diff --git a/src/CredentialRepository.php b/src/CredentialRepository.php index 095da01..a4439a8 100644 --- a/src/CredentialRepository.php +++ b/src/CredentialRepository.php @@ -110,7 +110,7 @@ public function findAllForUserEntity(PublicKeyCredentialUserEntity $publicKeyCre return array_map(function ($credentialComposite) { return $credentialComposite['source']; - }, $this->credentials); + }, $this->credentials ?? []); } public function saveCredentialSource(PublicKeyCredentialSource $publicKeyCredentialSource): void @@ -156,7 +156,7 @@ protected function setCredentials(array $credentials): void $this->credentials = array_map(function ($data) { $data['source'] = PublicKeyCredentialSource::createFromArray($data['source']); return $data; - }, $credentials); + }, $credentials ?? []); } /** @@ -167,7 +167,7 @@ protected function setCredentials(array $credentials): void */ protected function getCredentialIDRef(string $credentialID): string { - return base64_encode($credentialID); + return base64_encode($credentialID ?? ''); } /** @@ -230,6 +230,6 @@ public function serialize() */ public function unserialize($serialized) { - $this->__unserialize(json_decode($serialized, true)); + $this->__unserialize(json_decode($serialized ?? '', true)); } } diff --git a/src/CredentialRepositoryProviderTrait.php b/src/CredentialRepositoryProviderTrait.php index 27544a2..b9d4d4b 100644 --- a/src/CredentialRepositoryProviderTrait.php +++ b/src/CredentialRepositoryProviderTrait.php @@ -39,7 +39,7 @@ protected function getCredentialRepository( if ($registeredMethod) { $credentialRepository = CredentialRepository::fromArray( - (array) json_decode($registeredMethod->Data, true), + (array) json_decode($registeredMethod->Data ?? '', true), (string) $member->ID ); } else { diff --git a/src/RegisterHandler.php b/src/RegisterHandler.php index e1c8013..573e5d4 100644 --- a/src/RegisterHandler.php +++ b/src/RegisterHandler.php @@ -120,7 +120,7 @@ public function register(HTTPRequest $request, StoreInterface $store): Result $attestationStatementSupportManager = $this->getAttestationStatementSupportManager($decoder); $attestationObjectLoader = $this->getAttestationObjectLoader($attestationStatementSupportManager, $decoder); $publicKeyCredentialLoader = $this->getPublicKeyCredentialLoader($attestationObjectLoader, $decoder); - $publicKeyCredential = $publicKeyCredentialLoader->load(base64_decode($data['credentials'])); + $publicKeyCredential = $publicKeyCredentialLoader->load(base64_decode($data['credentials'] ?? '')); $response = $publicKeyCredential->getResponse(); if (!$response instanceof AuthenticatorAttestationResponse) { @@ -226,7 +226,7 @@ protected function getRelyingPartyEntity(): PublicKeyCredentialRpEntity { // Relying party entity ONLY allows domains or subdomains. Remove ports or anything else that isn't already. // See https://github.com/web-auth/webauthn-framework/blob/v1.2.2/doc/webauthn/PublicKeyCredentialCreation.md#relying-party-entity - $host = parse_url(Director::host(), PHP_URL_HOST); + $host = parse_url(Director::host() ?? '', PHP_URL_HOST); return new PublicKeyCredentialRpEntity( (string) SiteConfig::current_site_config()->Title, diff --git a/src/VerifyHandler.php b/src/VerifyHandler.php index 76ac47a..98167da 100644 --- a/src/VerifyHandler.php +++ b/src/VerifyHandler.php @@ -95,7 +95,7 @@ public function verify(HTTPRequest $request, StoreInterface $store, RegisteredMe $attestationObjectLoader = $this->getAttestationObjectLoader($attestationStatementSupportManager, $decoder); $publicKeyCredential = $this ->getPublicKeyCredentialLoader($attestationObjectLoader, $decoder) - ->load(base64_decode($data['credentials'])); + ->load(base64_decode($data['credentials'] ?? '')); $response = $publicKeyCredential->getResponse(); if (!$response instanceof AuthenticatorAssertionResponse) { @@ -154,13 +154,13 @@ protected function getCredentialRequestOptions( $validCredentials = $this->getCredentialRepository($store, $registeredMethod) ->findAllForUserEntity($this->getUserEntity($store->getMember())); - if (!count($validCredentials)) { + if (!count($validCredentials ?? [])) { throw new AuthenticationFailedException('User does not appear to have any credentials loaded for webauthn'); } $descriptors = array_map(function (PublicKeyCredentialSource $source) { return $source->getPublicKeyCredentialDescriptor(); - }, $validCredentials); + }, $validCredentials ?? []); $options = new PublicKeyCredentialRequestOptions(random_bytes(32), 40000); $options->allowCredentials($descriptors);