diff --git a/.github/workflows/integrate.yml b/.github/workflows/integrate.yml index 2e86a2dbf..4a8ca1fa6 100644 --- a/.github/workflows/integrate.yml +++ b/.github/workflows/integrate.yml @@ -56,7 +56,6 @@ jobs: operating-system: - "ubuntu-latest" php-version: - - "8.1" - "8.2" - "8.3" dependencies: diff --git a/composer.json b/composer.json index 1c50aa4d2..7d8bdea1e 100644 --- a/composer.json +++ b/composer.json @@ -42,12 +42,10 @@ } }, "require": { - "php": ">=8.1", + "php": ">=8.2", "ext-json": "*", "ext-mbstring": "*", "ext-openssl": "*", - "lcobucci/clock": "^2.2|^3.0", - "nyholm/psr7": "^1.5", "paragonie/constant_time_encoding": "^2.6", "psr/clock": "^1.0", "psr/event-dispatcher": "^1.0", @@ -56,20 +54,20 @@ "psr/log": "^1.0|^2.0|^3.0", "spomky-labs/cbor-php": "^3.0", "spomky-labs/pki-framework": "^1.0", - "symfony/config": "^6.1", - "symfony/dependency-injection": "^6.1", + "symfony/config": "^6.4|^7.0", + "symfony/clock": "^6.4|^7.0", + "symfony/dependency-injection": "^6.4|^7.0", "symfony/deprecation-contracts": "^3.2", - "symfony/framework-bundle": "^6.1", - "symfony/http-client": "^6.1", - "symfony/psr-http-message-bridge": "^2.1", - "symfony/security-bundle": "^6.1", - "symfony/security-core": "^6.1", - "symfony/security-http": "^6.1", - "symfony/serializer": "^6.1", - "symfony/uid": "^6.1", - "symfony/validator": "^6.1", + "symfony/framework-bundle": "^6.4|^7.0", + "symfony/http-client": "^6.4|^7.0", + "symfony/security-bundle": "^6.4|^7.0", + "symfony/security-core": "^6.4|^7.0", + "symfony/security-http": "^6.4|^7.0", + "symfony/serializer": "^6.4|^7.0", + "symfony/uid": "^6.4|^7.0", + "symfony/validator": "^6.4|^7.0", "web-auth/cose-lib": "^4.2.3", - "web-token/jwt-signature": "^3.1" + "web-token/jwt-signature": "^3.2.8" }, "replace": { "web-auth/webauthn-lib": "self.version", @@ -86,7 +84,7 @@ } }, "suggest": { - "psr/clock-implementation": "As of 4.5.x, the PSR Clock implementation will replace lcobucci/clock", + "psr/clock-implementation": "For datetime dependency injection", "psr/log-implementation": "Recommended to receive logs from the library", "symfony/security-bundle": "Symfony firewall using a JSON API (perfect for script applications)", "web-token/jwt-key-mgmt": "Mandatory for fetching Metadata Statement from distant sources", @@ -96,11 +94,13 @@ }, "require-dev": { "doctrine/dbal": "^3.4", - "doctrine/doctrine-bundle": "^2.7", - "doctrine/orm": "^2.13", + "doctrine/doctrine-bundle": "^2.8", + "doctrine/orm": "^2.14", + "doctrine/persistence": "^3.1", "ekino/phpstan-banned-code": "^1.0", "infection/infection": "^0.27", "matthiasnoback/symfony-dependency-injection-test": "^4.3|^5.0", + "nyholm/psr7": "^1.8", "php-http/curl-client": "^2.2", "php-http/mock-client": "^1.5", "php-parallel-lint/php-parallel-lint": "^1.3", @@ -114,25 +114,26 @@ "qossmic/deptrac-shim": "^1.0", "rector/rector": "^0.18", "roave/security-advisories": "dev-latest", - "symfony/asset": "^6.3", - "symfony/asset-mapper": "^6.3", - "symfony/browser-kit": "^6.1", - "symfony/filesystem": "^6.1", - "symfony/finder": "^6.1", + "symfony/asset": "^6.4|^7.0", + "symfony/asset-mapper": "^6.4|^7.0", + "symfony/browser-kit": "^6.4|^7.0", + "symfony/filesystem": "^6.4|^7.0", + "symfony/finder": "^6.4|^7.0", "symfony/monolog-bundle": "^3.8", - "symfony/phpunit-bridge": "^6.3", - "symfony/var-dumper": "^6.1", - "symfony/yaml": "^6.1", + "symfony/phpunit-bridge": "^6.4|^7.0", + "symfony/var-dumper": "^6.4|^7.0", + "symfony/yaml": "^6.4|^7.0", "symplify/easy-coding-standard": "^12.0", "web-token/jwt-key-mgmt": "^3.1", - "web-token/jwt-signature-algorithm-ecdsa": "^3.1", - "web-token/jwt-signature-algorithm-eddsa": "^3.1", - "web-token/jwt-signature-algorithm-rsa": "^3.1" + "web-token/jwt-signature-algorithm-ecdsa": "^3.2.8", + "web-token/jwt-signature-algorithm-eddsa": "^3.2.8", + "web-token/jwt-signature-algorithm-rsa": "^3.2.8" }, "extra": { "thanks": { "name": "web-auth/webauthn-framework", "url": "https://github.com/web-auth/webauthn-framework" } - } + }, + "minimum-stability": "beta" } diff --git a/phpstan-baseline.neon b/phpstan-baseline.neon index af345b0ab..30e64d958 100644 --- a/phpstan-baseline.neon +++ b/phpstan-baseline.neon @@ -1,27 +1,22 @@ parameters: ignoreErrors: - - - message: "#^Parameter \\#1 \\$string of function trim expects string, string\\|null given\\.$#" - count: 1 - path: src/metadata-service/src/CertificateChain/CertificateToolbox.php - - message: "#^Parameter \\#2 \\$array of function array_map expects array, iterable\\ given\\.$#" count: 1 path: src/metadata-service/src/CertificateChain/CertificateToolbox.php - - message: "#^Parameter \\#3 \\$subject of function preg_replace expects array\\|string, string\\|null given\\.$#" + message: "#^Access to an undefined property Webauthn\\\\MetadataService\\\\CertificateChain\\\\PhpCertificateChainValidator\\:\\:\\$requestFactory\\.$#" count: 1 - path: src/metadata-service/src/CertificateChain/CertificateToolbox.php + path: src/metadata-service/src/CertificateChain/PhpCertificateChainValidator.php - - message: "#^Call to an undefined method Psr\\\\Http\\\\Client\\\\ClientInterface\\|Symfony\\\\Contracts\\\\HttpClient\\\\HttpClientInterface\\:\\:sendRequest\\(\\)\\.$#" + message: "#^Call to an undefined method Symfony\\\\Contracts\\\\HttpClient\\\\HttpClientInterface\\:\\:sendRequest\\(\\)\\.$#" count: 1 path: src/metadata-service/src/CertificateChain/PhpCertificateChainValidator.php - - message: "#^Cannot call method createRequest\\(\\) on Psr\\\\Http\\\\Message\\\\RequestFactoryInterface\\|null\\.$#" + message: "#^Instanceof between Symfony\\\\Contracts\\\\HttpClient\\\\HttpClientInterface and Symfony\\\\Contracts\\\\HttpClient\\\\HttpClientInterface will always evaluate to true\\.$#" count: 1 path: src/metadata-service/src/CertificateChain/PhpCertificateChainValidator.php @@ -51,86 +46,32 @@ parameters: path: src/metadata-service/src/Denormalizer/ExtensionDescriptorDenormalizer.php - - message: "#^Call to an undefined method Psr\\\\Http\\\\Client\\\\ClientInterface\\|Symfony\\\\Contracts\\\\HttpClient\\\\HttpClientInterface\\:\\:request\\(\\)\\.$#" - count: 1 - path: src/metadata-service/src/Service/DistantResourceMetadataService.php - - - - message: "#^Call to an undefined method Psr\\\\Http\\\\Client\\\\ClientInterface\\|Symfony\\\\Contracts\\\\HttpClient\\\\HttpClientInterface\\:\\:sendRequest\\(\\)\\.$#" - count: 1 - path: src/metadata-service/src/Service/DistantResourceMetadataService.php - - - - message: """ - #^Call to deprecated method createFromString\\(\\) of class Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\: - since 4\\.7\\.0\\. Please use the symfony/serializer for converting the object\\.$# - """ + message: "#^Strict comparison using \\=\\=\\= between Symfony\\\\Component\\\\Serializer\\\\Normalizer\\\\DenormalizerInterface and null will always evaluate to false\\.$#" count: 1 - path: src/metadata-service/src/Service/DistantResourceMetadataService.php + path: src/metadata-service/src/Denormalizer/ExtensionDescriptorDenormalizer.php - - message: "#^Cannot call method createRequest\\(\\) on Psr\\\\Http\\\\Message\\\\RequestFactoryInterface\\|null\\.$#" + message: "#^Parameter \\#4 \\$additionalHeaderParameters of class Webauthn\\\\MetadataService\\\\Service\\\\DistantResourceMetadataService constructor expects array\\, array\\ given\\.$#" count: 1 path: src/metadata-service/src/Service/DistantResourceMetadataService.php - - message: "#^Parameter \\#5 \\$additionalHeaderParameters of class Webauthn\\\\MetadataService\\\\Service\\\\DistantResourceMetadataService constructor expects array\\, array\\ given\\.$#" + message: "#^Property Webauthn\\\\MetadataService\\\\Service\\\\DistantResourceMetadataService\\:\\:\\$serializer \\(Symfony\\\\Component\\\\Serializer\\\\SerializerInterface\\) does not accept Symfony\\\\Component\\\\Serializer\\\\SerializerInterface\\|null\\.$#" count: 1 path: src/metadata-service/src/Service/DistantResourceMetadataService.php - - message: "#^Argument of an invalid type mixed supplied for foreach, only iterables are supported\\.$#" - count: 1 - path: src/metadata-service/src/Service/FidoAllianceCompliantMetadataService.php - - - - message: "#^Call to an undefined method Psr\\\\Http\\\\Client\\\\ClientInterface\\|Symfony\\\\Contracts\\\\HttpClient\\\\HttpClientInterface\\:\\:request\\(\\)\\.$#" - count: 1 - path: src/metadata-service/src/Service/FidoAllianceCompliantMetadataService.php - - - - message: "#^Call to an undefined method Psr\\\\Http\\\\Client\\\\ClientInterface\\|Symfony\\\\Contracts\\\\HttpClient\\\\HttpClientInterface\\:\\:sendRequest\\(\\)\\.$#" - count: 1 - path: src/metadata-service/src/Service/FidoAllianceCompliantMetadataService.php - - - - message: """ - #^Call to deprecated method createFromArray\\(\\) of class Webauthn\\\\MetadataService\\\\Service\\\\MetadataBLOBPayloadEntry\\: - since 4\\.7\\.0\\. Please use the symfony/serializer for converting the object\\.$# - """ - count: 1 - path: src/metadata-service/src/Service/FidoAllianceCompliantMetadataService.php - - - - message: "#^Cannot access offset 'entries' on mixed\\.$#" - count: 1 - path: src/metadata-service/src/Service/FidoAllianceCompliantMetadataService.php - - - - message: "#^Cannot call method createRequest\\(\\) on Psr\\\\Http\\\\Message\\\\RequestFactoryInterface\\|null\\.$#" - count: 1 - path: src/metadata-service/src/Service/FidoAllianceCompliantMetadataService.php - - - - message: "#^Parameter \\#1 \\$data of static method Webauthn\\\\MetadataService\\\\Service\\\\MetadataBLOBPayloadEntry\\:\\:createFromArray\\(\\) expects array\\, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Service/FidoAllianceCompliantMetadataService.php - - - - message: "#^Parameter \\#2 \\$headerParameters of method Webauthn\\\\MetadataService\\\\Service\\\\FidoAllianceCompliantMetadataService\\:\\:sendPsrRequest\\(\\) expects array\\, array\\ given\\.$#" + message: "#^Parameter \\#2 \\$headerParameters of method Webauthn\\\\MetadataService\\\\Service\\\\FidoAllianceCompliantMetadataService\\:\\:sendSymfonyRequest\\(\\) expects array\\, array\\ given\\.$#" count: 1 path: src/metadata-service/src/Service/FidoAllianceCompliantMetadataService.php - - message: "#^Parameter \\#2 \\$headerParameters of method Webauthn\\\\MetadataService\\\\Service\\\\FidoAllianceCompliantMetadataService\\:\\:sendSymfonyRequest\\(\\) expects array\\, array\\ given\\.$#" + message: "#^Property Webauthn\\\\MetadataService\\\\Service\\\\FidoAllianceCompliantMetadataService\\:\\:\\$serializer \\(Symfony\\\\Component\\\\Serializer\\\\SerializerInterface\\) does not accept Symfony\\\\Component\\\\Serializer\\\\SerializerInterface\\|null\\.$#" count: 1 path: src/metadata-service/src/Service/FidoAllianceCompliantMetadataService.php - - message: """ - #^Call to deprecated method createFromString\\(\\) of class Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\: - since 4\\.7\\.0\\. Please use the symfony/serializer for converting the object\\.$# - """ + message: "#^Call to an undefined static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:createFromString\\(\\)\\.$#" count: 1 path: src/metadata-service/src/Service/FolderResourceMetadataService.php @@ -140,18 +81,12 @@ parameters: path: src/metadata-service/src/Service/FolderResourceMetadataService.php - - message: """ - #^Call to deprecated method createFromString\\(\\) of class Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\: - since 4\\.7\\.0\\. Please use the symfony/serializer for converting the object\\.$# - """ + message: "#^Call to an undefined static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:createFromString\\(\\)\\.$#" count: 1 path: src/metadata-service/src/Service/JsonMetadataService.php - - message: """ - #^Call to deprecated method createFromString\\(\\) of class Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\: - since 4\\.7\\.0\\. Please use the symfony/serializer for converting the object\\.$# - """ + message: "#^Call to an undefined static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:createFromString\\(\\)\\.$#" count: 1 path: src/metadata-service/src/Service/LocalResourceMetadataService.php @@ -161,170 +96,15 @@ parameters: path: src/metadata-service/src/Service/LocalResourceMetadataService.php - - message: "#^Parameter \\#1 \\$statement of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:createFromString\\(\\) expects string, string\\|false given\\.$#" - count: 1 - path: src/metadata-service/src/Service/LocalResourceMetadataService.php - - - - message: "#^Parameter \\#1 \\$data of static method Webauthn\\\\MetadataService\\\\Service\\\\MetadataBLOBPayloadEntry\\:\\:createFromArray\\(\\) expects array\\, mixed given\\.$#" + message: "#^Property Webauthn\\\\MetadataService\\\\Service\\\\MetadataBLOBPayload\\:\\:\\$rootCertificates is never read, only written\\.$#" count: 1 path: src/metadata-service/src/Service/MetadataBLOBPayload.php - - - message: "#^Parameter \\#1 \\$callback of function array_map expects \\(callable\\(mixed\\)\\: mixed\\)\\|null, Closure\\(array\\)\\: Webauthn\\\\MetadataService\\\\Statement\\\\StatusReport given\\.$#" - count: 1 - path: src/metadata-service/src/Service/MetadataBLOBPayloadEntry.php - - message: "#^Method Webauthn\\\\MetadataService\\\\Statement\\\\AuthenticatorGetInfo\\:\\:jsonSerialize\\(\\) should return array\\ but returns array\\\\.$#" count: 1 path: src/metadata-service/src/Statement/AuthenticatorGetInfo.php - - - message: "#^Parameter \\#1 \\$selfAttestedFRR of static method Webauthn\\\\MetadataService\\\\Statement\\\\BiometricAccuracyDescriptor\\:\\:create\\(\\) expects float\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/BiometricAccuracyDescriptor.php - - - - message: "#^Parameter \\#2 \\$selfAttestedFAR of static method Webauthn\\\\MetadataService\\\\Statement\\\\BiometricAccuracyDescriptor\\:\\:create\\(\\) expects float\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/BiometricAccuracyDescriptor.php - - - - message: "#^Parameter \\#3 \\$maxTemplates of static method Webauthn\\\\MetadataService\\\\Statement\\\\BiometricAccuracyDescriptor\\:\\:create\\(\\) expects float\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/BiometricAccuracyDescriptor.php - - - - message: "#^Parameter \\#4 \\$maxRetries of static method Webauthn\\\\MetadataService\\\\Statement\\\\BiometricAccuracyDescriptor\\:\\:create\\(\\) expects int\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/BiometricAccuracyDescriptor.php - - - - message: "#^Parameter \\#5 \\$blockSlowdown of static method Webauthn\\\\MetadataService\\\\Statement\\\\BiometricAccuracyDescriptor\\:\\:create\\(\\) expects int\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/BiometricAccuracyDescriptor.php - - - - message: "#^Parameter \\#1 \\$certLevel of static method Webauthn\\\\MetadataService\\\\Statement\\\\BiometricStatusReport\\:\\:create\\(\\) expects int\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/BiometricStatusReport.php - - - - message: "#^Parameter \\#2 \\$modality of static method Webauthn\\\\MetadataService\\\\Statement\\\\BiometricStatusReport\\:\\:create\\(\\) expects int\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/BiometricStatusReport.php - - - - message: "#^Parameter \\#3 \\$effectiveDate of static method Webauthn\\\\MetadataService\\\\Statement\\\\BiometricStatusReport\\:\\:create\\(\\) expects string\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/BiometricStatusReport.php - - - - message: "#^Parameter \\#4 \\$certificationDescriptor of static method Webauthn\\\\MetadataService\\\\Statement\\\\BiometricStatusReport\\:\\:create\\(\\) expects string\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/BiometricStatusReport.php - - - - message: "#^Parameter \\#5 \\$certificateNumber of static method Webauthn\\\\MetadataService\\\\Statement\\\\BiometricStatusReport\\:\\:create\\(\\) expects string\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/BiometricStatusReport.php - - - - message: "#^Parameter \\#6 \\$certificationPolicyVersion of static method Webauthn\\\\MetadataService\\\\Statement\\\\BiometricStatusReport\\:\\:create\\(\\) expects string\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/BiometricStatusReport.php - - - - message: "#^Parameter \\#7 \\$certificationRequirementsVersion of static method Webauthn\\\\MetadataService\\\\Statement\\\\BiometricStatusReport\\:\\:create\\(\\) expects string\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/BiometricStatusReport.php - - - - message: "#^Parameter \\#1 \\$base of static method Webauthn\\\\MetadataService\\\\Statement\\\\CodeAccuracyDescriptor\\:\\:create\\(\\) expects int, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/CodeAccuracyDescriptor.php - - - - message: "#^Parameter \\#2 \\$minLength of static method Webauthn\\\\MetadataService\\\\Statement\\\\CodeAccuracyDescriptor\\:\\:create\\(\\) expects int, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/CodeAccuracyDescriptor.php - - - - message: "#^Parameter \\#3 \\$maxRetries of static method Webauthn\\\\MetadataService\\\\Statement\\\\CodeAccuracyDescriptor\\:\\:create\\(\\) expects int\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/CodeAccuracyDescriptor.php - - - - message: "#^Parameter \\#4 \\$blockSlowdown of static method Webauthn\\\\MetadataService\\\\Statement\\\\CodeAccuracyDescriptor\\:\\:create\\(\\) expects int\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/CodeAccuracyDescriptor.php - - - - message: "#^@readonly property Webauthn\\\\MetadataService\\\\Statement\\\\DisplayPNGCharacteristicsDescriptor\\:\\:\\$plte is assigned outside of the constructor\\.$#" - count: 1 - path: src/metadata-service/src/Statement/DisplayPNGCharacteristicsDescriptor.php - - - - message: "#^Parameter \\#1 \\$callback of function array_map expects \\(callable\\(mixed\\)\\: mixed\\)\\|null, Closure\\(array\\)\\: Webauthn\\\\MetadataService\\\\Statement\\\\RgbPaletteEntry given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/DisplayPNGCharacteristicsDescriptor.php - - - - message: "#^Parameter \\#1 \\$width of static method Webauthn\\\\MetadataService\\\\Statement\\\\DisplayPNGCharacteristicsDescriptor\\:\\:create\\(\\) expects int, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/DisplayPNGCharacteristicsDescriptor.php - - - - message: "#^Parameter \\#2 \\$array of function array_map expects array, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/DisplayPNGCharacteristicsDescriptor.php - - - - message: "#^Parameter \\#2 \\$height of static method Webauthn\\\\MetadataService\\\\Statement\\\\DisplayPNGCharacteristicsDescriptor\\:\\:create\\(\\) expects int, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/DisplayPNGCharacteristicsDescriptor.php - - - - message: "#^Parameter \\#3 \\$bitDepth of static method Webauthn\\\\MetadataService\\\\Statement\\\\DisplayPNGCharacteristicsDescriptor\\:\\:create\\(\\) expects int, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/DisplayPNGCharacteristicsDescriptor.php - - - - message: "#^Parameter \\#4 \\$colorType of static method Webauthn\\\\MetadataService\\\\Statement\\\\DisplayPNGCharacteristicsDescriptor\\:\\:create\\(\\) expects int, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/DisplayPNGCharacteristicsDescriptor.php - - - - message: "#^Parameter \\#5 \\$compression of static method Webauthn\\\\MetadataService\\\\Statement\\\\DisplayPNGCharacteristicsDescriptor\\:\\:create\\(\\) expects int, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/DisplayPNGCharacteristicsDescriptor.php - - - - message: "#^Parameter \\#6 \\$filter of static method Webauthn\\\\MetadataService\\\\Statement\\\\DisplayPNGCharacteristicsDescriptor\\:\\:create\\(\\) expects int, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/DisplayPNGCharacteristicsDescriptor.php - - - - message: "#^Parameter \\#7 \\$interlace of static method Webauthn\\\\MetadataService\\\\Statement\\\\DisplayPNGCharacteristicsDescriptor\\:\\:create\\(\\) expects int, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/DisplayPNGCharacteristicsDescriptor.php - - - - message: "#^Method Webauthn\\\\MetadataService\\\\Statement\\\\EcdaaTrustAnchor\\:\\:jsonSerialize\\(\\) should return array\\ but returns array\\.$#" - count: 1 - path: src/metadata-service/src/Statement/EcdaaTrustAnchor.php - - - - message: "#^Parameter \\#1 \\$encodedString of static method ParagonIE\\\\ConstantTime\\\\Base64\\:\\:decode\\(\\) expects string, mixed given\\.$#" - count: 5 - path: src/metadata-service/src/Statement/EcdaaTrustAnchor.php - - - - message: "#^Parameter \\#6 \\$G1Curve of class Webauthn\\\\MetadataService\\\\Statement\\\\EcdaaTrustAnchor constructor expects string, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/EcdaaTrustAnchor.php - - message: "#^Method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:__construct\\(\\) has parameter \\$tcDisplayPNGCharacteristics with no value type specified in iterable type array\\.$#" count: 1 @@ -360,11 +140,6 @@ parameters: count: 1 path: src/metadata-service/src/Statement/MetadataStatement.php - - - message: "#^Method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) has parameter \\$ecdaaTrustAnchors with no value type specified in iterable type array\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - message: "#^Method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) has parameter \\$keyProtection with no value type specified in iterable type array\\.$#" count: 1 @@ -405,219 +180,16 @@ parameters: count: 1 path: src/metadata-service/src/Statement/MetadataStatement.php - - - message: "#^Method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:getAlternativeDescriptions\\(\\) should return Webauthn\\\\MetadataService\\\\Statement\\\\AlternativeDescriptions but returns Webauthn\\\\MetadataService\\\\Statement\\\\AlternativeDescriptions\\|null\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#1 \\$callback of function array_map expects \\(callable\\(mixed\\)\\: mixed\\)\\|null, Closure\\(array\\)\\: Webauthn\\\\MetadataService\\\\Statement\\\\DisplayPNGCharacteristicsDescriptor given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#1 \\$data of static method Webauthn\\\\MetadataService\\\\CertificateChain\\\\CertificateToolbox\\:\\:fixPEMStructures\\(\\) expects array\\, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#1 \\$data of static method Webauthn\\\\MetadataService\\\\Statement\\\\ExtensionDescriptor\\:\\:createFromArray\\(\\) expects array\\, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#1 \\$data of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:createFromArray\\(\\) expects array\\, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#1 \\$data of static method Webauthn\\\\MetadataService\\\\Statement\\\\VerificationMethodANDCombinations\\:\\:createFromArray\\(\\) expects array\\, array given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#1 \\$data of static method Webauthn\\\\MetadataService\\\\Statement\\\\Version\\:\\:createFromArray\\(\\) expects array\\, array given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#1 \\$description of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects string, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#1 \\$info of static method Webauthn\\\\MetadataService\\\\Statement\\\\AuthenticatorGetInfo\\:\\:create\\(\\) expects array\\, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#10 \\$matcherProtection of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects array, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#11 \\$tcDisplay of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects array, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#13 \\$alternativeDescriptions of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects array, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#14 \\$legalHeader of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects string\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#15 \\$aaid of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects string\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#16 \\$aaguid of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects string\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#17 \\$attestationCertificateKeyIdentifiers of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects array, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#18 \\$keyProtection of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects array, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#19 \\$isKeyRestricted of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects bool\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#2 \\$array of function array_map expects array, mixed given\\.$#" - count: 4 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#2 \\$authenticatorVersion of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects int, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#20 \\$isFreshUserVerificationRequired of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects bool\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#21 \\$cryptoStrength of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects int\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#22 \\$attachmentHint of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects array, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#23 \\$tcDisplayContentType of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects string\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#25 \\$ecdaaTrustAnchors of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects array, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#26 \\$icon of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects string\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#3 \\$protocolFamily of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects string, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#4 \\$schema of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects int, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#6 \\$authenticationAlgorithms of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects array, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#7 \\$publicKeyAlgAndEncodings of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects array, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: "#^Parameter \\#8 \\$attestationTypes of static method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:create\\(\\) expects array, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - - - message: """ - #^Parameter \\$ecdaaTrustAnchors of method Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\:\\:__construct\\(\\) has typehint with deprecated class Webauthn\\\\MetadataService\\\\Statement\\\\EcdaaTrustAnchor\\: - since 4\\.2\\.0 and will be removed in 5\\.0\\.0\\. The ECDAA Trust Anchor does no longer exist in Webauthn specification\\.$# - """ - count: 1 - path: src/metadata-service/src/Statement/MetadataStatement.php - - message: "#^Method Webauthn\\\\MetadataService\\\\Statement\\\\PatternAccuracyDescriptor\\:\\:jsonSerialize\\(\\) should return array\\ but returns array\\.$#" count: 1 path: src/metadata-service/src/Statement/PatternAccuracyDescriptor.php - - - message: "#^Parameter \\#1 \\$r of static method Webauthn\\\\MetadataService\\\\Statement\\\\RgbPaletteEntry\\:\\:create\\(\\) expects int, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/RgbPaletteEntry.php - - - - message: "#^Parameter \\#2 \\$g of static method Webauthn\\\\MetadataService\\\\Statement\\\\RgbPaletteEntry\\:\\:create\\(\\) expects int, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/RgbPaletteEntry.php - - - - message: "#^Parameter \\#3 \\$b of static method Webauthn\\\\MetadataService\\\\Statement\\\\RgbPaletteEntry\\:\\:create\\(\\) expects int, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/RgbPaletteEntry.php - - - - message: "#^Strict comparison using \\=\\=\\= between mixed and null will always evaluate to false\\.$#" - count: 1 - path: src/metadata-service/src/Statement/StatusReport.php - - - - message: "#^@readonly property Webauthn\\\\MetadataService\\\\Statement\\\\VerificationMethodANDCombinations\\:\\:\\$verificationMethods is assigned outside of the constructor\\.$#" - count: 1 - path: src/metadata-service/src/Statement/VerificationMethodANDCombinations.php - - - - message: "#^Parameter \\#1 \\$callback of function array_map expects \\(callable\\(mixed\\)\\: mixed\\)\\|null, Closure\\(array\\)\\: Webauthn\\\\MetadataService\\\\Statement\\\\VerificationMethodDescriptor given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/VerificationMethodANDCombinations.php - - message: "#^Method Webauthn\\\\MetadataService\\\\Statement\\\\Version\\:\\:jsonSerialize\\(\\) should return array\\ but returns array\\.$#" count: 1 path: src/metadata-service/src/Statement/Version.php - - - message: "#^Parameter \\#1 \\$major of static method Webauthn\\\\MetadataService\\\\Statement\\\\Version\\:\\:create\\(\\) expects int\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/Version.php - - - - message: "#^Parameter \\#2 \\$minor of static method Webauthn\\\\MetadataService\\\\Statement\\\\Version\\:\\:create\\(\\) expects int\\|null, mixed given\\.$#" - count: 1 - path: src/metadata-service/src/Statement/Version.php - - message: "#^Parameter \\#8 \\$publicKeyCredentialSourceRepository of class Webauthn\\\\Bundle\\\\Controller\\\\AssertionResponseController constructor expects Webauthn\\\\Bundle\\\\Repository\\\\PublicKeyCredentialSourceRepositoryInterface\\|null, Webauthn\\\\Bundle\\\\Repository\\\\PublicKeyCredentialSourceRepositoryInterface\\|Webauthn\\\\PublicKeyCredentialSourceRepository given\\.$#" count: 1 @@ -637,10 +209,7 @@ parameters: path: src/symfony/src/Controller/AssertionControllerFactory.php - - message: """ - #^Call to deprecated method getContentType\\(\\) of class Symfony\\\\Component\\\\HttpFoundation\\\\Request\\: - since Symfony 6\\.2, use getContentTypeFormat\\(\\) instead$# - """ + message: "#^Call to an undefined method Symfony\\\\Component\\\\HttpFoundation\\\\Request\\:\\:getContentType\\(\\)\\.$#" count: 1 path: src/symfony/src/Controller/AssertionResponseController.php @@ -676,10 +245,7 @@ parameters: path: src/symfony/src/Controller/AttestationControllerFactory.php - - message: """ - #^Call to deprecated method getContentType\\(\\) of class Symfony\\\\Component\\\\HttpFoundation\\\\Request\\: - since Symfony 6\\.2, use getContentTypeFormat\\(\\) instead$# - """ + message: "#^Call to an undefined method Symfony\\\\Component\\\\HttpFoundation\\\\Request\\:\\:getContentType\\(\\)\\.$#" count: 1 path: src/symfony/src/Controller/AttestationResponseController.php @@ -725,17 +291,14 @@ parameters: path: src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php - - message: """ - #^Call to deprecated method createFromArray\\(\\) of class Webauthn\\\\AuthenticatorSelectionCriteria\\: - since 4\\.8\\.0\\. Please use \\{Webauthn\\\\Denormalizer\\\\WebauthnSerializerFactory\\} for converting the object\\.$# - """ + message: "#^Call to an undefined method Symfony\\\\Component\\\\HttpFoundation\\\\Request\\:\\:getContentType\\(\\)\\.$#" count: 1 path: src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php - message: """ - #^Call to deprecated method getContentType\\(\\) of class Symfony\\\\Component\\\\HttpFoundation\\\\Request\\: - since Symfony 6\\.2, use getContentTypeFormat\\(\\) instead$# + #^Call to deprecated method createFromArray\\(\\) of class Webauthn\\\\AuthenticatorSelectionCriteria\\: + since 4\\.8\\.0\\. Please use \\{Webauthn\\\\Denormalizer\\\\WebauthnSerializerFactory\\} for converting the object\\.$# """ count: 1 path: src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php @@ -764,10 +327,7 @@ parameters: path: src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php - - message: """ - #^Call to deprecated method getContentType\\(\\) of class Symfony\\\\Component\\\\HttpFoundation\\\\Request\\: - since Symfony 6\\.2, use getContentTypeFormat\\(\\) instead$# - """ + message: "#^Call to an undefined method Symfony\\\\Component\\\\HttpFoundation\\\\Request\\:\\:getContentType\\(\\)\\.$#" count: 1 path: src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php @@ -794,54 +354,6 @@ parameters: count: 1 path: src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php - - - message: """ - #^Fetching class constant class of deprecated class Webauthn\\\\Bundle\\\\Event\\\\AuthenticatorAssertionResponseValidationFailedEvent\\: - since 4\\.3\\.0, use \\{@link \\\\Webauthn\\\\Event\\\\AuthenticatorAssertionResponseValidationFailedEvent\\} instead\\.$# - """ - count: 1 - path: src/symfony/src/DataCollector/WebauthnCollector.php - - - - message: """ - #^Fetching class constant class of deprecated class Webauthn\\\\Bundle\\\\Event\\\\AuthenticatorAssertionResponseValidationSucceededEvent\\: - since 4\\.3\\.0, use \\{@link \\\\Webauthn\\\\Event\\\\AuthenticatorAssertionResponseValidationSucceededEvent\\} instead\\.$# - """ - count: 1 - path: src/symfony/src/DataCollector/WebauthnCollector.php - - - - message: """ - #^Fetching class constant class of deprecated class Webauthn\\\\Bundle\\\\Event\\\\AuthenticatorAttestationResponseValidationSucceededEvent\\: - since 4\\.3\\.0, use \\{@link \\\\Webauthn\\\\Event\\\\AuthenticatorAttestationResponseValidationSucceededEvent\\} instead\\.$# - """ - count: 1 - path: src/symfony/src/DataCollector/WebauthnCollector.php - - - - message: """ - #^Parameter \\$event of method Webauthn\\\\Bundle\\\\DataCollector\\\\WebauthnCollector\\:\\:addAuthenticatorAssertionResponseValidationFailed\\(\\) has typehint with deprecated class Webauthn\\\\Bundle\\\\Event\\\\AuthenticatorAssertionResponseValidationFailedEvent\\: - since 4\\.3\\.0, use \\{@link \\\\Webauthn\\\\Event\\\\AuthenticatorAssertionResponseValidationFailedEvent\\} instead\\.$# - """ - count: 1 - path: src/symfony/src/DataCollector/WebauthnCollector.php - - - - message: """ - #^Parameter \\$event of method Webauthn\\\\Bundle\\\\DataCollector\\\\WebauthnCollector\\:\\:addAuthenticatorAssertionResponseValidationSucceeded\\(\\) has typehint with deprecated class Webauthn\\\\Bundle\\\\Event\\\\AuthenticatorAssertionResponseValidationSucceededEvent\\: - since 4\\.3\\.0, use \\{@link \\\\Webauthn\\\\Event\\\\AuthenticatorAssertionResponseValidationSucceededEvent\\} instead\\.$# - """ - count: 1 - path: src/symfony/src/DataCollector/WebauthnCollector.php - - - - message: """ - #^Parameter \\$event of method Webauthn\\\\Bundle\\\\DataCollector\\\\WebauthnCollector\\:\\:addAuthenticatorAttestationResponseValidationSucceeded\\(\\) has typehint with deprecated class Webauthn\\\\Bundle\\\\Event\\\\AuthenticatorAttestationResponseValidationSucceededEvent\\: - since 4\\.3\\.0, use \\{@link \\\\Webauthn\\\\Event\\\\AuthenticatorAttestationResponseValidationSucceededEvent\\} instead\\.$# - """ - count: 1 - path: src/symfony/src/DataCollector/WebauthnCollector.php - - message: "#^Cannot call method integerNode\\(\\) on Symfony\\\\Component\\\\Config\\\\Definition\\\\Builder\\\\NodeParentInterface\\|null\\.$#" count: 2 @@ -1344,17 +856,14 @@ parameters: path: src/symfony/src/Security/Authorization/Voter/IsUserVerifiedVoter.php - - message: """ - #^Call to deprecated method generateNextUserEntityId\\(\\) of class Webauthn\\\\Bundle\\\\Repository\\\\CanRegisterUserEntity\\: - since 4\\.7\\.0 and will be removed in 5\\.0\\.0\\. Please use Webauthn\\\\Bundle\\\\Repository\\\\CanGenerateUserEntity\\:\\:generateUserEntity\\(\\) instead\\.$# - """ + message: "#^Call to an undefined method Symfony\\\\Component\\\\HttpFoundation\\\\Request\\:\\:getContentType\\(\\)\\.$#" count: 1 path: src/symfony/src/Security/Guesser/RequestBodyUserEntityGuesser.php - message: """ - #^Call to deprecated method getContentType\\(\\) of class Symfony\\\\Component\\\\HttpFoundation\\\\Request\\: - since Symfony 6\\.2, use getContentTypeFormat\\(\\) instead$# + #^Call to deprecated method generateNextUserEntityId\\(\\) of class Webauthn\\\\Bundle\\\\Repository\\\\CanRegisterUserEntity\\: + since 4\\.7\\.0 and will be removed in 5\\.0\\.0\\. Please use Webauthn\\\\Bundle\\\\Repository\\\\CanGenerateUserEntity\\:\\:generateUserEntity\\(\\) instead\\.