fix: json serialize publickey for cache store (#385)

asbiin · Jun 1, 2022 · 1b6ad1b · 1b6ad1b
1 parent 74546d1
commit 1b6ad1b
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 14 deletions.
diff --git a/src/Services/Webauthn/CreationOptionsFactory.php b/src/Services/Webauthn/CreationOptionsFactory.php
@@ -68,7 +68,7 @@ public function __invoke(User $user): PublicKeyCredentialCreationOptions
             ->setAuthenticatorSelection($this->authenticatorSelectionCriteria)
             ->setAttestation($this->attestationConveyance);
 
-        $this->cache->put($this->cacheKey($user), $publicKey, $this->timeout);
+        $this->cache->put($this->cacheKey($user), $publicKey->jsonSerialize(), $this->timeout);
 
         return $publicKey;
     }

diff --git a/src/Services/Webauthn/CredentialAssertionValidator.php b/src/Services/Webauthn/CredentialAssertionValidator.php
@@ -73,12 +73,12 @@ public function __invoke(User $user, array $data): bool
      */
     protected function pullPublicKey(User $user): PublicKeyCredentialRequestOptions
     {
-        return tap($this->cache->pull($this->cacheKey($user)), function ($publicKey) {
-            if (! $publicKey instanceof PublicKeyCredentialRequestOptions) {
-                Log::debug('Webauthn wrong publickKey type');
-                abort(404);
-            }
-        });
+        try {
+            return PublicKeyCredentialRequestOptions::createFromArray($this->cache->pull($this->cacheKey($user)));
+        } catch (\Exception $e) {
+            Log::debug('Webauthn publickKey deserialize error', ['exception' => $e]);
+            abort(404);
+        }
     }
 
     /**

diff --git a/src/Services/Webauthn/CredentialAttestationValidator.php b/src/Services/Webauthn/CredentialAttestationValidator.php
@@ -70,12 +70,12 @@ public function __invoke(User $user, array $data): PublicKeyCredentialSource
      */
     protected function pullPublicKey(User $user): PublicKeyCredentialCreationOptions
     {
-        return tap($this->cache->pull($this->cacheKey($user)), function ($publicKey) {
-            if (! $publicKey instanceof PublicKeyCredentialCreationOptions) {
-                Log::debug('Webauthn wrong publickKey type');
-                abort(404);
-            }
-        });
+        try {
+            return PublicKeyCredentialCreationOptions::createFromArray($this->cache->pull($this->cacheKey($user)));
+        } catch (\Exception $e) {
+            Log::debug('Webauthn publickKey deserialize error', ['exception' => $e]);
+            abort(404);
+        }
     }
 
     /**

diff --git a/src/Services/Webauthn/RequestOptionsFactory.php b/src/Services/Webauthn/RequestOptionsFactory.php
@@ -45,7 +45,7 @@ public function __invoke(User $user): PublicKeyCredentialRequestOptions
             ->setRpId($this->getRpId())
             ->setUserVerification($this->userVerification);
 
-        $this->cache->put($this->cacheKey($user), $publicKey, $this->timeout);
+        $this->cache->put($this->cacheKey($user), $publicKey->jsonSerialize(), $this->timeout);
 
         return $publicKey;
     }