156 lines
5.2 KiB
PHP
156 lines
5.2 KiB
PHP
<?php
|
|
|
|
/*
|
|
* This file is part of EC-CUBE
|
|
*
|
|
* Copyright(c) EC-CUBE CO.,LTD. All Rights Reserved.
|
|
*
|
|
* http://www.ec-cube.co.jp/
|
|
*
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Plugin\Passkeys\Controller;
|
|
|
|
use Eccube\Controller\AbstractController;
|
|
use Eccube\Entity\Customer;
|
|
use Eccube\Repository\CustomerRepository;
|
|
use Plugin\Passkeys\Form\Type\PasskeysAuthTypeCustomer;
|
|
use Plugin\Passkeys\Service\CustomerPasskeysAuthService;
|
|
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
use Symfony\Component\Routing\Annotation\Route;
|
|
use Twig\Environment;
|
|
|
|
class PasskeysAuthCustomerController extends AbstractController
|
|
{
|
|
/**
|
|
* @var CustomerRepository
|
|
*/
|
|
protected CustomerRepository $customerRepository;
|
|
|
|
/**
|
|
* @var CustomerPasskeysAuthService
|
|
*/
|
|
protected CustomerPasskeysAuthService $customerPasskeysAuthService;
|
|
/**
|
|
* @var Environment
|
|
*/
|
|
protected Environment $twig;
|
|
|
|
/**
|
|
* PasskeysAuthCustomerController constructor.
|
|
*
|
|
* @param CustomerRepository $customerRepository ,
|
|
* @param CustomerPasskeysAuthService $customerPasskeysAuthService ,
|
|
* @param Environment $twig
|
|
*/
|
|
public function __construct(
|
|
CustomerRepository $customerRepository,
|
|
CustomerPasskeysAuthService $customerPasskeysAuthService,
|
|
Environment $twig
|
|
) {
|
|
$this->customerRepository = $customerRepository;
|
|
$this->customerPasskeysAuthService = $customerPasskeysAuthService;
|
|
$this->twig = $twig;
|
|
}
|
|
|
|
/**
|
|
* Passkey authentication page.
|
|
*
|
|
* @Route("/passkeys", name="plg_customer_passkey_page", methods={"GET", "POST"})
|
|
* @Template("Passkeys/Resource/template/default/passkey.twig")
|
|
*/
|
|
public function passkeyAuth(Request $request)
|
|
{
|
|
//log_info('Passkey authentication page1.');
|
|
if ($this->isPasskeysAuthed()) {
|
|
return $this->redirectToRoute($this->getCallbackRoute());
|
|
}
|
|
|
|
//log_info('Passkey authentication page2.');
|
|
|
|
/** @var Customer $Customer */
|
|
$Customer = $this->getUser();
|
|
|
|
$error = null;
|
|
|
|
if ('POST' === $request->getMethod()) {
|
|
$mode = $request->get('mode');
|
|
switch ($mode) {
|
|
case 'login_succ':
|
|
$rp = $request->get('rp');
|
|
$session = $request->get('pk_session');
|
|
log_info('Passkey authentication Post2.'.$rp."|".$session);
|
|
if($session != null){
|
|
//Check session is valid
|
|
$session_valid = $this->customerPasskeysAuthService->checkSession($session, $rp);
|
|
|
|
if($session_valid){
|
|
log_info('Passkey authentication Post3. sesson valid:'.$session);
|
|
$response = $this->redirectToRoute($this->getCallbackRoute());
|
|
$response->headers->setCookie(
|
|
$this->customerPasskeysAuthService->createAuthedCookie(
|
|
$Customer,
|
|
$this->getCallbackRoute()
|
|
));
|
|
return $response;
|
|
}
|
|
}
|
|
|
|
break;
|
|
case 'no_webauthn'://TODO: Add config(force logout or pass as current process) on shop config page for this case
|
|
log_info('Browser without webauthn support, pass to success page.');
|
|
$response = $this->redirectToRoute($this->getCallbackRoute());
|
|
$response->headers->setCookie(
|
|
$this->customerPasskeysAuthService->createAuthedCookie(
|
|
$Customer,
|
|
$this->getCallbackRoute()
|
|
));
|
|
return $response;
|
|
break;
|
|
default:
|
|
log_info('Unknown mode:'.$mode);
|
|
break;
|
|
}
|
|
}
|
|
|
|
log_info('Passkey authentication page3:'.$this->getCallbackRoute());
|
|
return [
|
|
//'form' => $form->createView(),
|
|
'Customer' => $Customer,
|
|
'error' => $error,
|
|
'succ_route' => $this->getCallbackRoute(),
|
|
];
|
|
}
|
|
|
|
/**
|
|
* 認証済みか否か.
|
|
*
|
|
* @return boolean
|
|
*/
|
|
protected function isPasskeysAuthed(): bool
|
|
{
|
|
/** @var Customer $Customer */
|
|
$Customer = $this->getUser();
|
|
if ($Customer != null && !$this->customerPasskeysAuthService->isAuthed($Customer, $this->getCallbackRoute())) {
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* コールバックルートの取得.
|
|
*
|
|
* @return string
|
|
*/
|
|
protected function getCallbackRoute(): string
|
|
{
|
|
$route = $this->session->get(CustomerPasskeysAuthService::SESSION_CALL_BACK_URL);
|
|
log_info('Passkey getCallbackRoute:'.$route);
|
|
return ($route != null) ? $route : 'mypage';
|
|
}
|
|
}
|