Make Challenge class (#31)

Firehed · Oct 26, 2021 · 52234e4 · 52234e4
1 parent 4b7c8c6
commit 52234e4
Show file tree

Hide file tree

Showing 4 changed files with 63 additions and 7 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,7 +7,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [1.3.0] - Unreleased
 
 ### Added
+- Challenge class
 - ChallengeProviderInterface (will replace ChallengeProvider)
+- Server::generateChallenge(): ChallengeProviderInterface (now public; signature changed from previous private implementation)
 - Server::validateRegistration(RegisterRequest, RegistrationResponseInterface) (will replace Server::setRegisterRequest + Server::register)
 
 ### Deprecated

diff --git a/src/Challenge.php b/src/Challenge.php
@@ -0,0 +1,28 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Firehed\U2F;
+
+use JsonSerializable;
+
+class Challenge implements ChallengeProviderInterface, JsonSerializable
+{
+ /** @var string */
+ private $challenge;
+
+ public function __construct(string $challenge)
+ {
+ $this->challenge = $challenge;
+ }
+
+ public function getChallenge(): string
+ {
+ return $this->challenge;
+ }
+
+ public function jsonSerialize(): string
+ {
+ return $this->challenge;
+ }
+}
diff --git a/src/Server.php b/src/Server.php
@@ -343,7 +343,7 @@ public function generateRegisterRequest(): RegisterRequest
  {
  return (new RegisterRequest())
  ->setAppId($this->getAppId())
- ->setChallenge($this->generateChallenge());
+ ->setChallenge($this->generateChallenge()->getChallenge());
  }
 
  /**
@@ -357,7 +357,7 @@ public function generateSignRequest(RegistrationInterface $reg): SignRequest
  {
  return (new SignRequest())
  ->setAppId($this->getAppId())
- ->setChallenge($this->generateChallenge())
+ ->setChallenge($this->generateChallenge()->getChallenge())
  ->setKeyHandle($reg->getKeyHandleBinary());
  }
 
@@ -371,7 +371,7 @@ public function generateSignRequest(RegistrationInterface $reg): SignRequest
  */
  public function generateSignRequests(array $registrations): array
  {
- $challenge = $this->generateChallenge();
+ $challenge = $this->generateChallenge()->getChallenge();
  $requests = array_map([$this, 'generateSignRequest'], $registrations);
  $requestsWithSameChallenge = array_map(function (SignRequest $req) use ($challenge) {
  return $req->setChallenge($challenge);
@@ -405,13 +405,11 @@ private function findObjectWithKeyHandle(
 
  /**
  * Generates a random challenge and returns it base64-web-encoded
- *
- * @return string
  */
- private function generateChallenge(): string
+ public function generateChallenge(): ChallengeProviderInterface
  {
  // FIDO Alliance spec suggests a minimum of 8 random bytes
- return toBase64Web(\random_bytes(16));
+ return new Challenge(toBase64Web(\random_bytes(16)));
  }
 
  private function validateRelyingParty(string $rpIdHash): void

diff --git a/tests/ChallengeTest.php b/tests/ChallengeTest.php
@@ -0,0 +1,28 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Firehed\U2F;
+
+/**
+ * @covers Firehed\U2F\Challenge
+ */
+class ChallengeTest extends \PHPUnit\Framework\TestCase
+{
+ public function testGetChallengeIsUnmodified(): void
+ {
+ $wrapped = bin2hex(random_bytes(10));
+ $challenge = new Challenge($wrapped);
+ self::assertSame($wrapped, $challenge->getChallenge());
+ }
+
+ public function testJsonSerialize(): void
+ {
+ $wrapped = bin2hex(random_bytes(10));
+ $challenge = new Challenge($wrapped);
+ $json = json_encode($challenge);
+ assert($json !== false);
+ $decoded = json_decode($json);
+ self::assertSame($wrapped, $decoded);
+ }
+}