feat: Add support to Laravel 9.x, and remove Laravel 7.x and 8.x (#377)

Author: asbiin

.github/workflows/static.yml

@@ -5,39 +5,39 @@ on:
     types: [opened, synchronize, reopened]
 
 jobs:
-  psalm:
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        php-version: ['8.1']
+#   psalm:
+#     runs-on: ubuntu-latest
+#     strategy:
+#       matrix:
+#         php-version: ['8.1']
 
-    steps:
-      - name: Checkout sources
-        uses: actions/checkout@v3
+#     steps:
+#       - name: Checkout sources
+#         uses: actions/checkout@v3
 
-      - name: Setup PHP ${{ matrix.php-version }}
-        uses: shivammathur/setup-php@v2
-        with:
-          php-version: ${{ matrix.php-version }}
+#       - name: Setup PHP ${{ matrix.php-version }}
+#         uses: shivammathur/setup-php@v2
+#         with:
+#           php-version: ${{ matrix.php-version }}
 
-      - name: Get Composer Cache Directory
-        id: composer-cache
-        run: echo "::set-output name=dir::$(composer config cache-files-dir)"
-      - name: Cache composer files
-        uses: actions/cache@v2.1.7
-        with:
-          path: ${{ steps.composer-cache.outputs.dir }}
-          key: ${{ runner.os }}-composer-v4-${{ hashFiles('**/composer.json') }}-${{ matrix.php-version }}
-          restore-keys: |
-            ${{ runner.os }}-composer-v4-${{ hashFiles('**/composer.json') }}-${{ matrix.php-version }}
-            ${{ runner.os }}-composer-v4-${{ hashFiles('**/composer.json') }}
-            ${{ runner.os }}-composer-v4-
+#       - name: Get Composer Cache Directory
+#         id: composer-cache
+#         run: echo "::set-output name=dir::$(composer config cache-files-dir)"
+#       - name: Cache composer files
+#         uses: actions/cache@v3
+#         with:
+#           path: ${{ steps.composer-cache.outputs.dir }}
+#           key: ${{ runner.os }}-composer-v4-${{ hashFiles('**/composer.json') }}-${{ matrix.php-version }}
+#           restore-keys: |
+#             ${{ runner.os }}-composer-v4-${{ hashFiles('**/composer.json') }}-${{ matrix.php-version }}
+#             ${{ runner.os }}-composer-v4-${{ hashFiles('**/composer.json') }}
+#             ${{ runner.os }}-composer-v4-
 
-      - name: Install dependencies
-        run: composer install --no-progress --no-interaction --prefer-dist --optimize-autoloader
+#       - name: Install dependencies
+#         run: composer install --no-progress --no-interaction --prefer-dist --optimize-autoloader
 
-      - name: Run psalm
-        run: vendor/bin/psalm --output-format=github
+#       - name: Run psalm
+#         run: vendor/bin/psalm --output-format=github
 
 
   phpstan:
@@ -59,7 +59,7 @@ jobs:
         id: composer-cache
         run: echo "::set-output name=dir::$(composer config cache-files-dir)"
       - name: Cache composer files
-        uses: actions/cache@v2.1.7
+        uses: actions/cache@v3
         with:
           path: ${{ steps.composer-cache.outputs.dir }}
           key: ${{ runner.os }}-composer-v4-${{ hashFiles('**/composer.json') }}-${{ matrix.php-version }}

.github/workflows/tests.yml

@@ -17,7 +17,7 @@ on:
 
 env:
   default-php-version: '8.1'
-  default-laravel-version: '8.*'
+  default-laravel-version: '9.*'
   semantic-node-version: 16
 
 jobs:
@@ -29,14 +29,14 @@ jobs:
       fail-fast: false
       matrix:
         php-version: ['8.1']
-        laravel-version: [8.*]
+        laravel-version: [9.*]
         psr7: ['guzzle']
         include:
           - php-version: '8.1'
-            laravel-version: '8.*'
+            laravel-version: '9.*'
             psr7: 'nyholm'
           - php-version: '8.1'
-            laravel-version: '8.*'
+            laravel-version: '9.*'
             psr7: 'discovery'
 
     steps:
@@ -63,7 +63,7 @@ jobs:
         id: composer-cache
         run: echo "::set-output name=dir::$(composer config cache-files-dir)"
       - name: Cache composer files
-        uses: actions/cache@v2.1.7
+        uses: actions/cache@v3
         with:
           path: ${{ steps.composer-cache.outputs.dir }}
           key: ${{ runner.os }}-composer-v4-${{ hashFiles('**/composer.json') }}-${{ matrix.php-version }}-${{ matrix.laravel-version }}
@@ -105,7 +105,7 @@ jobs:
 
