diff --git a/assets/profile.min.js b/assets/profile.min.js index ccda13e9..e9b7407c 100644 --- a/assets/profile.min.js +++ b/assets/profile.min.js @@ -1 +1 @@ -!function(e,t){function n(){return n=Object.assign?Object.assign.bind():function(e){for(var t=1;t

'+e+"

"):t.find(".security-key-status").text("")}function m(e){var n=e instanceof DOMException?function(e,t){switch(e.name){case"NotAllowedError":return r;case"SecurityError":return i;case"NotSupportedError":return a;case"AbortError":return o;case"InvalidStateError":return t?c:s;default:return e.message}}(e,!1):e.message,d=t.find(".registered-keys");d.siblings(".notice").remove(),d.before('")}t.find(".add-webauthn-key button").on("click",(function(){t.find(".registered-keys").prev(".notice").remove(),d(u),k({action:"webauthn_preregister",_ajax_nonce:tfa_webauthn.nonce}).then((function(e){d(l),tfa_webauthn.nonce=e.data.nonce;var t=function(e){var t;return n({},e,{user:n({},e.user,{id:_(g(e.user.id))}),challenge:_(g(e.challenge)),excludeCredentials:null===(t=e.excludeCredentials)||void 0===t?void 0:t.map((function(e){return n({},e,{id:_(g(e.id))})}))})}(e.data.options);return navigator.credentials.create({publicKey:t})})).then((function(t){if(t){d(f);var n=e("#webauthn-key-name").val();return k({action:"webauthn_register",_ajax_nonce:tfa_webauthn.nonce,credential:JSON.stringify((r=t,i=r.response,{id:r.id,type:r.type,rawId:y(new Uint8Array(r.rawId)),clientExtensionResults:r.getClientExtensionResults(),response:{attestationObject:"attestationObject"in i?y(new Uint8Array(i.attestationObject)):void 0,authenticatorData:"authenticatorData"in i?y(new Uint8Array(i.authenticatorData)):void 0,signature:"signature"in i?y(new Uint8Array(i.signature)):void 0,userHandle:"userHandle"in i&&i.userHandle?y(new Uint8Array(i.userHandle)):void 0,clientDataJSON:y(new Uint8Array(r.response.clientDataJSON))}})),name:n})}var r,i;throw new Error(h)})).then((function(e){tfa_webauthn.nonce=e.data.nonce;var n=t.find(".registered-keys");n.find("tbody > tr:last-child").after(e.data.row),n.find("tbody > tr.no-items").remove(),n.before('")})).catch(m).finally((function(){d(""),e("#webauthn-key-name").val("")}))})),t.find(".registered-keys").on("click","tbody .delete a",(function(n){t.find(".registered-keys").prev(".notice").remove(),n.preventDefault();var r=e(n.target),i=r.closest(".row-actions");if(!i.siblings(".confirm-revoke").length){var a=r.data("handle"),o=r.data("nonce"),c=t.find(".registered-keys"),s=e(e("#webauthn-revoke-confirm").text());i.after(s),i.siblings(".confirm-revoke").on("click",".button-secondary",(function(){i.siblings(".confirm-revoke").remove()})).on("click",".button-link-delete",(function(){return i.siblings(".confirm-revoke").hide(),d(v),k({action:"webauthn_delete_key",_ajax_nonce:o,handle:a}).then((function(){c.before('"),r.closest("tr").remove(),c.find("tbody > tr").length||c.find("tbody").append(e("#webauthn-no-keys").text())})).catch(m).finally((function(){d(""),i.siblings(".confirm-revoke").remove()}))}))}})),t.find(".registered-keys").on("click","tbody .rename a",(function(n){t.find(".registered-keys").prev(".notice").remove(),n.preventDefault();var r=e(n.target),i=r.closest(".row-actions");if(!i.siblings(".rename-key").length){var a=r.data("handle"),o=r.data("nonce"),c=r.closest("td").find("span.key-name").text().trim(),s=t.find(".registered-keys"),u=e(e("#webauthn-rename-key").text());i.after(u),i.siblings(".rename-key").on("click",".button-secondary",(function(){i.siblings(".rename-key").remove()})).on("click",".button-primary",(function(){var e=i.siblings(".rename-key").find('input[type="text"]').val();return i.siblings(".rename-key").hide(),d(v),k({action:"webauthn_rename_key",_ajax_nonce:o,handle:a,name:e}).then((function(e){s.before('"),r.closest("td").find("span.key-name").text(e.data.name)})).catch(m).finally((function(){d(""),i.siblings(".rename-key").remove()}))})).find('input[type="text"]').val(c)}}))}))}(jQuery,wp.i18n); +!function(e,t){function n(){return n=Object.assign?Object.assign.bind():function(e){for(var t=1;t

'+e+"

"):t.find(".security-key-status").text("")}function m(e){var n=e instanceof DOMException?function(e,t){switch(e.name){case"NotAllowedError":return r;case"SecurityError":return i;case"NotSupportedError":return a;case"AbortError":return o;case"InvalidStateError":return t?s:c;default:return e.message}}(e,!1):e.message,d=t.find(".registered-keys");d.siblings(".notice").remove(),d.before('")}t.find(".add-webauthn-key button").on("click",(function(){t.find(".registered-keys").prev(".notice").remove(),d(u),k({action:"webauthn_preregister",_ajax_nonce:tfa_webauthn.nonce,user_id:e("#user_id").val()}).then((function(e){d(l),tfa_webauthn.nonce=e.data.nonce;var t=function(e){var t;return n({},e,{user:n({},e.user,{id:g(_(e.user.id))}),challenge:g(_(e.challenge)),excludeCredentials:null===(t=e.excludeCredentials)||void 0===t?void 0:t.map((function(e){return n({},e,{id:g(_(e.id))})}))})}(e.data.options);return navigator.credentials.create({publicKey:t})})).then((function(t){if(t){d(f);var n=e("#webauthn-key-name").val();return k({action:"webauthn_register",_ajax_nonce:tfa_webauthn.nonce,credential:JSON.stringify((r=t,i=r.response,{id:r.id,type:r.type,rawId:y(new Uint8Array(r.rawId)),clientExtensionResults:r.getClientExtensionResults(),response:{attestationObject:"attestationObject"in i?y(new Uint8Array(i.attestationObject)):void 0,authenticatorData:"authenticatorData"in i?y(new Uint8Array(i.authenticatorData)):void 0,signature:"signature"in i?y(new Uint8Array(i.signature)):void 0,userHandle:"userHandle"in i&&i.userHandle?y(new Uint8Array(i.userHandle)):void 0,clientDataJSON:y(new Uint8Array(r.response.clientDataJSON))}})),user_id:e("#user_id").val(),name:n})}var r,i;throw new Error(v)})).then((function(e){tfa_webauthn.nonce=e.data.nonce;var