add fido2 platform internal authentication

master
FreddleSpl0it 2022-01-14 20:54:45 +01:00 committed by FreddleSpl0it
parent 3d250bfa49
commit 9c596691d2
No known key found for this signature in database
GPG Key ID: 38F5FCC689C181F9
1 changed files with 1 additions and 3 deletions

View File

@ -437,7 +437,7 @@ if (isset($_GET['query'])) {
if (isset($_SESSION["mailcow_cc_role"])) { if (isset($_SESSION["mailcow_cc_role"])) {
// Exclude existing CredentialIds, if any // Exclude existing CredentialIds, if any
$excludeCredentialIds = fido2(array("action" => "get_user_cids")); $excludeCredentialIds = fido2(array("action" => "get_user_cids"));
$createArgs = $WebAuthn->getCreateArgs($_SESSION["mailcow_cc_username"], $_SESSION["mailcow_cc_username"], $_SESSION["mailcow_cc_username"], 30, true, $GLOBALS['FIDO2_UV_FLAG_REGISTER'], $excludeCredentialIds); $createArgs = $WebAuthn->getCreateArgs($_SESSION["mailcow_cc_username"], $_SESSION["mailcow_cc_username"], $_SESSION["mailcow_cc_username"], 30, true, $GLOBALS['FIDO2_UV_FLAG_REGISTER'], null, $excludeCredentialIds);
print(json_encode($createArgs)); print(json_encode($createArgs));
$_SESSION['challenge'] = $WebAuthn->getChallenge(); $_SESSION['challenge'] = $WebAuthn->getChallenge();
return; return;
@ -465,8 +465,6 @@ if (isset($_GET['query'])) {
// webauthn two factor authentication // webauthn two factor authentication
case "webauthn-tfa-registration": case "webauthn-tfa-registration":
if (isset($_SESSION["mailcow_cc_role"])) { if (isset($_SESSION["mailcow_cc_role"])) {
$excludeCredentialIds = null;
// getCreateArgs($userId, $userName, $userDisplayName, $timeout=20, $requireResidentKey=false, $requireUserVerification=false, $crossPlatformAttachment=null, $excludeCredentialIds=array()) // getCreateArgs($userId, $userName, $userDisplayName, $timeout=20, $requireResidentKey=false, $requireUserVerification=false, $crossPlatformAttachment=null, $excludeCredentialIds=array())
// cross-platform: true, if type internal is not allowed // cross-platform: true, if type internal is not allowed
// false, if only internal is allowed // false, if only internal is allowed