fix: json serialize publickey for cache store (#385)

asbiin · web-flow · commit 1b6ad1b719ae · 2022-06-01T13:51:23.000+02:00
diff --git a/src/Services/Webauthn/CreationOptionsFactory.php b/src/Services/Webauthn/CreationOptionsFactory.php
@@ -68,7 +68,7 @@ public function __invoke(User $user): PublicKeyCredentialCreationOptions
             ->setAuthenticatorSelection($this->authenticatorSelectionCriteria)
             ->setAttestation($this->attestationConveyance);
 
-        $this->cache->put($this->cacheKey($user), $publicKey, $this->timeout);
+        $this->cache->put($this->cacheKey($user), $publicKey->jsonSerialize(), $this->timeout);
 
         return $publicKey;
     }
diff --git a/src/Services/Webauthn/CredentialAssertionValidator.php b/src/Services/Webauthn/CredentialAssertionValidator.php
@@ -73,12 +73,12 @@ public function __invoke(User $user, array $data): bool
      */
     protected function pullPublicKey(User $user): PublicKeyCredentialRequestOptions
     {
-        return tap($this->cache->pull($this->cacheKey($user)), function ($publicKey) {
-            if (! $publicKey instanceof PublicKeyCredentialRequestOptions) {
-                Log::debug('Webauthn wrong publickKey type');
-                abort(404);
-            }
-        });
+        try {
+            return PublicKeyCredentialRequestOptions::createFromArray($this->cache->pull($this->cacheKey($user)));
+        } catch (\Exception $e) {
+            Log::debug('Webauthn publickKey deserialize error', ['exception' => $e]);
+            abort(404);
+        }
     }
 
     /**
diff --git a/src/Services/Webauthn/CredentialAttestationValidator.php b/src/Services/Webauthn/CredentialAttestationValidator.php
@@ -70,12 +70,12 @@ public function __invoke(User $user, array $data): PublicKeyCredentialSource
      */
     protected function pullPublicKey(User $user): PublicKeyCredentialCreationOptions
     {
-        return tap($this->cache->pull($this->cacheKey($user)), function ($publicKey) {
-            if (! $publicKey instanceof PublicKeyCredentialCreationOptions) {
-                Log::debug('Webauthn wrong publickKey type');
-                abort(404);
-            }
-        });
+        try {
+            return PublicKeyCredentialCreationOptions::createFromArray($this->cache->pull($this->cacheKey($user)));
+        } catch (\Exception $e) {
+            Log::debug('Webauthn publickKey deserialize error', ['exception' => $e]);
+            abort(404);
+        }
     }
 
     /**
diff --git a/src/Services/Webauthn/RequestOptionsFactory.php b/src/Services/Webauthn/RequestOptionsFactory.php
@@ -45,7 +45,7 @@ public function __invoke(User $user): PublicKeyCredentialRequestOptions
             ->setRpId($this->getRpId())
             ->setUserVerification($this->userVerification);
 
-        $this->cache->put($this->cacheKey($user), $publicKey, $this->timeout);
+        $this->cache->put($this->cacheKey($user), $publicKey->jsonSerialize(), $this->timeout);
 
         return $publicKey;
     }

Original file line number	Diff line number	Diff line change
`@@ -68,7 +68,7 @@ public function __invoke(User $user): PublicKeyCredentialCreationOptions`
`68`	`68`	`->setAuthenticatorSelection($this->authenticatorSelectionCriteria)`
`69`	`69`	`->setAttestation($this->attestationConveyance);`
`70`	`70`
`71`		`- $this->cache->put($this->cacheKey($user), $publicKey, $this->timeout);`
	`71`	`+ $this->cache->put($this->cacheKey($user), $publicKey->jsonSerialize(), $this->timeout);`
`72`	`72`
`73`	`73`	`return $publicKey;`
`74`	`74`	`}`
Original file line number	Diff line number	Diff line change
`@@ -45,7 +45,7 @@ public function __invoke(User $user): PublicKeyCredentialRequestOptions`
`45`	`45`	`->setRpId($this->getRpId())`
`46`	`46`	`->setUserVerification($this->userVerification);`
`47`	`47`
`48`		`- $this->cache->put($this->cacheKey($user), $publicKey, $this->timeout);`
	`48`	`+ $this->cache->put($this->cacheKey($user), $publicKey->jsonSerialize(), $this->timeout);`
`49`	`49`
`50`	`50`	`return $publicKey;`
`51`	`51`	`}`