diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..02b13c8 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,3 @@ +.gitattributes export-ignore +.gitignore export-ignore +.github export-ignore diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml new file mode 100644 index 0000000..16a44ce --- /dev/null +++ b/.github/workflows/tests.yml @@ -0,0 +1,36 @@ +name: Run tests + +on: [push] + +jobs: + test-php: + name: Test on php ${{ matrix.php-version }} and ${{ matrix.os }} + runs-on: ${{ matrix.os }} + strategy: + matrix: + php-version: ["7.1", "7.2", "7.3", "7.4", "8.0"] + os: [ubuntu-latest] + steps: + - uses: actions/checkout@v1 + - name: Use php ${{ matrix.php-version }} + uses: shivammathur/setup-php@v2 + with: + php-version: ${{ matrix.php-version }} + extensions: posix, mbstring + coverage: xdebug + tools: composer:v2 + - name: Cache module + uses: actions/cache@v2 + with: + path: ~/.composer/cache/ + key: composer-cache + - name: Install dependencies + if: ${{ matrix.php-version != '8.0' }} + run: composer install --no-interaction --prefer-dist --no-progress --no-suggest + - name: Install dependencies for php 8.0 + if: ${{ matrix.php-version == '8.0' }} + run: composer install --no-interaction --prefer-dist --no-progress --no-suggest --ignore-platform-reqs + - name: Run php tests + run: composer run phpunit + - name: Send coverage + uses: codecov/codecov-action@v1 diff --git a/.gitignore b/.gitignore index 2f238a8..2c0ca10 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,7 @@ # IntelliJ project files .idea +.vscode *.iml +.phpunit.result.cache /vendor/ +/build/ diff --git a/LICENCE.md b/LICENCE similarity index 100% rename from LICENCE.md rename to LICENCE diff --git a/README.md b/README.md index 2f17a1f..19ec25e 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # U2F-php-server [](https://packagist.org/packages/samyoul/u2f-php-server) -[](LICENCE.md) +[](LICENCE) Server-side handling of FIDO U2F registration and authentication for PHP. @@ -65,7 +65,7 @@ A few **things you need** to know before working with this: ### OpenSSL -This repository requires OpenSSL 1.0.0 or higher. For further details on installing OpenSSL please refer to the php manual http://php.net/manual/en/openssl.installation.php . +This repository requires OpenSSL 1.0.0 or higher. For further details on installing OpenSSL please refer to the [php manual](https://www.php.net/manual/en/openssl.installation.php). Also see [Compatibility Code](#compatibility-code), to check if you have the correct version of OpenSSL installed, and are unsure how else to check. @@ -73,7 +73,7 @@ Also see [Compatibility Code](#compatibility-code), to check if you have the cor My presumption is that if you are looking to add U2F authentication to a php system, then you'll probably are also looking for some client-side handling. You've got a U2F enabled USB device and you want to get the USB device speaking with the browser and then with your server running php. -1. Google already have this bit sorted : https://github.com/google/u2f-ref-code/blob/master/u2f-gae-demo/war/js/u2f-api.js +1. Google already have this bit sorted : [u2f-api.js](https://github.com/google/u2f-ref-code/blob/master/u2f-gae-demo/war/js/u2f-api.js) 2. [Mastahyeti](https://github.com/mastahyeti) has created a repo dedicated to Google's JavaScript Client-side API : https://github.com/mastahyeti/u2f-api ### HTTPS and SSL @@ -122,7 +122,7 @@ TODO the descriptions 1. When the browser loads the page the JavaScript fires the `u2f.sign(authenticationRequest, function(data){ // Callback logic })` function 1. The view will use JavaScript / Browser to poll the host machine's ports for a FIDO U2F device 1. Once the HID has been found the JavaScript / Browser will send the sign request with data. -1. The HID will prompt the user to authorise the sign request +1. The HID will prompt the user to authorize the sign request 1. On success the HID returns authentication data 1. The JavaScript receives the HID's returned data and passes it to the server 1. The application takes the returned data passes it to the `U2F::authenticate($authenticationRequest, $registrations, $authenticationResponse)` method @@ -135,10 +135,10 @@ For a full working code example for this repository please see [the dedicated ex You can also install it with the following: -```bash +```sh $ git clone https://github.com/Samyoul/U2F-php-server-examples.git $ cd u2f-php-server-examples -$ composer install +$ composer install ``` @@ -147,10 +147,10 @@ $ composer install 1. [Step 1: Starting](#registration-step-1) 1. [Step 2: Talking to the HID](#registration-step-2) 1. [Step 3: Validation & Storage](#registration-step-3) -3. [Authentication Code]() - 1. [Step 1: Starting]() - 1. [Step 2: Talking to the HID]() - 1. [Step 3: Validation]() +3. [Authentication Code](#authentication-code) + 1. [Step 1: Starting](#authentication-step-1) + 1. [Step 2: Talking to the HID](#authentication-step-2) + 1. [Step 3: Validation](#authentication-step-3) --- @@ -161,7 +161,8 @@ You'll only ever need to use this method call once per installation and only in ```php $jsRequest, + 'jsSignatures' => $jsSignatures, +]); ``` #### Registration Step 2: **Client-side, Talking To The USB** -Non-AJAX client-side registration of U2F key token. AJAX can of course be used in your application, but it is easier to demonstrate a linear process without AJAX and callbacks. +Non-AJAX client-side registration of U2F key token. AJAX can of course be used in your application, but it is easier to demonstrate a linear process without AJAX and callbacks. ```html @@ -214,35 +219,35 @@ Non-AJAX client-side registration of U2F key token. AJAX can of course be used i