added webauthn error message

This commit is contained in:
Roland Gruber 2019-12-19 22:01:54 +01:00
parent 0ed0d17676
commit 0e835e3003
5 changed files with 26 additions and 11 deletions

View File

@ -1,10 +1,6 @@
{ {
"require": {
"web-auth/webauthn-lib" : "2.1.7",
"symfony/http-foundation" : "5.0.0"
},
"require-dev" : { "require-dev" : {
"phpunit/phpunit" : "5.7.27", "phpunit/phpunit" : "5.7.27",
"squizlabs/php_codesniffer" : "3.4.0" "squizlabs/php_codesniffer" : "3.4.0"
} }
} }

View File

@ -8,6 +8,7 @@ use \htmlImage;
use \htmlButton; use \htmlButton;
use \htmlJavaScript; use \htmlJavaScript;
use \htmlStatusMessage; use \htmlStatusMessage;
use \htmlOutputText;
use \htmlDiv; use \htmlDiv;
use \LAMException; use \LAMException;
use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialCreationOptions;
@ -557,6 +558,10 @@ class WebauthnProvider extends BaseProvider {
$row->add($skipButton, 12); $row->add($skipButton, 12);
} }
} }
$errorMessageDiv = new htmlDiv('generic-webauthn-error', new htmlOutputText(''));
$errorMessageDiv->addDataAttribute('button', _('Ok'));
$errorMessageDiv->addDataAttribute('title', _('Webauthn failed'));
$row->add($errorMessageDiv, 12);
$row->add(new htmlJavaScript('window.lam.webauthn.start(\'' . $pathPrefix . '\');'), 0); $row->add(new htmlJavaScript('window.lam.webauthn.start(\'' . $pathPrefix . '\');'), 0);
} }
@ -567,7 +572,6 @@ class WebauthnProvider extends BaseProvider {
public function verify2ndFactor($user, $password, $serial, $twoFactorInput) { public function verify2ndFactor($user, $password, $serial, $twoFactorInput) {
logNewMessage(LOG_DEBUG, 'WebauthnProvider: Checking 2nd factor for ' . $user); logNewMessage(LOG_DEBUG, 'WebauthnProvider: Checking 2nd factor for ' . $user);
include_once __DIR__ . '/webauthn.inc'; include_once __DIR__ . '/webauthn.inc';
logNewMessage(LOG_ERR, $user);
if ($this->config->twoFactorAuthenticationOptional && !hasTokensRegistered($user) && ($_POST['sig_response'] === 'skip')) { if ($this->config->twoFactorAuthenticationOptional && !hasTokensRegistered($user) && ($_POST['sig_response'] === 'skip')) {
return true; return true;
} }

View File

@ -3626,7 +3626,7 @@ class htmlDiv extends htmlElement {
if (($this->cssClasses != null) && (sizeof($this->cssClasses) > 0)) { if (($this->cssClasses != null) && (sizeof($this->cssClasses) > 0)) {
$classesValue = ' class="' . implode(' ', $this->cssClasses) . '"'; $classesValue = ' class="' . implode(' ', $this->cssClasses) . '"';
} }
echo '<div' . $idValue . $classesValue . '>'; echo '<div' . $idValue . $classesValue . $this->getDataAttributesAsString() . '>';
if ($this->content != null) { if ($this->content != null) {
$return = $this->content->generateHTML($module, $input, $values, $restricted, $tabindex, $scope); $return = $this->content->generateHTML($module, $input, $values, $restricted, $tabindex, $scope);
} }

View File

@ -40,6 +40,7 @@ use \Webauthn\PublicKeyCredentialUserEntity;
use \Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientInputs; use \Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientInputs;
use \Webauthn\AuthenticatorSelectionCriteria; use \Webauthn\AuthenticatorSelectionCriteria;
use Webauthn\TokenBinding\IgnoreTokenBindingHandler; use Webauthn\TokenBinding\IgnoreTokenBindingHandler;
use \LAMException;
/* /*
@ -104,7 +105,7 @@ function getRegistrationObject($dn, $isSelfService) {
new AuthenticatorSelectionCriteria(), new AuthenticatorSelectionCriteria(),
PublicKeyCredentialCreationOptions::ATTESTATION_CONVEYANCE_PREFERENCE_NONE, PublicKeyCredentialCreationOptions::ATTESTATION_CONVEYANCE_PREFERENCE_NONE,
new AuthenticationExtensionsClientInputs()); new AuthenticationExtensionsClientInputs());
logNewMessage(LOG_DEBUG, json_encode($registrationObject)); logNewMessage(LOG_DEBUG, 'Webauthn registration: ' . json_encode($registrationObject));
return $registrationObject; return $registrationObject;
} }

View File

@ -841,9 +841,14 @@ window.lam.form.autoTrim = function() {
window.lam.dialog = window.lam.dialog || {}; window.lam.dialog = window.lam.dialog || {};
window.lam.dialog.showMessage = function(title, okText, divId) { window.lam.dialog.showMessage = function(title, okText, divId, callbackFunction) {
var buttonList = {}; var buttonList = {};
buttonList[okText] = function() { jQuery(this).dialog("close"); }; buttonList[okText] = function() {
jQuery(this).dialog("close");
if (callbackFunction) {
callbackFunction();
}
};
jQuery('#' + divId).dialog({ jQuery('#' + divId).dialog({
modal: true, modal: true,
title: title, title: title,
@ -1445,7 +1450,16 @@ window.lam.webauthn.register = function(publicKey) {
form.submit(); form.submit();
}, function (error) { }, function (error) {
console.log(error.message); console.log(error.message);
jQuery('#btn_logout').click(); let errorDiv = jQuery('#generic-webauthn-error');
let buttonLabel = errorDiv.data('button');
let dialogTitle = errorDiv.data('title');
errorDiv.text(error.message);
window.lam.dialog.showMessage(dialogTitle,
buttonLabel,
'generic-webauthn-error',
function () {
jQuery('#btn_logout').click();
});
}); });
} }