$# """ count: 1 path: src/symfony/src/Security/Guesser/RequestBodyUserEntityGuesser.php @@ -1365,10 +874,7 @@ parameters: path: src/symfony/src/Security/Guesser/RequestBodyUserEntityGuesser.php - - message: """ - #^Call to deprecated method getContentType\\(\\) of class Symfony\\\\Component\\\\HttpFoundation\\\\Request\\: - since Symfony 6\\.2, use getContentTypeFormat\\(\\) instead$# - """ + message: "#^Call to an undefined method Symfony\\\\Component\\\\HttpFoundation\\\\Request\\:\\:getContentType\\(\\)\\.$#" count: 2 path: src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php @@ -1382,6 +888,11 @@ parameters: count: 1 path: src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php + - + message: "#^Method Webauthn\\\\Bundle\\\\Security\\\\Http\\\\Authenticator\\\\WebauthnAuthenticator\\:\\:__construct\\(\\) has parameter \\$userProvider with generic interface Symfony\\\\Component\\\\Security\\\\Core\\\\User\\\\UserProviderInterface but does not specify its types\\: TUser$#" + count: 1 + path: src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php + - message: "#^Method Webauthn\\\\Bundle\\\\Security\\\\Storage\\\\OptionsStorage\\:\\:get\\(\\) invoked with 1 parameter, 0 required\\.$#" count: 2 @@ -2217,7 +1728,7 @@ parameters: #^Access to deprecated property \\$requireResidentKey of class Webauthn\\\\AuthenticatorSelectionCriteria\\: Will be removed in 5\\.0\\. Please use residentKey instead\\*$# """ - count: 3 + count: 2 path: src/webauthn/src/AuthenticatorSelectionCriteria.php - @@ -2230,22 +1741,6 @@ parameters: count: 1 path: src/webauthn/src/AuthenticatorSelectionCriteria.php - - - message: """ - #^Fetching deprecated class constant ATTESTATION_ECDAA of class Webauthn\\\\MetadataService\\\\Statement\\\\MetadataStatement\\: - since 4\\.2\\.0 and will be removed in 5\\.0\\.0\\. The ECDAA Trust Anchor does no longer exist in Webauthn specification\\.$# - """ - count: 1 - path: src/webauthn/src/CeremonyStep/CheckMetadataStatement.php - - - - message: """ - #^Fetching deprecated class constant TYPE_ECDAA of class Webauthn\\\\AttestationStatement\\\\AttestationStatement\\: - since 4\\.2\\.0 and will be removed in 5\\.0\\.0\\. The ECDAA Trust Anchor does no longer exist in Webauthn specification\\.$# - """ - count: 1 - path: src/webauthn/src/CeremonyStep/CheckMetadataStatement.php - - message: """ #^Access to deprecated property \\$tokenBinding of class Webauthn\\\\CollectedClientData\\: @@ -2289,6 +1784,11 @@ parameters: count: 1 path: src/webauthn/src/Denormalizer/AttestationObjectDenormalizer.php + - + message: "#^Strict comparison using \\=\\=\\= between Symfony\\\\Component\\\\Serializer\\\\Normalizer\\\\DenormalizerInterface and null will always evaluate to false\\.$#" + count: 1 + path: src/webauthn/src/Denormalizer/AttestationObjectDenormalizer.php + - message: "#^Cannot access offset 'fmt' on mixed\\.$#" count: 1 @@ -2355,6 +1855,11 @@ parameters: count: 1 path: src/webauthn/src/Denormalizer/AuthenticationExtensionsDenormalizer.php + - + message: "#^Strict comparison using \\=\\=\\= between Symfony\\\\Component\\\\Serializer\\\\Normalizer\\\\DenormalizerInterface and null will always evaluate to false\\.$#" + count: 1 + path: src/webauthn/src/Denormalizer/AuthenticationExtensionsDenormalizer.php + - message: "#^Cannot access offset 'attestationObject' on mixed\\.$#" count: 1 @@ -2425,6 +1930,11 @@ parameters: count: 1 path: src/webauthn/src/Denormalizer/AuthenticatorAssertionResponseDenormalizer.php + - + message: "#^Strict comparison using \\=\\=\\= between Symfony\\\\Component\\\\Serializer\\\\Normalizer\\\\DenormalizerInterface and null will always evaluate to false\\.$#" + count: 1 + path: src/webauthn/src/Denormalizer/AuthenticatorAssertionResponseDenormalizer.php + - message: "#^Cannot access offset 'attestationObject' on mixed\\.$#" count: 2 @@ -2475,6 +1985,11 @@ parameters: count: 1 path: src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + - + message: "#^Strict comparison using \\=\\=\\= between Symfony\\\\Component\\\\Serializer\\\\Normalizer\\\\DenormalizerInterface and null will always evaluate to false\\.$#" + count: 1 + path: src/webauthn/src/Denormalizer/AuthenticatorAttestationResponseDenormalizer.php + - message: "#^Cannot access offset 1 on array\\|false\\.$#" count: 2 @@ -2520,6 +2035,11 @@ parameters: count: 1 path: src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + - + message: "#^Strict comparison using \\=\\=\\= between Symfony\\\\Component\\\\Serializer\\\\Normalizer\\\\DenormalizerInterface and null will always evaluate to false\\.$#" + count: 1 + path: src/webauthn/src/Denormalizer/AuthenticatorDataDenormalizer.php + - message: "#^Method Webauthn\\\\Denormalizer\\\\AuthenticatorResponseDenormalizer\\:\\:denormalize\\(\\) has parameter \\$context with no value type specified in iterable type array\\.$#" count: 1 @@ -2535,6 +2055,11 @@ parameters: count: 2 path: src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php + - + message: "#^Strict comparison using \\=\\=\\= between Symfony\\\\Component\\\\Serializer\\\\Normalizer\\\\DenormalizerInterface and null will always evaluate to false\\.$#" + count: 1 + path: src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php + - message: "#^Method Webauthn\\\\Denormalizer\\\\CollectedClientDataDenormalizer\\:\\:denormalize\\(\\) has parameter \\$context with no value type specified in iterable type array\\.$#" count: 1 @@ -2560,6 +2085,11 @@ parameters: count: 1 path: src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + - + message: "#^Strict comparison using \\=\\=\\= between Symfony\\\\Component\\\\Serializer\\\\Normalizer\\\\DenormalizerInterface and null will always evaluate to false\\.$#" + count: 1 + path: src/webauthn/src/Denormalizer/CollectedClientDataDenormalizer.php + - message: "#^Method Webauthn\\\\Denormalizer\\\\PublicKeyCredentialDenormalizer\\:\\:denormalize\\(\\) has parameter \\$context with no value type specified in iterable type array\\.$#" count: 1 @@ -2580,6 +2110,11 @@ parameters: count: 1 path: src/webauthn/src/Denormalizer/PublicKeyCredentialDenormalizer.php + - + message: "#^Strict comparison using \\=\\=\\= between Symfony\\\\Component\\\\Serializer\\\\Normalizer\\\\DenormalizerInterface and null will always evaluate to false\\.$#" + count: 1 + path: src/webauthn/src/Denormalizer/PublicKeyCredentialDenormalizer.php + - message: "#^Argument of an invalid type mixed supplied for foreach, only iterables are supported\\.$#" count: 1 @@ -2755,6 +2290,11 @@ parameters: count: 1 path: src/webauthn/src/Denormalizer/PublicKeyCredentialOptionsDenormalizer.php + - + message: "#^Strict comparison using \\=\\=\\= between Symfony\\\\Component\\\\Serializer\\\\Normalizer\\\\DenormalizerInterface and null will always evaluate to false\\.$#" + count: 1 + path: src/webauthn/src/Denormalizer/PublicKeyCredentialOptionsDenormalizer.php + - message: "#^Method Webauthn\\\\Denormalizer\\\\PublicKeyCredentialParametersDenormalizer\\:\\:denormalize\\(\\) has parameter \\$context with no value type specified in iterable type array\\.$#" count: 1 @@ -2920,6 +2460,11 @@ parameters: count: 1 path: src/webauthn/src/Denormalizer/PublicKeyCredentialSourceDenormalizer.php + - + message: "#^Strict comparison using \\=\\=\\= between Symfony\\\\Component\\\\Serializer\\\\Normalizer\\\\DenormalizerInterface and null will always evaluate to false\\.$#" + count: 1 + path: src/webauthn/src/Denormalizer/PublicKeyCredentialSourceDenormalizer.php + - message: "#^Method Webauthn\\\\Denormalizer\\\\PublicKeyCredentialUserEntityDenormalizer\\:\\:denormalize\\(\\) has parameter \\$context with no value type specified in iterable type array\\.$#" count: 1 @@ -2936,17 +2481,9 @@ parameters: path: src/webauthn/src/Denormalizer/PublicKeyCredentialUserEntityDenormalizer.php - - message: "#^Cannot access offset 'type' on mixed\\.$#" + message: "#^Strict comparison using \\=\\=\\= between Symfony\\\\Component\\\\Serializer\\\\Normalizer\\\\DenormalizerInterface and null will always evaluate to false\\.$#" count: 1 - path: src/webauthn/src/Denormalizer/TrustPathDenormalizer.php - - - - message: """ - #^Instantiation of deprecated class Webauthn\\\\TrustPath\\\\EcdaaKeyIdTrustPath\\: - since 4\\.2\\.0 and will be removed in 5\\.0\\.0\\. The ECDAA Trust Anchor does no longer exist in Webauthn specification\\.$# - """ - count: 1 - path: src/webauthn/src/Denormalizer/TrustPathDenormalizer.php + path: src/webauthn/src/Denormalizer/PublicKeyCredentialUserEntityDenormalizer.php - message: "#^Method Webauthn\\\\Denormalizer\\\\TrustPathDenormalizer\\:\\:denormalize\\(\\) has parameter \\$context with no value type specified in iterable type array\\.$#" @@ -2958,14 +2495,9 @@ parameters: count: 1 path: src/webauthn/src/Denormalizer/TrustPathDenormalizer.php - - - message: "#^Parameter \\#1 \\$ecdaaKeyId of class Webauthn\\\\TrustPath\\\\EcdaaKeyIdTrustPath constructor expects string, array given\\.$#" - count: 1 - path: src/webauthn/src/Denormalizer/TrustPathDenormalizer.php - - message: "#^Parameter \\#2 \\$array of function array_key_exists expects array, mixed given\\.$#" - count: 2 + count: 1 path: src/webauthn/src/Denormalizer/TrustPathDenormalizer.php - diff --git a/src/metadata-service/composer.json b/src/metadata-service/composer.json index 48b42c9b2..edb7384c9 100644 --- a/src/metadata-service/composer.json +++ b/src/metadata-service/composer.json @@ -20,9 +20,8 @@ } ], "require": { - "php": ">=8.1", + "php": ">=8.2", "ext-json": "*", - "lcobucci/clock": "^2.2|^3.0", "paragonie/constant_time_encoding": "^2.6", "psr/clock": "^1.0", "psr/event-dispatcher": "^1.0", @@ -30,7 +29,8 @@ "psr/http-factory": "^1.0", "psr/log": "^1.0|^2.0|^3.0", "spomky-labs/pki-framework": "^1.0", - "symfony/deprecation-contracts": "^3.2" + "symfony/deprecation-contracts": "^3.2", + "symfony/clock": "^6.4|^7.0" }, "autoload": { "psr-4": { diff --git a/src/metadata-service/src/CertificateChain/CertificateToolbox.php b/src/metadata-service/src/CertificateChain/CertificateToolbox.php index a4a586db4..44c5998d3 100644 --- a/src/metadata-service/src/CertificateChain/CertificateToolbox.php +++ b/src/metadata-service/src/CertificateChain/CertificateToolbox.php @@ -4,8 +4,6 @@ namespace Webauthn\MetadataService\CertificateChain; -use ParagonIE\ConstantTime\Base64; -use function preg_replace; use const PHP_EOL; class CertificateToolbox @@ -35,21 +33,6 @@ public static function fixPEMStructure(string $data, string $type = 'CERTIFICATE return $pem . (self::PEM_FOOTER . $type . '-----' . PHP_EOL); } - /** - * @deprecated since 4.7.0 and will be removed in 5.0.0. No replacement as not used internally. - * @infection-ignore-all - */ - public static function convertPEMToDER(string $data): string - { - if (! str_contains($data, self::PEM_HEADER)) { - return $data; - } - $data = preg_replace('/\-{5}.*\-{5}[\r\n]*/', '', $data); - $data = preg_replace("/[\r\n]*/", '', $data); - - return Base64::decode(trim($data), true); - } - public static function convertDERToPEM(string $data, string $type = 'CERTIFICATE'): string { if (str_contains($data, self::PEM_HEADER)) { diff --git a/src/metadata-service/src/CertificateChain/PhpCertificateChainValidator.php b/src/metadata-service/src/CertificateChain/PhpCertificateChainValidator.php index 27ba91c07..488f41764 100644 --- a/src/metadata-service/src/CertificateChain/PhpCertificateChainValidator.php +++ b/src/metadata-service/src/CertificateChain/PhpCertificateChainValidator.php @@ -4,13 +4,8 @@ namespace Webauthn\MetadataService\CertificateChain; -use DateTimeZone; -use Lcobucci\Clock\Clock; -use Lcobucci\Clock\SystemClock; use Psr\Clock\ClockInterface; use Psr\EventDispatcher\EventDispatcherInterface; -use Psr\Http\Client\ClientInterface; -use Psr\Http\Message\RequestFactoryInterface; use SpomkyLabs\Pki\ASN1\Type\UnspecifiedType; use SpomkyLabs\Pki\CryptoEncoding\PEM; use SpomkyLabs\Pki\X509\Certificate\Certificate; @@ -36,41 +31,22 @@ class PhpCertificateChainValidator implements CertificateChainValidator, CanDisp { private const MAX_VALIDATION_LENGTH = 5; - private readonly Clock|ClockInterface $clock; - private EventDispatcherInterface $dispatcher; public function __construct( - private readonly ClientInterface|HttpClientInterface $client, - private readonly ?RequestFactoryInterface $requestFactory = null, - null|Clock|ClockInterface $clock = null, + private readonly HttpClientInterface $client, + private readonly ClockInterface $clock, private readonly bool $allowFailures = true ) { - if ($clock === null) { - trigger_deprecation( - 'web-auth/metadata-service', - '4.5.0', - 'The parameter "$clock" will become mandatory in 5.0.0. Please set a valid PSR Clock implementation instead of "null".' - ); - $clock = new SystemClock(new DateTimeZone('UTC')); - } - if ($requestFactory !== null && ! $client instanceof HttpClientInterface) { - trigger_deprecation( - 'web-auth/metadata-service', - '4.7.0', - 'The parameter "$requestFactory" will be removed in 5.0.0. Please set it to null and set an Symfony\Contracts\HttpClient\HttpClientInterface as "$client" argument.' - ); - } - $this->clock = $clock; $this->dispatcher = new NullEventDispatcher(); } public static function create( HttpClientInterface $client, - null|Clock|ClockInterface $clock = null, + ClockInterface $clock, bool $allowFailures = true ): self { - return new self($client, null, $clock, $allowFailures); + return new self($client, $clock, $allowFailures); } public function setEventDispatcher(EventDispatcherInterface $eventDispatcher): void @@ -221,12 +197,8 @@ private function validateCertificates(Certificate ...$certificates): bool private function retrieveRevokedSerialNumbers(string $url): array { try { - if ($this->client instanceof HttpClientInterface) { - $crlData = $this->client->request('GET', $url) - ->getContent(); - } else { - $crlData = $this->sendPsrRequest($url); - } + $crlData = $this->client->request('GET', $url) + ->getContent(); $crl = UnspecifiedType::fromDER($crlData)->asSequence(); count($crl) === 3 || throw CertificateRevocationListException::create($url); $tbsCertList = $crl->at(0) @@ -280,16 +252,4 @@ private function getCrlUrlList(Certificate $subject): array ); } } - - private function sendPsrRequest(string $url): string - { - $request = $this->requestFactory->createRequest('GET', $url); - $response = $this->client->sendRequest($request); - if ($response->getStatusCode() !== 200) { - throw CertificateRevocationListException::create($url, 'Failed to download the CRL'); - } - - return $response->getBody() - ->getContents(); - } } diff --git a/src/metadata-service/src/Denormalizer/ExtensionDescriptorDenormalizer.php b/src/metadata-service/src/Denormalizer/ExtensionDescriptorDenormalizer.php index 640568d50..52626c465 100644 --- a/src/metadata-service/src/Denormalizer/ExtensionDescriptorDenormalizer.php +++ b/src/metadata-service/src/Denormalizer/ExtensionDescriptorDenormalizer.php @@ -17,7 +17,7 @@ final class ExtensionDescriptorDenormalizer implements DenormalizerInterface, De private const ALREADY_CALLED = 'EXTENSION_DESCRIPTOR_PREPROCESS_ALREADY_CALLED'; - public function denormalize(mixed $data, string $type, string $format = null, array $context = []) + public function denormalize(mixed $data, string $type, string $format = null, array $context = []): mixed { if ($this->denormalizer === null) { throw new BadMethodCallException('Please set a denormalizer before calling denormalize()!'); diff --git a/src/metadata-service/src/Service/DistantResourceMetadataService.php b/src/metadata-service/src/Service/DistantResourceMetadataService.php index 98eec3a74..b060e5c8d 100644 --- a/src/metadata-service/src/Service/DistantResourceMetadataService.php +++ b/src/metadata-service/src/Service/DistantResourceMetadataService.php @@ -6,8 +6,6 @@ use ParagonIE\ConstantTime\Base64; use Psr\EventDispatcher\EventDispatcherInterface; -use Psr\Http\Client\ClientInterface; -use Psr\Http\Message\RequestFactoryInterface; use Symfony\Component\Serializer\SerializerInterface; use Symfony\Contracts\HttpClient\HttpClientInterface; use Webauthn\MetadataService\Denormalizer\MetadataStatementSerializerFactory; @@ -25,26 +23,18 @@ final class DistantResourceMetadataService implements MetadataService, CanDispat private EventDispatcherInterface $dispatcher; - private readonly ?SerializerInterface $serializer; + private readonly SerializerInterface $serializer; /** * @param array $additionalHeaderParameters */ public function __construct( - private readonly ?RequestFactoryInterface $requestFactory, - private readonly ClientInterface|HttpClientInterface $httpClient, + private readonly HttpClientInterface $httpClient, private readonly string $uri, private readonly bool $isBase64Encoded = false, private readonly array $additionalHeaderParameters = [], ?SerializerInterface $serializer = null, ) { - if ($requestFactory !== null && ! $httpClient instanceof HttpClientInterface) { - trigger_deprecation( - 'web-auth/metadata-service', - '4.7.0', - 'The parameter "$requestFactory" will be removed in 5.0.0. Please set it to null and set an Symfony\Contracts\HttpClient\HttpClientInterface as "$httpClient" argument.' - ); - } $this->serializer = $serializer ?? MetadataStatementSerializerFactory::create(); $this->dispatcher = new NullEventDispatcher(); } @@ -58,14 +48,13 @@ public function setEventDispatcher(EventDispatcherInterface $eventDispatcher): v * @param array $additionalHeaderParameters */ public static function create( - ?RequestFactoryInterface $requestFactory, - ClientInterface|HttpClientInterface $httpClient, + HttpClientInterface $httpClient, string $uri, bool $isBase64Encoded = false, array $additionalHeaderParameters = [], ?SerializerInterface $serializer = null ): self { - return new self($requestFactory, $httpClient, $uri, $isBase64Encoded, $additionalHeaderParameters, $serializer); + return new self($httpClient, $uri, $isBase64Encoded, $additionalHeaderParameters, $serializer); } public function list(): iterable @@ -112,21 +101,12 @@ private function loadData(): void if ($this->isBase64Encoded) { $content = Base64::decode($content, true); } - if ($this->serializer !== null) { - $this->statement = $this->serializer->deserialize($content, MetadataStatement::class, 'json'); - return; - } - - $this->statement = MetadataStatement::createFromString($content); + $this->statement = $this->serializer->deserialize($content, MetadataStatement::class, 'json'); } private function fetch(): string { - if ($this->httpClient instanceof HttpClientInterface) { - $content = $this->sendSymfonyRequest(); - } else { - $content = $this->sendPsrRequest(); - } + $content = $this->sendSymfonyRequest(); $content !== '' || throw MetadataStatementLoadingException::create( 'Unable to contact the server. The response has no content' ); @@ -134,24 +114,6 @@ private function fetch(): string return $content; } - private function sendPsrRequest(): string - { - $request = $this->requestFactory->createRequest('GET', $this->uri); - foreach ($this->additionalHeaderParameters as $k => $v) { - $request = $request->withHeader($k, $v); - } - $response = $this->httpClient->sendRequest($request); - $response->getStatusCode() === 200 || throw MetadataStatementLoadingException::create(sprintf( - 'Unable to contact the server. Response code is %d', - $response->getStatusCode() - )); - $response->getBody() - ->rewind(); - - return $response->getBody() - ->getContents(); - } - private function sendSymfonyRequest(): string { $response = $this->httpClient->request('GET', $this->uri, [ diff --git a/src/metadata-service/src/Service/FidoAllianceCompliantMetadataService.php b/src/metadata-service/src/Service/FidoAllianceCompliantMetadataService.php index bcef7c18b..86519a255 100644 --- a/src/metadata-service/src/Service/FidoAllianceCompliantMetadataService.php +++ b/src/metadata-service/src/Service/FidoAllianceCompliantMetadataService.php @@ -11,8 +11,6 @@ use Jose\Component\Signature\JWSVerifier; use Jose\Component\Signature\Serializer\CompactSerializer; use Psr\EventDispatcher\EventDispatcherInterface; -use Psr\Http\Client\ClientInterface; -use Psr\Http\Message\RequestFactoryInterface; use Symfony\Component\Serializer\SerializerInterface; use Symfony\Contracts\HttpClient\HttpClientInterface; use Throwable; @@ -29,7 +27,6 @@ use function array_key_exists; use function is_array; use function sprintf; -use const JSON_THROW_ON_ERROR; final class FidoAllianceCompliantMetadataService implements MetadataService, CanDispatchEvents { @@ -47,27 +44,19 @@ final class FidoAllianceCompliantMetadataService implements MetadataService, Can private EventDispatcherInterface $dispatcher; - private readonly ?SerializerInterface $serializer; + private readonly SerializerInterface $serializer; /** * @param array $additionalHeaderParameters */ public function __construct( - private readonly ?RequestFactoryInterface $requestFactory, - private readonly ClientInterface|HttpClientInterface $httpClient, + private readonly HttpClientInterface $httpClient, private readonly string $uri, private readonly array $additionalHeaderParameters = [], private readonly ?CertificateChainValidator $certificateChainValidator = null, private readonly ?string $rootCertificateUri = null, ?SerializerInterface $serializer = null, ) { - if ($requestFactory !== null && ! $httpClient instanceof HttpClientInterface) { - trigger_deprecation( - 'web-auth/metadata-service', - '4.7.0', - 'The parameter "$requestFactory" will be removed in 5.0.0. Please set it to null and set an Symfony\Contracts\HttpClient\HttpClientInterface as "$httpClient" argument.' - ); - } $this->serializer = $serializer ?? MetadataStatementSerializerFactory::create(); $this->dispatcher = new NullEventDispatcher(); } @@ -81,8 +70,7 @@ public function setEventDispatcher(EventDispatcherInterface $eventDispatcher): v * @param array $additionalHeaderParameters */ public static function create( - ?RequestFactoryInterface $requestFactory, - ClientInterface|HttpClientInterface $httpClient, + HttpClientInterface $httpClient, string $uri, array $additionalHeaderParameters = [], ?CertificateChainValidator $certificateChainValidator = null, @@ -90,7 +78,6 @@ public static function create( ?SerializerInterface $serializer = null, ): self { return new self( - $requestFactory, $httpClient, $uri, $additionalHeaderParameters, @@ -148,34 +135,18 @@ private function loadData(): void try { $payload = $this->getJwsPayload($content, $jwtCertificates); $this->validateCertificates(...$jwtCertificates); - if ($this->serializer !== null) { - $blob = $this->serializer->deserialize($payload, MetadataBLOBPayload::class, 'json'); - foreach ($blob->entries as $entry) { - $mds = $entry->metadataStatement; - if ($mds !== null && $entry->aaguid !== null) { - $this->statements[$entry->aaguid] = $mds; - $this->statusReports[$entry->aaguid] = $entry->statusReports; - } - } - $this->loaded = true; - return; - } - $data = json_decode($payload, true, flags: JSON_THROW_ON_ERROR); - - foreach ($data['entries'] as $datum) { - $entry = MetadataBLOBPayloadEntry::createFromArray($datum); - + $blob = $this->serializer->deserialize($payload, MetadataBLOBPayload::class, 'json'); + foreach ($blob->entries as $entry) { $mds = $entry->metadataStatement; if ($mds !== null && $entry->aaguid !== null) { $this->statements[$entry->aaguid] = $mds; $this->statusReports[$entry->aaguid] = $entry->statusReports; } } + $this->loaded = true; } catch (Throwable) { // Nothing to do } - - $this->loaded = true; } /** @@ -183,11 +154,7 @@ private function loadData(): void */ private function fetch(string $uri, array $headerParameters): string { - if ($this->httpClient instanceof HttpClientInterface) { - $content = $this->sendSymfonyRequest($uri, $headerParameters); - } else { - $content = $this->sendPsrRequest($uri, $headerParameters); - } + $content = $this->sendSymfonyRequest($uri, $headerParameters); $content !== '' || throw MetadataStatementLoadingException::create( 'Unable to contact the server. The response has no content' ); @@ -245,26 +212,6 @@ private function validateCertificates(string ...$untrustedCertificates): void $this->certificateChainValidator->check($untrustedCertificates, [$rootCertificate]); } - /** - * @param array $headerParameters - */ - private function sendPsrRequest(string $uri, array $headerParameters): string - { - $request = $this->requestFactory->createRequest('GET', $uri); - foreach ($headerParameters as $k => $v) { - $request = $request->withHeader($k, $v); - } - $response = $this->httpClient->sendRequest($request); - $response->getStatusCode() === 200 || throw MetadataStatementLoadingException::create(sprintf( - 'Unable to contact the server. Response code is %d', - $response->getStatusCode() - )); - $response->getBody() - ->rewind(); - return $response->getBody() - ->getContents(); - } - /** * @param array $headerParameters */ diff --git a/src/metadata-service/src/Service/MetadataBLOBPayload.php b/src/metadata-service/src/Service/MetadataBLOBPayload.php index 3ab82458d..0ee76e6a7 100644 --- a/src/metadata-service/src/Service/MetadataBLOBPayload.php +++ b/src/metadata-service/src/Service/MetadataBLOBPayload.php @@ -5,12 +5,7 @@ namespace Webauthn\MetadataService\Service; use JsonSerializable; -use Webauthn\MetadataService\Exception\MetadataStatementLoadingException; use Webauthn\MetadataService\ValueFilter; -use function array_key_exists; -use function is_array; -use function is_int; -use function is_string; class MetadataBLOBPayload implements JsonSerializable { @@ -32,85 +27,6 @@ public function __construct( ) { } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function addEntry(MetadataBLOBPayloadEntry $entry): self - { - $this->entries[] = $entry; - - return $this; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getLegalHeader(): ?string - { - return $this->legalHeader; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getNo(): int - { - return $this->no; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getNextUpdate(): string - { - return $this->nextUpdate; - } - - /** - * @return MetadataBLOBPayloadEntry[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getEntries(): array - { - return $this->entries; - } - - /** - * @param array $data - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): self - { - $data = self::filterNullValues($data); - foreach (['no', 'nextUpdate', 'entries'] as $key) { - array_key_exists($key, $data) || throw MetadataStatementLoadingException::create(sprintf( - 'Invalid data. The parameter "%s" is missing', - $key - )); - } - is_int($data['no']) || throw MetadataStatementLoadingException::create( - 'Invalid data. The parameter "no" shall be an integer' - ); - is_string($data['nextUpdate']) || throw MetadataStatementLoadingException::create( - 'Invalid data. The parameter "nextUpdate" shall be a string' - ); - is_array($data['entries']) || throw MetadataStatementLoadingException::create( - 'Invalid data. The parameter "entries" shall be a n array of entries' - ); - $object = new self($data['no'], $data['nextUpdate'], $data['legalHeader'] ?? null); - foreach ($data['entries'] as $entry) { - $object->entries[] = MetadataBLOBPayloadEntry::createFromArray($entry); - } - - return $object; - } - /** * @return array */ @@ -125,26 +41,4 @@ public function jsonSerialize(): array return self::filterNullValues($data); } - - /** - * @return string[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getRootCertificates(): array - { - return $this->rootCertificates; - } - - /** - * @param string[] $rootCertificates - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function setRootCertificates(array $rootCertificates): self - { - $this->rootCertificates = $rootCertificates; - - return $this; - } } diff --git a/src/metadata-service/src/Service/MetadataBLOBPayloadEntry.php b/src/metadata-service/src/Service/MetadataBLOBPayloadEntry.php index f1d9011a7..253ff99a5 100644 --- a/src/metadata-service/src/Service/MetadataBLOBPayloadEntry.php +++ b/src/metadata-service/src/Service/MetadataBLOBPayloadEntry.php @@ -10,9 +10,7 @@ use Webauthn\MetadataService\Statement\MetadataStatement; use Webauthn\MetadataService\Statement\StatusReport; use Webauthn\MetadataService\ValueFilter; -use function array_key_exists; use function count; -use function is_array; use function is_string; class MetadataBLOBPayloadEntry implements JsonSerializable @@ -56,155 +54,6 @@ public function __construct( } } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAaid(): ?string - { - return $this->aaid; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAaguid(): ?string - { - return $this->aaguid; - } - - /** - * @return string[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAttestationCertificateKeyIdentifiers(): array - { - return $this->attestationCertificateKeyIdentifiers; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getMetadataStatement(): ?MetadataStatement - { - return $this->metadataStatement; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function addBiometricStatusReports(BiometricStatusReport ...$biometricStatusReports): self - { - foreach ($biometricStatusReports as $biometricStatusReport) { - $this->biometricStatusReports[] = $biometricStatusReport; - } - - return $this; - } - - /** - * @return BiometricStatusReport[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getBiometricStatusReports(): array - { - return $this->biometricStatusReports; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function addStatusReports(StatusReport ...$statusReports): self - { - foreach ($statusReports as $statusReport) { - $this->statusReports[] = $statusReport; - } - - return $this; - } - - /** - * @return StatusReport[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getStatusReports(): array - { - return $this->statusReports; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getTimeOfLastStatusChange(): string - { - return $this->timeOfLastStatusChange; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getRogueListURL(): string|null - { - return $this->rogueListURL; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getRogueListHash(): string|null - { - return $this->rogueListHash; - } - - /** - * @param array $data - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): self - { - $data = self::filterNullValues($data); - array_key_exists('timeOfLastStatusChange', $data) || throw MetadataStatementLoadingException::create( - 'Invalid data. The parameter "timeOfLastStatusChange" is missing' - ); - array_key_exists('statusReports', $data) || throw MetadataStatementLoadingException::create( - 'Invalid data. The parameter "statusReports" is missing' - ); - is_array($data['statusReports']) || throw MetadataStatementLoadingException::create( - 'Invalid data. The parameter "statusReports" shall be an array of StatusReport objects' - ); - - return new self( - $data['timeOfLastStatusChange'], - array_map( - static fn (array $statusReport) => StatusReport::createFromArray($statusReport), - $data['statusReports'] - ), - $data['aaid'] ?? null, - $data['aaguid'] ?? null, - $data['attestationCertificateKeyIdentifiers'] ?? [], - isset($data['metadataStatement']) ? MetadataStatement::createFromArray($data['metadataStatement']) : null, - $data['rogueListURL'] ?? null, - $data['rogueListHash'] ?? null, - array_map( - static fn (array $biometricStatusReport) => BiometricStatusReport::createFromArray( - $biometricStatusReport - ), - $data['biometricStatusReports'] ?? [] - ) - ); - } - /** * @return array */ diff --git a/src/metadata-service/src/Service/StringMetadataService.php b/src/metadata-service/src/Service/StringMetadataService.php deleted file mode 100644 index 4edea340c..000000000 --- a/src/metadata-service/src/Service/StringMetadataService.php +++ /dev/null @@ -1,77 +0,0 @@ -addStatements(MetadataStatement::createFromString($statement)); - } - $this->dispatcher = new NullEventDispatcher(); - } - - public function setEventDispatcher(EventDispatcherInterface $eventDispatcher): void - { - $this->dispatcher = $eventDispatcher; - } - - public static function create(string ...$statements): self - { - return new self(...$statements); - } - - public function addStatements(MetadataStatement ...