Merge pull request #587 from web-auth/bugs/v2-compliance

Refactor authenticator response identification logic
web-auth · Apr 8, 2024 · b9c4669 · b9c4669
2 parents 670d9e9 + c14a23d
commit b9c4669
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 11 deletions.
diff --git a/src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php b/src/webauthn/src/Denormalizer/AuthenticatorResponseDenormalizer.php
@@ -20,14 +20,8 @@ final class AuthenticatorResponseDenormalizer implements DenormalizerInterface,
     public function denormalize(mixed $data, string $type, string $format = null, array $context = []): mixed
     {
         $realType = match (true) {
-            array_key_exists('attestationObject', $data) && ! array_key_exists(
-                'signature',
-                $data
-            ) => AuthenticatorAttestationResponse::class,
-            array_key_exists('authenticatorData', $data) && array_key_exists(
-                'signature',
-                $data
-            ) => AuthenticatorAssertionResponse::class,
+            array_key_exists('attestationObject', $data) => AuthenticatorAttestationResponse::class,
+            array_key_exists('signature', $data) => AuthenticatorAssertionResponse::class,
             default => throw InvalidDataException::create($data, 'Unable to create the response object'),
         };
 

diff --git a/src/webauthn/src/PublicKeyCredentialLoader.php b/src/webauthn/src/PublicKeyCredentialLoader.php
@@ -153,15 +153,15 @@ private function createResponse(array $response): AuthenticatorResponse
             return $this->serializer->deserialize($response, AuthenticatorResponse::class, 'json');
         }
         switch (true) {
-            case ! array_key_exists('authenticatorData', $response) && ! array_key_exists('signature', $response):
+            case array_key_exists('attestationObject', $response):
                 $attestationObject = $this->attestationObjectLoader->load($response['attestationObject']);
 
                 return AuthenticatorAttestationResponse::create(CollectedClientData::createFormJson(
                     $response['clientDataJSON']
                 ), $attestationObject, $transports);
-            case array_key_exists('authenticatorData', $response) && array_key_exists('signature', $response):
+            case array_key_exists('signature', $response):
                 $authDataLoader = AuthenticatorDataLoader::create();
-                $authData = Base64UrlSafe::decodeNoPadding($response['authenticatorData']);
+                $authData = Base64UrlSafe::decodeNoPadding($response['authenticatorData'] ?? '');
                 $authenticatorData = $authDataLoader->load($authData);
 
                 try {