Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Webauthn Badge support #693

Open
wants to merge 1 commit into
base: 5.2.x
Choose a base branch
from
Open

Add Webauthn Badge support #693

wants to merge 1 commit into from

Conversation

Spomky
Copy link
Contributor

@Spomky Spomky commented Feb 15, 2025
edited
Loading

Target branch: 5.2.x

  • It is a Bug fix
  • It is a New feature
  • Breaks BC
  • Includes Deprecations

Introduce WebauthnBadge, WebauthnPassport, and WebauthnAuthenticator implementations to enable Badge-based authentication.

Example of usage:

<?php

declare(strict_types=1);

namespace App\Security;

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\CsrfTokenBadge;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\RememberMeBadge;
use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
use Symfony\Component\Security\Http\Util\TargetPathTrait;
use Webauthn\Bundle\Security\Authentication\WebauthnPassport;
use Webauthn\Bundle\Security\Authentication\WebauthnBadge;
use Webauthn\Bundle\Security\Authentication\WebauthnAuthenticator as BaseWebauthnAuthenticator;

final class WebauthnAuthenticator extends BaseWebauthnAuthenticator
{
    use TargetPathTrait;

    public const string LOGIN_ROUTE = 'app_login';

    public function __construct(
        private readonly UrlGeneratorInterface $urlGenerator,
    ) {
    }

    public function authenticate(Request $request): Passport
    {
        return new WebauthnPassport(
            new WebauthnBadge(
                $request->getHost(),
                $request->request->get('response', '')
            ),
            [
                new CsrfTokenBadge('authenticate', $request->request->get('_csrf_token')),
                new RememberMeBadge()
            ]
        );
    }

    protected function getLoginUrl(Request $request): string
    {
        return $this->urlGenerator->generate(self::LOGIN_ROUTE);
    }
}

@Spomky Spomky added the enhancement New feature or request label Feb 15, 2025
@Spomky Spomky self-assigned this Feb 15, 2025
This was linked to issues Feb 15, 2025
Passport and Badges #460
Open
CSRF Support #616
Open
@Spomky Spomky added this to the 5.2.0 milestone Feb 15, 2025
@Spomky Spomky changed the title Add Webauthn authentication support Add Webauthn Badge support Feb 15, 2025
@Spomky Spomky linked an issue Feb 16, 2025 that may be closed by this pull request
[Stimulus/Symfony UX] Allow a remember-me checkbox at login (or document it, if it already works somehow) #673
Open
@Spomky Spomky force-pushed the features/badges branch 2 times, most recently from c6a3ef0 to ac6749c Compare March 7, 2025 18:28
@mergify mergify bot added the conflict label Mar 7, 2025
@Spomky Spomky force-pushed the features/badges branch from ac6749c to dcb965e Compare March 7, 2025 18:43
@mergify mergify bot removed the conflict label Mar 7, 2025
@Spomky
Refactor Symfony tests and introduce Webauthn authentication
b6f6fdf 
Reorganized Symfony test configurations by splitting `config.yml` into modular files (`common.yml`, `badges.yml`, and `legacy_authenticator.yml`). Implemented a Webauthn authentication system with related classes (`WebauthnAuthenticator`, `WebauthnBadge`, etc.) and adapted test cases to utilize the new structure.
@Spomky Spomky force-pushed the features/badges branch from dcb965e to b6f6fdf Compare March 8, 2025 12:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@Spomky Spomky

Labels
enhancement New feature or request
Projects
None yet
Milestone
5.2.0
1 participant
@Spomky