Server IP : 104.21.14.103 / Your IP : 3.149.26.27 Web Server : LiteSpeed System : Linux business53.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64 User : giankuin ( 1871) PHP Version : 7.4.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /home/giankuin/dietcontrungnhanh.com/wp-content/plugins/ithemes-security-pro/pro/webauthn/DTO/ |
Upload File : |
<?php namespace iThemesSecurity\WebAuthn\DTO; use iThemesSecurity\Strauss\Assert\Assert; final class PublicKeyCredentialRequestOptions implements \JsonSerializable { /** * This member specifies a challenge that the authenticator signs, * along with other data, when producing an authentication assertion. * * @var BinaryString */ protected $challenge; /** * This OPTIONAL member specifies the RP ID claimed by the Relying Party. * The client MUST verify that the Relying Party's origin matches the * scope of this RP ID. * * @var string */ protected $rpId; /** * This OPTIONAL member is used by the client to find authenticators * eligible for this authentication ceremony. The list is ordered in * descending order of preference: the first item in the list is the * most preferred credential, and the last is the least preferred. * * It can be used in two ways: * * If the user account to authenticate is already identified * (e.g., if the user has entered a username), then the Relying Party * SHOULD use this member to list the credentials registered to the * user account. This SHOULD usually include all the user account’s credentials. * * If the user account to authenticate is not already identified, then the * Relying Party MAY leave this member empty or unspecified. In this case, * only discoverable credentials will be utilized in this authentication * ceremony, and the user account MAY be identified by the userHandle of * the resulting AuthenticatorAssertionResponse. * * Note: Older implementations require allowCredentials to be present. * For instance Yubikeys and Google Chrome. * * @var PublicKeyCredentialDescriptor[] */ protected $allowCredentials; /** * This OPTIONAL member specifies the Relying Party's requirements regarding * user verification for the get() operation. The value SHOULD be a member * of {@see UserVerificationRequirement}. * * @var string */ protected $userVerification; public function __construct( BinaryString $challenge, string $rpId, array $allowCredentials = [], string $userVerification = UserVerificationRequirement::PREFERRED ) { Assert::that( $userVerification )->choice( UserVerificationRequirement::ALL, 'userVerification "%s" is not an element of the valid values: %s' ); $this->challenge = $challenge; $this->rpId = $rpId; $this->allowCredentials = $allowCredentials; $this->userVerification = $userVerification; } public static function hydrate( array $data ): self { Assert::that( $data, 'PublicKeyCredentialRequestOptions hydration does not contain "%s".' ) ->keyExists( 'challenge' ) ->keyExists( 'rpId' ) ->keyExists( 'allowCredentials' ) ->keyExists( 'userVerification' ); Assert::that( $data['allowCredentials'] ) ->isArray( 'allowCredentials "%s" is not an array.' ); Assert::thatAll( $data['allowCredentials'] ) ->isArray( 'allowCredentials item "%s" is not an array.' ); return new self( BinaryString::from_ascii( $data['challenge'] ), $data['rpId'], array_map( [ PublicKeyCredentialDescriptor::class, 'hydrate' ], $data['allowCredentials'] ), $data['userVerification'] ); } public function get_challenge(): BinaryString { return $this->challenge; } public function get_rp_id(): string { return $this->rpId; } /** @return PublicKeyCredentialDescriptor[] */ public function get_allowed_credentials(): array { return $this->allowCredentials; } public function get_user_verification(): string { return $this->userVerification; } public function jsonSerialize(): array { return \ITSEC_Lib::recursively_json_serialize( get_object_vars( $this ) ); } }