$statements): self - { - foreach ($statements as $statement) { - $aaguid = $statement->aaguid; - if ($aaguid === null) { - continue; - } - $this->statements[$aaguid] = $statement; - } - - return $this; - } - - public function list(): iterable - { - yield from array_keys($this->statements); - } - - public function has(string $aaguid): bool - { - return array_key_exists($aaguid, $this->statements); - } - - public function get(string $aaguid): MetadataStatement - { - array_key_exists($aaguid, $this->statements) || throw MissingMetadataStatementException::create($aaguid); - $mds = $this->statements[$aaguid]; - $this->dispatcher->dispatch(MetadataStatementFound::create($mds)); - - return $mds; - } -} diff --git a/src/metadata-service/src/Statement/AbstractDescriptor.php b/src/metadata-service/src/Statement/AbstractDescriptor.php index 08f1de461..b0710e5db 100644 --- a/src/metadata-service/src/Statement/AbstractDescriptor.php +++ b/src/metadata-service/src/Statement/AbstractDescriptor.php @@ -20,22 +20,4 @@ public function __construct( 'Invalid data. The value of "blockSlowdown" must be a positive integer' ); } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getMaxRetries(): ?int - { - return $this->maxRetries; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getBlockSlowdown(): ?int - { - return $this->blockSlowdown; - } } diff --git a/src/metadata-service/src/Statement/AlternativeDescriptions.php b/src/metadata-service/src/Statement/AlternativeDescriptions.php index 228811e08..25ed4f90a 100644 --- a/src/metadata-service/src/Statement/AlternativeDescriptions.php +++ b/src/metadata-service/src/Statement/AlternativeDescriptions.php @@ -24,27 +24,6 @@ public static function create(array $descriptions = []): self return new self($descriptions); } - /** - * @return array - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function all(): array - { - return $this->descriptions; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function add(string $locale, string $description): self - { - $this->descriptions[$locale] = $description; - - return $this; - } - /** * @return array */ diff --git a/src/metadata-service/src/Statement/AuthenticatorGetInfo.php b/src/metadata-service/src/Statement/AuthenticatorGetInfo.php index a39f98309..02c5daa46 100644 --- a/src/metadata-service/src/Statement/AuthenticatorGetInfo.php +++ b/src/metadata-service/src/Statement/AuthenticatorGetInfo.php @@ -24,17 +24,6 @@ public static function create(array $info = []): self return new self($info); } - /** - * @deprecated since 4.7.0. Please use the constructor directly. - * @infection-ignore-all - */ - public function add(string|int $key, mixed $value): self - { - $this->info[$key] = $value; - - return $this; - } - /** * @return string[] */ diff --git a/src/metadata-service/src/Statement/AuthenticatorStatus.php b/src/metadata-service/src/Statement/AuthenticatorStatus.php index 03a008bee..c3b50d3f2 100644 --- a/src/metadata-service/src/Statement/AuthenticatorStatus.php +++ b/src/metadata-service/src/Statement/AuthenticatorStatus.php @@ -59,14 +59,4 @@ final class AuthenticatorStatus self::FIDO_CERTIFIED_L4, self::FIDO_CERTIFIED_L5, ]; - - /** - * @return string[] - * @deprecated since 4.7.0. Please use the constant STATUSES instead. - * @infection-ignore-all - */ - public static function list(): array - { - return self::STATUSES; - } } diff --git a/src/metadata-service/src/Statement/BiometricAccuracyDescriptor.php b/src/metadata-service/src/Statement/BiometricAccuracyDescriptor.php index 14c0e34d4..df8ae4c83 100644 --- a/src/metadata-service/src/Statement/BiometricAccuracyDescriptor.php +++ b/src/metadata-service/src/Statement/BiometricAccuracyDescriptor.php @@ -30,45 +30,6 @@ public static function create( return new self($selfAttestedFRR, $selfAttestedFAR, $maxTemplates, $maxRetries, $blockSlowdown); } - /** - * @deprecated since 4.7.0. Please use the property directly. - */ - public function getSelfAttestedFRR(): ?float - { - return $this->selfAttestedFRR; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - */ - public function getSelfAttestedFAR(): ?float - { - return $this->selfAttestedFAR; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - */ - public function getMaxTemplates(): ?float - { - return $this->maxTemplates; - } - - /** - * @param array $data - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - */ - public static function createFromArray(array $data): self - { - return self::create( - $data['selfAttestedFRR'] ?? null, - $data['selfAttestedFAR'] ?? null, - $data['maxTemplates'] ?? null, - $data['maxRetries'] ?? null, - $data['blockSlowdown'] ?? null - ); - } - /** * @return array */ diff --git a/src/metadata-service/src/Statement/BiometricStatusReport.php b/src/metadata-service/src/Statement/BiometricStatusReport.php index a6b0f3a93..3b4c22f95 100644 --- a/src/metadata-service/src/Statement/BiometricStatusReport.php +++ b/src/metadata-service/src/Statement/BiometricStatusReport.php @@ -39,87 +39,6 @@ public static function create( ); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCertLevel(): int|null - { - return $this->certLevel; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getModality(): int|null - { - return $this->modality; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getEffectiveDate(): ?string - { - return $this->effectiveDate; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCertificationDescriptor(): ?string - { - return $this->certificationDescriptor; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCertificateNumber(): ?string - { - return $this->certificateNumber; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCertificationPolicyVersion(): ?string - { - return $this->certificationPolicyVersion; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCertificationRequirementsVersion(): ?string - { - return $this->certificationRequirementsVersion; - } - - /** - * @param array $data - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): self - { - return self::create( - $data['certLevel'] ?? null, - $data['modality'] ?? null, - $data['effectiveDate'] ?? null, - $data['certificationDescriptor'] ?? null, - $data['certificateNumber'] ?? null, - $data['certificationPolicyVersion'] ?? null, - $data['certificationRequirementsVersion'] ?? null, - ); - } - /** * @return array */ diff --git a/src/metadata-service/src/Statement/CodeAccuracyDescriptor.php b/src/metadata-service/src/Statement/CodeAccuracyDescriptor.php index cb15d7609..bc1d7b09b 100644 --- a/src/metadata-service/src/Statement/CodeAccuracyDescriptor.php +++ b/src/metadata-service/src/Statement/CodeAccuracyDescriptor.php @@ -6,7 +6,6 @@ use Webauthn\MetadataService\Exception\MetadataStatementLoadingException; use Webauthn\MetadataService\ValueFilter; -use function array_key_exists; class CodeAccuracyDescriptor extends AbstractDescriptor { @@ -32,46 +31,6 @@ public static function create(int $base, int $minLength, ?int $maxRetries = null return new self($base, $minLength, $maxRetries, $blockSlowdown); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getBase(): int - { - return $this->base; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getMinLength(): int - { - return $this->minLength; - } - - /** - * @param array $data - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): self - { - array_key_exists('base', $data) || throw MetadataStatementLoadingException::create( - 'The parameter "base" is missing' - ); - array_key_exists('minLength', $data) || throw MetadataStatementLoadingException::create( - 'The parameter "minLength" is missing' - ); - - return self::create( - $data['base'], - $data['minLength'], - $data['maxRetries'] ?? null, - $data['blockSlowdown'] ?? null - ); - } - /** * @return array */ diff --git a/src/metadata-service/src/Statement/DisplayPNGCharacteristicsDescriptor.php b/src/metadata-service/src/Statement/DisplayPNGCharacteristicsDescriptor.php index 202264702..1574ae24a 100644 --- a/src/metadata-service/src/Statement/DisplayPNGCharacteristicsDescriptor.php +++ b/src/metadata-service/src/Statement/DisplayPNGCharacteristicsDescriptor.php @@ -7,7 +7,6 @@ use JsonSerializable; use Webauthn\MetadataService\Exception\MetadataStatementLoadingException; use Webauthn\MetadataService\ValueFilter; -use function array_key_exists; class DisplayPNGCharacteristicsDescriptor implements JsonSerializable { @@ -58,127 +57,6 @@ public static function create( return new self($width, $height, $bitDepth, $colorType, $compression, $filter, $interlace, $plte); } - /** - * @deprecated since 4.7.0. Please use {self::create} directly. - * @infection-ignore-all - */ - public function addPalettes(RgbPaletteEntry ...$rgbPaletteEntries): self - { - foreach ($rgbPaletteEntries as $rgbPaletteEntry) { - $this->plte[] = $rgbPaletteEntry; - } - - return $this; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getWidth(): int - { - return $this->width; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getHeight(): int - { - return $this->height; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getBitDepth(): int - { - return $this->bitDepth; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getColorType(): int - { - return $this->colorType; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCompression(): int - { - return $this->compression; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getFilter(): int - { - return $this->filter; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getInterlace(): int - { - return $this->interlace; - } - - /** - * @return RgbPaletteEntry[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getPaletteEntries(): array - { - return $this->plte; - } - - /** - * @param array $data - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): self - { - $data = self::filterNullValues($data); - foreach ([ - 'width', - 'compression', - 'height', - 'bitDepth', - 'colorType', - 'compression', - 'filter', - 'interlace', - ] as $key) { - array_key_exists($key, $data) || throw MetadataStatementLoadingException::create(sprintf( - 'Invalid data. The key "%s" is missing', - $key - )); - } - return self::create( - $data['width'], - $data['height'], - $data['bitDepth'], - $data['colorType'], - $data['compression'], - $data['filter'], - $data['interlace'], - array_map(static fn (array $item) => RgbPaletteEntry::createFromArray($item), $data['plte'] ?? []) - ); - } - /** * @return array */ diff --git a/src/metadata-service/src/Statement/EcdaaTrustAnchor.php b/src/metadata-service/src/Statement/EcdaaTrustAnchor.php deleted file mode 100644 index fd426c13a..000000000 --- a/src/metadata-service/src/Statement/EcdaaTrustAnchor.php +++ /dev/null @@ -1,101 +0,0 @@ -X; - } - - public function getY(): string - { - return $this->Y; - } - - public function getC(): string - { - return $this->c; - } - - public function getSx(): string - { - return $this->sx; - } - - public function getSy(): string - { - return $this->sy; - } - - public function getG1Curve(): string - { - return $this->G1Curve; - } - - /** - * @param array $data - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - */ - public static function createFromArray(array $data): self - { - $data = self::filterNullValues($data); - foreach (['X', 'Y', 'c', 'sx', 'sy', 'G1Curve'] as $key) { - array_key_exists($key, $data) || throw MetadataStatementLoadingException::create(sprintf( - 'Invalid data. The key "%s" is missing', - $key - )); - } - - return new self( - Base64UrlSafe::decode($data['X']), - Base64UrlSafe::decode($data['Y']), - Base64UrlSafe::decode($data['c']), - Base64UrlSafe::decode($data['sx']), - Base64UrlSafe::decode($data['sy']), - $data['G1Curve'] - ); - } - - /** - * @return array - */ - public function jsonSerialize(): array - { - $data = [ - 'X' => Base64UrlSafe::encodeUnpadded($this->X), - 'Y' => Base64UrlSafe::encodeUnpadded($this->Y), - 'c' => Base64UrlSafe::encodeUnpadded($this->c), - 'sx' => Base64UrlSafe::encodeUnpadded($this->sx), - 'sy' => Base64UrlSafe::encodeUnpadded($this->sy), - 'G1Curve' => $this->G1Curve, - ]; - - return self::filterNullValues($data); - } -} diff --git a/src/metadata-service/src/Statement/ExtensionDescriptor.php b/src/metadata-service/src/Statement/ExtensionDescriptor.php index 4b0404367..1ed4a101b 100644 --- a/src/metadata-service/src/Statement/ExtensionDescriptor.php +++ b/src/metadata-service/src/Statement/ExtensionDescriptor.php @@ -7,7 +7,6 @@ use JsonSerializable; use Webauthn\MetadataService\Exception\MetadataStatementLoadingException; use Webauthn\MetadataService\ValueFilter; -use function array_key_exists; class ExtensionDescriptor implements JsonSerializable { @@ -35,60 +34,6 @@ public static function create( return new self($id, $tag, $data, $failIfUnknown); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getId(): string - { - return $this->id; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getTag(): ?int - { - return $this->tag; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getData(): ?string - { - return $this->data; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function isFailIfUnknown(): bool - { - return $this->failIfUnknown; - } - - /** - * @param array $data - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): self - { - $data = self::filterNullValues($data); - array_key_exists('id', $data) || throw MetadataStatementLoadingException::create( - 'Invalid data. The parameter "id" is missing' - ); - array_key_exists('fail_if_unknown', $data) || throw MetadataStatementLoadingException::create( - 'Invalid data. The parameter "fail_if_unknown" is missing' - ); - - return new self($data['id'], $data['tag'] ?? null, $data['data'] ?? null, $data['fail_if_unknown']); - } - /** * @return array */ diff --git a/src/metadata-service/src/Statement/MetadataStatement.php b/src/metadata-service/src/Statement/MetadataStatement.php index 69685bc66..35510e760 100644 --- a/src/metadata-service/src/Statement/MetadataStatement.php +++ b/src/metadata-service/src/Statement/MetadataStatement.php @@ -6,12 +6,7 @@ use JsonSerializable; use Webauthn\MetadataService\CertificateChain\CertificateToolbox; -use Webauthn\MetadataService\Exception\MetadataStatementLoadingException; use Webauthn\MetadataService\ValueFilter; -use function array_key_exists; -use function is_array; -use function is_string; -use const JSON_THROW_ON_ERROR; class MetadataStatement implements JsonSerializable { @@ -155,12 +150,6 @@ class MetadataStatement implements JsonSerializable final public const ATTESTATION_BASIC_SURROGATE = 'basic_surrogate'; - /** - * @deprecated since 4.2.0 and will be removed in 5.0.0. The ECDAA Trust Anchor does no longer exist in Webauthn specification. - * @infection-ignore-all - */ - final public const ATTESTATION_ECDAA = 'ecdaa'; - final public const ATTESTATION_ATTCA = 'attca'; final public const ATTESTATION_ANONCA = 'anonca'; @@ -179,7 +168,6 @@ class MetadataStatement implements JsonSerializable * @param string[] $attestationCertificateKeyIdentifiers * @param string[] $keyProtection * @param string[] $attachmentHint - * @param EcdaaTrustAnchor[] $ecdaaTrustAnchors * @param ExtensionDescriptor[] $supportedExtensions */ public function __construct( @@ -207,7 +195,6 @@ public function __construct( public array $attachmentHint = [], public ?string $tcDisplayContentType = null, public array $tcDisplayPNGCharacteristics = [], - public array $ecdaaTrustAnchors = [], public ?string $icon = null, public array $supportedExtensions = [], ?AuthenticatorGetInfo $authenticatorGetInfo = null, @@ -240,7 +227,6 @@ public static function create( array $attachmentHint = [], ?string $tcDisplayContentType = null, array $tcDisplayPNGCharacteristics = [], - array $ecdaaTrustAnchors = [], ?string $icon = null, array $supportedExtensions = [], ?AuthenticatorGetInfo $authenticatorGetInfo = null, @@ -270,389 +256,17 @@ public static function create( $attachmentHint, $tcDisplayContentType, $tcDisplayPNGCharacteristics, - $ecdaaTrustAnchors, $icon, $supportedExtensions, $authenticatorGetInfo, ); } - /** - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - * @infection-ignore-all - */ - public static function createFromString(string $statement): self - { - $data = json_decode($statement, true, flags: JSON_THROW_ON_ERROR); - - return self::createFromArray($data); - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getLegalHeader(): ?string - { - return $this->legalHeader; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAaid(): ?string - { - return $this->aaid; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAaguid(): ?string - { - return $this->aaguid; - } - public function isKeyRestricted(): ?bool { return $this->isKeyRestricted; } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function isFreshUserVerificationRequired(): ?bool - { - return $this->isFreshUserVerificationRequired; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAuthenticatorGetInfo(): AuthenticatorGetInfo|null - { - return $this->authenticatorGetInfo; - } - - /** - * @return string[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAttestationCertificateKeyIdentifiers(): array - { - return $this->attestationCertificateKeyIdentifiers; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getDescription(): string - { - return $this->description; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAlternativeDescriptions(): AlternativeDescriptions - { - return $this->alternativeDescriptions; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAuthenticatorVersion(): int - { - return $this->authenticatorVersion; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getProtocolFamily(): string - { - return $this->protocolFamily; - } - - /** - * @return Version[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getUpv(): array - { - return $this->upv; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getSchema(): ?int - { - return $this->schema; - } - - /** - * @return string[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAuthenticationAlgorithms(): array - { - return $this->authenticationAlgorithms; - } - - /** - * @return string[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getPublicKeyAlgAndEncodings(): array - { - return $this->publicKeyAlgAndEncodings; - } - - /** - * @return string[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAttestationTypes(): array - { - return $this->attestationTypes; - } - - /** - * @return VerificationMethodANDCombinations[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getUserVerificationDetails(): array - { - return $this->userVerificationDetails; - } - - /** - * @return string[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getKeyProtection(): array - { - return $this->keyProtection; - } - - /** - * @return string[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getMatcherProtection(): array - { - return $this->matcherProtection; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCryptoStrength(): ?int - { - return $this->cryptoStrength; - } - - /** - * @return string[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAttachmentHint(): array - { - return $this->attachmentHint; - } - - /** - * @return string[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getTcDisplay(): array - { - return $this->tcDisplay; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getTcDisplayContentType(): ?string - { - return $this->tcDisplayContentType; - } - - /** - * @return DisplayPNGCharacteristicsDescriptor[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getTcDisplayPNGCharacteristics(): array - { - return $this->tcDisplayPNGCharacteristics; - } - - /** - * @return string[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAttestationRootCertificates(): array - { - return $this->attestationRootCertificates; - } - - /** - * @return EcdaaTrustAnchor[] - * - * @deprecated since 4.2.0 and will be removed in 5.0.0. The ECDAA Trust Anchor does no longer exist in Webauthn specification. - * @infection-ignore-all - */ - public function getEcdaaTrustAnchors(): array - { - return $this->ecdaaTrustAnchors; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getIcon(): ?string - { - return $this->icon; - } - - /** - * @return ExtensionDescriptor[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getSupportedExtensions(): array - { - return $this->supportedExtensions; - } - - /** - * @param array $data - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): self - { - $requiredKeys = [ - 'description', - 'authenticatorVersion', - 'protocolFamily', - 'schema', - 'upv', - 'authenticationAlgorithms', - 'publicKeyAlgAndEncodings', - 'attestationTypes', - 'userVerificationDetails', - 'matcherProtection', - 'tcDisplay', - 'attestationRootCertificates', - ]; - foreach ($requiredKeys as $key) { - array_key_exists($key, $data) || throw MetadataStatementLoadingException::create(sprintf( - 'Invalid data. The key "%s" is missing', - $key - )); - } - $subObjects = [ - 'authenticationAlgorithms', - 'publicKeyAlgAndEncodings', - 'attestationTypes', - 'matcherProtection', - 'tcDisplay', - 'attestationRootCertificates', - ]; - foreach ($subObjects as $subObject) { - is_array($data[$subObject]) || throw MetadataStatementLoadingException::create(sprintf( - 'Invalid Metadata Statement. The parameter "%s" shall be a list of strings.', - $subObject - )); - foreach ($data[$subObject] as $datum) { - is_string($datum) || throw MetadataStatementLoadingException::create(sprintf( - 'Invalid Metadata Statement. The parameter "%s" shall be a list of strings.', - $subObject - )); - } - } - - return self::create( - $data['description'], - $data['authenticatorVersion'], - $data['protocolFamily'], - $data['schema'], - array_map(static function ($upv): Version { - is_array($upv) || throw MetadataStatementLoadingException::create( - 'Invalid Metadata Statement. The parameter "upv" shall be a list of objects.' - ); - - return Version::createFromArray($upv); - }, $data['upv']), - $data['authenticationAlgorithms'], - $data['publicKeyAlgAndEncodings'], - $data['attestationTypes'], - array_map(static function ($userVerificationDetails): VerificationMethodANDCombinations { - is_array($userVerificationDetails) || throw MetadataStatementLoadingException::create( - 'Invalid Metadata Statement. The parameter "userVerificationDetails" shall be a list of objects.' - ); - - return VerificationMethodANDCombinations::createFromArray($userVerificationDetails); - }, $data['userVerificationDetails']), - $data['matcherProtection'], - $data['tcDisplay'], - CertificateToolbox::fixPEMStructures($data['attestationRootCertificates']), - $data['alternativeDescriptions'] ?? [], - $data['legalHeader'] ?? null, - $data['aaid'] ?? null, - $data['aaguid'] ?? null, - $data['attestationCertificateKeyIdentifiers'] ?? [], - $data['keyProtection'] ?? [], - $data['isKeyRestricted'] ?? null, - $data['isFreshUserVerificationRequired'] ?? null, - $data['cryptoStrength'] ?? null, - $data['attachmentHint'] ?? [], - $data['tcDisplayContentType'] ?? null, - array_map( - static fn (array $data): DisplayPNGCharacteristicsDescriptor => DisplayPNGCharacteristicsDescriptor::createFromArray( - $data - ), - $data['tcDisplayPNGCharacteristics'] ?? [] - ), - $data['ecdaaTrustAnchors'] ?? [], - $data['icon'] ?? null, - array_map( - static fn ($supportedExtension): ExtensionDescriptor => ExtensionDescriptor::createFromArray( - $supportedExtension - ), - $data['supportedExtensions'] ?? [] - ), - isset($data['authenticatorGetInfo']) ? AuthenticatorGetInfo::create($data['authenticatorGetInfo']) : null, - ); - } - /** * @return array */ @@ -683,7 +297,6 @@ public function jsonSerialize(): array 'tcDisplayContentType' => $this->tcDisplayContentType, 'tcDisplayPNGCharacteristics' => $this->tcDisplayPNGCharacteristics, 'attestationRootCertificates' => CertificateToolbox::fixPEMStructures($this->attestationRootCertificates), - 'ecdaaTrustAnchors' => $this->ecdaaTrustAnchors, 'icon' => $this->icon, 'authenticatorGetInfo' => $this->authenticatorGetInfo, 'supportedExtensions' => $this->supportedExtensions, diff --git a/src/metadata-service/src/Statement/PatternAccuracyDescriptor.php b/src/metadata-service/src/Statement/PatternAccuracyDescriptor.php index 9838e1db2..32258193e 100644 --- a/src/metadata-service/src/Statement/PatternAccuracyDescriptor.php +++ b/src/metadata-service/src/Statement/PatternAccuracyDescriptor.php @@ -6,8 +6,6 @@ use Webauthn\MetadataService\Exception\MetadataStatementLoadingException; use Webauthn\MetadataService\ValueFilter; -use function array_key_exists; -use function is_int; class PatternAccuracyDescriptor extends AbstractDescriptor { @@ -29,37 +27,6 @@ public static function create(int $minComplexity, ?int $maxRetries = null, ?int return new self($minComplexity, $maxRetries, $blockSlowdown); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getMinComplexity(): int - { - return $this->minComplexity; - } - - /** - * @param array $data - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): self - { - $data = self::filterNullValues($data); - array_key_exists('minComplexity', $data) || throw MetadataStatementLoadingException::create( - 'The key "minComplexity" is missing' - ); - foreach (['minComplexity', 'maxRetries', 'blockSlowdown'] as $key) { - if (array_key_exists($key, $data)) { - is_int($data[$key]) || throw MetadataStatementLoadingException::create( - sprintf('Invalid data. The value of "%s" must be a positive integer', $key) - ); - } - } - - return self::create($data['minComplexity'], $data['maxRetries'] ?? null, $data['blockSlowdown'] ?? null); - } - /** * @return array */ diff --git a/src/metadata-service/src/Statement/RgbPaletteEntry.php b/src/metadata-service/src/Statement/RgbPaletteEntry.php index a2bd1ea32..ef5e7d416 100644 --- a/src/metadata-service/src/Statement/RgbPaletteEntry.php +++ b/src/metadata-service/src/Statement/RgbPaletteEntry.php @@ -6,8 +6,6 @@ use JsonSerializable; use Webauthn\MetadataService\Exception\MetadataStatementLoadingException; -use function array_key_exists; -use function is_int; class RgbPaletteEntry implements JsonSerializable { @@ -26,53 +24,6 @@ public static function create(int $r, int $g, int $b): self return new self($r, $g, $b); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getR(): int - { - return $this->r; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getG(): int - { - return $this->g; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getB(): int - { - return $this->b; - } - - /** - * @param array $data - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): self - { - foreach (['r', 'g', 'b'] as $key) { - array_key_exists($key, $data) || throw MetadataStatementLoadingException::create(sprintf( - 'The key "%s" is missing', - $key - )); - is_int($data[$key]) || throw MetadataStatementLoadingException::create( - sprintf('The key "%s" is invalid', $key) - ); - } - - return self::create($data['r'], $data['g'], $data['b']); - } - /** * @return array */ diff --git a/src/metadata-service/src/Statement/RogueListEntry.php b/src/metadata-service/src/Statement/RogueListEntry.php index bea96c6ad..85581fe6f 100644 --- a/src/metadata-service/src/Statement/RogueListEntry.php +++ b/src/metadata-service/src/Statement/RogueListEntry.php @@ -5,9 +5,6 @@ namespace Webauthn\MetadataService\Statement; use JsonSerializable; -use Webauthn\MetadataService\Exception\MetadataStatementLoadingException; -use function array_key_exists; -use function is_string; class RogueListEntry implements JsonSerializable { @@ -22,41 +19,6 @@ public static function create(string $sk, string $date): self return new self($sk, $date); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getSk(): string - { - return $this->sk; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getDate(): ?string - { - return $this->date; - } - - /** - * @param array $data - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): self - { - array_key_exists('sk', $data) || throw MetadataStatementLoadingException::create('The key "sk" is missing'); - is_string($data['sk']) || throw MetadataStatementLoadingException::create('The key "date" is invalid'); - array_key_exists('date', $data) || throw MetadataStatementLoadingException::create( - 'The key "date" is missing' - ); - is_string($data['date']) || throw MetadataStatementLoadingException::create('The key "date" is invalid'); - - return self::create($data['sk'], $data['date']); - } - /** * @return array */ diff --git a/src/metadata-service/src/Statement/StatusReport.php b/src/metadata-service/src/Statement/StatusReport.php index 45b78f6ae..276d3874f 100644 --- a/src/metadata-service/src/Statement/StatusReport.php +++ b/src/metadata-service/src/Statement/StatusReport.php @@ -7,9 +7,7 @@ use JsonSerializable; use Webauthn\MetadataService\Exception\MetadataStatementLoadingException; use Webauthn\MetadataService\ValueFilter; -use function array_key_exists; use function in_array; -use function is_string; class StatusReport implements JsonSerializable { @@ -65,119 +63,6 @@ public function isCompromised(): bool ], true); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getStatus(): string - { - return $this->status; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getEffectiveDate(): ?string - { - return $this->effectiveDate; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCertificate(): ?string - { - return $this->certificate; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getUrl(): ?string - { - return $this->url; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCertificationDescriptor(): ?string - { - return $this->certificationDescriptor; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCertificateNumber(): ?string - { - return $this->certificateNumber; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCertificationPolicyVersion(): ?string - { - return $this->certificationPolicyVersion; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCertificationRequirementsVersion(): ?string - { - return $this->certificationRequirementsVersion; - } - - /** - * @param array $data - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): self - { - $data = self::filterNullValues($data); - array_key_exists('status', $data) || throw MetadataStatementLoadingException::create( - 'The key "status" is missing' - ); - foreach ([ - 'effectiveDate', - 'certificate', - 'url', - 'certificationDescriptor', - 'certificateNumber', - 'certificationPolicyVersion', - 'certificationRequirementsVersion', - ] as $key) { - if (isset($data[$key])) { - $value = $data[$key]; - $value === null || is_string($value) || throw MetadataStatementLoadingException::create(sprintf( - 'The value of the key "%s" is invalid', - $key - )); - } - } - - return self::create( - $data['status'], - $data['effectiveDate'] ?? null, - $data['certificate'] ?? null, - $data['url'] ?? null, - $data['certificationDescriptor'] ?? null, - $data['certificateNumber'] ?? null, - $data['certificationPolicyVersion'] ?? null, - $data['certificationRequirementsVersion'] ?? null - ); - } - /** * @return array */ diff --git a/src/metadata-service/src/Statement/VerificationMethodANDCombinations.php b/src/metadata-service/src/Statement/VerificationMethodANDCombinations.php index 174dcc83a..65f31f520 100644 --- a/src/metadata-service/src/Statement/VerificationMethodANDCombinations.php +++ b/src/metadata-service/src/Statement/VerificationMethodANDCombinations.php @@ -25,44 +25,6 @@ public static function create(array $verificationMethods): self return new self($verificationMethods); } - /** - * @deprecated since 4.7.0. Please use the {self::create} directly. - * @infection-ignore-all - */ - public function addVerificationMethodDescriptor(VerificationMethodDescriptor $verificationMethodDescriptor): self - { - $this->verificationMethods[] = $verificationMethodDescriptor; - - return $this; - } - - /** - * @return VerificationMethodDescriptor[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getVerificationMethods(): array - { - return $this->verificationMethods; - } - - /** - * @param array $data - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): self - { - return self::create( - array_map( - static fn (array $datum): VerificationMethodDescriptor => VerificationMethodDescriptor::createFromArray( - $datum - ), - $data - ) - ); - } - /** * @return array */ diff --git a/src/metadata-service/src/Statement/VerificationMethodDescriptor.php b/src/metadata-service/src/Statement/VerificationMethodDescriptor.php index 3fb2aeb92..da8661b3a 100644 --- a/src/metadata-service/src/Statement/VerificationMethodDescriptor.php +++ b/src/metadata-service/src/Statement/VerificationMethodDescriptor.php @@ -7,8 +7,6 @@ use JsonSerializable; use Webauthn\MetadataService\Exception\MetadataStatementLoadingException; use Webauthn\MetadataService\ValueFilter; -use function array_key_exists; -use function is_array; class VerificationMethodDescriptor implements JsonSerializable { @@ -118,15 +116,6 @@ public static function create( return new self($userVerificationMethod, $caDesc, $baDesc, $paDesc); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getUserVerificationMethod(): string - { - return $this->userVerificationMethod; - } - public function userPresence(): bool { return $this->userVerificationMethod === self::USER_VERIFY_PRESENCE_INTERNAL; @@ -192,64 +181,6 @@ public function all(): bool return $this->userVerificationMethod === self::USER_VERIFY_ALL; } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCaDesc(): ?CodeAccuracyDescriptor - { - return $this->caDesc; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getBaDesc(): ?BiometricAccuracyDescriptor - { - return $this->baDesc; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getPaDesc(): ?PatternAccuracyDescriptor - { - return $this->paDesc; - } - - /** - * @param array $data - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): self - { - $data = self::filterNullValues($data); - if (isset($data['userVerification']) && ! isset($data['userVerificationMethod'])) { - $data['userVerificationMethod'] = $data['userVerification']; - unset($data['userVerification']); - } - array_key_exists('userVerificationMethod', $data) || throw MetadataStatementLoadingException::create( - 'The parameters "userVerificationMethod" is missing' - ); - - foreach (['caDesc', 'baDesc', 'paDesc'] as $key) { - if (isset($data[$key])) { - is_array($data[$key]) || throw MetadataStatementLoadingException::create( - sprintf('Invalid parameter "%s"', $key) - ); - } - } - - $caDesc = isset($data['caDesc']) ? CodeAccuracyDescriptor::createFromArray($data['caDesc']) : null; - $baDesc = isset($data['baDesc']) ? BiometricAccuracyDescriptor::createFromArray($data['baDesc']) : null; - $paDesc = isset($data['paDesc']) ? PatternAccuracyDescriptor::createFromArray($data['paDesc']) : null; - - return self::create($data['userVerificationMethod'], $caDesc, $baDesc, $paDesc); - } - /** * @return array */ diff --git a/src/metadata-service/src/Statement/Version.php b/src/metadata-service/src/Statement/Version.php index 8588e6201..58245d47a 100644 --- a/src/metadata-service/src/Statement/Version.php +++ b/src/metadata-service/src/Statement/Version.php @@ -7,8 +7,6 @@ use JsonSerializable; use Webauthn\MetadataService\Exception\MetadataStatementLoadingException; use Webauthn\MetadataService\ValueFilter; -use function array_key_exists; -use function is_int; class Version implements JsonSerializable { @@ -30,43 +28,6 @@ public static function create(?int $major, ?int $minor): self return new self($major, $minor); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getMajor(): ?int - { - return $this->major; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getMinor(): ?int - { - return $this->minor; - } - - /** - * @param array $data - * @deprecated since 4.7.0. Please use the symfony/serializer for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): self - { - $data = self::filterNullValues($data); - foreach (['major', 'minor'] as $key) { - if (array_key_exists($key, $data)) { - is_int($data[$key]) || throw MetadataStatementLoadingException::create( - sprintf('Invalid value for key "%s"', $key) - ); - } - } - - return self::create($data['major'] ?? null, $data['minor'] ?? null); - } - /** * @return array */ diff --git a/src/symfony/composer.json b/src/symfony/composer.json index 916a32b94..bb66d1e7a 100644 --- a/src/symfony/composer.json +++ b/src/symfony/composer.json @@ -23,21 +23,19 @@ } ], "require": { - "php": ">=8.1", - "nyholm/psr7": "^1.5", + "php": ">=8.2", "psr/event-dispatcher": "^1.0", - "symfony/config": "^6.1", - "symfony/dependency-injection": "^6.1", - "symfony/framework-bundle": "^6.1", - "symfony/http-client": "^6.1", - "symfony/psr-http-message-bridge": "^2.1", - "symfony/security-bundle": "^6.1", - "symfony/security-core": "^6.1", - "symfony/security-http": "^6.1", - "symfony/serializer": "^6.1", - "symfony/validator": "^6.1", + "symfony/config": "^6.4|^7.0", + "symfony/dependency-injection": "^6.4|^7.0", + "symfony/framework-bundle": "^6.4|^7.0", + "symfony/http-client": "^6.4|^7.0", + "symfony/security-bundle": "^6.4|^7.0", + "symfony/security-core": "^6.4|^7.0", + "symfony/security-http": "^6.4|^7.0", + "symfony/serializer": "^6.4|^7.0", + "symfony/validator": "^6.4|^7.0", "web-auth/webauthn-lib": "self.version", - "web-token/jwt-signature": "^3.1" + "web-token/jwt-signature": "^3.2.8" }, "extra": { "thanks": { diff --git a/src/symfony/src/Controller/AssertionControllerFactory.php b/src/symfony/src/Controller/AssertionControllerFactory.php index fcfdf24c6..0ec967cee 100644 --- a/src/symfony/src/Controller/AssertionControllerFactory.php +++ b/src/symfony/src/Controller/AssertionControllerFactory.php @@ -8,20 +8,14 @@ use Psr\Log\NullLogger; use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface; use Symfony\Component\Serializer\SerializerInterface; -use Symfony\Component\Validator\Validator\ValidatorInterface; use Webauthn\AuthenticatorAssertionResponseValidator; -use Webauthn\Bundle\CredentialOptionsBuilder\ProfileBasedRequestOptionsBuilder; use Webauthn\Bundle\CredentialOptionsBuilder\PublicKeyCredentialRequestOptionsBuilder; use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; -use Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepositoryInterface; use Webauthn\Bundle\Security\Handler\FailureHandler; use Webauthn\Bundle\Security\Handler\RequestOptionsHandler; use Webauthn\Bundle\Security\Handler\SuccessHandler; use Webauthn\Bundle\Security\Storage\OptionsStorage; -use Webauthn\Bundle\Service\PublicKeyCredentialRequestOptionsFactory; use Webauthn\MetadataService\CanLogData; -use Webauthn\PublicKeyCredentialLoader; -use Webauthn\PublicKeyCredentialSourceRepository; final class AssertionControllerFactory implements CanLogData { @@ -29,20 +23,9 @@ final class AssertionControllerFactory implements CanLogData public function __construct( private readonly SerializerInterface $serializer, - private readonly ValidatorInterface $validator, - private readonly PublicKeyCredentialRequestOptionsFactory $publicKeyCredentialRequestOptionsFactory, - private readonly null|PublicKeyCredentialLoader $publicKeyCredentialLoader, private readonly AuthenticatorAssertionResponseValidator $authenticatorAssertionResponseValidator, - private readonly PublicKeyCredentialUserEntityRepositoryInterface $publicKeyCredentialUserEntityRepository, - private readonly PublicKeyCredentialSourceRepository|PublicKeyCredentialSourceRepositoryInterface $publicKeyCredentialSourceRepository + private readonly PublicKeyCredentialSourceRepositoryInterface $publicKeyCredentialSourceRepository ) { - if ($this->publicKeyCredentialLoader !