From 7673d1b4aea9adf767af36a2cf418b7ad9091382 Mon Sep 17 00:00:00 2001
From: phpipam <miha.petkovsek@telemach.si>
Date: Wed, 13 Dec 2023 14:55:34 +0100
Subject: [PATCH] Fixed invalid RP

---
 app/login/passkey_login_check.php    |  3 +--
 app/tools/user-menu/passkey_save.php |  6 ++---
 app/tools/user-menu/passkeys.php     | 37 +++++-----------------------
 3 files changed, 10 insertions(+), 36 deletions(-)

diff --git a/app/login/passkey_login_check.php b/app/login/passkey_login_check.php
index af58b038..c955cfbb 100644
--- a/app/login/passkey_login_check.php
+++ b/app/login/passkey_login_check.php
@@ -36,7 +36,6 @@ use Firehed\WebAuthn\{
 $json = file_get_contents('php://input');
 $data = json_decode($json, true);
 
-
 // parser
 $parser = new ResponseParser();
 $getResponse = $parser->parseGetResponse($data);
@@ -47,7 +46,7 @@ $getResponse = $parser->parseGetResponse($data);
 // die();
 
 // Set relaying party
-$rp = new \Firehed\WebAuthn\SingleOriginRelyingParty('https://ipam-dc.ugbb.net');
+$rp = new \Firehed\WebAuthn\SingleOriginRelyingParty($User->createURL ());
 // challange manager
 $challengeManager = new \Firehed\WebAuthn\SessionChallengeManager();
 
diff --git a/app/tools/user-menu/passkey_save.php b/app/tools/user-menu/passkey_save.php
index 3c15ed54..0be8bbc6 100644
--- a/app/tools/user-menu/passkey_save.php
+++ b/app/tools/user-menu/passkey_save.php
@@ -27,7 +27,7 @@ use Firehed\WebAuthn\{
     RelyingParty,
     SessionChallengeManager,
     SingleOriginRelyingParty,
-    ResponseParser
+    JsonResponseParser
 };
 
 # process request
@@ -35,14 +35,14 @@ $json = file_get_contents('php://input');
 $data = json_decode($json, true);
 
 // parser
-$parser = new ResponseParser();
+$parser = new JsonResponseParser();
 $createResponse = $parser->parseCreateResponse($data);
 
 // escape keyId
 $data['keyId'] =  $User->strip_input_tags ($data['keyId']);
 
 // Relaying party
-$rp = new \Firehed\WebAuthn\SingleOriginRelyingParty('https://ipam-dc.ugbb.net');
+$rp = new \Firehed\WebAuthn\SingleOriginRelyingParty($User->createURL ());
 // challange manager
 $challengeManager = new \Firehed\WebAuthn\SessionChallengeManager();
 
diff --git a/app/tools/user-menu/passkeys.php b/app/tools/user-menu/passkeys.php
index 82709412..240fd5cf 100644
--- a/app/tools/user-menu/passkeys.php
+++ b/app/tools/user-menu/passkeys.php
@@ -119,7 +119,7 @@ const startRegister = async (e) => {
 	    const createOptions = {
 	        publicKey: {
 	            rp: {
-	                name: 'https://ipam-dc.ugbb.net',
+	                name: '<?php print $User->createURL (); ?>',
 	            },
 	            user: {
 	                name: "<?php print $User->user->username; ?>",
@@ -133,10 +133,10 @@ const startRegister = async (e) => {
 	                    alg: -7, // ES256
 	                    type: "public-key",
 	                },
-				    // {
-				    // 	alg: -257, // Value registered by this specification for "RS256"
-				    // 	type: "public-key",
-				    // }
+				    {
+				    	alg: -257, // Value registered by this specification for "RS256"
+				    	type: "public-key",
+				    }
 	            ]
 	        },
 	        attestation: 'direct',
@@ -145,7 +145,7 @@ const startRegister = async (e) => {
 	    // Call the WebAuthn browser API and get the response. This may throw, which you
 	    // should handle. Example: user cancels or never interacts with the device.
 	    const credential = await navigator.credentials.create(createOptions)
-        // console.log(credential)
+        console.log(Array.from(new Uint8Array(credential.rawId)))
 
 	    // Format the credential to send to the server. This must match the format
 	    // handed by the ResponseParser class. The formatting code below can be used
@@ -195,31 +195,6 @@ const startRegister = async (e) => {
     			$('.jqueryErrorText').html(jqxhr.statusText+"<br>Status: "+textStatus+"<br>Error: "+errorThrown).show();
     			$('div.loading').hide();
     		});
-
-			/* this functions saves popup result */
-			/* --------------------------------- */
-			// function submit_popup_data (result_div, target_script, post_data, reload) {
-			//     // show spinner
-			//     showSpinner();
-			//     // set reload
-			//     reload = typeof reload !== 'undefined' ? reload : true;
-			//     // post
-			//     $.post(target_script, post_data, function(data) {
-			//         $('div'+result_div).html(data).slideDown('fast');
-			//         //reload after 2 seconds if succeeded!
-			//         if(reload) {
-			//             if(data.search("alert-danger")==-1 && data.search("error")==-1 && data.search("alert-warning")==-1 )    { setTimeout(function (){window.location.reload();}, 1500); }
-			//             else                                                                                                    { hideSpinner(); }
-			//         }
-			//         else {
-			//             hideSpinner();
-			//         }
-			//     }).fail(function(jqxhr, textStatus, errorThrown) { showError(jqxhr.statusText + "<br>Status: " + textStatus + "<br>Error: "+errorThrown); });
-			//     // prevent reload
-			//     return false;
-			// }
-
-
         }
         else {
             $('#loginCheckPasskeys').html("<div class='alert alert-danger'>Failed to register new passkey.</div>");
-- 
GitLab