PHP Classes

File: api/validar_assinatura.php

Recommend this page to a friend!
  Classes of Rodrigo Faustino   Digital   api/validar_assinatura.php   Download  
File: api/validar_assinatura.php
Role: Example script
Content type: text/plain
Description: Example script
Class: Digital
Authenticate users' fingerprints using WebAuthn
Author: By
Last change:
Date: 7 days ago
Size: 3,220 bytes
 

Contents

Class file image Download
<?php
require '../vendor/autoload.php';

use Webauthn\PublicKeyCredentialLoader;
use Webauthn\AuthenticatorAssertionResponseValidator;
use Webauthn\PublicKeyCredentialSourceRepository;
use Webauthn\PublicKeyCredentialSource;
use Webauthn\PublicKeyCredentialUserEntity;


header('Content-Type: application/json');
require_once '../backend/controller/UsuarioController.php';
require_once '../backend/model/Usuario.php';
require_once '../backend/config/Database.php';

$data = json_decode(file_get_contents('php://input'), true);

$id = $data['username'];
$clientDataJSON = base64_decode($data['clientDataJSON']);
$authenticatorData = base64_decode($data['authenticatorData']);
$signature = base64_decode($data['signature']);

$db = new Database();
$usuario = new Usuario();
$controller = new UsuarioController($db,$usuario);
$user = $controller->getByUsername($id);
$credential=json_decode($user,true);



$publicKeyCredentialSource = new PublicKeyCredentialSource(
    $credential['credId'],
    PublicKeyCredentialSource::USER_HANDLE_TYPE_PUBLIC,
    [],
    'localhost',
    new PublicKeyCredentialUserEntity($id, $id, $id),
    '', // AAGUID, this needs to be the correct AAGUID of your authenticator
    base64_decode($credential['attestationObject']), // Public key of the user
    'none',
    0
);

$publicKeyCredentialSourceRepository = new class($publicKeyCredentialSource) implements PublicKeyCredentialSourceRepository {
    private $publicKeyCredentialSource;

    public function __construct(PublicKeyCredentialSource $publicKeyCredentialSource) {
        $this->publicKeyCredentialSource = $publicKeyCredentialSource;
    }

    public function findOneByCredentialId(string $publicKeyCredentialId): ?PublicKeyCredentialSource {
        return $this->publicKeyCredentialSource;
    }

    public function findAllForUserEntity(PublicKeyCredentialUserEntity $publicKeyCredentialUserEntity): array {
        return [$this->publicKeyCredentialSource];
    }

    public function saveCredentialSource(PublicKeyCredentialSource $publicKeyCredentialSource): void {
        $this->publicKeyCredentialSource = $publicKeyCredentialSource;
    }
};

$publicKeyCredentialLoader = new PublicKeyCredentialLoader($publicKeyCredentialSourceRepository);
$publicKeyCredential = $publicKeyCredentialLoader->load(base64_encode($data['rawId']));
$authenticatorAssertionResponse = $publicKeyCredential->getResponse();

$authenticatorAssertionResponseValidator = new AuthenticatorAssertionResponseValidator($publicKeyCredentialSourceRepository);

try {
    $publicKeyCredentialCreationOptions = $credential['attestationObject']; // this needs to be the PublicKeyCredentialCreationOptions from the registration
    $authenticatorAssertionResponseValidator->check(
        $authenticatorAssertionResponse,
        $publicKeyCredentialCreationOptions,
        $clientDataJSON,
        $publicKeyCredentialSource->getUserHandle(),
        $publicKeyCredentialSource->getAaguid()
    );

    http_response_code(200);
    echo json_encode(['status' => 'success']);
} catch (Exception $e) {
    http_response_code(400);
    echo json_encode(['status' => 'failure', 'message' => 'Invalid signature', 'error' => $e->getMessage()]);
}
?>