Skip to content

Commit

Permalink
feat: remove deprecated AndroidSafetynet (#489)
Browse files Browse the repository at this point in the history
  • Loading branch information
asbiin authored Jul 21, 2024
1 parent 3b9dfa3 commit bb5070b
Show file tree
Hide file tree
Showing 19 changed files with 20 additions and 68 deletions.
12 changes: 0 additions & 12 deletions config/webauthn.php
Original file line number Diff line number Diff line change
Expand Up @@ -216,18 +216,6 @@

'attestation_conveyance' => 'none',

/*
|--------------------------------------------------------------------------
| Google Safetynet ApiKey
|--------------------------------------------------------------------------
|
| Api key to use Google Safetynet.
| See https://developer.android.com/training/safetynet/attestation
|
*/

'google_safetynet_api_key' => env('GOOGLE_SAFETYNET_API_KEY'),

/*
|--------------------------------------------------------------------------
| Webauthn Public Key Credential Parameters
Expand Down
3 changes: 1 addition & 2 deletions src/Actions/AttemptToAuthenticate.php
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,7 @@ class AttemptToAuthenticate
public function __construct(
protected StatefulGuard $guard,
protected LoginRateLimiter $limiter
) {
}
) {}

/**
* Handle the incoming request.
Expand Down
3 changes: 1 addition & 2 deletions src/Actions/EnsureLoginIsNotThrottled.php
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,7 @@ class EnsureLoginIsNotThrottled
*/
public function __construct(
protected LoginRateLimiter $limiter
) {
}
) {}

/**
* Handle the incoming request.
Expand Down
3 changes: 1 addition & 2 deletions src/Actions/LoginUserRetrieval.php
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,7 @@ class LoginUserRetrieval
*/
public function __construct(
protected LoginRateLimiter $limiter
) {
}
) {}

/**
* Handle the incoming request.
Expand Down
3 changes: 1 addition & 2 deletions src/Actions/PrepareAuthenticatedSession.php
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,7 @@ class PrepareAuthenticatedSession
*/
public function __construct(
protected LoginRateLimiter $limiter
) {
}
) {}

/**
* Handle the incoming request.
Expand Down
3 changes: 1 addition & 2 deletions src/Events/WebauthnLogin.php
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,5 @@ class WebauthnLogin
public function __construct(
public User $user,
public bool $eloquent = false
) {
}
) {}
}
3 changes: 1 addition & 2 deletions src/Events/WebauthnLoginData.php
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,5 @@ class WebauthnLoginData
public function __construct(
public User $user,
public PublicKeyCredentialRequestOptions $publicKey
) {
}
) {}
}
3 changes: 1 addition & 2 deletions src/Events/WebauthnRegister.php
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,5 @@ class WebauthnRegister
*/
public function __construct(
public Model $webauthnKey
) {
}
) {}
}
3 changes: 1 addition & 2 deletions src/Events/WebauthnRegisterData.php
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,5 @@ class WebauthnRegisterData
public function __construct(
public User $user,
public PublicKeyCredentialCreationOptions $publicKey
) {
}
) {}
}
3 changes: 1 addition & 2 deletions src/Events/WebauthnRegisterFailed.php
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,5 @@ class WebauthnRegisterFailed
public function __construct(
public User $user,
public ?Exception $exception = null
) {
}
) {}
}
4 changes: 1 addition & 3 deletions src/Exceptions/ResponseMismatchException.php
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,4 @@
/**
* Exception thrown if the response type is wrong.
*/
class ResponseMismatchException extends RuntimeException
{
}
class ResponseMismatchException extends RuntimeException {}
4 changes: 1 addition & 3 deletions src/Exceptions/WrongUserHandleException.php
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,4 @@
/**
* Exception thrown if the user handle is wrong.
*/
class WrongUserHandleException extends RuntimeException
{
}
class WrongUserHandleException extends RuntimeException {}
3 changes: 1 addition & 2 deletions src/Http/Middleware/WebauthnMiddleware.php
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,7 @@ class WebauthnMiddleware
*/
public function __construct(
protected AuthFactory $auth
) {
}
) {}

/**
* Handle an incoming request.
Expand Down
3 changes: 1 addition & 2 deletions src/Http/Responses/LockoutResponse.php
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,7 @@ class LockoutResponse implements LockoutResponseContract
*/
public function __construct(
protected LoginRateLimiter $limiter
) {
}
) {}