== null) { - trigger_deprecation( - 'web-auth/webauthn-bundle', - '4.8.0', - 'The argument "$publicKeyCredentialLoader" is deprecated since 4.5.0 and will be removed in 5.0.0. Please set null instead; the serializer will be used instead.' - ); - } $this->logger = new NullLogger(); } @@ -51,28 +34,6 @@ public function setLogger(LoggerInterface $logger): void $this->logger = $logger; } - /** - * @deprecated since 4.5.0 and will be removed in 5.0.0. Please use createRequestController instead. - * @infection-ignore-all - */ - public function createAssertionRequestController( - string $profile, - OptionsStorage $optionStorage, - RequestOptionsHandler $optionsHandler, - FailureHandler|AuthenticationFailureHandlerInterface $failureHandler - ): AssertionRequestController { - $optionsBuilder = new ProfileBasedRequestOptionsBuilder( - $this->serializer, - $this->validator, - $this->publicKeyCredentialUserEntityRepository, - $this->publicKeyCredentialSourceRepository, - $this->publicKeyCredentialRequestOptionsFactory, - $profile, - ); - - return $this->createRequestController($optionsBuilder, $optionStorage, $optionsHandler, $failureHandler); - } - public function createRequestController( PublicKeyCredentialRequestOptionsBuilder $optionsBuilder, OptionsStorage $optionStorage, @@ -88,43 +49,19 @@ public function createRequestController( ); } - /** - * @param string[] $securedRelyingPartyIds - * @deprecated since 4.5.0 and will be removed in 5.0.0. Please use createResponseController instead. - * @infection-ignore-all - */ - public function createAssertionResponseController( - OptionsStorage $optionStorage, - SuccessHandler $successHandler, - FailureHandler|AuthenticationFailureHandlerInterface $failureHandler, - array $securedRelyingPartyIds - ): AssertionResponseController { - return $this->createResponseController( - $optionStorage, - $successHandler, - $failureHandler, - $securedRelyingPartyIds - ); - } - - /** - * @param null|string[] $securedRelyingPartyIds - */ public function createResponseController( OptionsStorage $optionStorage, SuccessHandler $successHandler, FailureHandler|AuthenticationFailureHandlerInterface $failureHandler, - null|array $securedRelyingPartyIds = null, null|AuthenticatorAssertionResponseValidator $authenticatorAssertionResponseValidator = null, ): AssertionResponseController { return new AssertionResponseController( - $this->publicKeyCredentialLoader ?? $this->serializer, + $this->serializer, $authenticatorAssertionResponseValidator ?? $this->authenticatorAssertionResponseValidator, $this->logger, $optionStorage, $successHandler, $failureHandler, - $securedRelyingPartyIds, $this->publicKeyCredentialSourceRepository ); } diff --git a/src/symfony/src/Controller/AssertionResponseController.php b/src/symfony/src/Controller/AssertionResponseController.php index 6e1b155a5..bfc8fd78c 100644 --- a/src/symfony/src/Controller/AssertionResponseController.php +++ b/src/symfony/src/Controller/AssertionResponseController.php @@ -20,46 +20,29 @@ use Webauthn\Bundle\Security\Storage\OptionsStorage; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\PublicKeyCredential; -use Webauthn\PublicKeyCredentialLoader; use Webauthn\PublicKeyCredentialRequestOptions; final class AssertionResponseController { - /** - * @param null|string[] $securedRelyingPartyIds - */ public function __construct( - private readonly SerializerInterface|PublicKeyCredentialLoader $publicKeyCredentialLoader, - private readonly AuthenticatorAssertionResponseValidator $assertionResponseValidator, - private readonly LoggerInterface $logger, - private readonly OptionsStorage $optionsStorage, - private readonly SuccessHandler $successHandler, + private readonly SerializerInterface $serializer, + private readonly AuthenticatorAssertionResponseValidator $assertionResponseValidator, + private readonly LoggerInterface $logger, + private readonly OptionsStorage $optionsStorage, + private readonly SuccessHandler $successHandler, private readonly FailureHandler|AuthenticationFailureHandlerInterface $failureHandler, - private readonly null|array $securedRelyingPartyIds = null, - private readonly ?PublicKeyCredentialSourceRepositoryInterface $publicKeyCredentialSourceRepository = null + private readonly ?PublicKeyCredentialSourceRepositoryInterface $publicKeyCredentialSourceRepository = null ) { - if ($this->publicKeyCredentialLoader instanceof PublicKeyCredentialLoader) { - trigger_deprecation( - 'web-auth/webauthn-bundle', - '4.8.0', - 'The argument "$publicKeyCredentialLoader" is deprecated since 4.8.0 and will be removed in 5.0.0. Please inject a Symfony Serializer instead.' - ); - } } public function __invoke(Request $request): Response { try { - $format = method_exists( - $request, - 'getContentTypeFormat' - ) ? $request->getContentTypeFormat() : $request->getContentType(); + $format = $request->getContentTypeFormat(); $format === 'json' || throw new BadRequestHttpException('Only JSON content type allowed'); $content = $request->getContent(); - $publicKeyCredential = $this->publicKeyCredentialLoader instanceof PublicKeyCredentialLoader ? $this->publicKeyCredentialLoader->load( - $content - ) : $this->publicKeyCredentialLoader->deserialize($content, PublicKeyCredential::class, 'json'); + $publicKeyCredential = $this->serializer->deserialize($content, PublicKeyCredential::class, 'json'); $response = $publicKeyCredential->response; $response instanceof AuthenticatorAssertionResponse || throw new BadRequestHttpException( 'Invalid response' @@ -82,8 +65,7 @@ public function __invoke(Request $request): Response $response, $publicKeyCredentialRequestOptions, $request->getHost(), - $userEntity?->id, - $this->securedRelyingPartyIds + $userEntity?->id ); return $this->successHandler->onSuccess($request); } catch (Throwable $throwable) { diff --git a/src/symfony/src/Controller/AttestationControllerFactory.php b/src/symfony/src/Controller/AttestationControllerFactory.php index 286a067e0..7415be150 100644 --- a/src/symfony/src/Controller/AttestationControllerFactory.php +++ b/src/symfony/src/Controller/AttestationControllerFactory.php @@ -6,9 +6,7 @@ use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface; use Symfony\Component\Serializer\SerializerInterface; -use Symfony\Component\Validator\Validator\ValidatorInterface; use Webauthn\AuthenticatorAttestationResponseValidator; -use Webauthn\Bundle\CredentialOptionsBuilder\ProfileBasedCreationOptionsBuilder; use Webauthn\Bundle\CredentialOptionsBuilder\PublicKeyCredentialCreationOptionsBuilder; use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; use Webauthn\Bundle\Security\Guesser\UserEntityGuesser; @@ -16,54 +14,14 @@ use Webauthn\Bundle\Security\Handler\FailureHandler; use Webauthn\Bundle\Security\Handler\SuccessHandler; use Webauthn\Bundle\Security\Storage\OptionsStorage; -use Webauthn\Bundle\Service\PublicKeyCredentialCreationOptionsFactory; -use Webauthn\PublicKeyCredentialLoader; -use Webauthn\PublicKeyCredentialSourceRepository; final class AttestationControllerFactory { public function __construct( private readonly SerializerInterface $serializer, - private readonly ValidatorInterface $validator, - private readonly PublicKeyCredentialCreationOptionsFactory $publicKeyCredentialCreationOptionsFactory, - private readonly null|PublicKeyCredentialLoader $publicKeyCredentialLoader, private readonly AuthenticatorAttestationResponseValidator $attestationResponseValidator, - private readonly PublicKeyCredentialSourceRepository|PublicKeyCredentialSourceRepositoryInterface $publicKeyCredentialSourceRepository + private readonly PublicKeyCredentialSourceRepositoryInterface $publicKeyCredentialSourceRepository ) { - if ($this->publicKeyCredentialLoader !== null) { - trigger_deprecation( - 'web-auth/webauthn-bundle', - '4.8.0', - 'The argument "$publicKeyCredentialLoader" is deprecated since 4.5.0 and will be removed in 5.0.0. Please set null instead; the serializer will be used instead.' - ); - } - } - - /** - * @deprecated since 4.5.0 and will be removed in 5.0.0. Please use createResponseController instead. - * @infection-ignore-all - */ - public function createAttestationRequestController( - UserEntityGuesser $userEntityGuesser, - string $profile, - OptionsStorage $optionStorage, - CreationOptionsHandler $creationOptionsHandler, - FailureHandler|AuthenticationFailureHandlerInterface $failureHandler, - ): AttestationRequestController { - $optionsBuilder = new ProfileBasedCreationOptionsBuilder( - $this->serializer, - $this->validator, - $this->publicKeyCredentialSourceRepository, - $this->publicKeyCredentialCreationOptionsFactory, - $profile - ); - return $this->createRequestController( - $optionsBuilder, - $userEntityGuesser, - $optionStorage, - $creationOptionsHandler, - $failureHandler - ); } public function createRequestController( @@ -82,36 +40,19 @@ public function createRequestController( ); } - /** - * @deprecated since 4.5.0 and will be removed in 5.0.0. Please use createResponseController instead. - * @infection-ignore-all - */ - public function createAttestationResponseController( - OptionsStorage $optionStorage, - SuccessHandler $successHandler, - FailureHandler|AuthenticationFailureHandlerInterface $failureHandler - ): AttestationResponseController { - return $this->createResponseController($optionStorage, $successHandler, $failureHandler); - } - - /** - * @param null|string[] $securedRelyingPartyIds - */ public function createResponseController( OptionsStorage $optionStorage, SuccessHandler $successHandler, FailureHandler|AuthenticationFailureHandlerInterface $failureHandler, - null|array $securedRelyingPartyIds = null, null|AuthenticatorAttestationResponseValidator $attestationResponseValidator = null, ): AttestationResponseController { return new AttestationResponseController( - $this->publicKeyCredentialLoader ?? $this->serializer, + $this->serializer, $attestationResponseValidator ?? $this->attestationResponseValidator, $this->publicKeyCredentialSourceRepository, $optionStorage, $successHandler, $failureHandler, - $securedRelyingPartyIds ); } } diff --git a/src/symfony/src/Controller/AttestationResponseController.php b/src/symfony/src/Controller/AttestationResponseController.php index 8877af0d9..88bd8dc3f 100644 --- a/src/symfony/src/Controller/AttestationResponseController.php +++ b/src/symfony/src/Controller/AttestationResponseController.php @@ -22,42 +22,18 @@ use Webauthn\Bundle\Security\Storage\OptionsStorage; use Webauthn\PublicKeyCredential; use Webauthn\PublicKeyCredentialCreationOptions; -use Webauthn\PublicKeyCredentialLoader; -use Webauthn\PublicKeyCredentialSourceRepository; use Webauthn\PublicKeyCredentialUserEntity; final class AttestationResponseController { - /** - * @param null|string[] $securedRelyingPartyIds - */ public function __construct( - private readonly SerializerInterface|PublicKeyCredentialLoader $publicKeyCredentialLoader, - private readonly AuthenticatorAttestationResponseValidator $attestationResponseValidator, - private readonly PublicKeyCredentialSourceRepository|PublicKeyCredentialSourceRepositoryInterface $credentialSourceRepository, - private readonly OptionsStorage $optionStorage, - private readonly SuccessHandler $successHandler, - private readonly FailureHandler|AuthenticationFailureHandlerInterface $failureHandler, - private readonly null|array $securedRelyingPartyIds = null, + private readonly SerializerInterface $serializer, + private readonly AuthenticatorAttestationResponseValidator $attestationResponseValidator, + private readonly PublicKeyCredentialSourceRepositoryInterface $credentialSourceRepository, + private readonly OptionsStorage $optionStorage, + private readonly SuccessHandler $successHandler, + private readonly FailureHandler|AuthenticationFailureHandlerInterface $failureHandler, ) { - if (! $this->credentialSourceRepository instanceof PublicKeyCredentialSourceRepositoryInterface) { - trigger_deprecation( - 'web-auth/webauthn-symfony-bundle', - '4.6.0', - sprintf( - 'Since 4.6.0, the parameter "$credentialSourceRepository" expects an instance of "%s". Please implement that interface instead of "%s".', - PublicKeyCredentialSourceRepositoryInterface::class, - PublicKeyCredentialSourceRepository::class - ) - ); - } - if ($this->publicKeyCredentialLoader instanceof PublicKeyCredentialLoader) { - trigger_deprecation( - 'web-auth/webauthn-bundle', - '4.8.0', - 'The argument "$publicKeyCredentialLoader" is deprecated since 4.8.0 and will be removed in 5.0.0. Please inject a Symfony Serializer instead.' - ); - } } public function __invoke(Request $request): Response @@ -66,15 +42,10 @@ public function __invoke(Request $request): Response if (! $this->credentialSourceRepository instanceof CanSaveCredentialSource) { throw MissingFeatureException::create('Unable to register the credential.'); } - $format = method_exists( - $request, - 'getContentTypeFormat' - ) ? $request->getContentTypeFormat() : $request->getContentType(); + $format = $request->getContentTypeFormat(); $format === 'json' || throw new BadRequestHttpException('Only JSON content type allowed'); $content = $request->getContent(); - $publicKeyCredential = $this->publicKeyCredentialLoader instanceof PublicKeyCredentialLoader ? $this->publicKeyCredentialLoader->load( - $content - ) : $this->publicKeyCredentialLoader->deserialize($content, PublicKeyCredential::class, 'json'); + $publicKeyCredential = $this->serializer->deserialize($content, PublicKeyCredential::class, 'json'); $response = $publicKeyCredential->response; $response instanceof AuthenticatorAttestationResponse || throw new BadRequestHttpException( 'Invalid response' @@ -91,8 +62,7 @@ public function __invoke(Request $request): Response $credentialSource = $this->attestationResponseValidator->check( $response, $publicKeyCredentialCreationOptions, - $request->getHost(), - $this->securedRelyingPartyIds + $request->getHost() ); if ($this->credentialSourceRepository->findOneByCredentialId( $credentialSource->publicKeyCredentialId diff --git a/src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php b/src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php index 9d1dd498e..79819f572 100644 --- a/src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php +++ b/src/symfony/src/CredentialOptionsBuilder/ProfileBasedCreationOptionsBuilder.php @@ -10,7 +10,7 @@ use Symfony\Component\Serializer\SerializerInterface; use Symfony\Component\Validator\Validator\ValidatorInterface; use Webauthn\AuthenticationExtensions\AuthenticationExtension; -use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientInputs; +use Webauthn\AuthenticationExtensions\AuthenticationExtensions; use Webauthn\AuthenticatorSelectionCriteria; use Webauthn\Bundle\Dto\PublicKeyCredentialCreationOptionsRequest; use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; @@ -18,68 +18,43 @@ use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialDescriptor; use Webauthn\PublicKeyCredentialSource; -use Webauthn\PublicKeyCredentialSourceRepository; use Webauthn\PublicKeyCredentialUserEntity; use function count; use function is_array; -use const FILTER_VALIDATE_BOOLEAN; final class ProfileBasedCreationOptionsBuilder implements PublicKeyCredentialCreationOptionsBuilder { public function __construct( private readonly SerializerInterface $serializer, private readonly ValidatorInterface $validator, - private readonly PublicKeyCredentialSourceRepository|PublicKeyCredentialSourceRepositoryInterface $credentialSourceRepository, + private readonly PublicKeyCredentialSourceRepositoryInterface $credentialSourceRepository, private readonly PublicKeyCredentialCreationOptionsFactory $publicKeyCredentialCreationOptionsFactory, private readonly string $profile, ) { - if (! $this->credentialSourceRepository instanceof PublicKeyCredentialSourceRepositoryInterface) { - trigger_deprecation( - 'web-auth/webauthn-symfony-bundle', - '4.6.0', - sprintf( - 'Since 4.6.0, the parameter "$credentialSourceRepository" expects an instance of "%s". Please implement that interface instead of "%s".', - PublicKeyCredentialSourceRepositoryInterface::class, - PublicKeyCredentialSourceRepository::class - ) - ); - } } public function getFromRequest( Request $request, PublicKeyCredentialUserEntity $userEntity ): PublicKeyCredentialCreationOptions { - $format = method_exists( - $request, - 'getContentTypeFormat' - ) ? $request->getContentTypeFormat() : $request->getContentType(); + $format = $request->getContentTypeFormat(); $format === 'json' || throw new BadRequestHttpException('Only JSON content type allowed'); $content = $request->getContent(); $excludedCredentials = $this->getCredentials($userEntity); $optionsRequest = $this->getServerPublicKeyCredentialCreationOptionsRequest($content); - $authenticatorSelectionData = $optionsRequest->authenticatorSelection; $authenticatorSelection = null; - if (is_array($authenticatorSelectionData)) { - $authenticatorSelection = AuthenticatorSelectionCriteria::createFromArray($authenticatorSelectionData); - } elseif ($optionsRequest->userVerification !== null || $optionsRequest->residentKey !== null || $optionsRequest->authenticatorAttachment !== null) { + if ($optionsRequest->userVerification !== null || $optionsRequest->residentKey !== null || $optionsRequest->authenticatorAttachment !== null) { $residentKey = $optionsRequest->residentKey ?? null; - $requireResidentKey = $optionsRequest->requireResidentKey !== null ? filter_var( - $optionsRequest->requireResidentKey, - FILTER_VALIDATE_BOOLEAN - ) : null; - $authenticatorSelection = AuthenticatorSelectionCriteria::create( $optionsRequest->authenticatorAttachment, $optionsRequest->userVerification ?? AuthenticatorSelectionCriteria::USER_VERIFICATION_REQUIREMENT_PREFERRED, - $residentKey, - $requireResidentKey + $residentKey ); } $extensions = null; if (is_array($optionsRequest->extensions)) { - $extensions = AuthenticationExtensionsClientInputs::create(array_map( + $extensions = AuthenticationExtensions::create(array_map( static fn (string $name, mixed $data): AuthenticationExtension => AuthenticationExtension::create( $name, $data diff --git a/src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php b/src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php index 1dc0d45a0..cff91973d 100644 --- a/src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php +++ b/src/symfony/src/CredentialOptionsBuilder/ProfileBasedRequestOptionsBuilder.php @@ -10,7 +10,7 @@ use Symfony\Component\Serializer\SerializerInterface; use Symfony\Component\Validator\Validator\ValidatorInterface; use Webauthn\AuthenticationExtensions\AuthenticationExtension; -use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientInputs; +use Webauthn\AuthenticationExtensions\AuthenticationExtensions; use Webauthn\Bundle\Dto\ServerPublicKeyCredentialRequestOptionsRequest; use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; use Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepositoryInterface; @@ -18,7 +18,6 @@ use Webauthn\PublicKeyCredentialDescriptor; use Webauthn\PublicKeyCredentialRequestOptions; use Webauthn\PublicKeyCredentialSource; -use Webauthn\PublicKeyCredentialSourceRepository; use Webauthn\PublicKeyCredentialUserEntity; use function count; use function is_array; @@ -29,37 +28,23 @@ public function __construct( private readonly SerializerInterface $serializer, private readonly ValidatorInterface $validator, private readonly PublicKeyCredentialUserEntityRepositoryInterface $userEntityRepository, - private readonly PublicKeyCredentialSourceRepository|PublicKeyCredentialSourceRepositoryInterface $credentialSourceRepository, + private readonly PublicKeyCredentialSourceRepositoryInterface $credentialSourceRepository, private readonly PublicKeyCredentialRequestOptionsFactory $publicKeyCredentialRequestOptionsFactory, private readonly string $profile, ) { - if (! $this->credentialSourceRepository instanceof PublicKeyCredentialSourceRepositoryInterface) { - trigger_deprecation( - 'web-auth/webauthn-symfony-bundle', - '4.6.0', - sprintf( - 'Since 4.6.0, the parameter "$credentialSourceRepository" expects an instance of "%s". Please implement that interface instead of "%s".', - PublicKeyCredentialSourceRepositoryInterface::class, - PublicKeyCredentialSourceRepository::class - ) - ); - } } public function getFromRequest( Request $request, ?PublicKeyCredentialUserEntity &$userEntity = null ): PublicKeyCredentialRequestOptions { - $format = method_exists( - $request, - 'getContentTypeFormat' - ) ? $request->getContentTypeFormat() : $request->getContentType(); + $format = $request->getContentTypeFormat(); $format === 'json' || throw new BadRequestHttpException('Only JSON content type allowed'); $content = $request->getContent(); $optionsRequest = $this->getServerPublicKeyCredentialRequestOptionsRequest($content); $extensions = null; if (is_array($optionsRequest->extensions)) { - $extensions = AuthenticationExtensionsClientInputs::create(array_map( + $extensions = AuthenticationExtensions::create(array_map( static fn (string $name, mixed $data): AuthenticationExtension => AuthenticationExtension::create( $name, $data diff --git a/src/symfony/src/DataCollector/WebauthnCollector.php b/src/symfony/src/DataCollector/WebauthnCollector.php index 3f4d3d73a..1b9fa7567 100644 --- a/src/symfony/src/DataCollector/WebauthnCollector.php +++ b/src/symfony/src/DataCollector/WebauthnCollector.php @@ -11,11 +11,10 @@ use Symfony\Component\VarDumper\Cloner\Data; use Symfony\Component\VarDumper\Cloner\VarCloner; use Throwable; -use Webauthn\Bundle\Event\AuthenticatorAssertionResponseValidationFailedEvent; -use Webauthn\Bundle\Event\AuthenticatorAssertionResponseValidationSucceededEvent; -use Webauthn\Bundle\Event\AuthenticatorAttestationResponseValidationSucceededEvent; use Webauthn\Bundle\Event\PublicKeyCredentialCreationOptionsCreatedEvent; use Webauthn\Bundle\Event\PublicKeyCredentialRequestOptionsCreatedEvent; +use Webauthn\Event\AuthenticatorAssertionResponseValidationFailedEvent; +use Webauthn\Event\AuthenticatorAssertionResponseValidationSucceededEvent; use Webauthn\Event\AuthenticatorAttestationResponseValidationFailedEvent; use const JSON_PRETTY_PRINT; use const JSON_THROW_ON_ERROR; @@ -90,9 +89,6 @@ public static function getSubscribedEvents(): array return [ PublicKeyCredentialCreationOptionsCreatedEvent::class => ['addPublicKeyCredentialCreationOptions'], PublicKeyCredentialRequestOptionsCreatedEvent::class => ['addPublicKeyCredentialRequestOptions'], - AuthenticatorAttestationResponseValidationSucceededEvent::class => [ - 'addAuthenticatorAttestationResponseValidationSucceeded', - ], AuthenticatorAttestationResponseValidationFailedEvent::class => [ 'addAuthenticatorAttestationResponseValidationFailed', ], @@ -117,21 +113,6 @@ public function addPublicKeyCredentialCreationOptions(PublicKeyCredentialCreatio ]; } - public function addAuthenticatorAttestationResponseValidationSucceeded( - AuthenticatorAttestationResponseValidationSucceededEvent $event - ): void { - $cloner = new VarCloner(); - $this->authenticatorAttestationResponseValidationSucceeded[] = [ - 'attestation_response' => $cloner->cloneVar($event->authenticatorAttestationResponse), - 'options' => $cloner->cloneVar($event->publicKeyCredentialCreationOptions), - 'options_json' => json_encode( - $event->publicKeyCredentialCreationOptions, - JSON_THROW_ON_ERROR | JSON_PRETTY_PRINT - ), - 'credential_source' => $cloner->cloneVar($event->publicKeyCredentialSource), - ]; - } - public function addAuthenticatorAttestationResponseValidationFailed( AuthenticatorAttestationResponseValidationFailedEvent $event ): void { @@ -165,7 +146,7 @@ public function addAuthenticatorAssertionResponseValidationSucceeded( $cloner = new VarCloner(); $this->authenticatorAssertionResponseValidationSucceeded[] = [ 'user_handle' => $cloner->cloneVar($event->userHandle), - 'credential_id' => $cloner->cloneVar($event->credentialId), + 'credential_id' => $cloner->cloneVar($event->publicKeyCredentialSource->publicKeyCredentialId), 'assertion_response' => $cloner->cloneVar($event->authenticatorAssertionResponse), 'options' => $cloner->cloneVar($event->publicKeyCredentialRequestOptions), 'options_json' => json_encode( @@ -182,7 +163,7 @@ public function addAuthenticatorAssertionResponseValidationFailed( $cloner = new VarCloner(); $this->authenticatorAssertionResponseValidationFailed[] = [ 'user_handle' => $cloner->cloneVar($event->userHandle), - 'credential_id' => $cloner->cloneVar($event->getCredential()?->publicKeyCredentialId), + 'credential_id' => $cloner->cloneVar($event->publicKeyCredentialSource->publicKeyCredentialId), 'assertion_response' => $cloner->cloneVar($event->authenticatorAssertionResponse), 'options' => $cloner->cloneVar($event->publicKeyCredentialRequestOptions), 'options_json' => json_encode( diff --git a/src/symfony/src/DependencyInjection/Compiler/CounterCheckerSetterCompilerPass.php b/src/symfony/src/DependencyInjection/Compiler/CounterCheckerSetterCompilerPass.php deleted file mode 100644 index 9e0e95e15..000000000 --- a/src/symfony/src/DependencyInjection/Compiler/CounterCheckerSetterCompilerPass.php +++ /dev/null @@ -1,27 +0,0 @@ -hasAlias(CounterChecker::class) - || ! $container->hasDefinition(AuthenticatorAssertionResponseValidator::class) - ) { - return; - } - - $definition = $container->getDefinition(AuthenticatorAssertionResponseValidator::class); - $definition->addMethodCall('setCounterChecker', [new Reference(CounterChecker::class)]); - } -} diff --git a/src/symfony/src/DependencyInjection/Compiler/MetadataStatementSupportCompilerPass.php b/src/symfony/src/DependencyInjection/Compiler/MetadataStatementSupportCompilerPass.php deleted file mode 100644 index 72aaa65f8..000000000 --- a/src/symfony/src/DependencyInjection/Compiler/MetadataStatementSupportCompilerPass.php +++ /dev/null @@ -1,39 +0,0 @@ -hasAlias(MetadataStatementRepository::class) - || ! $container->hasAlias(CertificateChainValidator::class) - || ! $container->hasAlias(StatusReportRepository::class) - ) { - return; - } - if (! $container->hasDefinition(AuthenticatorAttestationResponseValidator::class)) { - return; - } - - $definition = $container->getDefinition(AuthenticatorAttestationResponseValidator::class); - $definition->addMethodCall( - 'enableMetadataStatementSupport', - [ - new Reference(MetadataStatementRepository::class), - new Reference(StatusReportRepository::class), - new Reference(CertificateChainValidator::class), - ] - ); - } -} diff --git a/src/symfony/src/DependencyInjection/Configuration.php b/src/symfony/src/DependencyInjection/Configuration.php index 555eaebcc..302f90ab0 100644 --- a/src/symfony/src/DependencyInjection/Configuration.php +++ b/src/symfony/src/DependencyInjection/Configuration.php @@ -53,15 +53,6 @@ public function getConfigTreeBuilder(): TreeBuilder ->end(); $rootNode->children() - ->scalarNode('http_message_factory') - ->setDeprecated( - 'web-auth/webauthn-symfony-bundle', - '4.5.0', - 'The class "http_message_factory" configuration option is deprecated since 4.5.0 and will be removed in 5.0.0. Not needed anymore.' - ) - ->defaultNull() - ->info('Creates PSR-7 HTTP Request and Response instances from Symfony ones.') - ->end() ->scalarNode('clock') ->defaultValue('webauthn.clock.default') ->info('PSR-20 Clock service.') @@ -93,11 +84,6 @@ public function getConfigTreeBuilder(): TreeBuilder ->defaultValue(DummyPublicKeyCredentialUserEntityRepository::class) ->info('This repository is responsible of the user storage') ->end() - ->scalarNode('token_binding_support_handler') - ->defaultNull() - ->setDeprecated('web-auth/webauthn-symfony-bundle', '4.3.0') - ->info('This handler will check the token binding header from the request. By default, it is ignored.') - ->end() ->arrayNode('secured_rp_ids') ->treatFalseLike(null) ->treatTrueLike(null) @@ -184,18 +170,6 @@ private function addCreationProfilesConfig(ArrayNodeDefinition $rootNode): void }) ->end() ->children() - ->scalarNode('attachment_mode') - ->setDeprecated('web-auth/webauthn-symfony-bundle', '4.7.0', 'Use "authenticator_attachment" instead') - ->defaultValue(AuthenticatorSelectionCriteria::AUTHENTICATOR_ATTACHMENT_NO_PREFERENCE) - ->validate() - ->ifNotInArray([ - AuthenticatorSelectionCriteria::AUTHENTICATOR_ATTACHMENT_NO_PREFERENCE, - AuthenticatorSelectionCriteria::AUTHENTICATOR_ATTACHMENT_PLATFORM, - AuthenticatorSelectionCriteria::AUTHENTICATOR_ATTACHMENT_CROSS_PLATFORM, - ]) - ->thenInvalid($errorTemplate) - ->end() - ->end() ->scalarNode('authenticator_attachment') ->defaultValue(AuthenticatorSelectionCriteria::AUTHENTICATOR_ATTACHMENT_NO_PREFERENCE) ->validate() diff --git a/src/symfony/src/DependencyInjection/Factory/Security/WebauthnFactory.php b/src/symfony/src/DependencyInjection/Factory/Security/WebauthnFactory.php index b98851c69..a60f87925 100644 --- a/src/symfony/src/DependencyInjection/Factory/Security/WebauthnFactory.php +++ b/src/symfony/src/DependencyInjection/Factory/Security/WebauthnFactory.php @@ -82,30 +82,6 @@ final class WebauthnFactory implements FirewallListenerFactoryInterface, Authent public const FIREWALL_CONFIG_DEFINITION_ID = 'webauthn.security.firewall_config'; - /** - * @deprecated This constant is not used anymore and will be removed in 5.0 - * @infection-ignore-all - */ - public const REQUEST_RESULT_LISTENER_DEFINITION_ID = 'webauthn.security.authentication.request_result_listener'; - - /** - * @deprecated This constant is not used anymore and will be removed in 5.0 - * @infection-ignore-all - */ - public const CREATION_RESULT_LISTENER_DEFINITION_ID = 'webauthn.security.authentication.creation_result_listener'; - - /** - * @deprecated This constant is not used anymore and will be removed in 5.0 - * @infection-ignore-all - */ - public const SUCCESS_HANDLER_ID_PREFIX = 'security.authentication.success_handler.webauthn.'; - - /** - * @deprecated This constant is not used anymore and will be removed in 5.0 - * @infection-ignore-all - */ - public const FAILURE_HANDLER_ID_PREFIX = 'security.authentication.failure_handler.webauthn.'; - private const PRIORITY = 0; public function __construct( diff --git a/src/symfony/src/DependencyInjection/Factory/Security/WebauthnServicesFactory.php b/src/symfony/src/DependencyInjection/Factory/Security/WebauthnServicesFactory.php index 4cb017d3a..903bd414c 100644 --- a/src/symfony/src/DependencyInjection/Factory/Security/WebauthnServicesFactory.php +++ b/src/symfony/src/DependencyInjection/Factory/Security/WebauthnServicesFactory.php @@ -56,7 +56,7 @@ public function createAuthenticatorAssertionResponseValidator( $authenticatorAssertionResponseValidatorId, new Definition(AuthenticatorAssertionResponseValidator::class) ) - ->setArguments([null, null, null, null, null, new Reference($ceremonyStepManagerId)]); + ->setArguments([new Reference($ceremonyStepManagerId)]); return $authenticatorAssertionResponseValidatorId; } @@ -82,7 +82,7 @@ public function createAuthenticatorAttestationResponseValidator( $authenticatorAttestationResponseValidatorId, new Definition(AuthenticatorAttestationResponseValidator::class) ) - ->setArguments([null, null, null, null, null, new Reference($ceremonyStepManagerId)]); + ->setArguments([new Reference($ceremonyStepManagerId)]); return $authenticatorAttestationResponseValidatorId; } diff --git a/src/symfony/src/DependencyInjection/WebauthnExtension.php b/src/symfony/src/DependencyInjection/WebauthnExtension.php index 4dc1b7c95..b1b509333 100644 --- a/src/symfony/src/DependencyInjection/WebauthnExtension.php +++ b/src/symfony/src/DependencyInjection/WebauthnExtension.php @@ -37,7 +37,6 @@ use Webauthn\Bundle\DependencyInjection\Compiler\LoggerSetterCompilerPass; use Webauthn\Bundle\Doctrine\Type as DbalType; use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; -use Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepository; use Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepositoryInterface; use Webauthn\Bundle\Service\PublicKeyCredentialCreationOptionsFactory; use Webauthn\Bundle\Service\PublicKeyCredentialRequestOptionsFactory; @@ -50,8 +49,6 @@ use Webauthn\MetadataService\Event\CanDispatchEvents; use Webauthn\MetadataService\MetadataStatementRepository; use Webauthn\MetadataService\StatusReportRepository; -use Webauthn\PublicKeyCredentialSourceRepository; -use Webauthn\TokenBinding\TokenBindingHandler; use function array_key_exists; use function count; use function is_array; @@ -100,14 +97,9 @@ public function load(array $configs, ContainerBuilder $container): void $container->setAlias('webauthn.http_client', $config['http_client']); $container->setAlias('webauthn.logger', $config['logger']); - $container->setAlias(PublicKeyCredentialSourceRepository::class, $config['credential_repository']); $container->setAlias(PublicKeyCredentialSourceRepositoryInterface::class, $config['credential_repository']); - $container->setAlias(PublicKeyCredentialUserEntityRepository::class, $config['user_repository']); $container->setAlias(PublicKeyCredentialUserEntityRepositoryInterface::class, $config['user_repository']); - if ($config['token_binding_support_handler'] !== null) { - $container->setAlias(TokenBindingHandler::class, $config['token_binding_support_handler']); - } $container->setAlias(CounterChecker::class, $config['counter_checker']); $loader = new PhpFileLoader($container, new FileLocator(__DIR__ . '/../Resources/config/')); @@ -236,14 +228,7 @@ private function loadCreationControllersSupport(ContainerBuilder $container, arr $name ); $attestationResponseValidator = new Definition(AuthenticatorAttestationResponseValidator::class); - $attestationResponseValidator->setArguments([ - null, - null, - null, - null, - null, - new Reference($creationCeremonyStepManagerId), - ]); + $attestationResponseValidator->setArguments([new Reference($creationCeremonyStepManagerId)]); $container->setDefinition($attestationResponseValidatorId, $attestationResponseValidator); $attestationResponseControllerId = sprintf('webauthn.controller.creation.response.%s', $name); @@ -255,7 +240,6 @@ private function loadCreationControllersSupport(ContainerBuilder $container, arr new Reference($creationConfig['options_storage']), new Reference($creationConfig['success_handler']), new Reference($creationConfig['failure_handler']), - null, new Reference($attestationResponseValidatorId), ]); $attestationResponseController->addTag(DynamicRouteCompilerPass::TAG, [ @@ -322,14 +306,7 @@ private function loadRequestControllersSupport(ContainerBuilder $container, arra $name ); $assertionResponseValidator = new Definition(AuthenticatorAssertionResponseValidator::class); - $assertionResponseValidator->setArguments([ - null, - null, - null, - null, - null, - new Reference($requestCeremonyStepManagerId), - ]); + $assertionResponseValidator->setArguments([new Reference($requestCeremonyStepManagerId)]); $container->setDefinition($assertionResponseValidatorId, $assertionResponseValidator); $assertionResponseControllerId = sprintf('webauthn.controller.request.response.%s', $name); @@ -341,7 +318,6 @@ private function loadRequestControllersSupport(ContainerBuilder $container, arra new Reference($requestConfig['options_storage']), new Reference($requestConfig['success_handler']), new Reference($requestConfig['failure_handler']), - null, new Reference($assertionResponseValidatorId), ]); $assertionResponseController->addTag(DynamicRouteCompilerPass::TAG, [ diff --git a/src/symfony/src/Doctrine/Type/PublicKeyCredentialDescriptorCollection.php b/src/symfony/src/Doctrine/Type/PublicKeyCredentialDescriptorCollection.php index 70b796e88..68eac3b32 100644 --- a/src/symfony/src/Doctrine/Type/PublicKeyCredentialDescriptorCollection.php +++ b/src/symfony/src/Doctrine/Type/PublicKeyCredentialDescriptorCollection.php @@ -11,7 +11,6 @@ use IteratorAggregate; use JsonSerializable; use Webauthn\PublicKeyCredentialDescriptor; -use function array_key_exists; use function count; use const COUNT_NORMAL; use const JSON_THROW_ON_ERROR; @@ -52,39 +51,6 @@ public static function create(array $publicKeyCredentialDescriptors): self return new self($publicKeyCredentialDescriptors); } - /** - * @deprecated since 4.7.0. Please use the {self::create} instead. - * @infection-ignore-all - */ - public function add(PublicKeyCredentialDescriptor ...