       - name: Store results
         if: matrix.php-version == env.default-php-version && matrix.laravel-version == env.default-laravel-version
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: results
           path: results
@@ -128,7 +128,7 @@ jobs:
           fetch-depth: 0
 
       - name: Download results
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v3
         with:
           name: results
           path: results
@@ -189,7 +189,7 @@ jobs:
 
       - name: Store changelog file
         if: steps.semantic.outputs.new_release_published == 'true'
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: changelog
           path: CHANGELOG.md

README.md

@@ -435,7 +435,8 @@ This package has the following Laravel compatibility:
 | Laravel  | [asbiin/laravel-webauthn](https://github.com/asbiin/laravel-webauthn) |
 |----------|----------|
 | 5.8-8.x  | <= 1.2.0 |
-| 7.x-8.x  | >= 2.0.0 |
+| 7.x-8.x  | 2.0.1 |
+| 9.x  | >= 3.0.0 |
 
 ## Browser compatibility
 

composer.json

@@ -21,27 +21,25 @@
     ],
     "require": {
         "php": ">=8.1",
-        "illuminate/support": "^7.0 || ^8.0",
+        "illuminate/support": "^9.0",
         "psr/http-factory-implementation": "1.0",
-        "thecodingmachine/safe": "^1.0",
-        "web-auth/cose-lib": "^3.0",
-        "web-auth/webauthn-lib": "^3.0",
-        "web-token/jwt-signature": "^1.3 || ^2.0"
+        "thecodingmachine/safe": "^2.0",
+        "web-auth/cose-lib": "^4.0",
+        "web-auth/webauthn-lib": "^4.0",
+        "web-token/jwt-signature": "^3.0"
     },
     "require-dev": {
         "ext-sqlite3": "*",
         "guzzlehttp/psr7": "^2.1",
         "laravel/legacy-factories": "^1.0",
-        "nunomaduro/larastan": "^1.0",
-        "ocramius/package-versions": "^1.5 || ^2.0",
-        "orchestra/testbench": "^5.0 || ^6.0",
+        "nunomaduro/larastan": "^2.0",
+        "ocramius/package-versions": "^2.0",
+        "orchestra/testbench": "^7.0",
         "phpstan/phpstan-deprecation-rules": "^1.0",
         "phpstan/phpstan-phpunit": "^1.0",
         "phpstan/phpstan-strict-rules": "^1.0",
         "phpunit/phpunit": "^9.0",
-        "psalm/plugin-laravel": "^1.4",
-        "thecodingmachine/phpstan-safe-rule": "^1.0",
-        "vimeo/psalm": "^4.0"
+        "thecodingmachine/phpstan-safe-rule": "^1.0"
     },
     "suggest": {
         "guzzlehttp/psr7": "To provide a psr/http-factory-implementation implementation",

src/Auth/EloquentWebAuthnProvider.php

@@ -9,6 +9,8 @@
 use Illuminate\Database\Eloquent\ModelNotFoundException;
 use LaravelWebauthn\Facades\Webauthn;
 use LaravelWebauthn\Services\Webauthn\CredentialAssertionValidator;
+use ParagonIE\ConstantTime\Base64UrlSafe;
+use Webauthn\Util\Base64;
 
 class EloquentWebAuthnProvider extends EloquentUserProvider
 {
@@ -53,7 +55,7 @@ public function retrieveByCredentials(array $credentials)
         if ($this->isSignedChallenge($credentials)) {
             try {
                 $webauthnKey = (Webauthn::model())::where([
-                    'credentialId' => $credentials['id'],
+                    'credentialId' => Base64UrlSafe::encode(Base64::decode($credentials['id'])),
                 ])->firstOrFail();
 
                 return $this->retrieveById($webauthnKey->user_id);

src/Http/Responses/LockoutResponse.php

@@ -36,15 +36,14 @@ public function __construct(LoginRateLimiter $limiter)
      */
     public function toResponse($request)
     {
-        return with($this->limiter->availableIn($request), function ($seconds) {
-            throw ValidationException::withMessages([
-                Webauthn::username() => [
-                    trans('auth.throttle', [
-                        'seconds' => $seconds,
-                        'minutes' => ceil($seconds / 60),
-                    ]),
-                ],
-            ])->status(Response::HTTP_TOO_MANY_REQUESTS);
-        });
+        $seconds = $this->limiter->availableIn($request);
+        throw ValidationException::withMessages([
+            Webauthn::username() => [
+                trans('auth.throttle', [
+                    'seconds' => $seconds,
+                    'minutes' => ceil($seconds / 60),
+                ]),
+            ],
+        ])->status(Response::HTTP_TOO_MANY_REQUESTS);
     }
 }

src/Models/Casts/Base64.php

@@ -2,8 +2,9 @@
 
 namespace LaravelWebauthn\Models\Casts;
 
