From ffd47f8ca51ac6cfafa11b1b225d08996372fa6f Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Thu, 21 Nov 2019 19:34:01 +0100 Subject: [PATCH] webauthn --- lam/lib/2factor.inc | 14 +++++++++++ lam/templates/lib/500_lam.js | 46 ++++++++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+) diff --git a/lam/lib/2factor.inc b/lam/lib/2factor.inc index 65619772..a4a3f976 100644 --- a/lam/lib/2factor.inc +++ b/lam/lib/2factor.inc @@ -5,6 +5,10 @@ use \LAMConfig; use \htmlScript; use \htmlIframe; use \htmlImage; +use \htmlButton; +use \htmlJavaScript; +use \htmlStatusMessage; +use \htmlDiv; use \LAMException; /* @@ -519,6 +523,16 @@ class WebauthnProvider extends BaseProvider { public function addCustomInput(&$row, $userDn) { $pathPrefix = $this->config->isSelfService ? '../' : ''; $row->add(new htmlImage($pathPrefix . '../graphics/webauthn.svg'), 12); + $row->addVerticalSpacer('1rem'); + $registerButton = new htmlButton('register_webauthn', _('Register new key')); + $registerButton->setCSSClasses(array('fullwidth hidden')); + $row->add($registerButton, 12); + $loginButton = new htmlButton('login_webauthn', _('Login')); + $loginButton->setCSSClasses(array('fullwidth hidden')); + $row->add($loginButton, 12); + $errorMessage = new htmlStatusMessage('ERROR', '', _('This service requires a browser with webauthn support.')); + $row->add(new htmlDiv(null, $errorMessage, array('hidden webauthn-error')), 12); + $row->add(new htmlJavaScript('window.lam.webauthn.start(\'' . $pathPrefix . '\');'), 0); } /** diff --git a/lam/templates/lib/500_lam.js b/lam/templates/lib/500_lam.js index efd7251e..b6c17635 100644 --- a/lam/templates/lib/500_lam.js +++ b/lam/templates/lib/500_lam.js @@ -1356,6 +1356,52 @@ window.lam.selfservice.addMultiValue = function(fieldNamePrefix, addButton) { jQuery(addButton).remove(); }; +window.lam.webauthn = window.lam.webauthn || {}; + +/** + * Starts the webauthn process. + * + * @param prefix path prefix for Ajax endpoint + */ +window.lam.webauthn.start = function(prefix) { + jQuery(document).ready( + function() { + window.lam.webauthn.run(prefix); + } + ); +} + +/** + * Checks if the user is registered and starts login/registration. + * + * @param prefix path prefix for Ajax endpoint + */ +window.lam.webauthn.run = function(prefix) { + var token = jQuery('#sec_token').val(); + // check for webauthn support + if (!navigator.credentials || (typeof(PublicKeyCredential) === "undefined")) { + jQuery('.webauthn-error').show(); + return; + } + + var data = { + action: 'status', + sec_token: token + }; + jQuery.ajax({ + url: prefix + 'misc/ajax.php?function=webauthn', + method: 'POST', + data: data + }) + .done(function(jsonData) { + console.log(jsonData); + }) + .fail(function() { + console.log('Webauthn failed'); + }); +} + + jQuery(document).ready(function() { window.lam.gui.equalHeight(); window.lam.form.autoTrim();