diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index dd7ded9..d39ca3f 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -152,7 +152,7 @@ jobs: - name: SonarCloud Scan if: env.SONAR_TOKEN != '' - uses: SonarSource/sonarcloud-github-action@v1.9 + uses: SonarSource/sonarcloud-github-action@v2.0.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} diff --git a/composer.json b/composer.json index 9ab2042..e2813db 100644 --- a/composer.json +++ b/composer.json @@ -27,6 +27,9 @@ "web-auth/webauthn-lib": "^4.0", "web-token/jwt-signature": "^3.0" }, + "conflict": { + "web-auth/webauthn-lib": "4.7.0" + }, "require-dev": { "ext-sqlite3": "*", "guzzlehttp/psr7": "^2.1", diff --git a/tests/Unit/Models/UserTest.php b/tests/Unit/Models/UserTest.php index cf17291..5d4c3c7 100644 --- a/tests/Unit/Models/UserTest.php +++ b/tests/Unit/Models/UserTest.php @@ -2,11 +2,14 @@ namespace LaravelWebauthn\Tests\Unit\Models; +use Illuminate\Foundation\Testing\DatabaseTransactions; use LaravelWebauthn\Models\WebauthnKey; use LaravelWebauthn\Tests\FeatureTestCase; class UserTest extends FeatureTestCase { + use DatabaseTransactions; + /** * @test */ diff --git a/tests/Unit/Services/WebauthnTest.php b/tests/Unit/Services/WebauthnTest.php index f466184..2adda47 100644 --- a/tests/Unit/Services/WebauthnTest.php +++ b/tests/Unit/Services/WebauthnTest.php @@ -17,6 +17,7 @@ use ParagonIE\ConstantTime\Base64UrlSafe; use Symfony\Component\Uid\NilUuid; use Symfony\Component\Uid\Uuid; +use Webauthn\AuthenticatorData; use Webauthn\PublicKeyCredentialSource; class WebauthnTest extends FeatureTestCase @@ -93,67 +94,6 @@ public function test_get_authenticate_data() $this->assertCount(0, $publicKey->getExtensions()); } - /** - * @test - */ - public function test_do_authenticate() - { - $user = $this->signIn(); - $webauthnKey = factory(WebauthnKey::class)->create([ - 'user_id' => $user->getAuthIdentifier(), - 'credentialPublicKey' => (string) new MapObject([ - new MapItem( - new TextStringObject('1'), - new TextStringObject('0') - ), - new MapItem( - new TextStringObject('3'), - new TextStringObject('-7') - ), - ]), - ]); - - $publicKey = $this->app[PrepareAssertionData::class]($user); - $this->assertInstanceOf(\Webauthn\PublicKeyCredentialRequestOptions::class, $publicKey); - - $data = [ - 'id' => Base64UrlSafe::encodeUnpadded($webauthnKey->credentialId), - 'rawId' => Base64UrlSafe::encode($webauthnKey->credentialId), - 'type' => 'public-key', - 'response' => [ - 'clientDataJSON' => Base64UrlSafe::encodeUnpadded(json_encode([ - 'type' => 'webauthn.get', - 'challenge' => Base64UrlSafe::encodeUnpadded($publicKey->getChallenge()), - 'origin' => 'https://localhost', - 'tokenBinding' => [ - 'status' => 'supported', - 'id' => Base64UrlSafe::encodeUnpadded(1), - ], - ])), - 'authenticatorData' => Base64UrlSafe::encodeUnpadded( - hash('sha256', 'localhost', true). // rp_id_hash - pack('C', 65). // flags - pack('N', 1). // signCount - '0000000000000000'. // aaguid - pack('n', 1).'0'. // credentialLength - ((string) new MapObject([ - new MapItem( - new TextStringObject('key'), - new TextStringObject('value') - ), - ])) // credentialPublicKey - ), - 'signature' => Base64UrlSafe::encode(new TextStringObject('00000100000001000000010000000100000001000000010000000100000001')), - 'userHandle' => base64_encode($user->getAuthIdentifier()), - ], - ]; - - $this->expectException(\InvalidArgumentException::class); - $result = Webauthn::validateAssertion($user, $data); - - $this->assertTrue($result); // Not yet ... - } - /** * @test */ @@ -194,7 +134,7 @@ private function getAttestationData($publicKey) new TextStringObject('authData'), new TextStringObject( hash('sha256', 'localhost', true). // rp_id_hash - pack('C', 65). // flags + pack('C', AuthenticatorData::FLAG_AT | AuthenticatorData::FLAG_UP). // flags pack('N', 1). // signCount '0000000000000000'. // aaguid pack('n', 1).'0'. // credentialLength