use serializer

fiste788 · Sep 17, 2024 · ed9d05e · ed9d05e
1 parent d182633
commit ed9d05e
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 18 deletions.
diff --git a/src/Model/Entity/PublicKeyCredentialSource.php b/src/Model/Entity/PublicKeyCredentialSource.php
@@ -5,10 +5,14 @@
 namespace App\Model\Entity;
 
 use Cake\ORM\Entity;
+use ParagonIE\ConstantTime\Base64UrlSafe;
+use Symfony\Component\Serializer\SerializerInterface;
 use Symfony\Component\Uid\Uuid;
 use Webauthn\Denormalizer\PublicKeyCredentialSourceDenormalizer;
 use Webauthn\Denormalizer\TrustPathDenormalizer;
+use Webauthn\Denormalizer\WebauthnSerializerFactory;
 use Webauthn\PublicKeyCredentialSource as WebauthnPublicKeyCredentialSource;
+use Webauthn\TrustPath\TrustPath;
 
 /**
  * PublicKeyCredentialSource Entity
@@ -77,10 +81,9 @@ class PublicKeyCredentialSource extends Entity
      * @return \Webauthn\PublicKeyCredentialSource
      * @throws \InvalidArgumentException
      */
-    public function toCredentialSource(): WebauthnPublicKeyCredentialSource
+    public function toCredentialSource(SerializerInterface $serializer): WebauthnPublicKeyCredentialSource
     {
-        $denormalizer = new PublicKeyCredentialSourceDenormalizer();
-        return $denormalizer->denormalize([
+        return $serializer->deserialize([
             'publicKeyCredentialId' => $this->public_key_credential_id,
             'type' => $this->type,
             'transports' => $this->transports,
@@ -90,7 +93,7 @@ public function toCredentialSource(): WebauthnPublicKeyCredentialSource
             'credentialPublicKey' => $this->credential_public_key,
             'userHandle' => $this->user_handle,
             'counter' => $this->counter
-        ], WebauthnPublicKeyCredentialSource::class);
+        ], WebauthnPublicKeyCredentialSource::class, 'json');
     }
 
     /**
@@ -99,19 +102,17 @@ public function toCredentialSource(): WebauthnPublicKeyCredentialSource
      * @param \Webauthn\PublicKeyCredentialSource $credentialSource Credential source
      * @return $this
      */
-    public function fromCredentialSource(WebauthnPublicKeyCredentialSource $credentialSource)
+    public function fromCredentialSource(SerializerInterface $serializer, WebauthnPublicKeyCredentialSource $credentialSource)
     {
-        $denormalizer = new PublicKeyCredentialSourceDenormalizer();
-        $data = $denormalizer->normalize($credentialSource);
-        $this->public_key_credential_id = $data['publicKeyCredentialId'];
-        $this->type = $data['type'];
-        $this->transports = $data['transports'];
-        $this->attestation_type = $data['attestationType'];
-        $this->trust_path = $data['trustPath'];
-        $this->aaguid = $data['aaguid'];
-        $this->credential_public_key = $data['credentialPublicKey'];
-        $this->user_handle = $data['userHandle'];
-        $this->counter = $data['counter'];
+        $this->public_key_credential_id = $credentialSource->publicKeyCredentialId;
+        $this->type = $credentialSource->type;
+        $this->transports = $credentialSource->transports;
+        $this->attestation_type = $credentialSource->attestationType;
+        $this->trust_path = $serializer->serialize($credentialSource->trustPath, TrustPath::class);
+        $this->aaguid =  $credentialSource->aaguid->toRfc4122();
+        $this->credential_public_key = Base64UrlSafe::encodeUnpadded($credentialSource->credentialPublicKey);
+        $this->user_handle = Base64UrlSafe::encodeUnpadded($credentialSource->userHandle);;
+        $this->counter = $credentialSource->counter;
 
         return $this;
     }

diff --git a/src/Service/WebauthnService.php b/src/Service/WebauthnService.php
@@ -310,7 +310,7 @@ public function signin(
 
         // Check the response against the attestation request
         $response = $this->authenticatorAssertionResponseValidator->check(
-            $credential->toCredentialSource(),
+            $credential->toCredentialSource($this->serializer),
             $authenticatorAssertionResponse,
             $publicKeyCredentialRequestOptions,
             (string)Configure::read('Webauthn.id', 'fantamanajer.it'),
@@ -431,7 +431,7 @@ public function registerResponse(ServerRequestInterface $request): ?EntityPublic
         /** @var \App\Model\Table\PublicKeyCredentialSourcesTable $publicKeyCredentialSourcesTable */
         $publicKeyCredentialSourcesTable = $this->fetchTable('PublicKeyCredentialSources');
         $credential = $publicKeyCredentialSourcesTable->newEmptyEntity();
-        $credential->fromCredentialSource($credentialSource);
+        $credential->fromCredentialSource($this->serializer, $credentialSource);
         $credential->id = Uuid::v4()->toRfc4122();
         $this->updateUserAgent($credential, $request->getHeaderLine('User-Agent'));