-use Base64Url\Base64Url;
 use Illuminate\Contracts\Database\Eloquent\CastsAttributes;
+use ParagonIE\ConstantTime\Base64UrlSafe;
+use Webauthn\Util\Base64 as Base64Webauthn;
 
 class Base64 implements CastsAttributes
 {
@@ -18,7 +19,7 @@ class Base64 implements CastsAttributes
      */
     public function get($model, $key, $value, $attributes): ?string
     {
-        return $value !== null ? Base64Url::decode($value) : null;
+        return $value !== null ? Base64Webauthn::decode($value) : null;
     }
 
     /**
@@ -32,6 +33,6 @@ public function get($model, $key, $value, $attributes): ?string
      */
     public function set($model, $key, $value, $attributes): ?string
     {
-        return $value !== null ? Base64Url::encode($value) : null;
+        return $value !== null ? Base64UrlSafe::encode($value) : null;
     }
 }

src/Models/Casts/Uuid.php

@@ -3,8 +3,8 @@
 namespace LaravelWebauthn\Models\Casts;
 
 use Illuminate\Contracts\Database\Eloquent\CastsAttributes;
-use Ramsey\Uuid\Uuid as UuidConvert;
-use Ramsey\Uuid\UuidInterface;
+use Symfony\Component\Uid\AbstractUid;
+use Symfony\Component\Uid\Uuid as UuidConvert;
 
 class Uuid implements CastsAttributes
 {
@@ -15,9 +15,9 @@ class Uuid implements CastsAttributes
      * @param  string  $key
      * @param  mixed  $value
      * @param  array  $attributes
-     * @return \Ramsey\Uuid\UuidInterface|null
+     * @return \Symfony\Component\Uid\AbstractUid|null
      */
-    public function get($model, $key, $value, $attributes): ?UuidInterface
+    public function get($model, $key, $value, $attributes): ?AbstractUid
     {
         if ($value !== null && UuidConvert::isValid($value)) {
             return UuidConvert::fromString($value);
@@ -37,6 +37,6 @@ public function get($model, $key, $value, $attributes): ?UuidInterface
      */
     public function set($model, $key, $value, $attributes): ?string
     {
-        return $value instanceof UuidInterface ? $value->toString() : (string) $value;
+        return (string) $value;
     }
 }

src/Models/WebauthnKey.php

@@ -7,7 +7,7 @@
 use LaravelWebauthn\Models\Casts\Base64;
 use LaravelWebauthn\Models\Casts\TrustPath;
 use LaravelWebauthn\Models\Casts\Uuid;
-use Ramsey\Uuid\Uuid as UuidConvert;
+use Symfony\Component\Uid\NilUuid;
 use Webauthn\PublicKeyCredentialSource;
 
 class WebauthnKey extends Model
@@ -43,7 +43,7 @@ class WebauthnKey extends Model
     /**
      * The attributes that should be visible in serialization.
      *
-     * @var array
+     * @var array<int, string>
      */
     protected $visible = [
         'id',
@@ -57,7 +57,7 @@ class WebauthnKey extends Model
     /**
      * The attributes that should be cast to native types.
      *
-     * @var array
+     * @var array<string, string>
      */
     protected $casts = [
         'counter' => 'integer',
@@ -81,7 +81,7 @@ public function getPublicKeyCredentialSourceAttribute(): PublicKeyCredentialSour
             $this->transports,
             $this->attestationType,
             $this->trustPath,
-            $this->aaguid ?? UuidConvert::fromString(UuidConvert::NIL),
+            $this->aaguid ?? new NilUuid(),
             $this->credentialPublicKey,
             (string) $this->user_id,
             $this->counter

src/Services/Webauthn/CreationOptionsFactory.php

@@ -61,10 +61,10 @@ public function __invoke(User $user): PublicKeyCredentialCreationOptions
             $this->publicKeyCredentialRpEntity,
             $this->getUserEntity($user),
             $this->getChallenge(),
-            $this->createCredentialParameters(),
-            $this->timeout
+            $this->createCredentialParameters()
         ))
-            ->excludeCredentials($this->getExcludedCredentials($user))
+            ->setTimeout($this->timeout)
+            ->excludeCredentials(...$this->getExcludedCredentials($user))
             ->setAuthenticatorSelection($this->authenticatorSelectionCriteria)
             ->setAttestation($this->attestationConveyance);