From 707b120991e1c8f06aec6bc3285bcbbabf46d377 Mon Sep 17 00:00:00 2001 From: DarkGhostHunter Date: Fri, 3 Jul 2020 01:14:46 -0400 Subject: [PATCH 1/3] Removed unused column and added primary key to the id and user. --- .../2020_04_02_000000_create_web_authn_credentials_table.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/database/migrations/2020_04_02_000000_create_web_authn_credentials_table.php b/database/migrations/2020_04_02_000000_create_web_authn_credentials_table.php index b4ad391..33c55ed 100644 --- a/database/migrations/2020_04_02_000000_create_web_authn_credentials_table.php +++ b/database/migrations/2020_04_02_000000_create_web_authn_credentials_table.php @@ -20,8 +20,6 @@ public function up() // Change accordingly for your users table if you need to. $table->unsignedBigInteger('user_id'); - $table->boolean('is_enabled')->default(true); - $table->string('name')->nullable(); $table->string('type', 16); $table->json('transports'); @@ -39,7 +37,7 @@ public function up() $table->timestamps(); $table->softDeletes(WebAuthnCredential::DELETED_AT); - $table->primary(['id', 'is_enabled']); + $table->primary(['id', 'user_id']); }); } From 82c37503766c950e0f161aaf2e91770c4f767359 Mon Sep 17 00:00:00 2001 From: DarkGhostHunter Date: Fri, 3 Jul 2020 01:21:51 -0400 Subject: [PATCH 2/3] Fixed unexistant column. --- README.md | 4 ++++ tests/Auth/EloquentWebAuthnProviderTest.php | 1 - tests/Http/WebAuthnLoginTest.php | 3 --- tests/WebAuthn/WebAuthnAssertionTest.php | 1 - tests/WebAuthn/WebAuthnAttestationTest.php | 1 - tests/WebAuthnAuthenticationTest.php | 1 - 6 files changed, 4 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 4bbb905..801138a 100644 --- a/README.md +++ b/README.md @@ -533,6 +533,10 @@ No, mainly because each application frontend is different. A given script may no No, you must ensure to encode/decode to binary forms some strings in your frontend because the nature of WebAuthn. This [WebAuthn Javascript Helpers](https://github.com/web-auth/webauthn-helper) package does it automatically for you. +* **Why this doesn't work on non-HTTPS sites like my dev machine?** + +It's a limit imposed by the WebAuthn libraries. + ## License The MIT License (MIT). Please see [License File](LICENSE.md) for more information. diff --git a/tests/Auth/EloquentWebAuthnProviderTest.php b/tests/Auth/EloquentWebAuthnProviderTest.php index 1a9a987..dc18bb1 100644 --- a/tests/Auth/EloquentWebAuthnProviderTest.php +++ b/tests/Auth/EloquentWebAuthnProviderTest.php @@ -49,7 +49,6 @@ public function test_retrieves_user_using_credential_id() DB::table('web_authn_credentials')->insert([ 'id' => 'test_credential_id', 'user_id' => 1, - 'is_enabled' => true, 'type' => 'public_key', 'transports' => json_encode([]), 'attestation_type' => 'none', diff --git a/tests/Http/WebAuthnLoginTest.php b/tests/Http/WebAuthnLoginTest.php index c48c49b..4dfbca5 100644 --- a/tests/Http/WebAuthnLoginTest.php +++ b/tests/Http/WebAuthnLoginTest.php @@ -100,7 +100,6 @@ public function test_receives_webauthn_options_by_credentials() DB::table('web_authn_credentials')->insert([ 'id' => 'test_credential_id', 'user_id' => 1, - 'is_enabled' => true, 'type' => 'public_key', 'transports' => json_encode([]), 'attestation_type' => 'none', @@ -146,7 +145,6 @@ public function test_disabled_credential_doesnt_show() DB::table('web_authn_credentials')->insert([ 'id' => 'test_credential_id', 'user_id' => 1, - 'is_enabled' => false, 'type' => 'public_key', 'transports' => json_encode([]), 'attestation_type' => 'none', @@ -199,7 +197,6 @@ public function test_user_authenticates_with_webauthn() DB::table('web_authn_credentials')->insert([ 'id' => 'test_credential_id', 'user_id' => 1, - 'is_enabled' => true, 'type' => 'public_key', 'transports' => json_encode([]), 'attestation_type' => 'none', diff --git a/tests/WebAuthn/WebAuthnAssertionTest.php b/tests/WebAuthn/WebAuthnAssertionTest.php index 7c74cb9..75bfe15 100644 --- a/tests/WebAuthn/WebAuthnAssertionTest.php +++ b/tests/WebAuthn/WebAuthnAssertionTest.php @@ -59,7 +59,6 @@ protected function setUp() : void DB::table('web_authn_credentials')->insert([ 'id' => 'test_credential_foo', 'user_id' => 1, - 'is_enabled' => true, 'type' => 'public_key', 'transports' => json_encode([]), 'attestation_type' => 'none', diff --git a/tests/WebAuthn/WebAuthnAttestationTest.php b/tests/WebAuthn/WebAuthnAttestationTest.php index 1f5ec50..3d86526 100644 --- a/tests/WebAuthn/WebAuthnAttestationTest.php +++ b/tests/WebAuthn/WebAuthnAttestationTest.php @@ -61,7 +61,6 @@ protected function setUp() : void DB::table('web_authn_credentials')->insert([ 'id' => 'test_credential_foo', 'user_id' => 1, - 'is_enabled' => true, 'type' => 'public_key', 'transports' => json_encode([]), 'attestation_type' => 'none', diff --git a/tests/WebAuthnAuthenticationTest.php b/tests/WebAuthnAuthenticationTest.php index a9d23cf..af87c60 100644 --- a/tests/WebAuthnAuthenticationTest.php +++ b/tests/WebAuthnAuthenticationTest.php @@ -48,7 +48,6 @@ protected function setUp() : void DB::table('web_authn_credentials')->insert([ 'id' => 'test_credential_foo', 'user_id' => 1, - 'is_enabled' => true, 'type' => 'public_key', 'transports' => json_encode([]), 'attestation_type' => 'none', From 0f17d2877dda8c8fd1e3bbb9bf669dc2b077067e Mon Sep 17 00:00:00 2001 From: DarkGhostHunter Date: Fri, 3 Jul 2020 01:28:35 -0400 Subject: [PATCH 3/3] Removed unnecessary clarification. --- README.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/README.md b/README.md index 801138a..4bbb905 100644 --- a/README.md +++ b/README.md @@ -533,10 +533,6 @@ No, mainly because each application frontend is different. A given script may no No, you must ensure to encode/decode to binary forms some strings in your frontend because the nature of WebAuthn. This [WebAuthn Javascript Helpers](https://github.com/web-auth/webauthn-helper) package does it automatically for you. -* **Why this doesn't work on non-HTTPS sites like my dev machine?** - -It's a limit imposed by the WebAuthn libraries. - ## License The MIT License (MIT). Please see [License File](LICENSE.md) for more information.