/**
* @expectedException u2flib_server\Error
* @expectedExceptionCode u2flib_server\ERR_BAD_UA_RETURNING
*/
public function testDoAuthenticateUAError()
{
$reqs = array(json_decode('{"version":"U2F_V2","challenge":"fEnc9oV79EaBgK5BoNERU5gPKM2XGYWrz4fUjgc0Q7g","keyHandle":"CTUayZo8hCBeC-sGQJChC0wW-bBg99bmOlGCgw8XGq4dLsxO3yWh9mRYArZxocP5hBB1pEGB3bbJYiM-5acc5w","appId":"http://demo.example.com"}'));
$regs = array(json_decode('{"keyHandle":"CTUayZo8hCBeC-sGQJChC0wW-bBg99bmOlGCgw8XGq4dLsxO3yWh9mRYArZxocP5hBB1pEGB3bbJYiM-5acc5w","publicKey":"BC0SaFZWC9uH7wamOwduP93kUH2I2hEvyY0Srfj4A258pZSlV0iPoFIH+bd4yhncaqdoPLdEDl5Y\\/yaFORPUe3c=","certificate":"MIIC4jCBywIBATANBgkqhkiG9w0BAQsFADAdMRswGQYDVQQDExJZdWJpY28gVTJGIFRlc3QgQ0EwHhcNMTQwNTE1MTI1ODU0WhcNMTQwNjE0MTI1ODU0WjAdMRswGQYDVQQDExJZdWJpY28gVTJGIFRlc3QgRUUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATbCtv1IcdczmPcpuHoJQYNlOYnVBlPnSSvJhq+rZlEH5WjcZEKOiDnPpFeE+i+OAV61XqjfnaQj6\\/iipS2MOudMA0GCSqGSIb3DQEBCwUAA4ICAQCVQGtQYX2thKO064gP4zAPLaIKANklBO5y+mffWFEPC0cCnD5BKUqTrCmFiS2keoEyKFdxAe+oQogWljeR1d\\/gj8k8jbDNiXCC7HnTxnhzKTLlq2y9Vp\\/VRZHOwd2NZNzpnB9ePNKvUaWCGK\\/gN+cynnYFdwJ75iSgMVYb\\/RnFcdPwnsBzBU68hbhTnu\\/FvJxWo7rZJ2q7qXpA10eLVXJr4\\/4oSXEk9I\\/0IIHqOP98Ck\\/fAoI5gYI7ygndyqoPJ\\/Wkg1VsmjmbFToWY9xb+axbvPefvg+KojwxE6MySMpYh\\/h7oKEKamCWk19dJp5jHQmumkHlvQhH\\/uUJmyD9EuLmQH+6SmEzZg0Oc9uw1aKamhcNNDCFakJGnv80j1+HbDXnqE0168FBqorS2hmqeaJfNSyg\\/SXT950lGC36tLy7BzQ8jYG99Ok32znp0UVbIEEvLSci3JJ0ipLVg\\/0J+xOb4zl6a1z65nae4OTj7628\\/UJFmtSU0X6Np9gF1dNizxXPlH0fW1ggRCCQcb5m6ZqrdDJwUx1p7Ydm9AlPyiUwwmN5ADyxmzk\\/AOCoiO96UVvnvUlk2kF7JMNxIv3R0SCzP5fTl7KqGByeA3d7W375o6DWIIEsOI+dJd7pyPXdakecZQRaVubC6\\/ICl+G52OEkdp8jYjkDS8j3NAdJ1udNmg==", "counter":3}'));
$resp = json_decode('{"errorCode": "5"}');
$this->u2f->doAuthenticate($reqs, $regs, $resp);
}
/**
* Validates the users input token.
*
* @since 0.1-dev
*
* @param WP_User $user WP_User object of the logged-in user.
* @return boolean
*/
public function validate_authentication($user)
{
$requests = get_user_meta($user->ID, self::AUTH_DATA_USER_META_KEY, true);
$response = json_decode(stripslashes($_REQUEST['u2f_response']));
$keys = self::get_security_keys($user->ID);
try {
$reg = self::$u2f->doAuthenticate($requests, $keys, $response);
$reg->last_used = current_time('timestamp');
self::update_security_key($user->ID, $reg);
return true;
} catch (Exception $e) {
return false;
}
}
var req = document.getElementById('request');
var regs = document.getElementById('registrations');
console.log("Authenticate callback", data);
reg.value=JSON.stringify(data);
req.value=JSON.stringify(request);
regs.value=JSON.stringify(registrations);
form.submit();
});
}, 1000);
<?php
} else {
if ($_POST['doAuthenticate']) {
$reqs = json_decode($_POST['request']);
$regs = json_decode($_POST['registrations']);
try {
$data = $u2f->doAuthenticate($reqs, $regs, json_decode($_POST['doAuthenticate']));
echo "var registration = '" . json_encode($data) . "';\n";
echo "addRegistration(registration);\n";
echo "alert('Authentication successful, counter:" . $data->counter . "');\n";
} catch (u2flib_server\Error $e) {
echo "alert('error:" . $e->getMessage() . "');\n";
}
}
}
}
}
}
?>
</script>
</head>
break;
}
} else {
if ($_POST['register2']) {
try {
$reg = $u2f->doRegister(json_decode($_SESSION['regReq']), json_decode($_POST['register2']));
addReg($user->id, $reg);
} catch (Exception $e) {
echo "alert('error: " . $e->getMessage() . "');";
} finally {
$_SESSION['regReq'] = null;
}
} else {
if ($_POST['authenticate2']) {
try {
$reg = $u2f->doAuthenticate(json_decode($_SESSION['authReq']), getRegs($user->id), json_decode($_POST['authenticate2']));
updateReg($reg);
echo "alert('success: " . $reg->counter . "');";
} catch (Exception $e) {
echo "alert('error: " . $e->getMessage() . "');";
} finally {
$_SESSION['authReq'] = null;
}
}
}
}
}
}
}
?>
</script>
if (array_key_exists('r', $options)) {
$mode = "register";
} elseif (array_key_exists('a', $options)) {
if (!array_key_exists('R', $options)) {
print "a registration must be supplied with -R";
exit(1);
}
$regs = json_decode('[' . $options['R'] . ']');
$mode = "authenticate";
} else {
print "-r or -a must be used\n";
exit(1);
}
if (!array_key_exists('o', $options)) {
print "origin must be supplied with -o\n";
exit(1);
}
$u2f = new u2flib_server\U2F($options['o']);
if ($mode === "register") {
$challenge = $u2f->getRegisterData();
} elseif ($mode === "authenticate") {
$challenge = $u2f->getAuthenticateData($regs);
}
print json_encode($challenge[0]) . "\n";
$response = fgets(STDIN);
if ($mode === "register") {
$result = $u2f->doRegister($challenge[0], json_decode($response));
} elseif ($mode === "authenticate") {
$result = $u2f->doAuthenticate($challenge, $regs, json_decode($response));
}
print json_encode($result) . "\n";
