ALGORITHM_ES256),
|
|
new PublicKeyCredentialParameters("public-key", Algorithms::COSE_ALGORITHM_RS256),
|
|
];
|
|
return new PublicKeyCredentialCreationOptions(
|
|
static::getRpEntity(),
|
|
$userEntity,
|
|
$challenge,
|
|
$publicKeyCredentialParametersList,
|
|
static::$timeout
|
|
);
|
|
}
|
|
|
|
public static function getPublicKeyCredentialSourceRepository(): PublicKeyCredentialSourceRepository
|
|
{
|
|
if (static::$publicKeyCredentialSourceRepositoryInstance === null) {
|
|
static::$publicKeyCredentialSourceRepositoryInstance = new PublicKeyCredentialSourceRepositoryImpl();
|
|
}
|
|
return static::$publicKeyCredentialSourceRepositoryInstance;
|
|
}
|
|
|
|
public static function getAuthenticatorAssertionResponseValidator(): AuthenticatorAssertionResponseValidator
|
|
{
|
|
if (static::$authenticatorAssertionResponseValidator === null) {
|
|
$algorithmManager = new Manager();
|
|
$algorithmManager->add(new ES256());
|
|
$algorithmManager->add(new RS256());
|
|
static::$authenticatorAssertionResponseValidator = new AuthenticatorAssertionResponseValidator(
|
|
static::getPublicKeyCredentialSourceRepository(),
|
|
new IgnoreTokenBindingHandler(),
|
|
new ExtensionOutputCheckerHandler(),
|
|
$algorithmManager
|
|
);
|
|
}
|
|
return static::$authenticatorAssertionResponseValidator;
|
|
}
|
|
|
|
public static function getAuthenticatorAttestationResponseValidator(): AuthenticatorAttestationResponseValidator
|
|
{
|
|
return new AuthenticatorAttestationResponseValidator(
|
|
static::getAttestationStatementSupportManager(),
|
|
static::getPublicKeyCredentialSourceRepository(),
|
|
new IgnoreTokenBindingHandler(),
|
|
new ExtensionOutputCheckerHandler()
|
|
);
|
|
}
|
|
|
|
public static function getPublicKeyCredentialLoader(): PublicKeyCredentialLoader
|
|
{
|
|
return new PublicKeyCredentialLoader(
|
|
static::getAttestationObjectLoader()
|
|
);
|
|
}
|
|
|
|
public static function getAttestationObjectLoader(): AttestationObjectLoader
|
|
{
|
|
return new AttestationObjectLoader(static::getAttestationStatementSupportManager());
|
|
}
|
|
|
|
private static function getAttestationStatementSupportManager(): AttestationStatementSupportManager
|
|
{
|
|
if (static::$attestationStatementSupportManager === null) {
|
|
static::$attestationStatementSupportManager = new AttestationStatementSupportManager();
|
|
static::$attestationStatementSupportManager->add(new NoneAttestationStatementSupport());
|
|
}
|
|
return static::$attestationStatementSupportManager;
|
|
}
|
|
|
|
private static function getRpEntity(): PublicKeyCredentialRpEntity
|
|
{
|
|
return new PublicKeyCredentialRpEntity(
|
|
static::$rpName,
|
|
static::$rpId
|
|
);
|
|
}
|
|
}
|