NFC-102 Web eID for mobile support#46
Open
SanderKondratjevNortal wants to merge 1 commit intoweb-eid-mobilefrom
Open
NFC-102 Web eID for mobile support#46SanderKondratjevNortal wants to merge 1 commit intoweb-eid-mobilefrom
SanderKondratjevNortal wants to merge 1 commit intoweb-eid-mobilefrom
Conversation
SanderKondratjevNortal
force-pushed
the
NFC-102
branch
2 times, most recently
from
f18bf64 to
1f0dbe0
Compare
…ort for web-eid example Signed-off-by: Sander Kondratjev <sander.kondratjev@nortal.com>
SanderKondratjevNortal
force-pushed
the
NFC-102
branch
from
363add3 to
1d5a80e
Compare
mrts
requested changes
Feb 17, 2026
| $base64ChallengeNonce | ||
| ); | ||
|
|
||
| session_regenerate_id(); |
Member
There was a problem hiding this comment.
Session is regenerated twice, see Auth.validate() line 80.
| session_regenerate_id(); | ||
|
|
||
| $subjectName = $this->getPrincipalNameFromCertificate($cert); | ||
| $_SESSION["auth-user"] = $subjectName; |
Member
There was a problem hiding this comment.
I would suggest to move all session-related logic either up into Auth.validate() (along with session regeneration) or here for consistency.
Comment on lines
+50
to
+54
| if (str_starts_with($baseUrl, 'http')) { | ||
| $authUri = rtrim($baseUrl, '/') . '/auth#' . $encodedPayload; | ||
| } else { | ||
| $authUri = rtrim($baseUrl, '/') . '//auth#' . $encodedPayload; | ||
| } |
Member
There was a problem hiding this comment.
Maybe ternary conditional would be more clear:
Suggested change
| if (str_starts_with($baseUrl, 'http')) { | |
| $authUri = rtrim($baseUrl, '/') . '/auth#' . $encodedPayload; | |
| } else { | |
| $authUri = rtrim($baseUrl, '/') . '//auth#' . $encodedPayload; | |
| } | |
| $fragment = (str_starts_with($baseUrl, 'http') ? '//' : '/') . 'auth#'; | |
| $authUri = rtrim($baseUrl, '/') . $fragment . $encodedPayload; |
|
|
||
| public function assertCsrf(bool $jsonError = true): void | ||
| { | ||
| $headers = array_change_key_case(getallheaders()); |
Member
There was a problem hiding this comment.
Explicit is better than implicit:
Suggested change
| $headers = array_change_key_case(getallheaders()); | |
| $headers = array_change_key_case(getallheaders(), CASE_LOWER); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Signed-off-by: Sander Kondratjev sander.kondratjev@nortal.com