Fix login authentication using security key

This commit is contained in:
Dane Everitt 2022-02-13 14:57:45 -05:00
parent 09497c234a
commit 2d2352017d
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
3 changed files with 9 additions and 9 deletions

View file

@ -92,7 +92,7 @@ class LoginCheckpointController extends AbstractLoginController
if (!$key instanceof PublicKeyCredentialRequestOptions) {
throw new BadRequestHttpException('No security keys configured in session.');
}
$user = $this->extractUserFromRequest($request);
$source = $this->repository->getServer($user)->loadAndCheckAssertionResponse(
@ -102,7 +102,11 @@ class LoginCheckpointController extends AbstractLoginController
SecurityKey::getPsrRequestFactory($request)
);
dd($source->getUserHandle());
if (!hash_equals($user->uuid, $source->getUserHandle())) {
throw new BadRequestHttpException('An unexpected error was encountered while validating that security key.');
}
return $this->sendLoginResponse($user, $request);
}
/**

View file

@ -88,11 +88,7 @@ class SecurityKey extends Model
public function getPublicKeyCredentialDescriptor(): PublicKeyCredentialDescriptor
{
return new PublicKeyCredentialDescriptor(
$this->type,
$this->public_key_id,
$this->transports
);
return new PublicKeyCredentialDescriptor($this->type, $this->public_key_id, $this->transports);
}
public function getPublicKeyCredentialSource(): PublicKeyCredentialSource
@ -105,7 +101,7 @@ class SecurityKey extends Model
$this->trust_path,
$this->aaguid ?? Uuid::fromString(Uuid::NIL),
$this->public_key,
(string) $this->user_id,
$this->user_handle,
$this->counter
);
}

View file

@ -26,7 +26,7 @@ class PublicKeyCredentialSourceRepository implements PublicKeyRepositoryInterfac
{
/** @var \Pterodactyl\Models\SecurityKey $key */
$key = $this->user->securityKeys()
->where('public_key_id', $id)
->where('public_key_id', base64_encode($id))
->first();
return optional($key)->getPublicKeyCredentialSource();