$publicKeyCredentialDescriptors): void - { - foreach ($publicKeyCredentialDescriptors as $publicKeyCredentialDescriptor) { - $this->publicKeyCredentialDescriptors[$publicKeyCredentialDescriptor->id] = $publicKeyCredentialDescriptor; - } - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function has(string $id): bool - { - return array_key_exists($id, $this->publicKeyCredentialDescriptors); - } - - /** - * @deprecated since 4.7.0. No replacement. - * @infection-ignore-all - */ - public function remove(string $id): void - { - if (! array_key_exists($id, $this->publicKeyCredentialDescriptors)) { - return; - } - - unset($this->publicKeyCredentialDescriptors[$id]); - } - /** * @return Iterator */ diff --git a/src/symfony/src/Dto/AdditionalPublicKeyCredentialCreationOptionsRequest.php b/src/symfony/src/Dto/AdditionalPublicKeyCredentialCreationOptionsRequest.php deleted file mode 100644 index 90b0881ca..000000000 --- a/src/symfony/src/Dto/AdditionalPublicKeyCredentialCreationOptionsRequest.php +++ /dev/null @@ -1,13 +0,0 @@ -|null - * - * @deprecated Use $userVerification, $residentKey and $authenticatorAttachment - * @infection-ignore-all - */ - public ?array $authenticatorSelection = null; - #[NotBlank(allowNull: true)] #[Choice(choices: [ PublicKeyCredentialCreationOptions::ATTESTATION_CONVEYANCE_PREFERENCE_NONE, diff --git a/src/symfony/src/Event/AuthenticatorAssertionResponseValidationFailedEvent.php b/src/symfony/src/Event/AuthenticatorAssertionResponseValidationFailedEvent.php deleted file mode 100644 index b7e5c0dac..000000000 --- a/src/symfony/src/Event/AuthenticatorAssertionResponseValidationFailedEvent.php +++ /dev/null @@ -1,46 +0,0 @@ -publicKeyCredentialCreationOptions; - } } diff --git a/src/symfony/src/Event/PublicKeyCredentialRequestOptionsCreatedEvent.php b/src/symfony/src/Event/PublicKeyCredentialRequestOptionsCreatedEvent.php index 80b3794ae..7d9bd3634 100644 --- a/src/symfony/src/Event/PublicKeyCredentialRequestOptionsCreatedEvent.php +++ b/src/symfony/src/Event/PublicKeyCredentialRequestOptionsCreatedEvent.php @@ -18,12 +18,4 @@ public static function create(PublicKeyCredentialRequestOptions $publicKeyCreden { return new self($publicKeyCredentialRequestOptions); } - - /** - * @deprecated since 4.8.0. Will be removed in 5.0.0. Please use the property instead. - */ - public function getPublicKeyCredentialRequestOptions(): PublicKeyCredentialRequestOptions - { - return $this->publicKeyCredentialRequestOptions; - } } diff --git a/src/symfony/src/Repository/CanRegisterUserEntity.php b/src/symfony/src/Repository/CanRegisterUserEntity.php index e928edbc6..d97b1a7a4 100644 --- a/src/symfony/src/Repository/CanRegisterUserEntity.php +++ b/src/symfony/src/Repository/CanRegisterUserEntity.php @@ -8,11 +8,5 @@ interface CanRegisterUserEntity { - /** - * @deprecated since 4.7.0 and will be removed in 5.0.0. Please use Webauthn\Bundle\Repository\CanGenerateUserEntity::generateUserEntity() instead. - * @infection-ignore-all - */ - public function generateNextUserEntityId(): string; - public function saveUserEntity(PublicKeyCredentialUserEntity $userEntity): void; } diff --git a/src/symfony/src/Repository/DoctrineCredentialSourceRepository.php b/src/symfony/src/Repository/DoctrineCredentialSourceRepository.php index 6083efd70..90fc9d80c 100644 --- a/src/symfony/src/Repository/DoctrineCredentialSourceRepository.php +++ b/src/symfony/src/Repository/DoctrineCredentialSourceRepository.php @@ -63,12 +63,4 @@ public function findOneByCredentialId(string $publicKeyCredentialId): ?PublicKey ->getQuery() ->getOneOrNullResult(); } - - /** - * @deprecated since 4.7.2 and will be removed in 5.0.0. Please use the property instead. - */ - protected function getClass(): string - { - return $this->class; - } } diff --git a/src/symfony/src/Repository/PublicKeyCredentialSourceRepository.php b/src/symfony/src/Repository/PublicKeyCredentialSourceRepository.php deleted file mode 100644 index 4e31bec89..000000000 --- a/src/symfony/src/Repository/PublicKeyCredentialSourceRepository.php +++ /dev/null @@ -1,15 +0,0 @@ -services() ->defaults() ->private() @@ -37,112 +32,56 @@ $container ->set('webauthn.cose.algorithm.RS1') ->class(RS1::class); - $container - ->alias('webauthn.cose.algoritm.RS1', 'webauthn.cose.algorithm.RS1') - ->deprecate(...$deprecationData) - ; $container ->set('webauthn.cose.algorithm.RS256') ->class(RS256::class); - $container - ->alias('webauthn.cose.algoritm.RS256', 'webauthn.cose.algorithm.RS256') - ->deprecate(...$deprecationData) - ; $container ->set('webauthn.cose.algorithm.RS384') ->class(RS384::class); - $container - ->alias('webauthn.cose.algoritm.RS384', 'webauthn.cose.algorithm.RS384') - ->deprecate(...$deprecationData) - ; $container ->set('webauthn.cose.algorithm.RS512') ->class(RS512::class); - $container - ->alias('webauthn.cose.algoritm.RS512', 'webauthn.cose.algorithm.RS512') - ->deprecate(...$deprecationData) - ; $container ->set('webauthn.cose.algorithm.PS256') ->class(PS256::class); - $container - ->alias('webauthn.cose.algoritm.PS256', 'webauthn.cose.algorithm.PS256') - ->deprecate(...$deprecationData) - ; $container ->set('webauthn.cose.algorithm.PS384') ->class(PS384::class); - $container - ->alias('webauthn.cose.algoritm.PS384', 'webauthn.cose.algorithm.PS384') - ->deprecate(...$deprecationData) - ; $container ->set('webauthn.cose.algorithm.PS512') ->class(PS512::class); - $container - ->alias('webauthn.cose.algoritm.PS512', 'webauthn.cose.algorithm.PS512') - ->deprecate(...$deprecationData) - ; $container ->set('webauthn.cose.algorithm.ES256K') ->class(ES256K::class); - $container - ->alias('webauthn.cose.algoritm.ES256K', 'webauthn.cose.algorithm.ES256K') - ->deprecate(...$deprecationData) - ; $container ->set('webauthn.cose.algorithm.ES256') ->class(ES256::class); - $container - ->alias('webauthn.cose.algoritm.ES256', 'webauthn.cose.algorithm.ES256') - ->deprecate(...$deprecationData) - ; $container ->set('webauthn.cose.algorithm.ES384') ->class(ES384::class); - $container - ->alias('webauthn.cose.algoritm.ES384', 'webauthn.cose.algorithm.ES384') - ->deprecate(...$deprecationData) - ; $container ->set('webauthn.cose.algorithm.ES512') ->class(ES512::class); - $container - ->alias('webauthn.cose.algoritm.ES512', 'webauthn.cose.algorithm.ES512') - ->deprecate(...$deprecationData) - ; $container ->set('webauthn.cose.algorithm.ED256') ->class(Ed256::class); - $container - ->alias('webauthn.cose.algoritm.ED256', 'webauthn.cose.algorithm.ED256') - ->deprecate(...$deprecationData) - ; $container ->set('webauthn.cose.algorithm.ED512') ->class(Ed512::class); - $container - ->alias('webauthn.cose.algoritm.ED512', 'webauthn.cose.algorithm.ED512') - ->deprecate(...$deprecationData) - ; $container ->set('webauthn.cose.algorithm.Ed25519ph') ->class(Ed25519::class); - $container - ->alias('webauthn.cose.algoritm.Ed25519ph', 'webauthn.cose.algorithm.Ed25519ph') - ->deprecate(...$deprecationData) - ; }; diff --git a/src/symfony/src/Resources/config/metadata_statement_supports.php b/src/symfony/src/Resources/config/metadata_statement_supports.php index da48ac798..6dd6e7b75 100644 --- a/src/symfony/src/Resources/config/metadata_statement_supports.php +++ b/src/symfony/src/Resources/config/metadata_statement_supports.php @@ -21,7 +21,7 @@ ->set(AppleAttestationStatementSupport::class); $container ->set(TPMAttestationStatementSupport::class) - ->args([service('webauthn.clock') ->nullOnInvalid()]) + ->args([service('webauthn.clock')]) ; $container ->set(FidoU2FAttestationStatementSupport::class); @@ -33,9 +33,5 @@ $container ->set(PhpCertificateChainValidator::class) - ->args( - [service('webauthn.http_client'), service('webauthn.request_factory')->nullOnInvalid(), service( - 'webauthn.clock' - )] - ); + ->args([service('webauthn.http_client'), service('webauthn.clock')]); }; diff --git a/src/symfony/src/Resources/config/services.php b/src/symfony/src/Resources/config/services.php index ba1398686..80cb45756 100644 --- a/src/symfony/src/Resources/config/services.php +++ b/src/symfony/src/Resources/config/services.php @@ -2,12 +2,11 @@ declare(strict_types=1); -use Lcobucci\Clock\SystemClock; use Psr\Http\Message\RequestFactoryInterface; use Psr\Log\NullLogger; +use Symfony\Component\Clock\NativeClock; use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator; use Symfony\Component\Serializer\SerializerInterface; -use Symfony\Component\Validator\Validator\ValidatorInterface; use Symfony\Contracts\HttpClient\HttpClientInterface; use Webauthn\AttestationStatement\AttestationObjectLoader; use Webauthn\AttestationStatement\AttestationStatementSupportManager; @@ -20,7 +19,7 @@ use Webauthn\Bundle\Controller\DummyControllerFactory; use Webauthn\Bundle\Repository\DummyPublicKeyCredentialSourceRepository; use Webauthn\Bundle\Repository\DummyPublicKeyCredentialUserEntityRepository; -use Webauthn\Bundle\Repository\PublicKeyCredentialUserEntityRepositoryInterface; +use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; use Webauthn\Bundle\Routing\Loader; use Webauthn\Bundle\Service\DefaultFailureHandler; use Webauthn\Bundle\Service\DefaultSuccessHandler; @@ -44,20 +43,10 @@ use Webauthn\Denormalizer\WebauthnSerializerFactory; use Webauthn\MetadataService\Denormalizer\ExtensionDescriptorDenormalizer; use Webauthn\MetadataService\Denormalizer\MetadataStatementSerializerFactory; -use Webauthn\PublicKeyCredentialLoader; -use Webauthn\PublicKeyCredentialSourceRepository; -use Webauthn\TokenBinding\IgnoreTokenBindingHandler; -use Webauthn\TokenBinding\SecTokenBindingHandler; -use Webauthn\TokenBinding\TokenBindingNotSupportedHandler; use function Symfony\Component\DependencyInjection\Loader\Configurator\param; use function Symfony\Component\DependencyInjection\Loader\Configurator\service; return static function (ContainerConfigurator $container): void { - $deprecationData = [ - 'web-auth/webauthn-symfony-bundle', - '4.3.0', - '%service_id% is deprecated since 4.3.0 and will be removed in 5.0.0', - ]; $container = $container->services() ->defaults() ->private() @@ -65,8 +54,7 @@ $container ->set('webauthn.clock.default') - ->class(SystemClock::class) - ->factory([SystemClock::class, 'fromSystemTimezone']) + ->class(NativeClock::class) ; $container @@ -89,21 +77,12 @@ $container ->set(AuthenticatorAttestationResponseValidator::class) - ->args([null, null, null, null, null, service('webauthn.ceremony_step_manager.creation')]) + ->args([service('webauthn.ceremony_step_manager.creation')]) ->public(); $container ->set(AuthenticatorAssertionResponseValidator::class) ->class(AuthenticatorAssertionResponseValidator::class) - ->args([null, null, null, null, null, service('webauthn.ceremony_step_manager.request')]) - ->public(); - $container - ->set(PublicKeyCredentialLoader::class) - ->deprecate( - 'web-auth/webauthn-symfony-bundle', - '4.8.0', - '%service_id% is deprecated since 4.8.0 and will be removed in 5.0.0', - ) - ->args([null, service(SerializerInterface::class)]) + ->args([service('webauthn.ceremony_step_manager.request')]) ->public(); $container ->set(PublicKeyCredentialCreationOptionsFactory::class) @@ -124,16 +103,6 @@ $container ->set(NoneAttestationStatementSupport::class); - $container - ->set(IgnoreTokenBindingHandler::class) - ->deprecate(...$deprecationData); - $container - ->set(TokenBindingNotSupportedHandler::class) - ->deprecate(...$deprecationData); - $container - ->set(SecTokenBindingHandler::class) - ->deprecate(...$deprecationData); - $container ->set(ThrowExceptionIfInvalid::class) ->autowire(false); @@ -146,22 +115,15 @@ ->set(AttestationControllerFactory::class) ->args([ service(SerializerInterface::class), - service(ValidatorInterface::class), - service(PublicKeyCredentialCreationOptionsFactory::class), - null, service(AuthenticatorAttestationResponseValidator::class), - service(PublicKeyCredentialSourceRepository::class)->nullOnInvalid(), + service(PublicKeyCredentialSourceRepositoryInterface::class), ]); $container ->set(AssertionControllerFactory::class) ->args([ service(SerializerInterface::class), - service(ValidatorInterface::class), - service(PublicKeyCredentialRequestOptionsFactory::class), - null, service(AuthenticatorAssertionResponseValidator::class), - service(PublicKeyCredentialUserEntityRepositoryInterface::class), - service(PublicKeyCredentialSourceRepository::class)->nullOnInvalid(), + service(PublicKeyCredentialSourceRepositoryInterface::class), ]); $container @@ -188,7 +150,8 @@ ->set(ExtensionDescriptorDenormalizer::class) ->tag('serializer.normalizer', [ 'priority' => 1024, - ]); + ]) + ; $container ->set(AttestationObjectDenormalizer::class) ->tag('serializer.normalizer', [ @@ -196,60 +159,71 @@ ]); $container ->set(AttestationStatementDenormalizer::class) - ->args([service(AttestationStatementSupportManager::class)]) ->tag('serializer.normalizer', [ 'priority' => 1024, - ]); + ]) + ->args([service(AttestationStatementSupportManager::class)]) + ; $container ->set(AuthenticationExtensionsDenormalizer::class) ->tag('serializer.normalizer', [ 'priority' => 1024, - ]); + ]) + ; $container ->set(AuthenticatorAssertionResponseDenormalizer::class) ->tag('serializer.normalizer', [ 'priority' => 1024, - ]); + ]) + ; $container ->set(AuthenticatorAttestationResponseDenormalizer::class) ->tag('serializer.normalizer', [ 'priority' => 1024, - ]); + ]) + ; $container ->set(AuthenticatorDataDenormalizer::class) ->tag('serializer.normalizer', [ 'priority' => 1024, - ]); + ]) + ; $container ->set(AuthenticatorResponseDenormalizer::class) ->tag('serializer.normalizer', [ 'priority' => 1024, - ]); + ]) + ; $container ->set(CollectedClientDataDenormalizer::class) ->tag('serializer.normalizer', [ 'priority' => 1024, - ]); + ]) + ; $container ->set(PublicKeyCredentialDenormalizer::class) ->tag('serializer.normalizer', [ 'priority' => 1024, - ]); + ]) + ; $container ->set(PublicKeyCredentialOptionsDenormalizer::class) ->tag('serializer.normalizer', [ 'priority' => 1024, - ]); + ]) + ; $container ->set(PublicKeyCredentialSourceDenormalizer::class) ->tag('serializer.normalizer', [ 'priority' => 1024, - ]); + ]) + ; $container ->set(PublicKeyCredentialUserEntityDenormalizer::class) ->tag('serializer.normalizer', [ 'priority' => 1024, - ]); + ]) + ; $container->set(WebauthnSerializerFactory::class) ->args([service(AttestationStatementSupportManager::class)]) ; diff --git a/src/symfony/src/Security/Authentication/Token/WebauthnToken.php b/src/symfony/src/Security/Authentication/Token/WebauthnToken.php index e7fa0defc..d51fbb9e7 100644 --- a/src/symfony/src/Security/Authentication/Token/WebauthnToken.php +++ b/src/symfony/src/Security/Authentication/Token/WebauthnToken.php @@ -12,7 +12,7 @@ use Webauthn\PublicKeyCredentialOptions; use Webauthn\PublicKeyCredentialUserEntity; -class WebauthnToken extends AbstractToken implements WebauthnTokenInterface +class WebauthnToken extends AbstractToken { public function __construct( private readonly PublicKeyCredentialUserEntity $publicKeyCredentialUserEntity, diff --git a/src/symfony/src/Security/Authentication/Token/WebauthnTokenInterface.php b/src/symfony/src/Security/Authentication/Token/WebauthnTokenInterface.php deleted file mode 100644 index 83e68d6d9..000000000 --- a/src/symfony/src/Security/Authentication/Token/WebauthnTokenInterface.php +++ /dev/null @@ -1,40 +0,0 @@ -getContentTypeFormat() : $request->getContentType(); + ) ? $request->getContentTypeFormat() : $request->getContentTypeFormat(); $format === 'json' || throw InvalidDataException::create($format, 'Only JSON content type allowed'); $content = $request->getContent(); diff --git a/src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php b/src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php index 53862aad8..973a66d7b 100644 --- a/src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php +++ b/src/symfony/src/Security/Http/Authenticator/WebauthnAuthenticator.php @@ -40,9 +40,7 @@ use Webauthn\MetadataService\CanLogData; use Webauthn\PublicKeyCredential; use Webauthn\PublicKeyCredentialCreationOptions; -use Webauthn\PublicKeyCredentialLoader; use Webauthn\PublicKeyCredentialRequestOptions; -use Webauthn\PublicKeyCredentialSourceRepository; use Webauthn\PublicKeyCredentialUserEntity; final class WebauthnAuthenticator implements AuthenticatorInterface, InteractiveAuthenticatorInterface, CanLogData @@ -50,35 +48,17 @@ final class WebauthnAuthenticator implements AuthenticatorInterface, Interactive private LoggerInterface $logger; public function __construct( - private readonly WebauthnFirewallConfig $firewallConfig, - private readonly UserProviderInterface $userProvider, - private readonly AuthenticationSuccessHandlerInterface $successHandler, - private readonly AuthenticationFailureHandlerInterface $failureHandler, - private readonly OptionsStorage $optionsStorage, - private readonly PublicKeyCredentialSourceRepository|PublicKeyCredentialSourceRepositoryInterface $publicKeyCredentialSourceRepository, + private readonly WebauthnFirewallConfig $firewallConfig, + private readonly UserProviderInterface $userProvider, + private readonly AuthenticationSuccessHandlerInterface $successHandler, + private readonly AuthenticationFailureHandlerInterface $failureHandler, + private readonly OptionsStorage $optionsStorage, + private readonly PublicKeyCredentialSourceRepositoryInterface $publicKeyCredentialSourceRepository, private readonly PublicKeyCredentialUserEntityRepositoryInterface $credentialUserEntityRepository, - private readonly PublicKeyCredentialLoader|SerializerInterface $publicKeyCredentialLoader, - private readonly AuthenticatorAssertionResponseValidator $assertionResponseValidator, - private readonly AuthenticatorAttestationResponseValidator $attestationResponseValidator + private readonly SerializerInterface $serializer, + private readonly AuthenticatorAssertionResponseValidator $assertionResponseValidator, + private readonly AuthenticatorAttestationResponseValidator $attestationResponseValidator ) { - if (! $this->publicKeyCredentialSourceRepository instanceof PublicKeyCredentialSourceRepositoryInterface) { - trigger_deprecation( - 'web-auth/webauthn-symfony-bundle', - '4.6.0', - sprintf( - 'Since 4.6.0, the parameter "$publicKeyCredentialSourceRepository" expects an instance of "%s". Please implement that interface instead of "%s".', - PublicKeyCredentialSourceRepositoryInterface::class, - PublicKeyCredentialSourceRepository::class - ) - ); - } - if ($this->publicKeyCredentialLoader instanceof PublicKeyCredentialLoader) { - trigger_deprecation( - 'web-auth/webauthn-bundle', - '4.8.0', - 'The argument "$publicKeyCredentialLoader" is deprecated since 4.8.0 and will be removed in 5.0.0. Please inject a Symfony Serializer instead.' - ); - } $this->logger = new NullLogger(); } @@ -180,15 +160,10 @@ public function isInteractive(): bool private function processWithAssertion(Request $request): Passport { try { - $format = method_exists( - $request, - 'getContentTypeFormat' - ) ? $request->getContentTypeFormat() : $request->getContentType(); + $format = $request->getContentTypeFormat(); $format === 'json' || throw InvalidDataException::create($format, 'Only JSON content type allowed'); $content = $request->getContent(); - $publicKeyCredential = $this->publicKeyCredentialLoader instanceof PublicKeyCredentialLoader ? $this->publicKeyCredentialLoader->load( - $content - ) : $this->publicKeyCredentialLoader->deserialize($content, PublicKeyCredential::class, 'json'); + $publicKeyCredential = $this->serializer->deserialize($content, PublicKeyCredential::class, 'json'); $response = $publicKeyCredential->response; $response instanceof AuthenticatorAssertionResponse || throw InvalidDataException::create( $response, @@ -248,15 +223,10 @@ private function processWithAttestation(Request $request): Passport if (! $this->publicKeyCredentialSourceRepository instanceof CanSaveCredentialSource) { throw MissingFeatureException::create('Unable to register the credential.'); } - $format = method_exists( - $request, - 'getContentTypeFormat' - ) ? $request->getContentTypeFormat() : $request->getContentType(); + $format = $request->getContentTypeFormat(); $format === 'json' || throw InvalidDataException::create($format, 'Only JSON content type allowed'); $content = $request->getContent(); - $publicKeyCredential = $this->publicKeyCredentialLoader instanceof PublicKeyCredentialLoader ? $this->publicKeyCredentialLoader->load( - $content - ) : $this->publicKeyCredentialLoader->deserialize($content, PublicKeyCredential::class, 'json'); + $publicKeyCredential = $this->serializer->deserialize($content, PublicKeyCredential::class, 'json'); $response = $publicKeyCredential->response; $response instanceof AuthenticatorAttestationResponse || throw InvalidDataException::create( $response, diff --git a/src/symfony/src/Service/AuthenticatorAssertionResponseValidator.php b/src/symfony/src/Service/AuthenticatorAssertionResponseValidator.php deleted file mode 100644 index a74297c08..000000000 --- a/src/symfony/src/Service/AuthenticatorAssertionResponseValidator.php +++ /dev/null @@ -1,80 +0,0 @@ -eventDispatcher = new NullEventDispatcher(); - } else { - $this->eventDispatcher = $eventDispatcher; - trigger_deprecation( - 'web-auth/webauthn-symfony-bundle', - '4.5.0', - 'The parameter "$eventDispatcher" is deprecated since 4.5.0 will be removed in 5.0.0. Please use `setEventDispatcher` instead.' - ); - } + $this->eventDispatcher = new NullEventDispatcher(); } public function setEventDispatcher(EventDispatcherInterface $eventDispatcher): void @@ -105,7 +94,7 @@ public function create( */ private function createExtensions(array $profile): AuthenticationExtensions { - return AuthenticationExtensionsClientInputs::create( + return AuthenticationExtensions::create( array_map( static fn (string $name, mixed $value): AuthenticationExtension => AuthenticationExtension::create( $name, @@ -126,7 +115,6 @@ private function createAuthenticatorSelectionCriteria(array $profile): Authentic $profile['authenticator_selection_criteria']['authenticator_attachment'], $profile['authenticator_selection_criteria']['user_verification'], $profile['authenticator_selection_criteria']['resident_key'], - $profile['authenticator_selection_criteria']['require_resident_key'], ); } diff --git a/src/symfony/src/Service/PublicKeyCredentialRequestOptionsFactory.php b/src/symfony/src/Service/PublicKeyCredentialRequestOptionsFactory.php index 0c6946514..2a3c039c7 100644 --- a/src/symfony/src/Service/PublicKeyCredentialRequestOptionsFactory.php +++ b/src/symfony/src/Service/PublicKeyCredentialRequestOptionsFactory.php @@ -8,7 +8,6 @@ use Psr\EventDispatcher\EventDispatcherInterface; use Webauthn\AuthenticationExtensions\AuthenticationExtension; use Webauthn\AuthenticationExtensions\AuthenticationExtensions; -use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientInputs; use Webauthn\Bundle\Event\PublicKeyCredentialRequestOptionsCreatedEvent; use Webauthn\MetadataService\Event\CanDispatchEvents; use Webauthn\MetadataService\Event\NullEventDispatcher; @@ -28,18 +27,8 @@ final class PublicKeyCredentialRequestOptionsFactory implements CanDispatchEvent */ public function __construct( private readonly array $profiles, - ?EventDispatcherInterface $eventDispatcher = null ) { - if ($eventDispatcher === null) { - $this->eventDispatcher = new NullEventDispatcher(); - } else { - $this->eventDispatcher = $eventDispatcher; - trigger_deprecation( - 'web-auth/webauthn-symfony-bundle', - '4.5.0', - 'The parameter "$eventDispatcher" is deprecated since 4.5.0 will be removed in 5.0.0. Please use `setEventDispatcher` instead.' - ); - } + $this->eventDispatcher = new NullEventDispatcher(); } /** @@ -98,7 +87,7 @@ public function setEventDispatcher(EventDispatcherInterface $eventDispatcher): v */ private function createExtensions(array $profile): AuthenticationExtensions { - return AuthenticationExtensionsClientInputs::create( + return AuthenticationExtensions::create( array_map( static fn (string $name, mixed $value): AuthenticationExtension => AuthenticationExtension::create( $name, diff --git a/src/symfony/src/WebauthnBundle.php b/src/symfony/src/WebauthnBundle.php index fa900cc20..4d47e82b3 100644 --- a/src/symfony/src/WebauthnBundle.php +++ b/src/symfony/src/WebauthnBundle.php @@ -14,13 +14,11 @@ use Webauthn\Bundle\DependencyInjection\Compiler\AttestationStatementSupportCompilerPass; use Webauthn\Bundle\DependencyInjection\Compiler\CeremonyStepManagerFactoryCompilerPass; use Webauthn\Bundle\DependencyInjection\Compiler\CoseAlgorithmCompilerPass; -use Webauthn\Bundle\DependencyInjection\Compiler\CounterCheckerSetterCompilerPass; use Webauthn\Bundle\DependencyInjection\Compiler\DynamicRouteCompilerPass; use Webauthn\Bundle\DependencyInjection\Compiler\EnforcedSafetyNetApiKeyVerificationCompilerPass; use Webauthn\Bundle\DependencyInjection\Compiler\EventDispatcherSetterCompilerPass; use Webauthn\Bundle\DependencyInjection\Compiler\ExtensionOutputCheckerCompilerPass; use Webauthn\Bundle\DependencyInjection\Compiler\LoggerSetterCompilerPass; -use Webauthn\Bundle\DependencyInjection\Compiler\MetadataStatementSupportCompilerPass; use Webauthn\Bundle\DependencyInjection\Factory\Security\WebauthnFactory; use Webauthn\Bundle\DependencyInjection\Factory\Security\WebauthnServicesFactory; use Webauthn\Bundle\DependencyInjection\WebauthnExtension; @@ -64,16 +62,6 @@ public function build(ContainerBuilder $container): void 0 ); $container->addCompilerPass(new LoggerSetterCompilerPass(), PassConfig::TYPE_BEFORE_OPTIMIZATION, 0); - $container->addCompilerPass( - new CounterCheckerSetterCompilerPass(), - PassConfig::TYPE_BEFORE_OPTIMIZATION, - 0 - ); - $container->addCompilerPass( - new MetadataStatementSupportCompilerPass(), - PassConfig::TYPE_BEFORE_OPTIMIZATION, - 0 - ); $this->registerMappings($container); @@ -94,7 +82,7 @@ private function registerMappings(ContainerBuilder $container): void ]; if (class_exists(DoctrineOrmMappingsPass::class)) { $container->addCompilerPass( - DoctrineOrmMappingsPass::createXmlMappingDriver($mappings, [], false, [], true), + DoctrineOrmMappingsPass::createXmlMappingDriver($mappings, [], false, []), PassConfig::TYPE_BEFORE_OPTIMIZATION, 0 ); diff --git a/src/webauthn/composer.json b/src/webauthn/composer.json index 1c672ac34..450a288e3 100644 --- a/src/webauthn/composer.json +++ b/src/webauthn/composer.json @@ -20,7 +20,7 @@ } ], "require": { - "php": ">=8.1", + "php": ">=8.2", "ext-json": "*", "ext-openssl": "*", "ext-mbstring": "*", @@ -30,7 +30,7 @@ "psr/http-factory": "^1.0", "psr/log": "^1.0|^2.0|^3.0", "spomky-labs/cbor-php": "^3.0", - "symfony/uid": "^6.1", + "symfony/uid": "^6.4|^7.0", "web-auth/cose-lib": "^4.2.3", "web-auth/metadata-service": "self.version" }, @@ -52,8 +52,5 @@ "web-token/jwt-signature-algorithm-ecdsa": "Recommended for the AndroidSafetyNet Attestation Statement support", "web-token/jwt-signature-algorithm-eddsa": "Recommended for the AndroidSafetyNet Attestation Statement support", "symfony/event-dispatcher": "Recommended to use dispatched events" - }, - "require-dev": { - "symfony/event-dispatcher": "^6.1" } } diff --git a/src/webauthn/src/AttestationStatement/AndroidSafetyNetAttestationStatementSupport.php b/src/webauthn/src/AttestationStatement/AndroidSafetyNetAttestationStatementSupport.php index 52f7a872d..f82070ebd 100644 --- a/src/webauthn/src/AttestationStatement/AndroidSafetyNetAttestationStatementSupport.php +++ b/src/webauthn/src/AttestationStatement/AndroidSafetyNetAttestationStatementSupport.php @@ -62,15 +62,8 @@ final class AndroidSafetyNetAttestationStatementSupport implements AttestationSt private EventDispatcherInterface $dispatcher; public function __construct( - private readonly null|ClockInterface $clock = null + private readonly ClockInterface $clock ) { - if ($this->clock === null) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.8.0', - 'The parameter "$clock" will be required in 5.0.0. Please set a clock instance.' - ); - } if (! class_exists(RS256::class)) { throw UnsupportedFeatureException::create( 'The algorithm RS256 is missing. Did you forget to install the package web-token/jwt-signature-algorithm-rsa?' @@ -91,26 +84,15 @@ public function setEventDispatcher(EventDispatcherInterface $eventDispatcher): v $this->dispatcher = $eventDispatcher; } - public static function create(null|ClockInterface $clock = null): self + public static function create(ClockInterface $clock): self { return new self($clock); } - public function enableApiVerification( - ClientInterface|HttpClientInterface $client, - string $apiKey, - ?RequestFactoryInterface $requestFactory = null - ): self { + public function enableApiVerification(HttpClientInterface $client, string $apiKey): self + { $this->apiKey = $apiKey; $this->client = $client; - $this->requestFactory = $requestFactory; - if ($requestFactory !== null && ! $client instanceof HttpClientInterface) { - trigger_deprecation( - 'web-auth/metadata-service', - '4.7.0', - 'The parameter "$requestFactory" will be removed in 5.0.0. Please set it to null and set an Symfony\Contracts\HttpClient\HttpClientInterface as "$client" argument.' - ); - } return $this; } diff --git a/src/webauthn/src/AttestationStatement/AttestationObject.php b/src/webauthn/src/AttestationStatement/AttestationObject.php index a89cccac6..5ad36ab71 100644 --- a/src/webauthn/src/AttestationStatement/AttestationObject.php +++ b/src/webauthn/src/AttestationStatement/AttestationObject.php @@ -25,60 +25,4 @@ public static function create( ): self { return new self($rawAttestationObject, $attStmt, $authData); } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getRawAttestationObject(): string - { - return $this->rawAttestationObject; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAttStmt(): AttestationStatement - { - return $this->attStmt; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function setAttStmt(AttestationStatement $attStmt): void - { - $this->attStmt = $attStmt; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAuthData(): AuthenticatorData - { - return $this->authData; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getMetadataStatement(): ?MetadataStatement - { - return $this->metadataStatement; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function setMetadataStatement(MetadataStatement $metadataStatement): self - { - $this->metadataStatement = $metadataStatement; - - return $this; - } } diff --git a/src/webauthn/src/AttestationStatement/AttestationStatement.php b/src/webauthn/src/AttestationStatement/AttestationStatement.php index 6f216783f..44f692f2a 100644 --- a/src/webauthn/src/AttestationStatement/AttestationStatement.php +++ b/src/webauthn/src/AttestationStatement/AttestationStatement.php @@ -7,7 +7,6 @@ use JsonSerializable; use Webauthn\Exception\InvalidDataException; use Webauthn\TrustPath\TrustPath; -use Webauthn\TrustPath\TrustPathLoader; use function array_key_exists; class AttestationStatement implements JsonSerializable @@ -20,12 +19,6 @@ class AttestationStatement implements JsonSerializable final public const TYPE_ATTCA = 'attca'; - /** - * @deprecated since 4.2.0 and will be removed in 5.0.0. The ECDAA Trust Anchor does no longer exist in Webauthn specification. - * @infection-ignore-all - */ - final public const TYPE_ECDAA = 'ecdaa'; - final public const TYPE_ANONCA = 'anonca'; /** @@ -76,17 +69,6 @@ public static function createAttCA(string $fmt, array $attStmt, TrustPath $trust return self::create($fmt, $attStmt, self::TYPE_ATTCA, $trustPath); } - /** - * @param array $attStmt - * - * @deprecated since 4.2.0 and will be removed in 5.0.0. The ECDAA Trust Anchor does no longer exist in Webauthn specification. - * @infection-ignore-all - */ - public static function createEcdaa(string $fmt, array $attStmt, TrustPath $trustPath): self - { - return self::create($fmt, $attStmt, self::TYPE_ECDAA, $trustPath); - } - /** * @param array $attStmt */ @@ -95,25 +77,6 @@ public static function createAnonymizationCA(string $fmt, array $attStmt, TrustP return self::create($fmt, $attStmt, self::TYPE_ANONCA, $trustPath); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getFmt(): string - { - return $this->fmt; - } - - /** - * @return mixed[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAttStmt(): array - { - return $this->attStmt; - } - public function has(string $key): bool { return array_key_exists($key, $this->attStmt); @@ -129,46 +92,6 @@ public function get(string $key): mixed return $this->attStmt[$key]; } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getTrustPath(): TrustPath - { - return $this->trustPath; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getType(): string - { - return $this->type; - } - - /** - * @param mixed[] $data - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): self - { - foreach (['fmt', 'attStmt', 'trustPath', 'type'] as $key) { - array_key_exists($key, $data) || throw InvalidDataException::create($data, sprintf( - 'The key "%s" is missing', - $key - )); - } - - return self::create( - $data['fmt'], - $data['attStmt'], - $data['type'], - TrustPathLoader::loadTrustPath($data['trustPath']) - ); - } - /** * @return mixed[] */ diff --git a/src/webauthn/src/AttestationStatement/PackedAttestationStatementSupport.php b/src/webauthn/src/AttestationStatement/PackedAttestationStatementSupport.php index f242004fe..088ce886d 100644 --- a/src/webauthn/src/AttestationStatement/PackedAttestationStatementSupport.php +++ b/src/webauthn/src/AttestationStatement/PackedAttestationStatementSupport.php @@ -17,13 +17,11 @@ use Webauthn\Exception\AttestationStatementVerificationException; use Webauthn\Exception\InvalidAttestationStatementException; use Webauthn\Exception\InvalidDataException; -use Webauthn\Exception\UnsupportedFeatureException; use Webauthn\MetadataService\CertificateChain\CertificateToolbox; use Webauthn\MetadataService\Event\CanDispatchEvents; use Webauthn\MetadataService\Event\NullEventDispatcher; use Webauthn\StringStream; use Webauthn\TrustPath\CertificateTrustPath; -use Webauthn\TrustPath\EcdaaKeyIdTrustPath; use Webauthn\TrustPath\EmptyTrustPath; use Webauthn\Util\CoseSignatureFixer; use function array_key_exists; @@ -100,7 +98,6 @@ public function isValid( $authenticatorData, $trustPath ), - $trustPath instanceof EcdaaKeyIdTrustPath => $this->processWithECDAA(), $trustPath instanceof EmptyTrustPath => $this->processWithSelfAttestation( $clientDataJSONHash, $attestationStatement, @@ -137,26 +134,6 @@ private function loadBasicType(array $attestation): AttestationStatement return $attestationStatement; } - /** - * @param array $attestation - */ - private function loadEcdaaType(array $attestation): AttestationStatement - { - $ecdaaKeyId = $attestation['attStmt']['ecdaaKeyId']; - is_string($ecdaaKeyId) || throw AttestationStatementVerificationException::create( - 'The attestation statement value "ecdaaKeyId" is invalid.' - ); - - $attestationStatement = AttestationStatement::createEcdaa( - $attestation['fmt'], - $attestation['attStmt'], - new EcdaaKeyIdTrustPath($attestation['ecdaaKeyId']) - ); - $this->dispatcher->dispatch(AttestationStatementLoaded::create($attestationStatement)); - - return $attestationStatement; - } - /** * @param mixed[] $attestation */ @@ -256,11 +233,6 @@ private function processWithCertificate( return $result === 1; } - private function processWithECDAA(): never - { - throw UnsupportedFeatureException::create('ECDAA not supported'); - } - private function processWithSelfAttestation( string $clientDataJSONHash, AttestationStatement $attestationStatement, diff --git a/src/webauthn/src/AttestationStatement/TPMAttestationStatementSupport.php b/src/webauthn/src/AttestationStatement/TPMAttestationStatementSupport.php index 8d31c45f2..428ff4f39 100644 --- a/src/webauthn/src/AttestationStatement/TPMAttestationStatementSupport.php +++ b/src/webauthn/src/AttestationStatement/TPMAttestationStatementSupport.php @@ -12,9 +12,6 @@ use Cose\Key\OkpKey; use Cose\Key\RsaKey; use DateTimeImmutable; -use DateTimeZone; -use Lcobucci\Clock\Clock; -use Lcobucci\Clock\SystemClock; use ParagonIE\ConstantTime\Base64UrlSafe; use Psr\Clock\ClockInterface; use Psr\EventDispatcher\EventDispatcherInterface; @@ -23,13 +20,11 @@ use Webauthn\Exception\AttestationStatementLoadingException; use Webauthn\Exception\AttestationStatementVerificationException; use Webauthn\Exception\InvalidAttestationStatementException; -use Webauthn\Exception\UnsupportedFeatureException; use Webauthn\MetadataService\CertificateChain\CertificateToolbox; use Webauthn\MetadataService\Event\CanDispatchEvents; use Webauthn\MetadataService\Event\NullEventDispatcher; use Webauthn\StringStream; use Webauthn\TrustPath\CertificateTrustPath; -use Webauthn\TrustPath\EcdaaKeyIdTrustPath; use function array_key_exists; use function count; use function in_array; @@ -40,21 +35,11 @@ final class TPMAttestationStatementSupport implements AttestationStatementSupport, CanDispatchEvents { - private readonly Clock|ClockInterface $clock; - private EventDispatcherInterface $dispatcher; - public function __construct(null|Clock|ClockInterface $clock = null) - { - if ($clock === null) { - trigger_deprecation( - 'web-auth/metadata-service', - '4.5.0', - 'The parameter "$clock" will become mandatory in 5.0.0. Please set a valid PSR Clock implementation instead of "null".' - ); - $clock = new SystemClock(new DateTimeZone('UTC')); - } - $this->clock = $clock; + public function __construct( + private readonly ClockInterface $clock + ) { $this->dispatcher = new NullEventDispatcher(); } @@ -63,7 +48,7 @@ public function setEventDispatcher(EventDispatcherInterface $eventDispatcher): v $this->dispatcher = $eventDispatcher; } - public static function create(null|Clock|ClockInterface $clock = null): self + public static function create(ClockInterface $clock): self { return new self($clock); } @@ -164,7 +149,6 @@ public function isValid( $attestationStatement, $authenticatorData ), - $attestationStatement->trustPath instanceof EcdaaKeyIdTrustPath => $this->processWithECDAA(), default => throw InvalidAttestationStatementException::create( $attestationStatement, 'Unsupported attestation statement' @@ -437,9 +421,4 @@ private function checkCertificate(string $attestnCert, AuthenticatorData $authen 'The value of the "aaguid" does not match with the certificate' ); } - - private function processWithECDAA(): never - { - throw UnsupportedFeatureException::create('ECDAA not supported'); - } } diff --git a/src/webauthn/src/AttestedCredentialData.php b/src/webauthn/src/AttestedCredentialData.php index a0d589d23..d0d13c33f 100644 --- a/src/webauthn/src/AttestedCredentialData.php +++ b/src/webauthn/src/AttestedCredentialData.php @@ -28,42 +28,6 @@ public static function create(Uuid $aaguid, string $credentialId, ?string $crede return new self($aaguid, $credentialId, $credentialPublicKey); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAaguid(): Uuid - { - return $this->aaguid; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function setAaguid(Uuid $aaguid): void - { - $this->aaguid = $aaguid; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCredentialId(): string - { - return $this->credentialId; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCredentialPublicKey(): ?string - { - return $this->credentialPublicKey; - } - /** * @param mixed[] $json */ diff --git a/src/webauthn/src/AuthenticationExtensions/AuthenticationExtension.php b/src/webauthn/src/AuthenticationExtensions/AuthenticationExtension.php index 3f9ff6a2b..6c6921106 100644 --- a/src/webauthn/src/AuthenticationExtensions/AuthenticationExtension.php +++ b/src/webauthn/src/AuthenticationExtensions/AuthenticationExtension.php @@ -19,24 +19,6 @@ public static function create(string $name, mixed $value): self return new self($name, $value); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function name(): string - { - return $this->name; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function value(): mixed - { - return $this->value; - } - public function jsonSerialize(): mixed { return $this->value; diff --git a/src/webauthn/src/AuthenticationExtensions/AuthenticationExtensions.php b/src/webauthn/src/AuthenticationExtensions/AuthenticationExtensions.php index e49ab75aa..5269b9fde 100644 --- a/src/webauthn/src/AuthenticationExtensions/AuthenticationExtensions.php +++ b/src/webauthn/src/AuthenticationExtensions/AuthenticationExtensions.php @@ -57,38 +57,6 @@ public static function create(array $extensions = []): static return new static($extensions); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function add(AuthenticationExtension ...