/**
* Create an HTTP response that represents the object.
Expand Down
4 changes: 2 additions & 2 deletions src/Models/Casts/TrustPath.php
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
namespace LaravelWebauthn\Models\Casts;

use Illuminate\Contracts\Database\Eloquent\CastsAttributes;
use Symfony\Component\Serializer\SerializerInterface;
use Webauthn\TrustPath\TrustPath as TrustPathLib;
use Webauthn\TrustPath\TrustPathLoader;

/**
* @implements CastsAttributes<TrustPathLib,string>
Expand All @@ -19,7 +19,7 @@ class TrustPath implements CastsAttributes
*/
public function get($model, string $key, $value, array $attributes): ?TrustPathLib
{
return $value !== null ? TrustPathLoader::loadTrustPath(json_decode($value, true, flags: JSON_THROW_ON_ERROR)) : null;
return $value !== null ? app(SerializerInterface::class)->deserialize($value, TrustPathLib::class, 'json') : null;
}

/**
Expand Down
3 changes: 1 addition & 2 deletions src/Services/LoginRateLimiter.php
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,7 @@ class LoginRateLimiter
*/
public function __construct(
protected RateLimiter $limiter
) {
}
) {}

/**
* Get the number of attempts for the given key.
Expand Down
3 changes: 1 addition & 2 deletions src/Services/Webauthn/CredentialValidator.php
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,7 @@ abstract class CredentialValidator
public function __construct(
protected Request $request,
protected Cache $cache
) {
}
) {}

/**
* Returns the cache key to remember the challenge for the user.
Expand Down
21 changes: 2 additions & 19 deletions src/WebauthnServiceProvider.php
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,6 @@
use Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory;
use Symfony\Component\Serializer\SerializerInterface;
use Webauthn\AttestationStatement\AndroidKeyAttestationStatementSupport;
use Webauthn\AttestationStatement\AndroidSafetyNetAttestationStatementSupport;
use Webauthn\AttestationStatement\AppleAttestationStatementSupport;
use Webauthn\AttestationStatement\AttestationObjectLoader;
use Webauthn\AttestationStatement\AttestationStatementSupportManager;
Expand Down Expand Up @@ -130,15 +129,6 @@ protected function bindWebAuthnPackage(): void
$app[CoseAlgorithmManager::class]
)
);
$this->app->bind(
AndroidSafetyNetAttestationStatementSupport::class,
fn ($app) => (new AndroidSafetyNetAttestationStatementSupport())
->enableApiVerification(
$app[ClientInterface::class],
$app['config']->get('webauthn.google_safetynet_api_key'),
$app[RequestFactoryInterface::class]
)
);
$this->app->bind(
AttestationStatementSupportManager::class,
fn ($app) => tap(new AttestationStatementSupportManager(), function ($manager) use ($app) {
Expand All @@ -157,11 +147,6 @@ protected function bindWebAuthnPackage(): void
// https://www.w3.org/TR/webauthn/#sctn-packed-attestation
$manager->add($app[PackedAttestationStatementSupport::class]);

// https://www.w3.org/TR/webauthn/#sctn-android-safetynet-attestation
if ($app['config']->get('webauthn.google_safetynet_api_key') !== null) {
$manager->add($app[AndroidSafetyNetAttestationStatementSupport::class]);
}

// https://www.w3.org/TR/webauthn/#sctn-apple-anonymous-attestation
$manager->add($app[AppleAttestationStatementSupport::class]);
})
Expand All @@ -182,10 +167,8 @@ protected function bindWebAuthnPackage(): void
$this->app->bind(
AuthenticatorAttestationResponseValidator::class,
fn ($app) => tap(new AuthenticatorAttestationResponseValidator(
$app[AttestationStatementSupportManager::class],
null,
null,
$app[ExtensionOutputCheckerHandler::class]
attestationStatementSupportManager: $app[AttestationStatementSupportManager::class],
extensionOutputCheckerHandler: $app[ExtensionOutputCheckerHandler::class]
), fn (AuthenticatorAttestationResponseValidator $responseValidator) => $responseValidator->setLogger($app['webauthn.log'])
)
);
Expand Down
4 changes: 1 addition & 3 deletions tests/Unit/Services/WebauthnTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -289,6 +289,4 @@ public function it_creates_model_anyway()
}
}

class WebauthnKeyTest extends WebauthnKey
{
}
class WebauthnKeyTest extends WebauthnKey {}

0 comments on commit bb5070b

Please sign in to comment.