First release
This commit is contained in:
Italo
37
src/SharedPipes/CheckChallengeSame.php
Normal file
37
src/SharedPipes/CheckChallengeSame.php
Normal file
@@ -0,0 +1,37 @@
|
||||
<?php
|
||||
|
||||
namespace Laragear\WebAuthn\SharedPipes;
|
||||
|
||||
use Closure;
|
||||
use Laragear\WebAuthn\Assertion\Validator\AssertionValidation;
|
||||
use Laragear\WebAuthn\Attestation\Validator\AttestationValidation;
|
||||
|
||||
/**
|
||||
* @internal
|
||||
*/
|
||||
abstract class CheckChallengeSame
|
||||
{
|
||||
use ThrowsCeremonyException;
|
||||
|
||||
/**
|
||||
* Handle the incoming WebAuthn Ceremony Validation.
|
||||
*
|
||||
* @param \Laragear\WebAuthn\Attestation\Validator\AttestationValidation|\Laragear\WebAuthn\Assertion\Validator\AssertionValidation $validation
|
||||
* @param \Closure $next
|
||||
* @return mixed
|
||||
* @throws \Laragear\WebAuthn\Exceptions\AssertionException
|
||||
* @throws \Laragear\WebAuthn\Exceptions\AttestationException
|
||||
*/
|
||||
public function handle(AttestationValidation|AssertionValidation $validation, Closure $next): mixed
|
||||
{
|
||||
if ($validation->clientDataJson->challenge->hasNoLength()) {
|
||||
static::throw($validation, "Response has an empty challenge.");
|
||||
}
|
||||
|
||||
if ($validation->clientDataJson->challenge->hashNotEqual($validation->challenge->data)) {
|
||||
static::throw($validation, "Response challenge is not equal.");
|
||||
}
|
||||
|
||||
return $next($validation);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user