n=t.find(".registered-keys");n.find("tbody > tr:last-child").after(e.data.row),n.find("tbody > tr.no-items").remove(),n.before('")})).catch(m).finally((function(){d(""),e("#webauthn-key-name").val("")}))})),t.find(".registered-keys").on("click","tbody .delete a",(function(n){t.find(".registered-keys").prev(".notice").remove(),n.preventDefault();var r=e(n.target),i=r.closest(".row-actions");if(!i.siblings(".confirm-revoke").length){var a=r.data("handle"),o=r.data("nonce"),s=t.find(".registered-keys"),c=e(e("#webauthn-revoke-confirm").text());i.after(c),i.siblings(".confirm-revoke").on("click",".button-secondary",(function(){i.siblings(".confirm-revoke").remove()})).on("click",".button-link-delete",(function(){return i.siblings(".confirm-revoke").hide(),d(b),k({action:"webauthn_delete_key",_ajax_nonce:o,user_id:e("#user_id").val(),handle:a}).then((function(){s.before('"),r.closest("tr").remove(),s.find("tbody > tr").length||s.find("tbody").append(e("#webauthn-no-keys").text())})).catch(m).finally((function(){d(""),i.siblings(".confirm-revoke").remove()}))}))}})),t.find(".registered-keys").on("click","tbody .rename a",(function(n){t.find(".registered-keys").prev(".notice").remove(),n.preventDefault();var r=e(n.target),i=r.closest(".row-actions");if(!i.siblings(".rename-key").length){var a=r.data("handle"),o=r.data("nonce"),s=r.closest("td").find("span.key-name").text().trim(),c=t.find(".registered-keys"),u=e(e("#webauthn-rename-key").text());i.after(u),i.siblings(".rename-key").on("click",".button-secondary",(function(){i.siblings(".rename-key").remove()})).on("click",".button-primary",(function(){var t=i.siblings(".rename-key").find('input[type="text"]').val();return i.siblings(".rename-key").hide(),d(b),k({action:"webauthn_rename_key",_ajax_nonce:o,user_id:e("#user_id").val(),handle:a,name:t}).then((function(e){c.before('"),r.closest("td").find("span.key-name").text(e.data.name)})).catch(m).finally((function(){d(""),i.siblings(".rename-key").remove()}))})).find('input[type="text"]').val(s)}}))}))}(jQuery,wp.i18n); diff --git a/assets/profile.min.js.map b/assets/profile.min.js.map index 65303301..6d68c5fb 100644 --- a/assets/profile.min.js.map +++ b/assets/profile.min.js.map @@ -1 +1 @@ -{"version":3,"file":"profile.min.js","sources":["lang.ts","common.ts","profile.ts"],"sourcesContent":[null,null,null],"names":["__","L_NOT_ALLOWED_ERROR","L_SECURITY_ERROR","L_NOT_SUPPORTED_ERROR","L_ABORT_ERROR","L_UNKNOWN_KEY","L_KEY_ALREADY_REGISTERED","L_UNKNOWN_ERROR","L_FETCHING_REG_INFO","L_GENERATING_CREDENTIALS","L_REGISTERING_CREDENTIALS","L_FAILED_TO_CREATE_CREDENTIALS","L_KEY_REGISTERED","L_SENDING_REQUEST","L_KEY_REVOKED","L_KEY_RENAMED","arrayToBase64String","a","window","btoa","String","fromCharCode","apply","base64UrlDecode","input","atob","replace","repeat","length","stringToBuffer","s","Uint8Array","from","c","charCodeAt","ajaxRequest","data","Promise","resolve","reject","