From 2d2352017deeab9551a5444f4064d37aec5b61f0 Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Sun, 13 Feb 2022 14:57:45 -0500
Subject: [PATCH] Fix login authentication using security key

---
 app/Http/Controllers/Auth/LoginCheckpointController.php   | 8 ++++++--
 app/Models/SecurityKey.php                                | 8 ++------
 .../SecurityKeys/PublicKeyCredentialSourceRepository.php  | 2 +-
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/app/Http/Controllers/Auth/LoginCheckpointController.php b/app/Http/Controllers/Auth/LoginCheckpointController.php
index d033dfd36..9e3233a54 100644
--- a/app/Http/Controllers/Auth/LoginCheckpointController.php
+++ b/app/Http/Controllers/Auth/LoginCheckpointController.php
@@ -92,7 +92,7 @@ class LoginCheckpointController extends AbstractLoginController
         if (!$key instanceof PublicKeyCredentialRequestOptions) {
             throw new BadRequestHttpException('No security keys configured in session.');
         }
-        
+
         $user = $this->extractUserFromRequest($request);
 
         $source = $this->repository->getServer($user)->loadAndCheckAssertionResponse(
@@ -102,7 +102,11 @@ class LoginCheckpointController extends AbstractLoginController
             SecurityKey::getPsrRequestFactory($request)
         );
 
-        dd($source->getUserHandle());
+        if (!hash_equals($user->uuid, $source->getUserHandle())) {
+            throw new BadRequestHttpException('An unexpected error was encountered while validating that security key.');
+        }
+
+        return $this->sendLoginResponse($user, $request);
     }
 
     /**
diff --git a/app/Models/SecurityKey.php b/app/Models/SecurityKey.php
index 93b3a928c..76fcbe812 100644
--- a/app/Models/SecurityKey.php
+++ b/app/Models/SecurityKey.php
@@ -88,11 +88,7 @@ class SecurityKey extends Model
 
     public function getPublicKeyCredentialDescriptor(): PublicKeyCredentialDescriptor
     {
-        return new PublicKeyCredentialDescriptor(
-            $this->type,
-            $this->public_key_id,
-            $this->transports
-        );
+        return new PublicKeyCredentialDescriptor($this->type, $this->public_key_id, $this->transports);
     }
 
     public function getPublicKeyCredentialSource(): PublicKeyCredentialSource
@@ -105,7 +101,7 @@ class SecurityKey extends Model
             $this->trust_path,
             $this->aaguid ?? Uuid::fromString(Uuid::NIL),
             $this->public_key,
-            (string) $this->user_id,
+            $this->user_handle,
             $this->counter
         );
     }
diff --git a/app/Repositories/SecurityKeys/PublicKeyCredentialSourceRepository.php b/app/Repositories/SecurityKeys/PublicKeyCredentialSourceRepository.php
index e24d956b8..089d82a56 100644
--- a/app/Repositories/SecurityKeys/PublicKeyCredentialSourceRepository.php
+++ b/app/Repositories/SecurityKeys/PublicKeyCredentialSourceRepository.php
@@ -26,7 +26,7 @@ class PublicKeyCredentialSourceRepository implements PublicKeyRepositoryInterfac
     {
         /** @var \Pterodactyl\Models\SecurityKey $key */
         $key = $this->user->securityKeys()
-            ->where('public_key_id', $id)
+            ->where('public_key_id', base64_encode($id))
             ->first();
 
         return optional($key)->getPublicKeyCredentialSource();