From c14a23dfb0e0aa4b17945cdeb1cb6bf5adb91d53 Mon Sep 17 00:00:00 2001 From: Florent Morselli Date: Mon, 8 Apr 2024 12:04:23 +0200 Subject: [PATCH] Refactor authenticator response identification logic The logic for identifying the type of Authenticator Response has been simplified. Instead of checking for multiple array keys in a data object, we now simply check for the presence of either 'attestationObject' or 'signature'. This refactoring leads to cleaner and more maintainable code. --- .../Denormalizer/AuthenticatorResponseDenormalizer.php | 10 ++-------- src/webauthn/src/PublicKeyCredentialLoader.php | 6 +++--- 2 files changed, 5 insertions(+), 11 deletions(-) diff --git a/src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php b/src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php index 48a7cccda..6a47309d5 100644 --- a/src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php +++ b/src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php @@ -20,14 +20,8 @@ final class AuthenticatorResponseDenormalizer implements DenormalizerInterface, public function denormalize(mixed $data, string $type, string $format = null, array $context = []): mixed { $realType = match (true) { - array_key_exists('attestationObject', $data) && ! array_key_exists( - 'signature', - $data - ) => AuthenticatorAttestationResponse::class, - array_key_exists('authenticatorData', $data) && array_key_exists( - 'signature', - $data - ) => AuthenticatorAssertionResponse::class, + array_key_exists('attestationObject', $data) => AuthenticatorAttestationResponse::class, + array_key_exists('signature', $data) => AuthenticatorAssertionResponse::class, default => throw InvalidDataException::create($data, 'Unable to create the response object'), }; diff --git a/src/webauthn/src/PublicKeyCredentialLoader.php b/src/webauthn/src/PublicKeyCredentialLoader.php index 688ac462c..19861c1a7 100644 --- a/src/webauthn/src/PublicKeyCredentialLoader.php +++ b/src/webauthn/src/PublicKeyCredentialLoader.php @@ -153,15 +153,15 @@ private function createResponse(array $response): AuthenticatorResponse return $this->serializer->deserialize($response, AuthenticatorResponse::class, 'json'); } switch (true) { - case ! array_key_exists('authenticatorData', $response) && ! array_key_exists('signature', $response): + case array_key_exists('attestationObject', $response): $attestationObject = $this->attestationObjectLoader->load($response['attestationObject']); return AuthenticatorAttestationResponse::create(CollectedClientData::createFormJson( $response['clientDataJSON'] ), $attestationObject, $transports); - case array_key_exists('authenticatorData', $response) && array_key_exists('signature', $response): + case array_key_exists('signature', $response): $authDataLoader = AuthenticatorDataLoader::create(); - $authData = Base64UrlSafe::decodeNoPadding($response['authenticatorData']); + $authData = Base64UrlSafe::decodeNoPadding($response['authenticatorData'] ?? ''); $authenticatorData = $authDataLoader->load($authData); try {