jQuery","ajax","method","url","ajaxurl","done","response","fail","message","responseJSON","statusText","Error","$","parent","updateStatus","status","find","html","text","errorHandler","e","DOMException","isAuth","name","decodeDOMException","table","siblings","remove","before","on","prev","action","_ajax_nonce","tfa_webauthn","nonce","then","publicKey","_extends","user","id","challenge","excludeCredentials","_a","map","preparePublicKeyCreationOptions","options","navigator","credentials","create","val","credential","JSON","stringify","type","rawId","clientExtensionResults","getClientExtensionResults","attestationObject","undefined","authenticatorData","signature","userHandle","clientDataJSON","after","row","preventDefault","target","actions","closest","handle","tpl","hide","append","trim","keyname","r"],"mappings":"mPAEwCA,EAAAA,GAAG,4CAA6C,gCAC3CA,EAAAA,GAC5C,yCACA,gCAEM,IAAMC,EAAsBD,EAAEA,GAAC,8BAA+B,gCACxDE,EAAmBF,EAAEA,GAAC,6BAA8B,gCACpDG,EAAwBH,EAAEA,GAAC,kCAAmC,gCAC9DI,EAAgBJ,EAAEA,GAAC,8BAA+B,gCAClDK,EAAgBL,EAAEA,GAAC,qCAAsC,gCACzDM,EAA2BN,EAAEA,GAAC,kCAAmC,gCACjEO,EAAkBP,EAAEA,GAAC,kCAAmC,gCACxDQ,EAAsBR,EAAEA,GAAC,qCAAsC,gCAC/DS,EAA2BT,EAAEA,GAAC,0BAA2B,gCACzDU,EAA4BV,EAAEA,GAAC,2BAA4B,gCAC3DW,EAAiCX,EAAEA,GAC/C,0CACA,gCAEYY,EAAmBZ,EAAEA,GAAC,+BAAgC,gCACtDa,EAAoBb,EAAEA,GAAC,mBAAoB,gCAC3Cc,EAAgBd,EAAEA,GAAC,4BAA6B,gCAChDe,EAAgBf,EAAAA,GAAG,4BAA6B,gCCgB7D,SAASgB,EAAoBC,GAC5B,OAAOC,OAAOC,KAAKC,OAAOC,aAAYC,MAAnBF,OAAuBH,GAC3C,CAEA,SAASM,EAAgBC,GACxB,OAAON,OAAOO,KAAKD,EAAME,QAAQ,KAAM,KAAKA,QAAQ,KAAM,KAAO,IAAIC,OAAO,GAAM,EAAIH,EAAMI,QAAU,GACvG,CAEA,SAASC,EAAeC,GACvB,OAAOC,WAAWC,KAAKF,GAAG,SAACG,GAAC,OAAKA,EAAEC,WAAW,KAC/C,CCFA,SAASC,EAAeC,GACvB,OAAO,IAAIC,SAAW,SAACC,EAASC,GAC/BC,EACEC,KAAK,CACLC,OAAQ,OACRC,IAAKC,QACLR,KAAAA,IAEAS,MAAK,SAACC,GACNR,EAAQQ,EACT,IACCC,MAAK,SAACD,GACN,IAAIE,EAEHA,EADGF,EAASG,aACFH,EAASG,aAAab,MAAQ7B,EAE9BuC,EAASI,WAGpBX,EAAO,IAAIY,MAAMH,GAClB,GACF,GACD,CAEAR,GAAO,SAACY,GACP,IAAMC,EAASD,EAAE,mCAEjB,SAASE,EAAaC,GAChBA,EAGJF,EACEG,KAAK,wBACLC,KAAK,6CAA+CF,EAAS,cAJ/DF,EAAOG,KAAK,wBAAwBE,KAAK,GAM3C,CAEA,SAASC,EAAaC,GACrB,IAAMZ,EAAUY,aAAaC,aD0Bf,SAAmBD,EAAiBE,GACnD,OAAQF,EAAEG,MACT,IAAK,kBACJ,OAAO9D,EAER,IAAK,gBACJ,OAAOC,EAER,IAAK,oBACJ,OAAOC,EAER,IAAK,aACJ,OAAOC,EAER,IAAK,oBACJ,OAAO0D,EAASzD,EAAgBC,EAEjC,QACC,OAAOsD,EAAEZ,QAEZ,CC9C8CgB,CAAmBJ,GAAG,GAASA,EAAEZ,QACvEiB,EAAQZ,EAAOG,KAAK,oBAC1BS,EAAMC,SAAS,WAAWC,SAC1BF,EAAMG,OAAO,2DAA6DpB,EAAU,aACrF,CAgDAK,EAAOG,KAAK,4BAA4Ba,GAAG,SA9C3C,WACChB,EAAOG,KAAK,oBAAoBc,KAAK,WAAWH,SAChDb,EAAa9C,GAEb2B,EAAiC,CAChCoC,OAAQ,uBACRC,YAAaC,aAAaC,QAEzBC,MAAK,SAAC7B,GACNQ,EAAa7C,GACbgE,aAAaC,MAAQ5B,EAASV,KAAKsC,MACnC,IAAME,EDnDJ,SACLA,SAEA,OAAAC,KACID,EAAS,CACZE,KAAID,EACAD,GAAAA,EAAUE,KAAI,CACjBC,GAAIlD,EAAeN,EAAgBqD,EAAUE,KAAKC,OAEnDC,UAAWnD,EAAeN,EAAgBqD,EAAUI,YACpDC,mBAAgD,QAA5BC,EAAAN,EAAUK,0BAAkB,IAAAC,OAAA,EAAAA,EAAEC,KACjD,SAAC/C,GAA4C,OAAAyC,KACzCzC,EAAI,CACP2C,GAAIlD,EAAeN,EAAgBa,EAAK2C,WAI5C,CCkCsBK,