-
-
Notifications
You must be signed in to change notification settings - Fork 76
Expand file tree
/
Copy pathCheckTopOrigin.php
More file actions
40 lines (35 loc) · 1.33 KB
/
CheckTopOrigin.php
File metadata and controls
40 lines (35 loc) · 1.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
<?php
declare(strict_types=1);
namespace Webauthn\CeremonyStep;
use Webauthn\AuthenticatorAssertionResponse;
use Webauthn\AuthenticatorAttestationResponse;
use Webauthn\Exception\AuthenticatorResponseVerificationException;
use Webauthn\PublicKeyCredentialCreationOptions;
use Webauthn\PublicKeyCredentialRequestOptions;
use Webauthn\PublicKeyCredentialSource;
class CheckTopOrigin implements CeremonyStep
{
public function __construct(
private readonly null|TopOriginValidator $topOriginValidator = null
) {
}
public function process(
PublicKeyCredentialSource $publicKeyCredentialSource,
AuthenticatorAssertionResponse|AuthenticatorAttestationResponse $authenticatorResponse,
PublicKeyCredentialRequestOptions|PublicKeyCredentialCreationOptions $publicKeyCredentialOptions,
?string $userHandle,
string $host
): void {
$topOrigin = $authenticatorResponse->clientDataJSON->topOrigin;
if ($topOrigin === null) {
return;
}
if ($authenticatorResponse->clientDataJSON->crossOrigin !== true) {
throw AuthenticatorResponseVerificationException::create('The response is not cross-origin.');
}
if ($this->topOriginValidator === null) {
return;
}
$this->topOriginValidator->validate($topOrigin);
}
}