WebauthnManager
in package
Manages Webauthn registrations and authentications.
Table of Contents
- createPublicKeyCredentialLoader() : PublicKeyCredentialLoader
- Returns a public key credential loader.
- getAuthenticationObject() : PublicKeyCredentialRequestOptions
- Returns the authentication object for a registered user.
- getDatabase() : PublicKeyCredentialSourceRepositoryBase
- Returns the webauthn database.
- getRegistrationObject() : PublicKeyCredentialCreationOptions
- Returns a challenge for a new token.
- isRegistered() : bool
- Returns if the given DN is registered for webauthn.
- isValidAuthentication() : bool
- Checks if the provided authentication is valid.
- storeNewRegistration() : bool
- Verifies the registration and stores it in the database.
- createChallenge() : string
- Creates a new challenge.
- createRpEntry() : PublicKeyCredentialRpEntity
- Returns the part that identifies the server and application.
- getAlgorithmManager() : Manager
- Returns the COSE algorithm manager.
- getAttestationObjectLoader() : AttestationObjectLoader
- Returns the attestation object loader.
- getAttestationSupportManager() : AttestationStatementSupportManager
- Creates the attestation support manager.
- getCredentialParameters() : array<string|int, mixed>
- Returns the supported credential algorithms.
- getExcludedKeys() : array<string|int, PublicKeyCredentialDescriptor>
- Returns a list of all credential ids that are already registered.
- getExtensionOutputChecker() : ExtensionOutputCheckerHandler
- Returns the extension output checker handler.
- getPublicKeyCredentialLoader() : PublicKeyCredentialLoader
- Creates the public key credential loader.
- getTimeout() : int
- Returns the timeout for user operations.
- getUserEntity() : PublicKeyCredentialUserEntity
- Returns the user entity for the registration.
Methods
createPublicKeyCredentialLoader()
Returns a public key credential loader.
public
createPublicKeyCredentialLoader() : PublicKeyCredentialLoader
Return values
PublicKeyCredentialLoader —public key credential loader
getAuthenticationObject()
Returns the authentication object for a registered user.
public
getAuthenticationObject( $userDN, bool $isSelfService) : PublicKeyCredentialRequestOptions
Parameters
Return values
PublicKeyCredentialRequestOptions —authentication object
getDatabase()
Returns the webauthn database.
public
getDatabase() : PublicKeyCredentialSourceRepositoryBase
Tags
Return values
PublicKeyCredentialSourceRepositoryBase —database
getRegistrationObject()
Returns a challenge for a new token.
public
getRegistrationObject(string $dn, bool $isSelfService[, array<string|int, mixed> $extraExcludedKeys = [] ]) : PublicKeyCredentialCreationOptions
Parameters
- $dn : string
-
DN
- $isSelfService : bool
-
is executed in self service
- $extraExcludedKeys : array<string|int, mixed> = []
-
credentialIds that should be added to excluded keys
Return values
PublicKeyCredentialCreationOptions —registration object
isRegistered()
Returns if the given DN is registered for webauthn.
public
isRegistered(string $dn) : bool
Parameters
- $dn : string
-
DN
Return values
bool —is registered
isValidAuthentication()
Checks if the provided authentication is valid.
public
isValidAuthentication(string $response, string $userDn) : bool
Parameters
- $response : string
-
authentication response
- $userDn : string
-
user DN
Return values
bool —true if all is ok
storeNewRegistration()
Verifies the registration and stores it in the database.
public
storeNewRegistration(PublicKeyCredentialCreationOptions $registration, string $clientResponse) : bool
Parameters
- $registration : PublicKeyCredentialCreationOptions
-
registration object
- $clientResponse : string
-
client response
Return values
bool —true if response is valid and registration succeeded
createChallenge()
Creates a new challenge.
private
createChallenge() : string
Return values
string —challenge
createRpEntry()
Returns the part that identifies the server and application.
private
createRpEntry(bool $isSelfService) : PublicKeyCredentialRpEntity
Parameters
- $isSelfService : bool
-
is executed in self service
Return values
PublicKeyCredentialRpEntity —relying party entry
getAlgorithmManager()
Returns the COSE algorithm manager.
private
getAlgorithmManager() : Manager
Return values
Manager —algorithm manager
getAttestationObjectLoader()
Returns the attestation object loader.
private
getAttestationObjectLoader(AttestationStatementSupportManager $manager) : AttestationObjectLoader
Parameters
- $manager : AttestationStatementSupportManager
-
support manager
Return values
AttestationObjectLoader —attestation object loader
getAttestationSupportManager()
Creates the attestation support manager.
private
getAttestationSupportManager() : AttestationStatementSupportManager
Return values
AttestationStatementSupportManager —manager
getCredentialParameters()
Returns the supported credential algorithms.
private
getCredentialParameters() : array<string|int, mixed>
Return values
array<string|int, mixed> —algorithms
getExcludedKeys()
Returns a list of all credential ids that are already registered.
private
getExcludedKeys(PublicKeyCredentialUserEntity $user[, array<string|int, mixed> $extraExcludedKeys = [] ]) : array<string|int, PublicKeyCredentialDescriptor>
Parameters
- $user : PublicKeyCredentialUserEntity
-
user data
- $extraExcludedKeys : array<string|int, mixed> = []
-
credentialIds that should be added to excluded keys
Return values
array<string|int, PublicKeyCredentialDescriptor> —credential ids
getExtensionOutputChecker()
Returns the extension output checker handler.
private
getExtensionOutputChecker() : ExtensionOutputCheckerHandler
No extensions are checked at this time.
Return values
ExtensionOutputCheckerHandler —handler
getPublicKeyCredentialLoader()
Creates the public key credential loader.
private
getPublicKeyCredentialLoader(AttestationObjectLoader $attestationObjectLoader) : PublicKeyCredentialLoader
Parameters
- $attestationObjectLoader : AttestationObjectLoader
-
attestation object loader
Return values
PublicKeyCredentialLoader —public key credential loader
getTimeout()
Returns the timeout for user operations.
private
getTimeout() : int
Return values
int —timeout in ms
getUserEntity()
Returns the user entity for the registration.
private
getUserEntity( $dn) : PublicKeyCredentialUserEntity
Parameters
Return values
PublicKeyCredentialUserEntity —user entity