$extensions): static - { - foreach ($extensions as $extension) { - $this->extensions[$extension->name] = $extension; - } - - return $this; - } - - /** - * @param array $json - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $json): static - { - return static::create( - array_map( - static fn (string $key, mixed $value): AuthenticationExtension => AuthenticationExtension::create( - $key, - $value - ), - array_keys($json), - $json - ) - ); - } - public function has(string $key): bool { return array_key_exists($key, $this->extensions); diff --git a/src/webauthn/src/AuthenticationExtensions/AuthenticationExtensionsClientInputs.php b/src/webauthn/src/AuthenticationExtensions/AuthenticationExtensionsClientInputs.php deleted file mode 100644 index 5e0548405..000000000 --- a/src/webauthn/src/AuthenticationExtensions/AuthenticationExtensionsClientInputs.php +++ /dev/null @@ -1,12 +0,0 @@ -normalize(); - return AuthenticationExtensionsClientOutputs::create( + return AuthenticationExtensions::create( array_map( fn (mixed $value, string $key) => AuthenticationExtension::create($key, $value), $data, diff --git a/src/webauthn/src/AuthenticationExtensions/ExtensionOutputError.php b/src/webauthn/src/AuthenticationExtensions/ExtensionOutputError.php index 9adcc706f..6a1d0d7d8 100644 --- a/src/webauthn/src/AuthenticationExtensions/ExtensionOutputError.php +++ b/src/webauthn/src/AuthenticationExtensions/ExtensionOutputError.php @@ -17,13 +17,4 @@ public function __construct( ) { parent::__construct($message, $code, $previous); } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAuthenticationExtension(): AuthenticationExtension - { - return $this->authenticationExtension; - } } diff --git a/src/webauthn/src/AuthenticatorAssertionResponse.php b/src/webauthn/src/AuthenticatorAssertionResponse.php index 8b105a429..d41498f79 100644 --- a/src/webauthn/src/AuthenticatorAssertionResponse.php +++ b/src/webauthn/src/AuthenticatorAssertionResponse.php @@ -30,22 +30,4 @@ public static function create( ): self { return new self($clientDataJSON, $authenticatorData, $signature, $userHandle, $attestationObject); } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getSignature(): string - { - return $this->signature; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getUserHandle(): ?string - { - return $this->userHandle; - } } diff --git a/src/webauthn/src/AuthenticatorAssertionResponseValidator.php b/src/webauthn/src/AuthenticatorAssertionResponseValidator.php index 9867c5ef9..c75cfb650 100644 --- a/src/webauthn/src/AuthenticatorAssertionResponseValidator.php +++ b/src/webauthn/src/AuthenticatorAssertionResponseValidator.php @@ -4,182 +4,48 @@ namespace Webauthn; -use Cose\Algorithm\Manager; use Psr\EventDispatcher\EventDispatcherInterface; -use Psr\Http\Message\ServerRequestInterface; use Psr\Log\LoggerInterface; use Psr\Log\NullLogger; use Throwable; -use Webauthn\AuthenticationExtensions\ExtensionOutputCheckerHandler; use Webauthn\CeremonyStep\CeremonyStepManager; -use Webauthn\CeremonyStep\CeremonyStepManagerFactory; -use Webauthn\Counter\CounterChecker; use Webauthn\Event\AuthenticatorAssertionResponseValidationFailedEvent; use Webauthn\Event\AuthenticatorAssertionResponseValidationSucceededEvent; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\MetadataService\CanLogData; use Webauthn\MetadataService\Event\CanDispatchEvents; use Webauthn\MetadataService\Event\NullEventDispatcher; -use Webauthn\TokenBinding\TokenBindingHandler; -use function is_string; class AuthenticatorAssertionResponseValidator implements CanLogData, CanDispatchEvents { private LoggerInterface $logger; - private readonly CeremonyStepManagerFactory $ceremonyStepManagerFactory; - private EventDispatcherInterface $eventDispatcher; public function __construct( - private readonly null|PublicKeyCredentialSourceRepository $publicKeyCredentialSourceRepository = null, - private readonly null|TokenBindingHandler $tokenBindingHandler = null, - null|ExtensionOutputCheckerHandler $extensionOutputCheckerHandler = null, - null|Manager $algorithmManager = null, - null|EventDispatcherInterface $eventDispatcher = null, - private null|CeremonyStepManager $ceremonyStepManager = null + private readonly CeremonyStepManager $ceremonyStepManager ) { - if ($this->publicKeyCredentialSourceRepository !== null) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.6.0', - 'The parameter "$publicKeyCredentialSourceRepository" is deprecated since 4.6.0 and will be removed in 5.0.0. Please set "null" instead.' - ); - } - if ($this->tokenBindingHandler !== null) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.3.0', - 'The parameter "$tokenBindingHandler" is deprecated since 4.3.0 and will be removed in 5.0.0. Please set "null" instead.' - ); - } - if ($extensionOutputCheckerHandler !== null) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.8.0', - 'The parameter "$extensionOutputCheckerHandler" is deprecated since 4.8.0 and will be removed in 5.0.0. Please set "null" instead and inject a CheckExtensions object into the CeremonyStepManager.' - ); - } - if ($algorithmManager !== null) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.8.0', - 'The parameter "$algorithmManager" is deprecated since 4.8.0 and will be removed in 5.0.0. Please set "null" instead and inject a CheckSignature object into the CeremonyStepManager.' - ); - } - $this->eventDispatcher = $eventDispatcher ?? new NullEventDispatcher(); - if ($eventDispatcher !== null) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.5.0', - 'The parameter "$eventDispatcher" is deprecated since 4.5.0 will be removed in 5.0.0. Please use `setEventDispatcher` instead.' - ); - } - if ($this->ceremonyStepManager === null) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.8.0', - 'The parameter "$ceremonyStepManager" will mandatory in 5.0.0. Please set a CeremonyStepManager object instead and set null for $algorithmManager and $extensionOutputCheckerHandler.' - ); - } + $this->eventDispatcher = new NullEventDispatcher(); $this->logger = new NullLogger(); - - $this->ceremonyStepManagerFactory = new CeremonyStepManagerFactory(); - if ($extensionOutputCheckerHandler !== null) { - $this->ceremonyStepManagerFactory->setExtensionOutputCheckerHandler($extensionOutputCheckerHandler); - } - if ($algorithmManager !== null) { - $this->ceremonyStepManagerFactory->setAlgorithmManager($algorithmManager); - } } - public static function create( - null|PublicKeyCredentialSourceRepository $publicKeyCredentialSourceRepository = null, - null|TokenBindingHandler $tokenBindingHandler = null, - null|ExtensionOutputCheckerHandler $extensionOutputCheckerHandler = null, - null|Manager $algorithmManager = null, - null|EventDispatcherInterface $eventDispatcher = null, - null|CeremonyStepManager $ceremonyStepManager = null - ): self { - return new self( - $publicKeyCredentialSourceRepository, - $tokenBindingHandler, - $extensionOutputCheckerHandler, - $algorithmManager, - $eventDispatcher, - $ceremonyStepManager - ); + public static function create(CeremonyStepManager $ceremonyStepManager): self + { + return new self($ceremonyStepManager); } /** - * @param string[] $securedRelyingPartyId - * * @see https://www.w3.org/TR/webauthn/#verifying-assertion */ public function check( - string|PublicKeyCredentialSource $credentialId, + PublicKeyCredentialSource $publicKeyCredentialSource, AuthenticatorAssertionResponse $authenticatorAssertionResponse, PublicKeyCredentialRequestOptions $publicKeyCredentialRequestOptions, - ServerRequestInterface|string $request, - ?string $userHandle, - null|array $securedRelyingPartyId = null + string $host, + ?string $userHandle ): PublicKeyCredentialSource { - if ($request instanceof ServerRequestInterface) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.5.0', - sprintf( - 'Passing a %s to the method `check` of the class "%s" is deprecated since 4.5.0 and will be removed in 5.0.0. Please inject the host as a string instead.', - ServerRequestInterface::class, - self::class - ) - ); - } - if (is_string($credentialId)) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.6.0', - sprintf( - 'Passing a string as first to the method `check` of the class "%s" is deprecated since 4.6.0. Please inject a %s object instead.', - self::class, - PublicKeyCredentialSource::class - ) - ); - } - if ($securedRelyingPartyId !== null) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.8.0', - sprintf( - 'Passing a list or secured relying party IDs to the method `check` of the class "%s" is deprecated since 4.8.0 and will be removed in 5.0.0. Please inject a CheckOrigin into the CeremonyStepManager instead.', - self::class - ) - ); - } - - if ($credentialId instanceof PublicKeyCredentialSource) { - $publicKeyCredentialSource = $credentialId; - } else { - $this->publicKeyCredentialSourceRepository instanceof PublicKeyCredentialSourceRepository || throw AuthenticatorResponseVerificationException::create( - 'Please pass the Public Key Credential Source to the method "check".' - ); - $publicKeyCredentialSource = $this->publicKeyCredentialSourceRepository->findOneByCredentialId( - $credentialId - ); - } - $publicKeyCredentialSource !== null || throw AuthenticatorResponseVerificationException::create( - 'The credential ID is invalid.' - ); - $host = is_string($request) ? $request : $request->getUri() - ->getHost(); - - if ($this->ceremonyStepManager === null) { - $this->ceremonyStepManager = $this->ceremonyStepManagerFactory->requestCeremony($securedRelyingPartyId); - } - try { $this->logger->info('Checking the authenticator assertion response', [ - 'credentialId' => $credentialId, 'publicKeyCredentialSource' => $publicKeyCredentialSource, 'authenticatorAssertionResponse' => $authenticatorAssertionResponse, 'publicKeyCredentialRequestOptions' => $publicKeyCredentialRequestOptions, @@ -206,11 +72,6 @@ public function check( * OPTIONALLY, if response.attestationObject is present, update credentialRecord.attestationObject to the value of response.attestationObject and update credentialRecord.attestationClientDataJSON to the value of response.clientDataJSON. */ - if (is_string( - $credentialId - ) && ($this->publicKeyCredentialSourceRepository instanceof PublicKeyCredentialSourceRepository)) { - $this->publicKeyCredentialSourceRepository->saveCredentialSource($publicKeyCredentialSource); - } //All good. We can continue. $this->logger->info('The assertion is valid'); $this->logger->debug('Public Key Credential Source', [ @@ -218,7 +79,6 @@ public function check( ]); $this->eventDispatcher->dispatch( $this->createAuthenticatorAssertionResponseValidationSucceededEvent( - null, $authenticatorAssertionResponse, $publicKeyCredentialRequestOptions, $host, @@ -256,36 +116,14 @@ public function setEventDispatcher(EventDispatcherInterface $eventDispatcher): v $this->eventDispatcher = $eventDispatcher; } - /** - * @deprecated since 4.8.0 and will be removed in 5.0.0. Please inject a CheckCounter object into a CeremonyStepManager instead. - */ - public function setCounterChecker(CounterChecker $counterChecker): self - { - $this->ceremonyStepManagerFactory->setCounterChecker($counterChecker); - return $this; - } - protected function createAuthenticatorAssertionResponseValidationSucceededEvent( - null|string $credentialId, AuthenticatorAssertionResponse $authenticatorAssertionResponse, PublicKeyCredentialRequestOptions $publicKeyCredentialRequestOptions, - ServerRequestInterface|string $host, + string $host, ?string $userHandle, PublicKeyCredentialSource $publicKeyCredentialSource ): AuthenticatorAssertionResponseValidationSucceededEvent { - if ($host instanceof ServerRequestInterface) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.5.0', - sprintf( - 'Passing a %s to the method `createAuthenticatorAssertionResponseValidationSucceededEvent` of the class "%s" is deprecated since 4.5.0 and will be removed in 5.0.0. Please inject the host as a string instead.', - ServerRequestInterface::class, - self::class - ) - ); - } return new AuthenticatorAssertionResponseValidationSucceededEvent( - $credentialId, $authenticatorAssertionResponse, $publicKeyCredentialRequestOptions, $host, @@ -295,24 +133,13 @@ protected function createAuthenticatorAssertionResponseValidationSucceededEvent( } protected function createAuthenticatorAssertionResponseValidationFailedEvent( - string|PublicKeyCredentialSource $publicKeyCredentialSource, + PublicKeyCredentialSource $publicKeyCredentialSource, AuthenticatorAssertionResponse $authenticatorAssertionResponse, PublicKeyCredentialRequestOptions $publicKeyCredentialRequestOptions, - ServerRequestInterface|string $host, + string $host, ?string $userHandle, Throwable $throwable ): AuthenticatorAssertionResponseValidationFailedEvent { - if ($host instanceof ServerRequestInterface) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.5.0', - sprintf( - 'Passing a %s to the method `createAuthenticatorAssertionResponseValidationFailedEvent` of the class "%s" is deprecated since 4.5.0 and will be removed in 5.0.0. Please inject the host as a string instead.', - ServerRequestInterface::class, - self::class - ) - ); - } return new AuthenticatorAssertionResponseValidationFailedEvent( $publicKeyCredentialSource, $authenticatorAssertionResponse, diff --git a/src/webauthn/src/AuthenticatorAttestationResponse.php b/src/webauthn/src/AuthenticatorAttestationResponse.php index 875bc5257..2c96be7ab 100644 --- a/src/webauthn/src/AuthenticatorAttestationResponse.php +++ b/src/webauthn/src/AuthenticatorAttestationResponse.php @@ -32,24 +32,4 @@ public static function create( ): self { return new self($clientDataJSON, $attestationObject, $transports); } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAttestationObject(): AttestationObject - { - return $this->attestationObject; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - * - * @return string[] - */ - public function getTransports(): array - { - return $this->transports; - } } diff --git a/src/webauthn/src/AuthenticatorAttestationResponseValidator.php b/src/webauthn/src/AuthenticatorAttestationResponseValidator.php index 34310b5dd..b3de1d967 100644 --- a/src/webauthn/src/AuthenticatorAttestationResponseValidator.php +++ b/src/webauthn/src/AuthenticatorAttestationResponseValidator.php @@ -5,25 +5,16 @@ namespace Webauthn; use Psr\EventDispatcher\EventDispatcherInterface; -use Psr\Http\Message\ServerRequestInterface; use Psr\Log\LoggerInterface; use Psr\Log\NullLogger; use Throwable; -use Webauthn\AttestationStatement\AttestationStatementSupportManager; -use Webauthn\AuthenticationExtensions\ExtensionOutputCheckerHandler; use Webauthn\CeremonyStep\CeremonyStepManager; -use Webauthn\CeremonyStep\CeremonyStepManagerFactory; use Webauthn\Event\AuthenticatorAttestationResponseValidationFailedEvent; use Webauthn\Event\AuthenticatorAttestationResponseValidationSucceededEvent; use Webauthn\Exception\AuthenticatorResponseVerificationException; use Webauthn\MetadataService\CanLogData; -use Webauthn\MetadataService\CertificateChain\CertificateChainValidator; use Webauthn\MetadataService\Event\CanDispatchEvents; use Webauthn\MetadataService\Event\NullEventDispatcher; -use Webauthn\MetadataService\MetadataStatementRepository; -use Webauthn\MetadataService\StatusReportRepository; -use Webauthn\TokenBinding\TokenBindingHandler; -use function is_string; class AuthenticatorAttestationResponseValidator implements CanLogData, CanDispatchEvents { @@ -31,88 +22,19 @@ class AuthenticatorAttestationResponseValidator implements CanLogData, CanDispat private EventDispatcherInterface $eventDispatcher; - private readonly CeremonyStepManagerFactory $ceremonyStepManagerFactory; - public function __construct( - null|AttestationStatementSupportManager $attestationStatementSupportManager = null, - private readonly null|PublicKeyCredentialSourceRepository $publicKeyCredentialSourceRepository = null, - private readonly null|TokenBindingHandler $tokenBindingHandler = null, - null|ExtensionOutputCheckerHandler $extensionOutputCheckerHandler = null, - null|EventDispatcherInterface $eventDispatcher = null, - private null|CeremonyStepManager $ceremonyStepManager = null + private readonly CeremonyStepManager $ceremonyStepManager ) { - if ($this->publicKeyCredentialSourceRepository !== null) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.6.0', - 'The parameter "$publicKeyCredentialSourceRepository" is deprecated since 4.6.0 and will be removed in 5.0.0. Please set "null" instead.' - ); - } - if ($this->tokenBindingHandler !== null) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.3.0', - 'The parameter "$tokenBindingHandler" is deprecated since 4.3.0 and will be removed in 5.0.0. Please set "null" instead.' - ); - } - if ($extensionOutputCheckerHandler !== null) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.8.0', - 'The parameter "$extensionOutputCheckerHandler" is deprecated since 4.8.0 and will be removed in 5.0.0. Please set "null" instead and inject a CheckExtensions object into the CeremonyStepManager.' - ); - } - $this->eventDispatcher = $eventDispatcher ?? new NullEventDispatcher(); - if ($eventDispatcher !== null) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.5.0', - 'The parameter "$eventDispatcher" is deprecated since 4.5.0 will be removed in 5.0.0. Please use `setEventDispatcher` instead.' - ); - } - if ($this->ceremonyStepManager === null) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.8.0', - 'The parameter "$ceremonyStepManager" will mandatory in 5.0.0. Please set a CeremonyStepManager object instead and set null for $attestationStatementSupportManager and $extensionOutputCheckerHandler.' - ); - } + $this->eventDispatcher = new NullEventDispatcher(); $this->logger = new NullLogger(); - $this->ceremonyStepManagerFactory = new CeremonyStepManagerFactory(); - if ($attestationStatementSupportManager !== null) { - $this->ceremonyStepManagerFactory->setAttestationStatementSupportManager( - $attestationStatementSupportManager - ); - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.8.0', - 'The parameter "$attestationStatementSupportManager" is deprecated since 4.8.0 will be removed in 5.0.0. Please set a CheckAttestationFormatIsKnownAndValid object into CeremonyStepManager object instead.' - ); - } - if ($extensionOutputCheckerHandler !== null) { - $this->ceremonyStepManagerFactory->setExtensionOutputCheckerHandler($extensionOutputCheckerHandler); - } } /** * @private Will become private in 5.0.0 */ - public static function create( - null|AttestationStatementSupportManager $attestationStatementSupportManager = null, - null|PublicKeyCredentialSourceRepository $publicKeyCredentialSourceRepository = null, - null|TokenBindingHandler $tokenBindingHandler = null, - null|ExtensionOutputCheckerHandler $extensionOutputCheckerHandler = null, - null|EventDispatcherInterface $eventDispatcher = null, - null|CeremonyStepManager $ceremonyStepManager = null, - ): self { - return new self( - $attestationStatementSupportManager, - $publicKeyCredentialSourceRepository, - $tokenBindingHandler, - $extensionOutputCheckerHandler, - $eventDispatcher, - $ceremonyStepManager - ); + public static function create(CeremonyStepManager $ceremonyStepManager): self + { + return new self($ceremonyStepManager); } public function setLogger(LoggerInterface $logger): void @@ -126,75 +48,19 @@ public function setEventDispatcher(EventDispatcherInterface $eventDispatcher): v } /** - * @deprecated since 4.8.0 and will be removed in 5.0.0. Please use the CheckMetadataStatement object from the CeremonyStepManager instead. - */ - public function setCertificateChainValidator(CertificateChainValidator $certificateChainValidator): self - { - $this->ceremonyStepManagerFactory->enableCertificateChainValidator($certificateChainValidator); - return $this; - } - - /** - * @deprecated since 4.8.0 and will be removed in 5.0.0. Please use the CheckMetadataStatement object from the CeremonyStepManager instead. - */ - public function enableMetadataStatementSupport( - MetadataStatementRepository $metadataStatementRepository, - StatusReportRepository $statusReportRepository, - CertificateChainValidator $certificateChainValidator - ): self { - $this->ceremonyStepManagerFactory->enableMetadataStatementSupport( - $metadataStatementRepository, - $statusReportRepository, - $certificateChainValidator - ); - return $this; - } - - /** - * @param string[] $securedRelyingPartyId - * * @see https://www.w3.org/TR/webauthn/#registering-a-new-credential */ public function check( AuthenticatorAttestationResponse $authenticatorAttestationResponse, PublicKeyCredentialCreationOptions $publicKeyCredentialCreationOptions, - ServerRequestInterface|string $request, - null|array $securedRelyingPartyId = null, + string $host, ): PublicKeyCredentialSource { - if ($request instanceof ServerRequestInterface) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.5.0', - sprintf( - 'Passing a %s to the method `check` of the class "%s" is deprecated since 4.5.0 and will be removed in 5.0.0. Please inject the host as a string instead.', - ServerRequestInterface::class, - self::class - ) - ); - } - if ($securedRelyingPartyId !== null) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.8.0', - sprintf( - 'Passing a list or secured relying party IDs to the method `check` of the class "%s" is deprecated since 4.8.0 and will be removed in 5.0.0. Please inject the list instead.', - self::class - ) - ); - } - $host = is_string($request) ? $request : $request->getUri() - ->getHost(); try { $this->logger->info('Checking the authenticator attestation response', [ 'authenticatorAttestationResponse' => $authenticatorAttestationResponse, 'publicKeyCredentialCreationOptions' => $publicKeyCredentialCreationOptions, 'host' => $host, ]); - if ($this->ceremonyStepManager === null) { - $this->ceremonyStepManager = $this->ceremonyStepManagerFactory->creationCeremony( - $securedRelyingPartyId - ); - } $publicKeyCredentialSource = $this->createPublicKeyCredentialSource( $authenticatorAttestationResponse, @@ -246,20 +112,9 @@ public function check( protected function createAuthenticatorAttestationResponseValidationSucceededEvent( AuthenticatorAttestationResponse $authenticatorAttestationResponse, PublicKeyCredentialCreationOptions $publicKeyCredentialCreationOptions, - ServerRequestInterface|string $host, + string $host, PublicKeyCredentialSource $publicKeyCredentialSource ): AuthenticatorAttestationResponseValidationSucceededEvent { - if ($host instanceof ServerRequestInterface) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.5.0', - sprintf( - 'Passing a %s to the method `createAuthenticatorAttestationResponseValidationSucceededEvent` of the class "%s" is deprecated since 4.5.0 and will be removed in 5.0.0. Please inject the host as a string instead.', - ServerRequestInterface::class, - self::class - ) - ); - } return new AuthenticatorAttestationResponseValidationSucceededEvent( $authenticatorAttestationResponse, $publicKeyCredentialCreationOptions, @@ -271,20 +126,9 @@ protected function createAuthenticatorAttestationResponseValidationSucceededEven protected function createAuthenticatorAttestationResponseValidationFailedEvent( AuthenticatorAttestationResponse $authenticatorAttestationResponse, PublicKeyCredentialCreationOptions $publicKeyCredentialCreationOptions, - ServerRequestInterface|string $host, + string $host, Throwable $throwable ): AuthenticatorAttestationResponseValidationFailedEvent { - if ($host instanceof ServerRequestInterface) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.5.0', - sprintf( - 'Passing a %s to the method `createAuthenticatorAttestationResponseValidationFailedEvent` of the class "%s" is deprecated since 4.5.0 and will be removed in 5.0.0. Please inject the host as a string instead.', - ServerRequestInterface::class, - self::class - ) - ); - } return new AuthenticatorAttestationResponseValidationFailedEvent( $authenticatorAttestationResponse, $publicKeyCredentialCreationOptions, diff --git a/src/webauthn/src/AuthenticatorData.php b/src/webauthn/src/AuthenticatorData.php index f21ff0629..0c2475650 100644 --- a/src/webauthn/src/AuthenticatorData.php +++ b/src/webauthn/src/AuthenticatorData.php @@ -53,24 +53,6 @@ public static function create( return new self($authData, $rpIdHash, $flags, $signCount, $attestedCredentialData, $extensions); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAuthData(): string - { - return $this->authData; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getRpIdHash(): string - { - return $this->rpIdHash; - } - public function isUserPresent(): bool { return 0 !== (ord($this->flags) & self::FLAG_UP); @@ -110,31 +92,4 @@ public function getReservedForFutureUse2(): int { return ord($this->flags) & self::FLAG_RFU2; } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getSignCount(): int - { - return $this->signCount; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAttestedCredentialData(): ?AttestedCredentialData - { - return $this->attestedCredentialData; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getExtensions(): ?AuthenticationExtensions - { - return $this->extensions !== null && $this->hasExtensions() ? $this->extensions : null; - } } diff --git a/src/webauthn/src/AuthenticatorResponse.php b/src/webauthn/src/AuthenticatorResponse.php index 162c24db6..5e8cb43fa 100644 --- a/src/webauthn/src/AuthenticatorResponse.php +++ b/src/webauthn/src/AuthenticatorResponse.php @@ -13,13 +13,4 @@ public function __construct( public readonly CollectedClientData $clientDataJSON ) { } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getClientDataJSON(): CollectedClientData - { - return $this->clientDataJSON; - } } diff --git a/src/webauthn/src/AuthenticatorSelectionCriteria.php b/src/webauthn/src/AuthenticatorSelectionCriteria.php index 0bbad86fd..f3183e8fe 100644 --- a/src/webauthn/src/AuthenticatorSelectionCriteria.php +++ b/src/webauthn/src/AuthenticatorSelectionCriteria.php @@ -6,11 +6,7 @@ use InvalidArgumentException; use JsonSerializable; -use Webauthn\Exception\InvalidDataException; use function in_array; -use function is_bool; -use function is_string; -use const JSON_THROW_ON_ERROR; class AuthenticatorSelectionCriteria implements JsonSerializable { @@ -26,6 +22,8 @@ class AuthenticatorSelectionCriteria implements JsonSerializable self::AUTHENTICATOR_ATTACHMENT_CROSS_PLATFORM, ]; + final public const USER_VERIFICATION_REQUIREMENT_NO_PREFERENCE = null; + final public const USER_VERIFICATION_REQUIREMENT_REQUIRED = 'required'; final public const USER_VERIFICATION_REQUIREMENT_PREFERRED = 'preferred'; @@ -33,6 +31,7 @@ class AuthenticatorSelectionCriteria implements JsonSerializable final public const USER_VERIFICATION_REQUIREMENT_DISCOURAGED = 'discouraged'; final public const USER_VERIFICATION_REQUIREMENTS = [ + self::USER_VERIFICATION_REQUIREMENT_NO_PREFERENCE, self::USER_VERIFICATION_REQUIREMENT_REQUIRED, self::USER_VERIFICATION_REQUIREMENT_PREFERRED, self::USER_VERIFICATION_REQUIREMENT_DISCOURAGED, @@ -40,12 +39,6 @@ class AuthenticatorSelectionCriteria implements JsonSerializable final public const RESIDENT_KEY_REQUIREMENT_NO_PREFERENCE = null; - /** - * @deprecated Please use AuthenticatorSelectionCriteria::RESIDENT_KEY_REQUIREMENT_NO_PREFERENCE instead - * @infection-ignore-all - */ - final public const RESIDENT_KEY_REQUIREMENT_NONE = null; - final public const RESIDENT_KEY_REQUIREMENT_REQUIRED = 'required'; final public const RESIDENT_KEY_REQUIREMENT_PREFERRED = 'preferred'; @@ -59,12 +52,12 @@ class AuthenticatorSelectionCriteria implements JsonSerializable self::RESIDENT_KEY_REQUIREMENT_DISCOURAGED, ]; + public readonly null|bool $requireResidentKey; + public function __construct( public null|string $authenticatorAttachment = null, - public string $userVerification = self::USER_VERIFICATION_REQUIREMENT_PREFERRED, + public null|string $userVerification = self::USER_VERIFICATION_REQUIREMENT_NO_PREFERENCE, public null|string $residentKey = self::RESIDENT_KEY_REQUIREMENT_NO_PREFERENCE, - /** @deprecated Will be removed in 5.0. Please use residentKey instead**/ - public null|bool $requireResidentKey = null, ) { in_array($authenticatorAttachment, self::AUTHENTICATOR_ATTACHMENTS, true) || throw new InvalidArgumentException( 'Invalid authenticator attachment' @@ -75,153 +68,16 @@ public function __construct( in_array($residentKey, self::RESIDENT_KEY_REQUIREMENTS, true) || throw new InvalidArgumentException( 'Invalid resident key' ); - if ($requireResidentKey === true && $residentKey !== null && $residentKey !