JsonSerialized SignRequest and fix public property access bug

Samyoul · Dec 14, 2016 · 8152795 · 8152795
1 parent 71ebc19
commit 8152795
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 4 deletions.
diff --git a/src/SignRequest.php b/src/SignRequest.php
@@ -9,7 +9,7 @@
 namespace Samyoul\U2F\U2FServer;
 
 
-class SignRequest
+class SignRequest implements \JsonSerializable
 {
     /** Protocol version */
     protected $version = U2FServer::VERSION;
@@ -62,4 +62,14 @@ public function appId()
         return $this->appId;
     }
 
+    public function jsonSerialize()
+    {
+        return [
+            'version' => $this->version,
+            'challenge' => $this->challenge,
+            'keyHandle' => $this->keyHandle,
+            'appId' => $this->appId,
+        ];
+    }
+
 }
diff --git a/src/U2FServer.php b/src/U2FServer.php
@@ -216,7 +216,7 @@ public static function makeAuthentication(array $registrations, $appId)
      * @param array $requests An array of outstanding authentication requests
      * @param array <Registration> $registrations An array of current registrations
      * @param object $response A response from the authenticator
-     * @return Registration
+     * @return \stdClass
      * @throws U2FException
      *
      * The Registration object returned on success contains an updated counter
@@ -255,7 +255,7 @@ public static function authenticate(array $requests, array $registrations, $resp
                 throw new \InvalidArgumentException('$requests of authenticate() method only accepts an array of objects.');
             }
 
-            if($req->keyHandle === $response->keyHandle && $req->challenge === $decodedClient->challenge) {
+            if($req->keyHandle() === $response->keyHandle && $req->challenge() === $decodedClient->challenge) {
                 break;
             }
 
@@ -297,7 +297,7 @@ public static function authenticate(array $requests, array $registrations, $resp
 
         // Build signature and data from response
         $signData = static::base64u_decode($response->signatureData);
-        $dataToVerify  = hash('sha256', $req->appId, true);
+        $dataToVerify  = hash('sha256', $req->appId(), true);
         $dataToVerify .= substr($signData, 0, 5);
         $dataToVerify .= hash('sha256', $clientData, true);
         $signature = substr($signData, 5);