Skip to content

Add Webauthn Badge support#693

Merged
Spomky merged 1 commit into5.2.xfrom
features/badges
Mar 16, 2025
Merged

Add Webauthn Badge support#693
Spomky merged 1 commit into5.2.xfrom
features/badges

Conversation

@Spomky
Copy link
Copy Markdown
Contributor

@Spomky Spomky commented Feb 15, 2025
edited
Loading

Target branch: 5.2.x

  • It is a Bug fix
  • It is a New feature
  • Breaks BC
  • Includes Deprecations

Introduce WebauthnBadge, WebauthnPassport, and WebauthnAuthenticator implementations to enable Badge-based authentication.

Example of usage:

<?php

declare(strict_types=1);

namespace App\Security;

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\CsrfTokenBadge;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\RememberMeBadge;
use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
use Symfony\Component\Security\Http\Util\TargetPathTrait;
use Webauthn\Bundle\Security\Authentication\WebauthnPassport;
use Webauthn\Bundle\Security\Authentication\WebauthnBadge;
use Webauthn\Bundle\Security\Authentication\WebauthnAuthenticator as BaseWebauthnAuthenticator;

final class WebauthnAuthenticator extends BaseWebauthnAuthenticator
{
    use TargetPathTrait;

    public const string LOGIN_ROUTE = 'app_login';

    public function __construct(
        private readonly UrlGeneratorInterface $urlGenerator,
    ) {
    }

    public function authenticate(Request $request): Passport
    {
        return new WebauthnPassport(
            new WebauthnBadge(
                $request->getHost(),
                $request->request->get('response', '')
            ),
            [
                new CsrfTokenBadge('authenticate', $request->request->get('_csrf_token')),
                new RememberMeBadge()
            ]
        );
    }

    protected function getLoginUrl(Request $request): string
    {
        return $this->urlGenerator->generate(self::LOGIN_ROUTE);
    }
}

@Spomky Spomky added the enhancement New feature or request label Feb 15, 2025
@Spomky Spomky self-assigned this Feb 15, 2025
This was linked to issues Feb 15, 2025
Passport and Badges #460
Closed
CSRF Support #616
Closed
@Spomky Spomky added this to the 5.2.0 milestone Feb 15, 2025
@Spomky Spomky changed the title Add Webauthn authentication support Add Webauthn Badge support Feb 15, 2025
@Spomky Spomky linked an issue Feb 16, 2025 that may be closed by this pull request
[Stimulus/Symfony UX] Allow a remember-me checkbox at login (or document it, if it already works somehow) #673
Closed
@Spomky Spomky force-pushed the features/badges branch 2 times, most recently from c6a3ef0 to ac6749c Compare March 7, 2025 18:28
@mergify mergify bot added the conflict label Mar 7, 2025
@Spomky Spomky force-pushed the features/badges branch from ac6749c to dcb965e Compare March 7, 2025 18:43
@mergify mergify bot removed the conflict label Mar 7, 2025
@Spomky Spomky force-pushed the features/badges branch from dcb965e to b6f6fdf Compare March 8, 2025 12:32
@Spomky Spomky force-pushed the features/badges branch 3 times, most recently from 61b80d6 to 6a560f4 Compare March 16, 2025 11:08
@Spomky
Refactor Symfony test configurations and add badge support
478be78 
Reorganized test configurations by splitting `config.yml` into `common.yml` and added Twig template support. Introduced Webauthn authentication mechanism with related classes, functional tests, and templates to enhance security. This commit also includes tests for authenticated access and successful login handling.
@Spomky Spomky merged commit 45a05b2 into 5.2.x Mar 16, 2025
14 checks passed
@Spomky Spomky deleted the features/badges branch March 16, 2025 11:18
@zoglo zoglo mentioned this pull request Mar 23, 2025
Closed
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@Spomky Spomky

Labels

enhancement New feature or request

Projects

None yet

Milestone

5.2.0

Development

Successfully merging this pull request may close these issues.

[Stimulus/Symfony UX] Allow a remember-me checkbox at login (or document it, if it already works somehow) CSRF Support Passport and Badges

1 participant

@Spomky