== self::RESIDENT_KEY_REQUIREMENT_REQUIRED) { - throw new InvalidArgumentException( - 'Invalid resident key requirement. Resident key is required but requireResidentKey is false' - ); - } - if ($this->residentKey === null && $this->requireResidentKey === true) { - $this->residentKey = self::RESIDENT_KEY_REQUIREMENT_REQUIRED; - } - $this->requireResidentKey = $requireResidentKey ?? ($residentKey === null ? null : $residentKey === self::RESIDENT_KEY_REQUIREMENT_REQUIRED); + + $this->requireResidentKey = $residentKey === null ? null : $residentKey === self::RESIDENT_KEY_REQUIREMENT_REQUIRED; } public static function create( ?string $authenticatorAttachment = null, string $userVerification = self::USER_VERIFICATION_REQUIREMENT_PREFERRED, - null|string $residentKey = self::RESIDENT_KEY_REQUIREMENT_NO_PREFERENCE, - null|bool $requireResidentKey = null + null|string $residentKey = self::RESIDENT_KEY_REQUIREMENT_PREFERRED, ): self { - return new self($authenticatorAttachment, $userVerification, $residentKey, $requireResidentKey); - } - - /** - * @deprecated since 4.7.0. Please use the {self::create} instead. - * @infection-ignore-all - */ - public function setAuthenticatorAttachment(?string $authenticatorAttachment): self - { - $this->authenticatorAttachment = $authenticatorAttachment; - - return $this; - } - - /** - * @deprecated since v4.1. Please use the {self::create} instead. - * @infection-ignore-all - */ - public function setRequireResidentKey(bool $requireResidentKey): self - { - $this->requireResidentKey = $requireResidentKey; - if ($requireResidentKey === true) { - $this->residentKey = self::RESIDENT_KEY_REQUIREMENT_REQUIRED; - } - - return $this; - } - - /** - * @deprecated since 4.7.0. Please use the {self::create} instead. - * @infection-ignore-all - */ - public function setUserVerification(string $userVerification): self - { - $this->userVerification = $userVerification; - - return $this; - } - - /** - * @deprecated since 4.7.0. Please use the {self::create} instead. - * @infection-ignore-all - */ - public function setResidentKey(null|string $residentKey): self - { - $this->residentKey = $residentKey; - $this->requireResidentKey = $residentKey === self::RESIDENT_KEY_REQUIREMENT_REQUIRED; - - return $this; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAuthenticatorAttachment(): ?string - { - return $this->authenticatorAttachment; - } - - /** - * @deprecated Will be removed in 5.0. Please use the property directly. - * @infection-ignore-all - */ - public function isRequireResidentKey(): bool - { - return $this->requireResidentKey; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getUserVerification(): string - { - return $this->userVerification; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getResidentKey(): null|string - { - return $this->residentKey; - } - - /** - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromString(string $data): self - { - $data = json_decode($data, true, flags: JSON_THROW_ON_ERROR); - - return self::createFromArray($data); - } - - /** - * @param mixed[] $json - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $json): self - { - $authenticatorAttachment = $json['authenticatorAttachment'] ?? null; - $requireResidentKey = $json['requireResidentKey'] ?? null; - $userVerification = $json['userVerification'] ?? self::USER_VERIFICATION_REQUIREMENT_PREFERRED; - $residentKey = $json['residentKey'] ?? null; - - $authenticatorAttachment === null || is_string($authenticatorAttachment) || throw InvalidDataException::create( - $json, - 'Invalid "authenticatorAttachment" value' - ); - ($requireResidentKey === null || is_bool($requireResidentKey)) || throw InvalidDataException::create( - $json, - 'Invalid "requireResidentKey" value' - ); - is_string($userVerification) || throw InvalidDataException::create($json, 'Invalid "userVerification" value'); - ($residentKey === null || is_string($residentKey)) || throw InvalidDataException::create( - $json, - 'Invalid "residentKey" value' - ); - - return self::create( - $authenticatorAttachment ?? null, - $userVerification, - $residentKey, - $requireResidentKey, - ); + return new self($authenticatorAttachment, $userVerification, $residentKey); } /** diff --git a/src/webauthn/src/CeremonyStep/CheckMetadataStatement.php b/src/webauthn/src/CeremonyStep/CheckMetadataStatement.php index ce482a4a7..74debbd2b 100644 --- a/src/webauthn/src/CeremonyStep/CheckMetadataStatement.php +++ b/src/webauthn/src/CeremonyStep/CheckMetadataStatement.php @@ -148,7 +148,6 @@ private function getAttestationType(AttestationStatement $attestationStatement): AttestationStatement::TYPE_BASIC => MetadataStatement::ATTESTATION_BASIC_FULL, AttestationStatement::TYPE_SELF => MetadataStatement::ATTESTATION_BASIC_SURROGATE, AttestationStatement::TYPE_ATTCA => MetadataStatement::ATTESTATION_ATTCA, - AttestationStatement::TYPE_ECDAA => MetadataStatement::ATTESTATION_ECDAA, AttestationStatement::TYPE_ANONCA => MetadataStatement::ATTESTATION_ANONCA, default => throw AuthenticatorResponseVerificationException::create('Invalid attestation type'), }; diff --git a/src/webauthn/src/CertificateChainChecker/CertificateChainChecker.php b/src/webauthn/src/CertificateChainChecker/CertificateChainChecker.php deleted file mode 100644 index 60837ccd1..000000000 --- a/src/webauthn/src/CertificateChainChecker/CertificateChainChecker.php +++ /dev/null @@ -1,15 +0,0 @@ -tokenBinding = $tokenBinding; $this->data = $data; } @@ -99,60 +90,6 @@ public static function createFormJson(string $data): self return self::create($rawData, $json); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getType(): string - { - return $this->type; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getChallenge(): string - { - return $this->challenge; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getOrigin(): string - { - return $this->origin; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCrossOrigin(): bool - { - return $this->crossOrigin; - } - - /** - * @deprecated Since 4.3.0 and will be removed in 5.0.0 - * @infection-ignore-all - */ - public function getTokenBinding(): ?TokenBinding - { - return $this->tokenBinding === null ? null : TokenBinding::createFormArray($this->tokenBinding); - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getRawData(): string - { - return $this->rawData; - } - /** * @return string[] */ diff --git a/src/webauthn/src/Credential.php b/src/webauthn/src/Credential.php index cbad84cca..61886f9b7 100644 --- a/src/webauthn/src/Credential.php +++ b/src/webauthn/src/Credential.php @@ -14,22 +14,4 @@ public function __construct( public readonly string $type ) { } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getId(): string - { - return $this->id; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getType(): string - { - return $this->type; - } } diff --git a/src/webauthn/src/Denormalizer/AuthenticationExtensionsDenormalizer.php b/src/webauthn/src/Denormalizer/AuthenticationExtensionsDenormalizer.php index 2ddfa8c27..3ca9706c4 100644 --- a/src/webauthn/src/Denormalizer/AuthenticationExtensionsDenormalizer.php +++ b/src/webauthn/src/Denormalizer/AuthenticationExtensionsDenormalizer.php @@ -10,8 +10,6 @@ use Symfony\Component\Serializer\Normalizer\DenormalizerInterface; use Webauthn\AuthenticationExtensions\AuthenticationExtension; use Webauthn\AuthenticationExtensions\AuthenticationExtensions; -use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientInputs; -use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientOutputs; use function in_array; use function is_string; @@ -36,15 +34,7 @@ public function denormalize(mixed $data, string $type, string $format = null, ar public function supportsDenormalization(mixed $data, string $type, string $format = null, array $context = []): bool { - return in_array( - $type, - [ - AuthenticationExtensions::class, - AuthenticationExtensionsClientOutputs::class, - AuthenticationExtensionsClientInputs::class, - ], - true - ); + return in_array($type, [AuthenticationExtensions::class], true); } /** @@ -54,8 +44,6 @@ public function getSupportedTypes(?string $format): array { return [ AuthenticationExtensions::class => true, - AuthenticationExtensionsClientInputs::class => true, - AuthenticationExtensionsClientOutputs::class => true, ]; } } diff --git a/src/webauthn/src/Denormalizer/TrustPathDenormalizer.php b/src/webauthn/src/Denormalizer/TrustPathDenormalizer.php index fb020287c..9e837cb1b 100644 --- a/src/webauthn/src/Denormalizer/TrustPathDenormalizer.php +++ b/src/webauthn/src/Denormalizer/TrustPathDenormalizer.php @@ -7,7 +7,6 @@ use Symfony\Component\Serializer\Normalizer\DenormalizerInterface; use Webauthn\Exception\InvalidTrustPathException; use Webauthn\TrustPath\CertificateTrustPath; -use Webauthn\TrustPath\EcdaaKeyIdTrustPath; use Webauthn\TrustPath\EmptyTrustPath; use Webauthn\TrustPath\TrustPath; use function array_key_exists; @@ -17,7 +16,6 @@ final class TrustPathDenormalizer implements DenormalizerInterface public function denormalize(mixed $data, string $type, string $format = null, array $context = []): mixed { return match (true) { - array_key_exists('ecdaaKeyId', $data) => new EcdaaKeyIdTrustPath($data), array_key_exists('x5c', $data) => CertificateTrustPath::create($data), $data === [], isset($data['type']) && $data['type'] === EmptyTrustPath::class => EmptyTrustPath::create(), default => throw new InvalidTrustPathException('Unsupported trust path type'), diff --git a/src/webauthn/src/Event/AuthenticatorAssertionResponseValidationFailedEvent.php b/src/webauthn/src/Event/AuthenticatorAssertionResponseValidationFailedEvent.php index fb542c43a..775f5fd8a 100644 --- a/src/webauthn/src/Event/AuthenticatorAssertionResponseValidationFailedEvent.php +++ b/src/webauthn/src/Event/AuthenticatorAssertionResponseValidationFailedEvent.php @@ -4,7 +4,6 @@ namespace Webauthn\Event; -use Psr\Http\Message\ServerRequestInterface; use Throwable; use Webauthn\AuthenticatorAssertionResponse; use Webauthn\PublicKeyCredentialRequestOptions; @@ -13,50 +12,20 @@ class AuthenticatorAssertionResponseValidationFailedEvent { public function __construct( - public readonly string|PublicKeyCredentialSource $credentialId, + public readonly PublicKeyCredentialSource $publicKeyCredentialSource, public readonly AuthenticatorAssertionResponse $authenticatorAssertionResponse, public readonly PublicKeyCredentialRequestOptions $publicKeyCredentialRequestOptions, - public readonly ServerRequestInterface|string $host, + public readonly string $host, public readonly ?string $userHandle, public readonly Throwable $throwable ) { - if ($host instanceof ServerRequestInterface) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.5.0', - sprintf( - 'Passing a %s to the class "%s" is deprecated since 4.5.0 and will be removed in 5.0.0. Please inject the host as a string instead.', - ServerRequestInterface::class, - self::class - ) - ); - } - if (! $this->credentialId instanceof PublicKeyCredentialSource) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.6.0', - 'Passing a string for the argument "$credentialId" is deprecated since 4.6.0. Please set the PublicKeyCredentialSource instead.' - ); - } } - /** - * @deprecated since 4.7.0 and will be removed in 5.0.0. Please use the `getCredential()` method instead - * @infection-ignore-all - */ - public function getCredentialId(): string + public function getCredential(): PublicKeyCredentialSource { - return $this->credentialId instanceof PublicKeyCredentialSource ? $this->credentialId->publicKeyCredentialId : $this->credentialId; + return $this->publicKeyCredentialSource; } - public function getCredential(): ?PublicKeyCredentialSource - { - return $this->credentialId instanceof PublicKeyCredentialSource ? $this->credentialId : null; - } - - /** - * @deprecated since 4.8.0. Will be removed in 5.0.0. Please use the property instead. - */ public function getAuthenticatorAssertionResponse(): AuthenticatorAssertionResponse { return $this->authenticatorAssertionResponse; @@ -67,26 +36,11 @@ public function getPublicKeyCredentialRequestOptions(): PublicKeyCredentialReque return $this->publicKeyCredentialRequestOptions; } - /** - * @deprecated since 4.5.0 and will be removed in 5.0.0. Please use the `host` property instead - * @infection-ignore-all - */ - public function getRequest(): ServerRequestInterface|string - { - return $this->host; - } - - /** - * @deprecated since 4.8.0. Will be removed in 5.0.0. Please use the property instead. - */ public function getUserHandle(): ?string { return $this->userHandle; } - /** - * @deprecated since 4.8.0. Will be removed in 5.0.0. Please use the property instead. - */ public function getThrowable(): Throwable { return $this->throwable; diff --git a/src/webauthn/src/Event/AuthenticatorAssertionResponseValidationSucceededEvent.php b/src/webauthn/src/Event/AuthenticatorAssertionResponseValidationSucceededEvent.php index 88442b171..4c8f6e609 100644 --- a/src/webauthn/src/Event/AuthenticatorAssertionResponseValidationSucceededEvent.php +++ b/src/webauthn/src/Event/AuthenticatorAssertionResponseValidationSucceededEvent.php @@ -4,7 +4,6 @@ namespace Webauthn\Event; -use Psr\Http\Message\ServerRequestInterface; use Webauthn\AuthenticatorAssertionResponse; use Webauthn\PublicKeyCredentialRequestOptions; use Webauthn\PublicKeyCredentialSource; @@ -12,77 +11,34 @@ class AuthenticatorAssertionResponseValidationSucceededEvent { public function __construct( - public readonly null|string $credentialId, public readonly AuthenticatorAssertionResponse $authenticatorAssertionResponse, public readonly PublicKeyCredentialRequestOptions $publicKeyCredentialRequestOptions, - public readonly ServerRequestInterface|string $host, + public readonly string $host, public readonly ?string $userHandle, public readonly PublicKeyCredentialSource $publicKeyCredentialSource ) { - if ($host instanceof ServerRequestInterface) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.5.0', - sprintf( - 'Passing a %s to the class "%s" is deprecated since 4.5.0 and will be removed in 5.0.0. Please inject the host as a string instead.', - ServerRequestInterface::class, - self::class - ) - ); - } - if ($this->credentialId !== null) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.6.0', - 'The argument "$credentialId" is deprecated since 4.6.0 and will be removed in 5.0.0. Please set null instead.' - ); - } } - /** - * @deprecated since 4.8.0. Will be removed in 5.0.0. Please use the property instead. - */ public function getCredentialId(): string { return $this->publicKeyCredentialSource->publicKeyCredentialId; } - /** - * @deprecated since 4.8.0. Will be removed in 5.0.0. Please use the property instead. - */ public function getAuthenticatorAssertionResponse(): AuthenticatorAssertionResponse { return $this->authenticatorAssertionResponse; } - /** - * @deprecated since 4.8.0. Will be removed in 5.0.0. Please use the property instead. - */ public function getPublicKeyCredentialRequestOptions(): PublicKeyCredentialRequestOptions { return $this->publicKeyCredentialRequestOptions; } - /** - * @deprecated since 4.5.0 and will be removed in 5.0.0. Please use the `host` property instead - * @infection-ignore-all - */ - public function getRequest(): ServerRequestInterface|string - { - return $this->host; - } - - /** - * @deprecated since 4.8.0. Will be removed in 5.0.0. Please use the property instead. - */ public function getUserHandle(): ?string { return $this->userHandle; } - /** - * @deprecated since 4.8.0. Will be removed in 5.0.0. Please use the property instead. - */ public function getPublicKeyCredentialSource(): PublicKeyCredentialSource { return $this->publicKeyCredentialSource; diff --git a/src/webauthn/src/Event/AuthenticatorAttestationResponseValidationFailedEvent.php b/src/webauthn/src/Event/AuthenticatorAttestationResponseValidationFailedEvent.php index 59f7403b9..4f9178076 100644 --- a/src/webauthn/src/Event/AuthenticatorAttestationResponseValidationFailedEvent.php +++ b/src/webauthn/src/Event/AuthenticatorAttestationResponseValidationFailedEvent.php @@ -4,7 +4,6 @@ namespace Webauthn\Event; -use Psr\Http\Message\ServerRequestInterface; use Throwable; use Webauthn\AuthenticatorAttestationResponse; use Webauthn\PublicKeyCredentialCreationOptions; @@ -14,50 +13,21 @@ class AuthenticatorAttestationResponseValidationFailedEvent public function __construct( public readonly AuthenticatorAttestationResponse $authenticatorAttestationResponse, public readonly PublicKeyCredentialCreationOptions $publicKeyCredentialCreationOptions, - public readonly ServerRequestInterface|string $host, + public readonly string $host, public readonly Throwable $throwable ) { - if ($host instanceof ServerRequestInterface) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.5.0', - sprintf( - 'Passing a %s to the class "%s" is deprecated since 4.5.0 and will be removed in 5.0.0. Please inject the host as a string instead.', - ServerRequestInterface::class, - self::class - ) - ); - } } - /** - * @deprecated since 4.8.0. Will be removed in 5.0.0. Please use the property instead. - */ public function getAuthenticatorAttestationResponse(): AuthenticatorAttestationResponse { return $this->authenticatorAttestationResponse; } - /** - * @deprecated since 4.8.0. Will be removed in 5.0.0. Please use the property instead. - */ public function getPublicKeyCredentialCreationOptions(): PublicKeyCredentialCreationOptions { return $this->publicKeyCredentialCreationOptions; } - /** - * @deprecated since 4.5.0 and will be removed in 5.0.0. Please use the `host` property instead - * @infection-ignore-all - */ - public function getRequest(): ServerRequestInterface|string - { - return $this->host; - } - - /** - * @deprecated since 4.8.0. Will be removed in 5.0.0. Please use the property instead. - */ public function getThrowable(): Throwable { return $this->throwable; diff --git a/src/webauthn/src/Event/AuthenticatorAttestationResponseValidationSucceededEvent.php b/src/webauthn/src/Event/AuthenticatorAttestationResponseValidationSucceededEvent.php index 59cca9516..4b439f800 100644 --- a/src/webauthn/src/Event/AuthenticatorAttestationResponseValidationSucceededEvent.php +++ b/src/webauthn/src/Event/AuthenticatorAttestationResponseValidationSucceededEvent.php @@ -4,7 +4,6 @@ namespace Webauthn\Event; -use Psr\Http\Message\ServerRequestInterface; use Webauthn\AuthenticatorAttestationResponse; use Webauthn\PublicKeyCredentialCreationOptions; use Webauthn\PublicKeyCredentialSource; @@ -14,50 +13,21 @@ class AuthenticatorAttestationResponseValidationSucceededEvent public function __construct( public readonly AuthenticatorAttestationResponse $authenticatorAttestationResponse, public readonly PublicKeyCredentialCreationOptions $publicKeyCredentialCreationOptions, - public readonly ServerRequestInterface|string $host, + public readonly string $host, public readonly PublicKeyCredentialSource $publicKeyCredentialSource ) { - if ($host instanceof ServerRequestInterface) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.5.0', - sprintf( - 'Passing a %s to the class "%s" is deprecated since 4.5.0 and will be removed in 5.0.0. Please inject the host as a string instead.', - ServerRequestInterface::class, - self::class - ) - ); - } } - /** - * @deprecated since 4.8.0. Will be removed in 5.0.0. Please use the property instead. - */ public function getAuthenticatorAttestationResponse(): AuthenticatorAttestationResponse { return $this->authenticatorAttestationResponse; } - /** - * @deprecated since 4.8.0. Will be removed in 5.0.0. Please use the property instead. - */ public function getPublicKeyCredentialCreationOptions(): PublicKeyCredentialCreationOptions { return $this->publicKeyCredentialCreationOptions; } - /** - * @deprecated since 4.5.0 and will be removed in 5.0.0. Please use the `host` property instead - * @infection-ignore-all - */ - public function getRequest(): ServerRequestInterface|string - { - return $this->host; - } - - /** - * @deprecated since 4.8.0. Will be removed in 5.0.0. Please use the property instead. - */ public function getPublicKeyCredentialSource(): PublicKeyCredentialSource { return $this->publicKeyCredentialSource; diff --git a/src/webauthn/src/PublicKeyCredential.php b/src/webauthn/src/PublicKeyCredential.php index b4cbd48fc..0436e7b58 100644 --- a/src/webauthn/src/PublicKeyCredential.php +++ b/src/webauthn/src/PublicKeyCredential.php @@ -4,14 +4,10 @@ namespace Webauthn; -use Stringable; -use const E_USER_DEPRECATED; -use const JSON_THROW_ON_ERROR; - /** * @see https://www.w3.org/TR/webauthn/#iface-pkcredential */ -class PublicKeyCredential extends Credential implements Stringable +class PublicKeyCredential extends Credential { public function __construct( string $id, @@ -22,58 +18,14 @@ public function __construct( parent::__construct($id, $type); } - /** - * @deprecated since 4.8.0. Please use the PublicKeyCredentialDescriptor ({self::getPublicKeyCredentialDescriptor}) instead. - * @infection-ignore-all - */ - public function __toString(): string - { - return json_encode($this->getPublicKeyCredentialDescriptor(), JSON_THROW_ON_ERROR); - } - public static function create(string $id, string $type, string $rawId, AuthenticatorResponse $response): self { return new self($id, $type, $rawId, $response); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getRawId(): string - { - return $this->rawId; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getResponse(): AuthenticatorResponse - { - return $this->response; - } - - /** - * @param string[] $transport - */ - public function getPublicKeyCredentialDescriptor(null|array $transport = null): PublicKeyCredentialDescriptor + public function getPublicKeyCredentialDescriptor(): PublicKeyCredentialDescriptor { - if ($transport !== null) { - trigger_deprecation( - 'web-auth/webauthn-lib', - '4.8.0', - 'The parameter "$transport" is deprecated and will be removed in 5.0.0.' - ); - @trigger_error( - sprintf( - 'The $transport argument of %s() is deprecated since 4.8.0 and will be removed in 5.0.0.', - __METHOD__ - ), - E_USER_DEPRECATED - ); - } - $transport ??= $this->response instanceof AuthenticatorAttestationResponse ? $this->response->transports : []; + $transport = $this->response instanceof AuthenticatorAttestationResponse ? $this->response->transports : []; return PublicKeyCredentialDescriptor::create($this->type, $this->rawId, $transport); } diff --git a/src/webauthn/src/PublicKeyCredentialCreationOptions.php b/src/webauthn/src/PublicKeyCredentialCreationOptions.php index 1a20ee5ee..cf7cced3c 100644 --- a/src/webauthn/src/PublicKeyCredentialCreationOptions.php +++ b/src/webauthn/src/PublicKeyCredentialCreationOptions.php @@ -7,14 +7,9 @@ use InvalidArgumentException; use ParagonIE\ConstantTime\Base64UrlSafe; use Webauthn\AuthenticationExtensions\AuthenticationExtensions; -use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientInputs; use Webauthn\Exception\InvalidDataException; -use Webauthn\Util\Base64; -use function array_key_exists; use function count; use function in_array; -use function is_array; -use const JSON_THROW_ON_ERROR; final class PublicKeyCredentialCreationOptions extends PublicKeyCredentialOptions { @@ -100,214 +95,6 @@ public static function create( ); } - /** - * @deprecated since 4.7.0. Please use the {self::create} instead. - * @infection-ignore-all - */ - public function addPubKeyCredParam(PublicKeyCredentialParameters $pubKeyCredParam): self - { - $this->pubKeyCredParams[] = $pubKeyCredParam; - - return $this; - } - - /** - * @deprecated since 4.7.0. No replacement. Please use the {self::create} instead. - * @infection-ignore-all - */ - public function addPubKeyCredParams(PublicKeyCredentialParameters ...$pubKeyCredParams): self - { - foreach ($pubKeyCredParams as $pubKeyCredParam) { - $this->pubKeyCredParams[] = $pubKeyCredParam; - } - - return $this; - } - - /** - * @deprecated since 4.7.0. Please use the {self::create} instead. - * @infection-ignore-all - */ - public function excludeCredential(PublicKeyCredentialDescriptor $excludeCredential): self - { - $this->excludeCredentials[] = $excludeCredential; - - return $this; - } - - /** - * @deprecated since 4.7.0. No replacement. Please use the {self::create} instead. - * @infection-ignore-all - */ - public function excludeCredentials(PublicKeyCredentialDescriptor ...$excludeCredentials): self - { - foreach ($excludeCredentials as $excludeCredential) { - $this->excludeCredentials[] = $excludeCredential; - } - - return $this; - } - - /** - * @deprecated since 4.7.0. Please use the {self::create} instead. - * @infection-ignore-all - */ - public function setAuthenticatorSelection(?AuthenticatorSelectionCriteria $authenticatorSelection): self - { - $this->authenticatorSelection = $authenticatorSelection; - - return $this; - } - - /** - * @deprecated since 4.7.0. Please use the {self::create} instead. - * @infection-ignore-all - */ - public function setAttestation(string $attestation): self - { - in_array($attestation, self::ATTESTATION_CONVEYANCE_PREFERENCES, true) || throw InvalidDataException::create( - $attestation, - 'Invalid attestation conveyance mode' - ); - $this->attestation = $attestation; - - return $this; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getRp(): PublicKeyCredentialRpEntity - { - return $this->rp; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getUser(): PublicKeyCredentialUserEntity - { - return $this->user; - } - - /** - * @return PublicKeyCredentialParameters[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getPubKeyCredParams(): array - { - return $this->pubKeyCredParams; - } - - /** - * @return PublicKeyCredentialDescriptor[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getExcludeCredentials(): array - { - return $this->excludeCredentials; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAuthenticatorSelection(): ?AuthenticatorSelectionCriteria - { - return $this->authenticatorSelection; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAttestation(): ?string - { - return $this->attestation; - } - - /** - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromString(string $data): static - { - $data = json_decode($data, true, flags: JSON_THROW_ON_ERROR); - - return self::createFromArray($data); - } - - /** - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $json): static - { - array_key_exists('rp', $json) || throw InvalidDataException::create($json, 'Invalid input. "rp" is missing.'); - array_key_exists('pubKeyCredParams', $json) || throw InvalidDataException::create( - $json, - 'Invalid input. "pubKeyCredParams" is missing.' - ); - is_array($json['pubKeyCredParams']) || throw InvalidDataException::create( - $json, - 'Invalid input. "pubKeyCredParams" is not an array.' - ); - array_key_exists('challenge', $json) || throw InvalidDataException::create( - $json, - 'Invalid input. "challenge" is missing.' - ); - array_key_exists('attestation', $json) || throw InvalidDataException::create( - $json, - 'Invalid input. "attestation" is missing.' - ); - array_key_exists('user', $json) || throw InvalidDataException::create( - $json, - 'Invalid input. "user" is missing.' - ); - - $pubKeyCredParams = []; - foreach ($json['pubKeyCredParams'] as $pubKeyCredParam) { - if (! is_array($pubKeyCredParam)) { - continue; - } - $pubKeyCredParams[] = PublicKeyCredentialParameters::createFromArray($pubKeyCredParam); - } - $excludeCredentials = []; - if (isset($json['excludeCredentials'])) { - foreach ($json['excludeCredentials'] as $excludeCredential) { - $excludeCredentials[] = PublicKeyCredentialDescriptor::createFromArray($excludeCredential); - } - } - - $challenge = Base64::decode($json['challenge']); - - $authenticatorSelection = isset($json['authenticatorSelection']) ? AuthenticatorSelectionCriteria::createFromArray( - $json['authenticatorSelection'] - ) : null - ; - $extensions = - isset($json['extensions']) ? AuthenticationExtensionsClientInputs::createFromArray( - $json['extensions'] - ) : AuthenticationExtensionsClientInputs::create() - ; - return self - ::create( - PublicKeyCredentialRpEntity::createFromArray($json['rp']), - PublicKeyCredentialUserEntity::createFromArray($json['user']), - $challenge, - $pubKeyCredParams, - $authenticatorSelection, - $json['attestation'] ?? null, - $excludeCredentials, - $json['timeout'] ?? null, - $extensions - ); - } - /** * @return mixed[] */ diff --git a/src/webauthn/src/PublicKeyCredentialDescriptor.php b/src/webauthn/src/PublicKeyCredentialDescriptor.php index ba38446e8..fc64a281d 100644 --- a/src/webauthn/src/PublicKeyCredentialDescriptor.php +++ b/src/webauthn/src/PublicKeyCredentialDescriptor.php @@ -51,34 +51,6 @@ public static function create(string $type, string $id, array $transports = []): return new self($type, $id, $transports); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getType(): string - { - return $this->type; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getId(): string - { - return $this->id; - } - - /** - * @return string[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getTransports(): array - { - return $this->transports; - } - public static function createFromString(string $data): self { $data = json_decode($data, true, flags: JSON_THROW_ON_ERROR); diff --git a/src/webauthn/src/PublicKeyCredentialDescriptorCollection.php b/src/webauthn/src/PublicKeyCredentialDescriptorCollection.php deleted file mode 100644 index 844465226..000000000 --- a/src/webauthn/src/PublicKeyCredentialDescriptorCollection.php +++ /dev/null @@ -1,136 +0,0 @@ - - * @deprecated since 4.8.0 and will be removed in 5.0.0. - * @infection-ignore-all - */ -class PublicKeyCredentialDescriptorCollection implements JsonSerializable, Countable, IteratorAggregate -{ - /** - * @var array - * @readonly - */ - public array $publicKeyCredentialDescriptors; - - /** - * @private - * @param PublicKeyCredentialDescriptor[] $pkCredentialDescriptors - */ - public function __construct( - array $pkCredentialDescriptors = [] - ) { - $this->publicKeyCredentialDescriptors = []; - foreach ($pkCredentialDescriptors as $pkCredentialDescriptor) { - $pkCredentialDescriptor instanceof PublicKeyCredentialDescriptor || throw new InvalidArgumentException( - 'Expected only instances of ' . PublicKeyCredentialDescriptor::class - ); - $this->publicKeyCredentialDescriptors[$pkCredentialDescriptor->id] = $pkCredentialDescriptor; - } - } - - /** - * @param PublicKeyCredentialDescriptor[] $publicKeyCredentialDescriptors - */ - public static function create(array $publicKeyCredentialDescriptors): self - { - return new self($publicKeyCredentialDescriptors); - } - - /** - * @deprecated since 4.7.0. Please use the {self::create} instead. - * @infection-ignore-all - */ - public function add(PublicKeyCredentialDescriptor ...$publicKeyCredentialDescriptors): void - { - foreach ($publicKeyCredentialDescriptors as $publicKeyCredentialDescriptor) { - $this->publicKeyCredentialDescriptors[$publicKeyCredentialDescriptor->id] = $publicKeyCredentialDescriptor; - } - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function has(string $id): bool - { - return array_key_exists($id, $this->publicKeyCredentialDescriptors); - } - - /** - * @deprecated since 4.7.0. No replacement. - * @infection-ignore-all - */ - public function remove(string $id): void - { - if (! array_key_exists($id, $this->publicKeyCredentialDescriptors)) { - return; - } - - unset($this->publicKeyCredentialDescriptors[$id]); - } - - /** - * @return Iterator - */ - public function getIterator(): Iterator - { - return new ArrayIterator($this->publicKeyCredentialDescriptors); - } - - public function count(int $mode = COUNT_NORMAL): int - { - return count($this->publicKeyCredentialDescriptors, $mode); - } - - /** - * @return array[] - */ - public function jsonSerialize(): array - { - return $this->publicKeyCredentialDescriptors; - } - - /** - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromString(string $data): self - { - $data = json_decode($data, true, flags: JSON_THROW_ON_ERROR); - - return self::createFromArray($data); - } - - /** - * @param mixed[] $json - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $json): self - { - return self::create( - array_map( - static fn (array $item): PublicKeyCredentialDescriptor => PublicKeyCredentialDescriptor::createFromArray( - $item - ), - $json - ) - ); - } -} diff --git a/src/webauthn/src/PublicKeyCredentialEntity.php b/src/webauthn/src/PublicKeyCredentialEntity.php index 844a078b7..dae17d1c5 100644 --- a/src/webauthn/src/PublicKeyCredentialEntity.php +++ b/src/webauthn/src/PublicKeyCredentialEntity.php @@ -14,24 +14,6 @@ public function __construct( ) { } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getName(): string - { - return $this->name; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getIcon(): ?string - { - return $this->icon; - } - /** * @return mixed[] */ diff --git a/src/webauthn/src/PublicKeyCredentialLoader.php b/src/webauthn/src/PublicKeyCredentialLoader.php deleted file mode 100644 index ea1837b29..000000000 --- a/src/webauthn/src/PublicKeyCredentialLoader.php +++ /dev/null @@ -1,199 +0,0 @@ -attestationObjectLoader === null && $this->serializer === null) { - throw new InvalidArgumentException('You must provide an attestation object loader or a serializer'); - } - if ($this->attestationObjectLoader !== null) { - trigger_deprecation( - 'web-auth/metadata-service', - '4.8.0', - 'The argument "$attestationObjectLoader" is deprecated since 4.8.0 and will be removed in 5.0.0. Please set null instead and inject a serializer as second argument.' - ); - } - $this->logger = new NullLogger(); - } - - public static function create( - null|AttestationObjectLoader $attestationObjectLoader, - null|SerializerInterface $serializer = null - ): self { - return new self($attestationObjectLoader, $serializer); - } - - public function setLogger(LoggerInterface $logger): void - { - $this->logger = $logger; - } - - /** - * @param mixed[] $json - * @deprecated since 4.8.0 and will be removed in 5.0.0. Please use {self::load} instead - * @infection-ignore-all - */ - public function loadArray(array $json): PublicKeyCredential - { - $this->logger->info('Trying to load data from an array', [ - 'data' => $json, - ]); - try { - foreach (['id', 'rawId', 'type'] as $key) { - array_key_exists($key, $json) || throw InvalidDataException::create($json, sprintf( - 'The parameter "%s" is missing', - $key - )); - is_string($json[$key]) || throw InvalidDataException::create($json, sprintf( - 'The parameter "%s" shall be a string', - $key - )); - } - array_key_exists('response', $json) || throw InvalidDataException::create( - $json, - 'The parameter "response" is missing' - ); - is_array($json['response']) || throw InvalidDataException::create( - $json, - 'The parameter "response" shall be an array' - ); - $json['type'] === 'public-key' || throw InvalidDataException::create($json, sprintf( - 'Unsupported type "%s"', - $json['type'] - )); - - $id = Base64UrlSafe::decodeNoPadding($json['id']); - $rawId = Base64::decode($json['rawId']); - hash_equals($id, $rawId) || throw InvalidDataException::create($json, 'Invalid ID'); - - $publicKeyCredential = PublicKeyCredential::create( - $json['id'], - $json['type'], - $rawId, - $this->createResponse($json['response']) - ); - $this->logger->info('The data has been loaded'); - $this->logger->debug('Public Key Credential', [ - 'publicKeyCredential' => $publicKeyCredential, - ]); - - return $publicKeyCredential; - } catch (Throwable $throwable) { - $this->logger->error('An error occurred', [ - 'exception' => $throwable, - ]); - throw $throwable; - } - } - - public function load(string $data): PublicKeyCredential - { - $this->logger->info('Trying to load data from a string', [ - 'data' => $data, - ]); - try { - if ($this->serializer !== null) { - return $this->serializer->deserialize($data, PublicKeyCredential::class, 'json'); - } - $json = json_decode($data, true, flags: JSON_THROW_ON_ERROR); - - return $this->loadArray($json); - } catch (Throwable $throwable) { - $this->logger->error('An error occurred', [ - 'exception' => $throwable, - ]); - throw InvalidDataException::create($data, 'Unable to load the data', $throwable); - } - } - - /** - * @param mixed[] $response - */ - private function createResponse(array $response): AuthenticatorResponse - { - array_key_exists('clientDataJSON', $response) || throw InvalidDataException::create( - $response, - 'Invalid data. The parameter "clientDataJSON" is missing' - ); - is_string($response['clientDataJSON']) || throw InvalidDataException::create( - $response, - 'Invalid data. The parameter "clientDataJSON" is invalid' - ); - $userHandle = $response['userHandle'] ?? null; - $userHandle === null || is_string($userHandle) || throw InvalidDataException::create( - $response, - 'Invalid data. The parameter "userHandle" is invalid' - ); - /** @var string[] $transports */ - $transports = $response['transports'] ?? []; - is_array($transports) || throw InvalidDataException::create( - $response, - 'Invalid data. The parameter "transports" is invalid' - ); - if ($this->serializer !== null) { - return $this->serializer->deserialize($response, AuthenticatorResponse::class, 'json'); - } - switch (true) { - case ! array_key_exists('authenticatorData', $response) && ! array_key_exists('signature', $response): - $attestationObject = $this->attestationObjectLoader->load($response['attestationObject']); - - return AuthenticatorAttestationResponse::create(CollectedClientData::createFormJson( - $response['clientDataJSON'] - ), $attestationObject, $transports); - case array_key_exists('authenticatorData', $response) && array_key_exists('signature', $response): - $authDataLoader = AuthenticatorDataLoader::create(); - $authData = Base64UrlSafe::decodeNoPadding($response['authenticatorData']); - $authenticatorData = $authDataLoader->load($authData); - - try { - $signature = Base64::decode($response['signature']); - } catch (Throwable $e) { - throw InvalidDataException::create( - $response['signature'], - 'The signature shall be Base64 Url Safe encoded', - $e - ); - } - $userHandle = $response['userHandle'] ?? null; - if ($userHandle !== '' && $userHandle !== null) { - $userHandle = Base64::decode($userHandle); - } - - return AuthenticatorAssertionResponse::create( - CollectedClientData::createFormJson($response['clientDataJSON']), - $authenticatorData, - $signature, - $userHandle - ); - default: - throw InvalidDataException::create($response, 'Unable to create the response object'); - } - } -} diff --git a/src/webauthn/src/PublicKeyCredentialOptions.php b/src/webauthn/src/PublicKeyCredentialOptions.php index 8e5ffbe42..2d8091481 100644 --- a/src/webauthn/src/PublicKeyCredentialOptions.php +++ b/src/webauthn/src/PublicKeyCredentialOptions.php @@ -6,9 +6,7 @@ use InvalidArgumentException; use JsonSerializable; -use Webauthn\AuthenticationExtensions\AuthenticationExtension; use Webauthn\AuthenticationExtensions\AuthenticationExtensions; -use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientInputs; abstract class PublicKeyCredentialOptions implements JsonSerializable { @@ -26,98 +24,11 @@ public function __construct( ) { ($this->timeout === null || $this->timeout > 0) || throw new InvalidArgumentException('Invalid timeout'); if ($extensions === null) { - $this->extensions = AuthenticationExtensionsClientInputs::create(); + $this->extensions = AuthenticationExtensions::create(); } elseif ($extensions instanceof AuthenticationExtensions) { $this->extensions = $extensions; } else { $this->extensions = AuthenticationExtensions::create($extensions); } } - - /** - * @deprecated since 4.7.0. Please use the {self::create} instead. - * @infection-ignore-all - */ - public function setTimeout(?int $timeout): static - { - $this->timeout = $timeout; - - return $this; - } - - /** - * @deprecated since 4.7.0. Please use the {self::create} instead. - * @infection-ignore-all - */ - public function addExtension(AuthenticationExtension $extension): static - { - $this->extensions[$extension->name] = $extension; - - return $this; - } - - /** - * @param AuthenticationExtension[] $extensions - * @deprecated since 4.7.0. No replacement. Please use the {self::create} instead. - * @infection-ignore-all - */ - public function addExtensions(array $extensions): static - { - foreach ($extensions as $extension) { - $this->extensions[$extension->name] = $extension; - } - - return $this; - } - - /** - * @deprecated since 4.7.0. Please use the {self::create} instead. - * @infection-ignore-all - */ - public function setExtensions(AuthenticationExtensions $extensions): static - { - $this->extensions = $extensions; - - return $this; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getChallenge(): string - { - return $this->challenge; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getTimeout(): ?int - { - return $this->timeout; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getExtensions(): AuthenticationExtensions - { - return $this->extensions; - } - - /** - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - abstract public static function createFromString(string $data): static; - - /** - * @param mixed[] $json - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - abstract public static function createFromArray(array $json): static; } diff --git a/src/webauthn/src/PublicKeyCredentialParameters.php b/src/webauthn/src/PublicKeyCredentialParameters.php index 62cfa0534..d45ed7f7e 100644 --- a/src/webauthn/src/PublicKeyCredentialParameters.php +++ b/src/webauthn/src/PublicKeyCredentialParameters.php @@ -5,9 +5,6 @@ namespace Webauthn; use JsonSerializable; -use Webauthn\Exception\InvalidDataException; -use function array_key_exists; -use const JSON_THROW_ON_ERROR; class PublicKeyCredentialParameters implements JsonSerializable { @@ -30,54 +27,6 @@ public static function createPk(int $alg): self return self::create(PublicKeyCredentialDescriptor::CREDENTIAL_TYPE_PUBLIC_KEY, $alg); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getType(): string - { - return $this->type; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAlg(): int - { - return $this->alg; - } - - /** - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromString(string $data): self - { - $data = json_decode($data, true, flags: JSON_THROW_ON_ERROR); - - return self::createFromArray($data); - } - - /** - * @param mixed[] $json - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $json): self - { - array_key_exists('type', $json) || throw InvalidDataException::create( - $json, - 'Invalid input. "type" is missing.' - ); - array_key_exists('alg', $json) || throw InvalidDataException::create( - $json, - 'Invalid input. "alg" is missing.' - ); - - return self::create($json['type'], $json['alg']); - } - /** * @return mixed[] */ diff --git a/src/webauthn/src/PublicKeyCredentialRequestOptions.php b/src/webauthn/src/PublicKeyCredentialRequestOptions.php index 4016f34f6..d13185121 100644 --- a/src/webauthn/src/PublicKeyCredentialRequestOptions.php +++ b/src/webauthn/src/PublicKeyCredentialRequestOptions.php @@ -6,13 +6,9 @@ use ParagonIE\ConstantTime\Base64UrlSafe; use Webauthn\AuthenticationExtensions\AuthenticationExtensions; -use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientInputs; use Webauthn\Exception\InvalidDataException; -use Webauthn\Util\Base64; -use function array_key_exists; use function count; use function in_array; -use const JSON_THROW_ON_ERROR; final class PublicKeyCredentialRequestOptions extends PublicKeyCredentialOptions { @@ -71,134 +67,6 @@ public static function create( return new self($challenge, $rpId, $allowCredentials, $userVerification, $timeout, $extensions); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function setRpId(?string $rpId): self - { - $this->rpId = $rpId; - - return $this; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function allowCredential(PublicKeyCredentialDescriptor $allowCredential): self - { - $this->allowCredentials[] = $allowCredential; - - return $this; - } - - /** - * @deprecated since 4.7.0. No replacement. Please use the property directly. - * @infection-ignore-all - */ - public function allowCredentials(PublicKeyCredentialDescriptor ...