| Server IP : 54.36.91.62 / Your IP : 216.73.217.112 Web Server : Apache System : Linux webm013.cluster127.gra.hosting.ovh.net 5.15.206-ovh-vps-grsec-zfs-classid #1 SMP Fri May 15 02:41:25 UTC 2026 x86_64 User : coopiak ( 151928) PHP Version : 8.3.23 Disable Function : _dyuweyrj4,_dyuweyrj4r,dl MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /home/coopiak/amisdesseniors-fr/plugins/system/webauthn/src/PluginTraits/ |
Upload File : |
<?php
/**
* @package Joomla.Plugin
* @subpackage System.Webauthn
*
* @copyright (C) 2020 Open Source Matters, Inc. <https://www.joomla.org>
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
namespace Joomla\Plugin\System\Webauthn\PluginTraits;
use Joomla\CMS\Event\Plugin\System\Webauthn\AjaxChallenge;
use Joomla\CMS\Factory;
use Joomla\CMS\Uri\Uri;
use Joomla\CMS\User\User;
use Joomla\CMS\User\UserFactoryInterface;
use Joomla\CMS\User\UserHelper;
// phpcs:disable PSR1.Files.SideEffects
\defined('_JEXEC') or die;
// phpcs:enable PSR1.Files.SideEffects
/**
* Ajax handler for akaction=challenge
*
* Generates the public key and challenge which is used by the browser when logging in with Webauthn. This is the bit
* which prevents tampering with the login process and replay attacks.
*
* @since 4.0.0
*/
trait AjaxHandlerChallenge
{
/**
* Returns the public key set for the user and a unique challenge in a Public Key Credential Request encoded as
* JSON.
*
* @param AjaxChallenge $event The event we are handling
*
* @return void
*
* @throws \Exception
* @since 4.0.0
*/
public function onAjaxWebauthnChallenge(AjaxChallenge $event): void
{
// Initialize objects
$session = $this->getApplication()->getSession();
$input = $this->getApplication()->getInput();
// Load plugin language files
$this->loadLanguage();
// Retrieve data from the request
$username = $input->getUsername('username', '');
$returnUrl = base64_encode(
$session->get('plg_system_webauthn.returnUrl', Uri::current())
);
$returnUrl = $input->getBase64('returnUrl', $returnUrl);
$returnUrl = base64_decode($returnUrl);
// For security reasons the post-login redirection URL must be internal to the site.
if (!Uri::isInternal($returnUrl)) {
// If the URL wasn't internal redirect to the site's root.
$returnUrl = Uri::base();
}
$session->set('plg_system_webauthn.returnUrl', $returnUrl);
// Do I have a username?
if (empty($username)) {
$event->addResult(false);
return;
}
// Is the username valid?
try {
$userId = UserHelper::getUserId($username);
} catch (\Exception $e) {
$userId = 0;
}
if ($userId <= 0) {
$event->addResult(false);
return;
}
try {
$myUser = Factory::getContainer()->get(UserFactoryInterface::class)->loadUserById($userId);
} catch (\Exception) {
$myUser = new User();
}
if ($myUser->id != $userId || $myUser->guest) {
$event->addResult(false);
return;
}
$publicKeyCredentialRequestOptions = $this->authenticationHelper->getPubkeyRequestOptions($myUser);
$session->set('plg_system_webauthn.userId', $userId);
// Return the JSON encoded data to the caller
$event->addResult(json_encode($publicKeyCredentialRequestOptions, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE));
}
}