FileAccess Orion

Handler extends SecuredServerPlugin
in package

Implement WebAuthn handler

This class provides interfaces and hook handlers to enable FIDU2 Login. The following diagram shoes the flow of this requests and a full path starting with registration and ending with real FIDU2 based login.

       JAVASCRIPT            |          SERVER

       REGISTRATION
 /sys/login    ----------------->   AccountHandler::Login
                                           |
                                OnAfterUserLoginByPassword
                                           |
                                     getCreateArgs
                                           |

navigator.credentials.create <-------------' | /plugin/fidu2-login/register | '-------------------------> ServeRequest | Register | getGetArgs | REG DONE <---------------------------' | ............................................................. (This step is only executed in context of new login after registration) /sys/login -----------------> AccountHandler::Login | getGetArgs | VALIDATION <---------------------------' ............................................................. | navigator.credentials.get | /plugin/fidu2-login/confirm | '-------------------------> ServeRequest | Confirm | processGet | redirect or fail <----------------'

Tags
category

Plugin

author

Tobias Teichner webmaster@teichner.biz

since

File available since v4.104.0

Table of Contents

$config  : stdClass|null
Buffer for configuration
$defaultPermissions  : array<string|int, mixed>
The default permission set
$dir  : string
The implementation directory
$name  : string
Name of the plugin
$auth_api  : WebAuthn|null
The instance of the lib
$req  : Request|null
Store request
__construct()  : mixed
set the plugin name
GetAccessList()  : array<string|int, mixed>
Name()  : string
OnAfterRestUserPassword()  : mixed
Called on after reset before register the session
OnAfterUserLoginByPassword()  : mixed
Called on after login before register the session
OnGetEntityAttributes()  : mixed
OnMapArrayIncludes()  : mixed
OnRegisterWidgetIncludes()  : mixed
OnRenderLoginExtra()  : mixed
OnWebLogin()  : mixed
Called before login function when the items
RegisterHooks()  : array<string|int, mixed>
Register system hooks
RequestOnUrlParsed()  : mixed
ServeRequest()  : mixed
Custom request binding
settings()  : Result|object
Get/Set the settings
SetupTemplate()  : mixed
handleConfig()  : void
Handle the context requests
hasAccess()  : bool
Check if endpoint is accessible for this user group
isInContext()  : bool
Is in certain context?
setupAttributes()  : void
Set up the permission attribute table
active()  : bool
addSecretToUser()  : mixed
api()  : WebAuthn|null
Get the api to the server lib
arrayToString()  : string
Reverse of above function
confirm()  : void
Call to confirm a login with FIDO2.
domain()  : string
Get the domain name to start the api
getUserSecrets()  : array<string|int, mixed>|string
handleConfigPreset()  : mixed
Handle the context requests
register()  : mixed
Call to register key
registerInit()  : void
sign()  : void
signInit()  : void
stringToArray()  : array<string|int, mixed>
String to ordinal, make sure it is an ascii string that's given
verify()  : void

Properties

$defaultPermissions

The default permission set

protected array<string|int, mixed> $defaultPermissions = [['endpoint' => 'config', 'root' => true, 'admin' => true]]

$auth_api

The instance of the lib

private WebAuthn|null $auth_api = null

$req

Store request

private Request|null $req = null

Holds the request object instance

A system request instance

Methods

__construct()

set the plugin name

public __construct() : mixed

Handler constructor.

Return values
mixed

GetAccessList()

public GetAccessList(User $user) : array<string|int, mixed>
Parameters
$user : User
Return values
array<string|int, mixed>

OnAfterRestUserPassword()

Called on after reset before register the session

public OnAfterRestUserPassword(HookArgument $param) : mixed
Parameters
$param : HookArgument
Return values
mixed

OnAfterUserLoginByPassword()

Called on after login before register the session

public OnAfterUserLoginByPassword(HookArgument $param) : mixed
Parameters
$param : HookArgument
Return values
mixed

OnGetEntityAttributes()

public OnGetEntityAttributes( $reference) : mixed
Parameters
$reference :

HookArgument

Return values
mixed

OnMapArrayIncludes()

public OnMapArrayIncludes( $param) : mixed
Parameters
$param :

HookArgument

Return values
mixed

OnRegisterWidgetIncludes()

public OnRegisterWidgetIncludes( $param) : mixed
Parameters
$param :

HookArgument

Return values
mixed

OnRenderLoginExtra()

public OnRenderLoginExtra( $param) : mixed
Parameters
$param :

HookArgument

Return values
mixed

OnWebLogin()

Called before login function when the items

public OnWebLogin(HookArgument $param) : mixed
Parameters
$param : HookArgument
Return values
mixed

RegisterHooks()

Register system hooks

public RegisterHooks() : array<string|int, mixed>

Register a set of handler functions to be called in certain positions.

Return values
array<string|int, mixed>

A list of registered hooks

settings()

Get/Set the settings

public settings([null|object $new = null ]) : Result|object

This method is cached per instance

Parameters
$new : null|object = null

New set of settings to store

Return values
Result|object

SetupTemplate()

public SetupTemplate([mixed $data = null ]) : mixed
Parameters
$data : mixed = null
Tags
inheritDoc
Return values
mixed

hasAccess()

Check if endpoint is accessible for this user group

protected hasAccess(string|array<string|int, string> $right[, Response|null $response = null ][, User|null $user = null ]) : bool
Parameters
$right : string|array<string|int, string>
$response : Response|null = null
$user : User|null = null
Return values
bool

isInContext()

Is in certain context?

protected isInContext(HookArgument $param, string $type, string $widget) : bool
Parameters
$param : HookArgument

The hook argument

$type : string

The type can be scss, css and js to search in widgets or _ to search in global includes

$widget : string

The widget to search for

Return values
bool

setupAttributes()

Set up the permission attribute table

protected setupAttributes( &$attributes,  $l) : void
Parameters
$attributes :

array List of attributes

$l :

string The language

Return values
void

active()

private active([string $service = 'all' ]) : bool
Parameters
$service : string = 'all'
Return values
bool

addSecretToUser()

private addSecretToUser(BaseContent $user, object $data) : mixed
Parameters
$user : BaseContent
$data : object
Return values
mixed

api()

Get the api to the server lib

private api() : WebAuthn|null
Return values
WebAuthn|null

arrayToString()

Reverse of above function

private arrayToString(array<string|int, mixed> $s) : string
Parameters
$s : array<string|int, mixed>
Return values
string

confirm()

Call to confirm a login with FIDO2.

private confirm(Response $response, Request $request) : void

This is the third second step after registration

Parameters
$response : Response
$request : Request
Return values
void

domain()

Get the domain name to start the api

private domain() : string
Return values
string

getUserSecrets()

private getUserSecrets(BaseContent $user[, bool $as_json = false ]) : array<string|int, mixed>|string
Parameters
$user : BaseContent
$as_json : bool = false
Return values
array<string|int, mixed>|string

handleConfigPreset()

Handle the context requests

private handleConfigPreset(Request $request, Response $response) : mixed
Parameters
$request : Request
$response : Response
Return values
mixed

register()

Call to register key

private register(Response $response, Request $request) : mixed

This is the initial step to register a secret for my key

Parameters
$response : Response
$request : Request
Return values
mixed

stringToArray()

String to ordinal, make sure it is an ascii string that's given

private stringToArray(string $s) : array<string|int, mixed>
Parameters
$s : string
Return values
array<string|int, mixed>

Search results