$allowCredentials): self - { - foreach ($allowCredentials as $allowCredential) { - $this->allowCredentials[] = $allowCredential; - } - - return $this; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function setUserVerification(?string $userVerification): self - { - if ($userVerification === null) { - $this->rpId = null; - - return $this; - } - in_array($userVerification, [ - self::USER_VERIFICATION_REQUIREMENT_REQUIRED, - self::USER_VERIFICATION_REQUIREMENT_PREFERRED, - self::USER_VERIFICATION_REQUIREMENT_DISCOURAGED, - ], true) || throw InvalidDataException::create($userVerification, 'Invalid user verification requirement'); - $this->userVerification = $userVerification; - - return $this; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getRpId(): ?string - { - return $this->rpId; - } - - /** - * @return PublicKeyCredentialDescriptor[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAllowCredentials(): array - { - return $this->allowCredentials; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getUserVerification(): ?string - { - return $this->userVerification; - } - - /** - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromString(string $data): static - { - $data = json_decode($data, true, flags: JSON_THROW_ON_ERROR); - - return self::createFromArray($data); - } - - /** - * @param mixed[] $json - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $json): static - { - array_key_exists('challenge', $json) || throw InvalidDataException::create( - $json, - 'Invalid input. "challenge" is missing.' - ); - - $allowCredentials = []; - $allowCredentialList = $json['allowCredentials'] ?? []; - foreach ($allowCredentialList as $allowCredential) { - $allowCredentials[] = PublicKeyCredentialDescriptor::createFromArray($allowCredential); - } - - $challenge = Base64::decode($json['challenge']); - $extensions = isset($json['extensions']) ? AuthenticationExtensionsClientInputs::createFromArray( - $json['extensions'] - ) : AuthenticationExtensionsClientInputs::create(); - - return self::create( - $challenge, - $json['rpId'] ?? null, - $allowCredentials, - $json['userVerification'] ?? null, - $json['timeout'] ?? null, - $extensions - ); - } - /** * @return mixed[] */ diff --git a/src/webauthn/src/PublicKeyCredentialRpEntity.php b/src/webauthn/src/PublicKeyCredentialRpEntity.php index 1720462b9..97b293879 100644 --- a/src/webauthn/src/PublicKeyCredentialRpEntity.php +++ b/src/webauthn/src/PublicKeyCredentialRpEntity.php @@ -4,9 +4,6 @@ namespace Webauthn; -use Webauthn\Exception\InvalidDataException; -use function array_key_exists; - class PublicKeyCredentialRpEntity extends PublicKeyCredentialEntity { public function __construct( @@ -22,30 +19,6 @@ public static function create(string $name, ?string $id = null, ?string $icon = return new self($name, $id, $icon); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getId(): ?string - { - return $this->id; - } - - /** - * @param mixed[] $json - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $json): self - { - array_key_exists('name', $json) || throw InvalidDataException::create( - $json, - 'Invalid input. "name" is missing.' - ); - - return self::create($json['name'], $json['id'] ?? null, $json['icon'] ?? null); - } - /** * @return mixed[] */ diff --git a/src/webauthn/src/PublicKeyCredentialSource.php b/src/webauthn/src/PublicKeyCredentialSource.php index 815a01c4b..fde53cfa4 100644 --- a/src/webauthn/src/PublicKeyCredentialSource.php +++ b/src/webauthn/src/PublicKeyCredentialSource.php @@ -7,11 +7,7 @@ use JsonSerializable; use ParagonIE\ConstantTime\Base64UrlSafe; use Symfony\Component\Uid\Uuid; -use Throwable; -use Webauthn\Exception\InvalidDataException; use Webauthn\TrustPath\TrustPath; -use Webauthn\TrustPath\TrustPathLoader; -use function array_key_exists; /** * @see https://www.w3.org/TR/webauthn/#iface-pkcredential @@ -76,172 +72,16 @@ public static function create( ); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getPublicKeyCredentialId(): string - { - return $this->publicKeyCredentialId; - } - public function getPublicKeyCredentialDescriptor(): PublicKeyCredentialDescriptor { return PublicKeyCredentialDescriptor::create($this->type, $this->publicKeyCredentialId, $this->transports); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAttestationType(): string - { - return $this->attestationType; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getTrustPath(): TrustPath - { - return $this->trustPath; - } - public function getAttestedCredentialData(): AttestedCredentialData { return AttestedCredentialData::create($this->aaguid, $this->publicKeyCredentialId, $this->credentialPublicKey); } - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getType(): string - { - return $this->type; - } - - /** - * @return string[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getTransports(): array - { - return $this->transports; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getAaguid(): Uuid - { - return $this->aaguid; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCredentialPublicKey(): string - { - return $this->credentialPublicKey; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getUserHandle(): string - { - return $this->userHandle; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCounter(): int - { - return $this->counter; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function setCounter(int $counter): void - { - $this->counter = $counter; - } - - /** - * @return array|null - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getOtherUI(): ?array - { - return $this->otherUI; - } - - /** - * @param array|null $otherUI - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function setOtherUI(?array $otherUI): self - { - $this->otherUI = $otherUI; - - return $this; - } - - /** - * @param mixed[] $data - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): self - { - $keys = array_keys(get_class_vars(self::class)); - foreach ($keys as $key) { - if ($key === 'otherUI') { - continue; - } - array_key_exists($key, $data) || throw InvalidDataException::create($data, sprintf( - 'The parameter "%s" is missing', - $key - )); - } - mb_strlen((string) $data['aaguid'], '8bit') === 36 || throw InvalidDataException::create( - $data, - 'Invalid AAGUID' - ); - $uuid = Uuid::fromString($data['aaguid']); - - try { - return self::create( - Base64UrlSafe::decodeNoPadding($data['publicKeyCredentialId']), - $data['type'], - $data['transports'], - $data['attestationType'], - TrustPathLoader::loadTrustPath($data['trustPath']), - $uuid, - Base64UrlSafe::decodeNoPadding($data['credentialPublicKey']), - Base64UrlSafe::decodeNoPadding($data['userHandle']), - $data['counter'], - $data['otherUI'] ?? null, - $data['backupEligible'] ?? null, - $data['backupStatus'] ?? null, - ); - } catch (Throwable $throwable) { - throw InvalidDataException::create($data, 'Unable to load the data', $throwable); - } - } - /** * @return mixed[] */ diff --git a/src/webauthn/src/PublicKeyCredentialSourceRepository.php b/src/webauthn/src/PublicKeyCredentialSourceRepository.php deleted file mode 100644 index 5174a4181..000000000 --- a/src/webauthn/src/PublicKeyCredentialSourceRepository.php +++ /dev/null @@ -1,21 +0,0 @@ -id; - } - - /** - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getDisplayName(): string - { - return $this->displayName; - } - - /** - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromString(string $data): self - { - $data = json_decode($data, true, flags: JSON_THROW_ON_ERROR); - is_array($data) || throw InvalidDataException::create($data, 'Invalid data'); - - return self::createFromArray($data); - } - - /** - * @param mixed[] $json - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $json): self - { - array_key_exists('name', $json) || throw InvalidDataException::create( - $json, - 'Invalid input. "name" is missing.' - ); - array_key_exists('id', $json) || throw InvalidDataException::create($json, 'Invalid input. "id" is missing.'); - array_key_exists('displayName', $json) || throw InvalidDataException::create( - $json, - 'Invalid input. "displayName" is missing.' - ); - $id = Base64::decode($json['id'], true); - - return self::create($json['name'], $id, $json['displayName'], $json['icon'] ?? null); - } - /** * @return mixed[] */ diff --git a/src/webauthn/src/TokenBinding/IgnoreTokenBindingHandler.php b/src/webauthn/src/TokenBinding/IgnoreTokenBindingHandler.php deleted file mode 100644 index 037fd8c7a..000000000 --- a/src/webauthn/src/TokenBinding/IgnoreTokenBindingHandler.php +++ /dev/null @@ -1,24 +0,0 @@ -getStatus() !== TokenBinding::TOKEN_BINDING_STATUS_PRESENT) { - return; - } - - $request->hasHeader('Sec-Token-Binding') || throw InvalidDataException::create( - $tokenBinding, - 'The header parameter "Sec-Token-Binding" is missing.' - ); - $tokenBindingIds = $request->getHeader('Sec-Token-Binding'); - count($tokenBindingIds) === 1 || throw InvalidDataException::create( - $tokenBinding, - 'The header parameter "Sec-Token-Binding" is invalid.' - ); - $tokenBindingId = reset($tokenBindingIds); - $tokenBindingId === $tokenBinding->getId() || throw InvalidDataException::create( - $tokenBinding, - 'The header parameter "Sec-Token-Binding" is invalid.' - ); - } -} diff --git a/src/webauthn/src/TokenBinding/TokenBinding.php b/src/webauthn/src/TokenBinding/TokenBinding.php deleted file mode 100644 index cffc6ded5..000000000 --- a/src/webauthn/src/TokenBinding/TokenBinding.php +++ /dev/null @@ -1,78 +0,0 @@ -status = $status; - $this->id = $id; - } - - /** - * @param mixed[] $json - */ - public static function createFormArray(array $json): self - { - array_key_exists('status', $json) || throw InvalidDataException::create( - $json, - 'The member "status" is required' - ); - $status = $json['status']; - in_array($status, self::getSupportedStatus(), true) || throw InvalidDataException::create($json, sprintf( - 'The member "status" is invalid. Supported values are: %s', - implode(', ', self::getSupportedStatus()) - )); - $id = array_key_exists('id', $json) ? Base64UrlSafe::decodeNoPadding($json['id']) : null; - - return new self($status, $id); - } - - public function getStatus(): string - { - return $this->status; - } - - public function getId(): ?string - { - return $this->id; - } - - /** - * @return string[] - */ - private static function getSupportedStatus(): array - { - return [ - self::TOKEN_BINDING_STATUS_PRESENT, - self::TOKEN_BINDING_STATUS_SUPPORTED, - self::TOKEN_BINDING_STATUS_NOT_SUPPORTED, - ]; - } -} diff --git a/src/webauthn/src/TokenBinding/TokenBindingHandler.php b/src/webauthn/src/TokenBinding/TokenBindingHandler.php deleted file mode 100644 index 8c907fdff..000000000 --- a/src/webauthn/src/TokenBinding/TokenBindingHandler.php +++ /dev/null @@ -1,16 +0,0 @@ -getStatus() !== TokenBinding::TOKEN_BINDING_STATUS_PRESENT || throw InvalidDataException::create( - $tokenBinding, - 'Token binding not supported.' - ); - } -} diff --git a/src/webauthn/src/TrustPath/CertificateTrustPath.php b/src/webauthn/src/TrustPath/CertificateTrustPath.php index 796511c50..d51f5706c 100644 --- a/src/webauthn/src/TrustPath/CertificateTrustPath.php +++ b/src/webauthn/src/TrustPath/CertificateTrustPath.php @@ -4,10 +4,6 @@ namespace Webauthn\TrustPath; -use Webauthn\Exception\InvalidTrustPathException; -use function array_key_exists; -use function is_array; - final class CertificateTrustPath implements TrustPath { /** @@ -26,31 +22,6 @@ public static function create(array $certificates): self return new self($certificates); } - /** - * @return string[] - * @deprecated since 4.7.0. Please use the property directly. - * @infection-ignore-all - */ - public function getCertificates(): array - { - return $this->certificates; - } - - /** - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): static - { - array_key_exists('x5c', $data) || throw InvalidTrustPathException::create('The trust path type is invalid'); - $x5c = $data['x5c']; - is_array($x5c) || throw InvalidTrustPathException::create( - 'The trust path type is invalid. The parameter "x5c" shall contain strings.' - ); - - return self::create($x5c); - } - /** * @return mixed[] */ diff --git a/src/webauthn/src/TrustPath/EcdaaKeyIdTrustPath.php b/src/webauthn/src/TrustPath/EcdaaKeyIdTrustPath.php deleted file mode 100644 index d0aa7ffa1..000000000 --- a/src/webauthn/src/TrustPath/EcdaaKeyIdTrustPath.php +++ /dev/null @@ -1,45 +0,0 @@ -ecdaaKeyId; - } - - /** - * @return string[] - */ - public function jsonSerialize(): array - { - return [ - 'type' => self::class, - 'ecdaaKeyId' => $this->ecdaaKeyId, - ]; - } - - public static function createFromArray(array $data): static - { - array_key_exists('ecdaaKeyId', $data) || throw InvalidTrustPathException::create( - 'The trust path type is invalid' - ); - - return new self($data['ecdaaKeyId']); - } -} diff --git a/src/webauthn/src/TrustPath/EmptyTrustPath.php b/src/webauthn/src/TrustPath/EmptyTrustPath.php index 744103364..fbf6cbbe3 100644 --- a/src/webauthn/src/TrustPath/EmptyTrustPath.php +++ b/src/webauthn/src/TrustPath/EmptyTrustPath.php @@ -20,13 +20,4 @@ public function jsonSerialize(): array 'type' => self::class, ]; } - - /** - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): static - { - return self::create(); - } } diff --git a/src/webauthn/src/TrustPath/TrustPath.php b/src/webauthn/src/TrustPath/TrustPath.php index f28097e0c..d8c351c74 100644 --- a/src/webauthn/src/TrustPath/TrustPath.php +++ b/src/webauthn/src/TrustPath/TrustPath.php @@ -8,10 +8,4 @@ interface TrustPath extends JsonSerializable { - /** - * @param array $data - * @deprecated since 4.8.0. Please use {Webauthn\Denormalizer\WebauthnSerializerFactory} for converting the object. - * @infection-ignore-all - */ - public static function createFromArray(array $data): static; } diff --git a/tests/library/AbstractTestCase.php b/tests/library/AbstractTestCase.php index f90b29289..a3cb42b18 100644 --- a/tests/library/AbstractTestCase.php +++ b/tests/library/AbstractTestCase.php @@ -111,7 +111,7 @@ protected function getAuthenticatorAssertionResponseValidator(): AuthenticatorAs { if ($this->authenticatorAssertionResponseValidator === null) { $this->authenticatorAssertionResponseValidator = AuthenticatorAssertionResponseValidator::create( - ceremonyStepManager: $this->getCeremonyStepManagerFactory() + $this->getCeremonyStepManagerFactory() ->requestCeremony() ); } diff --git a/tests/library/Unit/AttestationStatement/AttestationStatementTest.php b/tests/library/Unit/AttestationStatement/AttestationStatementTest.php index 6471e2bb7..c3f0a5217 100644 --- a/tests/library/Unit/AttestationStatement/AttestationStatementTest.php +++ b/tests/library/Unit/AttestationStatement/AttestationStatementTest.php @@ -8,7 +8,6 @@ use PHPUnit\Framework\TestCase; use Webauthn\AttestationStatement\AttestationStatement; use Webauthn\TrustPath\CertificateTrustPath; -use Webauthn\TrustPath\EcdaaKeyIdTrustPath; use Webauthn\TrustPath\EmptyTrustPath; /** @@ -33,23 +32,6 @@ public function anAttestationStatementOfNoneTypeReturnsTheExpectedProperties(): static::assertSame('none', $attestationStatement->type); } - #[Test] - public function anAttestationStatementOfEcdaaTypeReturnsTheExpectedProperties(): void - { - $attestationStatement = AttestationStatement::createEcdaa('fmt', [ - 'bar' => 'FOO', - ], new EcdaaKeyIdTrustPath('key_id')); - static::assertSame('fmt', $attestationStatement->fmt); - static::assertSame([ - 'bar' => 'FOO', - ], $attestationStatement->attStmt); - static::assertTrue($attestationStatement->has('bar')); - static::assertFalse($attestationStatement->has('foo')); - static::assertSame('FOO', $attestationStatement->get('bar')); - static::assertInstanceOf(EcdaaKeyIdTrustPath::class, $attestationStatement->trustPath); - static::assertSame('ecdaa', $attestationStatement->type); - } - #[Test] public function anAttestationStatementOfBasicTypeReturnsTheExpectedProperties(): void { diff --git a/tests/library/Unit/AuthenticationExtensions/AuthenticationExtensionsClientOutputsLoaderTest.php b/tests/library/Unit/AuthenticationExtensions/AuthenticationExtensionsClientOutputsLoaderTest.php index 1fb97af20..1bd4e50e0 100644 --- a/tests/library/Unit/AuthenticationExtensions/AuthenticationExtensionsClientOutputsLoaderTest.php +++ b/tests/library/Unit/AuthenticationExtensions/AuthenticationExtensionsClientOutputsLoaderTest.php @@ -10,7 +10,7 @@ use CBOR\OtherObject\TrueObject; use PHPUnit\Framework\Attributes\Test; use PHPUnit\Framework\TestCase; -use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientOutputs; +use Webauthn\AuthenticationExtensions\AuthenticationExtensions; use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientOutputsLoader; use Webauthn\Exception\AuthenticationExtensionException; use const JSON_THROW_ON_ERROR; @@ -27,7 +27,7 @@ public function theExtensionsCanBeLoaded(): void $extensions = AuthenticationExtensionsClientOutputsLoader::load($cbor); - static::assertInstanceOf(AuthenticationExtensionsClientOutputs::class, $extensions); + static::assertInstanceOf(AuthenticationExtensions::class, $extensions); static::assertCount(1, $extensions); static::assertSame('{"loc":true}', json_encode($extensions, JSON_THROW_ON_ERROR)); } diff --git a/tests/library/Unit/AuthenticationExtensions/AuthenticationExtensionsClientTest.php b/tests/library/Unit/AuthenticationExtensions/AuthenticationExtensionsClientTest.php index 18ad55d6e..f37855c31 100644 --- a/tests/library/Unit/AuthenticationExtensions/AuthenticationExtensionsClientTest.php +++ b/tests/library/Unit/AuthenticationExtensions/AuthenticationExtensionsClientTest.php @@ -7,8 +7,7 @@ use PHPUnit\Framework\Attributes\Test; use PHPUnit\Framework\TestCase; use Webauthn\AuthenticationExtensions\AuthenticationExtension; -use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientInputs; -use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientOutputs; +use Webauthn\AuthenticationExtensions\AuthenticationExtensions; use const JSON_THROW_ON_ERROR; /** @@ -29,9 +28,7 @@ public function anAuthenticationExtensionsClientCanBeCreatedAndValueAccessed(): #[Test] public function theAuthenticationExtensionsClientInputsCanManageExtensions(): void { - $inputs = AuthenticationExtensionsClientInputs::create([ - AuthenticationExtension::create('name', ['value']), - ]); + $inputs = AuthenticationExtensions::create([AuthenticationExtension::create('name', ['value'])]); static::assertSame(1, $inputs->count()); static::assertSame('{"name":["value"]}', json_encode($inputs, JSON_THROW_ON_ERROR)); @@ -41,9 +38,7 @@ public function theAuthenticationExtensionsClientInputsCanManageExtensions(): vo #[Test] public function theAuthenticationExtensionsClientOutputsCanManageExtensions(): void { - $inputs = AuthenticationExtensionsClientOutputs::create([ - AuthenticationExtension::create('name', ['value']), - ]); + $inputs = AuthenticationExtensions::create([AuthenticationExtension::create('name', ['value'])]); static::assertSame(1, $inputs->count()); static::assertSame('{"name":["value"]}', json_encode($inputs, JSON_THROW_ON_ERROR)); diff --git a/tests/library/Unit/AuthenticatorDataTest.php b/tests/library/Unit/AuthenticatorDataTest.php index 34d2ac859..757ef1df9 100644 --- a/tests/library/Unit/AuthenticatorDataTest.php +++ b/tests/library/Unit/AuthenticatorDataTest.php @@ -8,7 +8,7 @@ use PHPUnit\Framework\TestCase; use Symfony\Component\Uid\Uuid; use Webauthn\AttestedCredentialData; -use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientOutputs; +use Webauthn\AuthenticationExtensions\AuthenticationExtensions; use Webauthn\AuthenticatorData; /** @@ -20,7 +20,7 @@ final class AuthenticatorDataTest extends TestCase public function anAuthenticatorDataCanBeCreatedAndValueAccessed(): void { $attestedCredentialData = AttestedCredentialData::create(Uuid::v4(), '', null); - $extensions = AuthenticationExtensionsClientOutputs::create(); + $extensions = AuthenticationExtensions::create(); $authenticatorData = AuthenticatorData::create( 'auth_data', diff --git a/tests/library/Unit/AuthenticatorSelectionCriteriaTest.php b/tests/library/Unit/AuthenticatorSelectionCriteriaTest.php index f03aae892..0f6bdebdf 100644 --- a/tests/library/Unit/AuthenticatorSelectionCriteriaTest.php +++ b/tests/library/Unit/AuthenticatorSelectionCriteriaTest.php @@ -22,7 +22,7 @@ public function anAuthenticatorSelectionCriteriaCanBeCreatedAndValueAccessed(): $authenticatorSelectionCriteria = AuthenticatorSelectionCriteria::create( AuthenticatorSelectionCriteria::AUTHENTICATOR_ATTACHMENT_PLATFORM, AuthenticatorSelectionCriteria::USER_VERIFICATION_REQUIREMENT_REQUIRED, - AuthenticatorSelectionCriteria::RESIDENT_KEY_REQUIREMENT_NO_PREFERENCE + AuthenticatorSelectionCriteria::RESIDENT_KEY_REQUIREMENT_NO_PREFERENCE, ); //When @@ -53,7 +53,6 @@ public function anAuthenticatorSelectionCriteriaWithResidentKeyCanBeCreatedAndVa AuthenticatorSelectionCriteria::AUTHENTICATOR_ATTACHMENT_PLATFORM, AuthenticatorSelectionCriteria::USER_VERIFICATION_REQUIREMENT_REQUIRED, AuthenticatorSelectionCriteria::RESIDENT_KEY_REQUIREMENT_REQUIRED, - true ); //When diff --git a/tests/library/Unit/MetadataServiceTest.php b/tests/library/Unit/MetadataServiceTest.php index d358752d0..d4350e15a 100644 --- a/tests/library/Unit/MetadataServiceTest.php +++ b/tests/library/Unit/MetadataServiceTest.php @@ -24,7 +24,7 @@ public function theMetadataServiceCanLoadUri(): void $client = new MockHttpClient(); $client->setResponseFactory($response); - $service = FidoAllianceCompliantMetadataService::create(null, $client, 'https://fidoalliance.co.nz'); + $service = FidoAllianceCompliantMetadataService::create($client, 'https://fidoalliance.co.nz'); $aaguids = $service->list(); foreach ($aaguids as $aaguid) { static::assertTrue($service->has($aaguid)); @@ -41,7 +41,6 @@ public function aMetadataStatementFromAnUriCanBeRetrieved(): void //When $service = DistantResourceMetadataService::create( - null, $client, 'https://raw.githubusercontent.com/solokeys/solo/2.1.0/metadata/Solo-FIDO2-CTAP2-Authenticator.json' ); diff --git a/tests/library/Unit/PublicKeyCredentialRequestOptionsTest.php b/tests/library/Unit/PublicKeyCredentialRequestOptionsTest.php index 808a5d0c7..6f2de181d 100644 --- a/tests/library/Unit/PublicKeyCredentialRequestOptionsTest.php +++ b/tests/library/Unit/PublicKeyCredentialRequestOptionsTest.php @@ -7,7 +7,6 @@ use PHPUnit\Framework\Attributes\Test; use Webauthn\AuthenticationExtensions\AuthenticationExtension; use Webauthn\AuthenticationExtensions\AuthenticationExtensions; -use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientInputs; use Webauthn\PublicKeyCredentialDescriptor; use Webauthn\PublicKeyCredentialRequestOptions; use Webauthn\Tests\AbstractTestCase; @@ -41,7 +40,7 @@ public function authenticatorExtensionSerialization(): void #[Test] public function aPublicKeyCredentialRequestOptionsCanBeCreatedAndValueAccessed(): void { - $extensions = AuthenticationExtensionsClientInputs::create([AuthenticationExtension::create('foo', 'bar')]); + $extensions = AuthenticationExtensions::create([AuthenticationExtension::create('foo', 'bar')]); $credential = PublicKeyCredentialDescriptor::create('type', 'id', ['transport']); $publicKeyCredentialRequestOptions = PublicKeyCredentialRequestOptions::create( diff --git a/tests/library/Unit/TrustPath/TrustPathTest.php b/tests/library/Unit/TrustPath/TrustPathTest.php index 769149945..095e54eb8 100644 --- a/tests/library/Unit/TrustPath/TrustPathTest.php +++ b/tests/library/Unit/TrustPath/TrustPathTest.php @@ -8,9 +8,7 @@ use PHPUnit\Framework\TestCase; use Webauthn\Exception\InvalidTrustPathException; use Webauthn\TrustPath\CertificateTrustPath; -use Webauthn\TrustPath\EcdaaKeyIdTrustPath; use Webauthn\TrustPath\TrustPathLoader; -use const JSON_THROW_ON_ERROR; /** * @internal @@ -28,17 +26,6 @@ public function aCertificateTrustPathCanBeCreated(): void static::assertSame(['cert#1'], $tp->certificates); } - /** - * @use EcdaaKeyIdTrustPath - */ - #[Test] - public function anEcdaaKeyIdTrustPathCanBeCreated(): void - { - $tp = new EcdaaKeyIdTrustPath('id'); - - static::assertSame('id', $tp->getEcdaaKeyId()); - } - /** * @use TrustPathLoader */ @@ -66,18 +53,4 @@ public function theLoaderCannotLoadUnsupportedTypeNameBasedOnClass(): void 'type' => NotAValidTrustPath::class, ]); } - - /** - * @use TrustPathLoader - */ - #[Test] - public function theLoaderCanLoadNewTrustPathType(): void - { - $trustPath = json_encode(new EcdaaKeyIdTrustPath('key_id'), JSON_THROW_ON_ERROR); - $data = json_decode($trustPath, true, 512, JSON_THROW_ON_ERROR); - $loadedTrustPath = TrustPathLoader::loadTrustPath($data); - - static::assertInstanceOf(EcdaaKeyIdTrustPath::class, $loadedTrustPath); - static::assertSame('key_id', $loadedTrustPath->getEcdaaKeyId()); - } } diff --git a/tests/symfony/config/config.yml b/tests/symfony/config/config.yml index 10c12e23e..4bc3b6cf0 100644 --- a/tests/symfony/config/config.yml +++ b/tests/symfony/config/config.yml @@ -4,12 +4,17 @@ parameters: framework: test: true secret: 'test' + handle_all_throwables: true serializer: enabled: true validation: enabled: true + email_validation_mode: html5 session: storage_factory_id: 'session.storage.factory.mock_file' + save_path: "session.handler.native_file" + cookie_samesite: "lax" + cookie_secure: "auto" fragments: ~ http_method_override: true http_client: @@ -17,6 +22,11 @@ framework: router: utf8: true resource: "%kernel.project_dir%/tests/symfony/config/routing.php" + uid: + default_uuid_version: 7 + time_based_uuid_version: 7 + php_errors: + log: true services: _defaults: @@ -85,7 +95,6 @@ services: arguments: - '@Webauthn\MetadataService\Service\ChainedMetadataServices' - doctrine: dbal: driver: 'pdo_mysql' @@ -97,6 +106,7 @@ doctrine: url: '%env(resolve:DATABASE_URL)%' orm: + enable_lazy_ghost_objects: true auto_generate_proxy_classes: true naming_strategy: doctrine.orm.naming_strategy.underscore_number_aware auto_mapping: true diff --git a/tests/symfony/functional/Assertion/AssertionTest.php b/tests/symfony/functional/Assertion/AssertionTest.php index 45f6b394b..89ee83cdb 100644 --- a/tests/symfony/functional/Assertion/AssertionTest.php +++ b/tests/symfony/functional/Assertion/AssertionTest.php @@ -8,7 +8,7 @@ use PHPUnit\Framework\Attributes\Test; use Symfony\Bundle\FrameworkBundle\Test\WebTestCase; use Symfony\Component\Serializer\SerializerInterface; -use Webauthn\AuthenticationExtensions\AuthenticationExtensionsClientInputs; +use Webauthn\AuthenticationExtensions\AuthenticationExtensions; use Webauthn\AuthenticatorAssertionResponse; use Webauthn\AuthenticatorAssertionResponseValidator; use Webauthn\Bundle\Repository\PublicKeyCredentialSourceRepositoryInterface; @@ -98,6 +98,6 @@ public function aPublicKeyCredentialCreationOptionsCanBeCreatedFromProfile(): vo static::assertSame('localhost', $options->rpId); static::assertSame($allowedCredentials, $options->allowCredentials); static::assertSame('preferred', $options->userVerification); - static::assertInstanceOf(AuthenticationExtensionsClientInputs::class, $options->extensions); + static::assertInstanceOf(AuthenticationExtensions::class, $options->extensions); } } diff --git a/tests/symfony/functional/Attestation/AdditionalAuthenticatorTest.php b/tests/symfony/functional/Attestation/AdditionalAuthenticatorTest.php index d2ed3912e..0b4cc3e0d 100644 --- a/tests/symfony/functional/Attestation/AdditionalAuthenticatorTest.php +++ b/tests/symfony/functional/Attestation/AdditionalAuthenticatorTest.php @@ -85,7 +85,8 @@ public function withTheOptionAnExistingUserCanRegisterNewAnotherAuthenticator(): 'HTTPS' => 'on', ]); /** @var PublicKeyCredentialSourceRepository $publicKeyCredentialSourceRepository */ - $publicKeyCredentialSourceRepository = $client->getContainer() + $publicKeyCredentialSourceRepository = $client + ->getContainer() ->get(PublicKeyCredentialSourceRepository::class); $this->logIn($client); diff --git a/tests/symfony/functional/Attestation/PackedAttestationStatementTest.php b/tests/symfony/functional/Attestation/PackedAttestationStatementTest.php index f99f1219a..4a8ac45b1 100644 --- a/tests/symfony/functional/Attestation/PackedAttestationStatementTest.php +++ b/tests/symfony/functional/Attestation/PackedAttestationStatementTest.php @@ -28,7 +28,6 @@ final class PackedAttestationStatementTest extends KernelTestCase #[Test] public function aPackedAttestationWithSelfStatementCanBeVerified(): void { - self::bootKernel(); $publicKeyCredentialCreationOptions = PublicKeyCredentialCreationOptions::create( PublicKeyCredentialRpEntity::create('My Application'), PublicKeyCredentialUserEntity::create( diff --git a/tests/symfony/functional/CompilerPass/CounterCheckerSetterCompilerPassTest.php b/tests/symfony/functional/CompilerPass/CounterCheckerSetterCompilerPassTest.php deleted file mode 100644 index ff92bd807..000000000 --- a/tests/symfony/functional/CompilerPass/CounterCheckerSetterCompilerPassTest.php +++ /dev/null @@ -1,50 +0,0 @@ -setDefinition(AuthenticatorAssertionResponseValidator::class, new Definition()); - - $this->setDefinition('counter_checker', new Definition()); - $this->container->setAlias(CounterChecker::class, 'counter_checker'); - - //When - $this->compile(); - - //Then - $this->assertContainerBuilderHasServiceDefinitionWithMethodCall( - AuthenticatorAssertionResponseValidator::class, - 'setCounterChecker', - [new Reference(CounterChecker::class)] - ); - } - - protected function registerCompilerPass(ContainerBuilder $container): void - { - $container->addCompilerPass( - new CounterCheckerSetterCompilerPass(), - PassConfig::TYPE_BEFORE_OPTIMIZATION, - 0 - ); - } -} diff --git a/tests/symfony/functional/CompilerPass/MetadataStatementSupportCompilerPassTest.php b/tests/symfony/functional/CompilerPass/MetadataStatementSupportCompilerPassTest.php deleted file mode 100644 index b4154c575..000000000 --- a/tests/symfony/functional/CompilerPass/MetadataStatementSupportCompilerPassTest.php +++ /dev/null @@ -1,62 +0,0 @@ -setDefinition(AuthenticatorAttestationResponseValidator::class, new Definition()); - - $this->setDefinition('metadata_statement_repository', new Definition()); - $this->container->setAlias(MetadataStatementRepository::class, 'metadata_statement_repository'); - - $this->setDefinition('certificate_chain_checker', new Definition()); - $this->container->setAlias(CertificateChainValidator::class, 'certificate_chain_checker'); - - $this->setDefinition('status_report_repository', new Definition()); - $this->container->setAlias(StatusReportRepository::class, 'status_report_repository'); - - //When - $this->compile(); - - //Then - $this->assertContainerBuilderHasServiceDefinitionWithMethodCall( - AuthenticatorAttestationResponseValidator::class, - 'enableMetadataStatementSupport', - [ - new Reference(MetadataStatementRepository::class), - new Reference(StatusReportRepository::class), - new Reference(CertificateChainValidator::class), - ] - ); - } - - protected function registerCompilerPass(ContainerBuilder $container): void - { - $container->addCompilerPass( - new MetadataStatementSupportCompilerPass(), - PassConfig::TYPE_BEFORE_OPTIMIZATION, - 0 - ); - } -} diff --git a/tests/symfony/functional/Firewall/RegistrationAreaTest.php b/tests/symfony/functional/Firewall/RegistrationAreaTest.php index 473830a2a..c422b50b8 100644 --- a/tests/symfony/functional/Firewall/RegistrationAreaTest.php +++ b/tests/symfony/functional/Firewall/RegistrationAreaTest.php @@ -33,6 +33,7 @@ public function aRequestWithoutUsernameCanBeProcessed(): void $content = [ 'displayName' => 'FOO', ]; + $client = static::createClient([], [ 'HTTPS' => 'on', ]); diff --git a/tests/symfony/functional/Firewall/SecuredAreaTest.php b/tests/symfony/functional/Firewall/SecuredAreaTest.php index a610edf3f..31125cc39 100644 --- a/tests/symfony/functional/Firewall/SecuredAreaTest.php +++ b/tests/symfony/functional/Firewall/SecuredAreaTest.php @@ -61,7 +61,6 @@ public function aClientCanSubmitUsernameToGetWebauthnOptions(): void public function aUserCannotBeBeAuthenticatedInAbsenceOfOptions(): void { $assertion = '{"id":"eHouz_Zi7-BmByHjJ_tx9h4a1WZsK4IzUmgGjkhyOodPGAyUqUp_B9yUkflXY3yHWsNtsrgCXQ3HjAIFUeZB-w","type":"public-key","rawId":"eHouz/Zi7+BmByHjJ/tx9h4a1WZsK4IzUmgGjkhyOodPGAyUqUp/B9yUkflXY3yHWsNtsrgCXQ3HjAIFUeZB+w==","response":{"authenticatorData":"SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MBAAAAew","clientDataJSON":"eyJjaGFsbGVuZ2UiOiJHMEpiTExuZGVmM2EwSXkzUzJzU1FBOHVPNFNPX3plNkZaTUF1UEk2LXhJIiwiY2xpZW50RXh0ZW5zaW9ucyI6e30sImhhc2hBbGdvcml0aG0iOiJTSEEtMjU2Iiwib3JpZ2luIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6ODQ0MyIsInR5cGUiOiJ3ZWJhdXRobi5nZXQifQ","signature":"MEUCIEY/vcNkbo/LdMTfLa24ZYLlMMVMRd8zXguHBvqud9AJAiEAwCwpZpvcMaqCrwv85w/8RGiZzE+gOM61ffxmgEDeyhM=","userHandle":null}}'; - $client = static::createClient([], [ 'HTTPS' => 'on', ]); diff --git a/tests/symfony/functional/PublicKeyCredentialUserEntityRepository.php b/tests/symfony/functional/PublicKeyCredentialUserEntityRepository.php index 16c0ce271..61ac27aac 100644 --- a/tests/symfony/functional/PublicKeyCredentialUserEntityRepository.php +++ b/tests/symfony/functional/PublicKeyCredentialUserEntityRepository.php @@ -47,11 +47,6 @@ public function findOneByUserHandle(string $userHandle): ?PublicKeyCredentialUse return $item->get(); } - public function generateNextUserEntityId(): string - { - return Ulid::generate(); - } - public function saveUserEntity(PublicKeyCredentialUserEntity $userEntity): void { if (! $userEntity instanceof User) {