Allow entering a friendly name for a key

bartnv · Jan 15, 2023 · ba2b682 · ba2b682
1 parent fd8243f
commit ba2b682
Show file tree

Hide file tree

Showing 5 changed files with 25 additions and 21 deletions.
diff --git a/3rdparty/WebAuthn/WebAuthn.php b/3rdparty/WebAuthn/WebAuthn.php
@@ -124,7 +124,7 @@ public function prepareChallengeForRegistration($username, $userid, $crossPlatfo
     *        this code)
     * @return string modified to store in the user's webauthn field in your database
     */
-    public function register($info, $userwebauthn)
+    public function register($info, $userwebauthn, $name)
     {
         if (! is_string($info)) {
             $this->oops('info must be a string', 1);
@@ -208,6 +208,9 @@ public function register($info, $userwebauthn)
         $publicKey = (object)array();
         $publicKey->key = $ao->attData->keyBytes;
         $publicKey->id = $info->rawId;
+        if (!empty($name) && is_string($name)) {
+            $publicKey->name = $name;
+        }
 
         if (empty($userwebauthn)) {
             $userwebauthn = [$publicKey];
@@ -219,11 +222,14 @@ public function register($info, $userwebauthn)
                     continue;
                 }
                 $userwebauthn[$idx]->key = $publicKey->key;
+                if (isset($publicKey->name)) {
+                    $userwebauthn[$idx]->name = $publicKey->name;
+                }
                 $found = true;
                 break;
             }
-            if (! $found) {
-                array_unshift($userwebauthn, $publicKey);
+            if (!$found) {
+                $userwebauthn[] = $publicKey;
             }
         }
         $userwebauthn = json_encode($userwebauthn);

diff --git a/localization/en_US.inc b/localization/en_US.inc
@@ -19,6 +19,7 @@ $labels['authentication_failed'] = 'Authentication failed';
 $labels['authentication_cancelled'] = 'Authentication cancelled';
 $labels['test_key'] = 'Test key';
 $labels['key_checked'] = 'Successfully checked key';
+$labels['request_key_name'] = 'Please enter a name for this key';
 
 // Messages used for the different portions of the plugin
 $messages = array();

diff --git a/localization/nl_NL.inc b/localization/nl_NL.inc
@@ -19,6 +19,7 @@ $labels['authentication_failed'] = 'Authenticatie mislukt';
 $labels['authentication_cancelled'] = 'Authenticatie geannuleerd';
 $labels['test_key'] = 'Sleutel testen';
 $labels['key_checked'] = 'Sleutel gecontroleerd met ID';
+$labels['request_key_name'] = 'Voer een naam in voor deze sleutel';
 
 // Messages used for the different portions of the plugin
 $messages = array();

diff --git a/twofactor_webauthn.js b/twofactor_webauthn.js
@@ -28,7 +28,8 @@ function twofactor_webauthn_challenge(data) {
 	if (data.mode == 'register') {
 		webauthnRegister(data.challenge, function(success, info) {
 			if (success) {
-				rcmail.http_post('plugin.twofactor_webauthn_register', { response: info });
+				var name = prompt(rcmail.gettext('request_key_name', 'twofactor_webauthn'));
+				rcmail.http_post('plugin.twofactor_webauthn_register', { response: info, name: name });
 			}
 			else { console.log('webauthRegister failed:', info); }
 		});
@@ -52,8 +53,10 @@ function twofactor_webauthn_list(data) {
 		return;
 	}
 	rcmail.enable_command('plugin.twofactor_webauthn_test', true);
-	for (id of data) {
-		ul.append('<li>ID: ' + id + ' <span onclick="if (confirm(\'' + rcmail.gettext('confirm_delete_key', 'twofactor_webauthn') + ' ' + id + '?\')) { return rcmail.command(\'plugin.twofactor_webauthn_delete\', \'' + id + '\'); } else return false;">✖</span>');
+	for (key of data) {
+		ul.append('<li title="' + key.id + '">' + (key.name??key.id) +
+			' <span onclick="if (confirm(\'' + rcmail.gettext('confirm_delete_key', 'twofactor_webauthn') + ' ' + key.id + (key.name?' ('+key.name+')':'') +
+			'?\')) { return rcmail.command(\'plugin.twofactor_webauthn_delete\', \'' + key.id + '\'); } else return false;">✖</span>');
 	}
 }
 

diff --git a/twofactor_webauthn.php b/twofactor_webauthn.php
@@ -148,17 +148,14 @@ function twofactor_webauthn_register() {
       error_log('Received empty response on webauthn challenge');
       return;
     }
+    $name = rcube_utils::get_input_value('name', rcube_utils::INPUT_POST);
     $rcmail = rcmail::get_instance();
     $webauthn = new \Davidearl\WebAuthn\WebAuthn($_SERVER['HTTP_HOST']);
     $config = $this->getConfig();
-    $config['keys'] = $webauthn->register($response, $config['keys'] ?? '');
+    $config['keys'] = $webauthn->register($response, $config['keys'] ?? '', $name);
     $this->saveConfig($config);
-    $list = [];
-    foreach (json_decode($config['keys']) as $key) {
-      $list[] = dechex(crc32(implode('', $key->id)));
-    }
     $rcmail->output->show_message($this->gettext('key_registered'), 'confirmation');
-    $rcmail->output->command('plugin.twofactor_webauthn_list', $list);
+    $rcmail->output->command('plugin.twofactor_webauthn_list', $this->getList($config));
   }
 
   function twofactor_webauthn_delete() {
@@ -176,12 +173,8 @@ function twofactor_webauthn_delete() {
     }
     $config['keys'] = json_encode($newkeys);
     $this->saveConfig($config);
-    $list = [];
-    foreach ($newkeys as $key) {
-      $list[] = dechex(crc32(implode('', $key->id)));
-    }
     $rcmail->output->show_message($this->gettext('key_deleted'), 'confirmation');
-    $rcmail->output->command('plugin.twofactor_webauthn_list', $list);
+    $rcmail->output->command('plugin.twofactor_webauthn_list', $this->getList($config));
   }
 
   function twofactor_webauthn_login() {
@@ -210,7 +203,7 @@ public function twofactor_webauthn_form() {
     $config = $this->getConfig();
 
     $rcmail->output->set_env('product_name', $rcmail->config->get('product_name'));
-    $rcmail->output->set_env('twofactor_webauthn_keylist', json_encode($this->getList()));
+    $rcmail->output->set_env('twofactor_webauthn_keylist', json_encode($this->getList($config)));
 
     $keys = html::tag('legend', [], rcube::Q($this->gettext('registered_keys')));
     $keys .= html::tag('ul', [ 'id' => 'twofactor_webauthn_keylist' ], rcube::Q($this->gettext('loading')));
@@ -272,11 +265,11 @@ private function saveConfig($config) {
     $prefs['twofactor_webauthn'] = $config;
     $rcmail->user->save_prefs($prefs);
   }
-  private function getList() {
-    $config = $this->getConfig();
+  private function getList($config = null) {
+    if (!$config) $config = $this->getConfig();
     $list = [];
     foreach (json_decode($config['keys']) as $key) {
-      $list[] = dechex(crc32(implode('', $key->id)));
+      $list[] = [ 'id' => dechex(crc32(implode('', $key->id))), 'name' => empty($key->name)?null:$key->name ];
     }
     return $list;
   }