CAAgCtC,EAASV,KAAKiD,SAChE,OAAOC,UAAUC,YAAYC,OAAO,CACnCZ,UAAAA,GAEF,IACCD,MAAK,SAAC1C,GACN,GAAIA,EAAG,CACNqB,EAAa5C,GACb,IAAMqD,EAAOX,EAAE,sBAAsBqC,MACrC,OAAOtD,EAA8B,CACpCoC,OAAQ,oBACRC,YAAaC,aAAaC,MAC1BgB,WAAYC,KAAKC,WD7BoBxD,EC6BiBH,ED5BrDa,EAAWV,EAAKU,SACf,CACNiC,GAAI3C,EAAK2C,GACTc,KAAMzD,EAAKyD,KACXC,MAAO9E,EAAoB,IAAIe,WAAWK,EAAK0D,QAC/CC,uBAAwB3D,EAAK4D,4BAC7BlD,SAAU,CACTmD,kBACC,sBAAuBnD,EACpB9B,EAAoB,IAAIe,WAAWe,EAASmD,yBAC5CC,EACJC,kBACC,sBAAuBrD,EACpB9B,EAAoB,IAAIe,WAAWe,EAASqD,yBAC5CD,EACJE,UAAW,cAAetD,EAAW9B,EAAoB,IAAIe,WAAWe,EAASsD,iBAAcF,EAC/FG,WACC,eAAgBvD,GAAYA,EAASuD,WAClCrF,EAAoB,IAAIe,WAAWe,EAASuD,kBAC5CH,EACJI,eAAgBtF,EAAoB,IAAIe,WAAWK,EAAKU,SAASwD,qBCS9DvC,KAAAA,GAED,CDhCC,IAAqC3B,EACpCU,ECiCH,MAAM,IAAIK,MAAMxC,EACjB,IACCgE,MAAK,SAAC7B,GACN2B,aAAaC,MAAQ5B,EAASV,KAAKsC,MACnC,IAAMT,EAAQZ,EAAOG,KAAK,oBAC1BS,EAAMT,KAAK,yBAAyB+C,MAAMzD,EAASV,KAAKoE,KACxDvC,EAAMT,KAAK,uBAAuBW,SAClCF,EAAMG,OACL,6DAA+DxD,EAAmB,aAEnF,IACK,MAAC+C,GAAa,SACX,WACRL,EAAa,IACbF,EAAE,sBAAsBqC,IAAI,GAC7B,GACF,IAIApC,EAAOG,KAAK,oBAAoBa,GAAG,QAAS,mBAAmB,SAACT,GAC/DP,EAAOG,KAAK,oBAAoBc,KAAK,WAAWH,SAChDP,EAAE6C,iBACF,IAAMxF,EAAImC,EAAEQ,EAAE8C,QACRC,EAAU1F,EAAE2F,QAAQ,gBAC1B,IAAID,EAAQzC,SAAS,mBAAmBtC,OAAxC,CAIA,IAAMiF,EAAiB5F,EAAEmB,KAAK,UACxBsC,EAAgBzD,EAAEmB,KAAK,SACvB6B,EAAQZ,EAAOG,KAAK,oBAEpBsD,EAAM1D,EAAEA,EAAE,4BAA4BM,QAC5CiD,EAAQJ,MAAMO,GACdH,EACEzC,SAAS,mBACTG,GAAG,QAAS,qBAAqB,WACjCsC,EAAQzC,SAAS,mBAAmBC,QACpC,IACAE,GAAG,QAAS,uBAAuB,WAGnC,OAFAsC,EAAQzC,SAAS,mBAAmB6C,OACpCzD,EAAazC,GACNsB,EAAqB,CAC3BoC,OAAQ,sBACRC,YAAaE,EACbmC,OAAAA,IAEClC,MAAK,WACLV,EAAMG,OACL,6DAA+DtD,EAAgB,cAEhFG,EAAE2F,QAAQ,MAAMzC,SACXF,EAAMT,KAAK,cAAc5B,QAC7BqC,EAAMT,KAAK,SAASwD,OAAO5D,EAAE,qBAAqBM,OAEnD,IACK,MAACC,GAAa,SACX,WACRL,EAAa,IACbqD,EAAQzC,SAAS,mBAAmBC,QACrC,GACF,GAnCA,CAoCF,IAEAd,EAAOG,KAAK,oBAAoBa,GAAG,QAAS,mBAAmB,SAACT,GAC/DP,EAAOG,KAAK,oBAAoBc,KAAK,WAAWH,SAChDP,EAAE6C,iBACF,IAAMxF,EAAImC,EAAEQ,EAAE8C,QACRC,EAAU1F,EAAE2F,QAAQ,gBAC1B,IAAID,EAAQzC,SAAS,eAAetC,OAApC,CAIA,IAAMiF,EAAiB5F,EAAEmB,KAAK,UACxBsC,EAAgBzD,EAAEmB,KAAK,SACvB2B,EAAO9C,EAAE2F,QAAQ,MAAMpD,KAAK,iBAAiBE,OAAOuD,OACpDhD,EAAQZ,EAAOG,KAAK,oBAEpBsD,EAAM1D,EAAEA,EAAE,wBAAwBM,QACxCiD,EAAQJ,MAAMO,GACdH,EACEzC,SAAS,eACTG,GAAG,QAAS,qBAAqB,WACjCsC,EAAQzC,SAAS,eAAeC,QAChC,IACAE,GAAG,QAAS,mBAAmB,WAC/B,IAAM6C,EAAUP,EAAQzC,SAAS,eAAeV,KAAK,sBAAsBiC,MAG3E,OAFAkB,EAAQzC,SAAS,eAAe6C,OAChCzD,EAAazC,GACNsB,EAA4B,CAClCoC,OAAQ,sBACRC,YAAaE,EACbmC,OAAAA,EACA9C,KAAMmD,IAELvC,MAAK,SAACwC,GACNlD,EAAMG,OACL,6DAA+DrD,EAAgB,cAGhFE,EAAE2F,QAAQ,MAAMpD,KAAK,iBAAiBE,KAAKyD,EAAE/E,KAAK2B,KAClD,IACK,MAACJ,GAAa,SACX,WACRL,EAAa,IACbqD,EAAQzC,SAAS,eAAeC,QACjC,GACD,IACAX,KAAK,sBACLiC,IAAI1B,EAtCL,CAuCF,GACD"} \ No newline at end of file +{"version":3,"file":"profile.min.js","sources":["lang.ts","common.ts","profile.ts"],"sourcesContent":[null,null,null],"names":["__","L_NOT_ALLOWED_ERROR","L_SECURITY_ERROR","L_NOT_SUPPORTED_ERROR","L_ABORT_ERROR","L_UNKNOWN_KEY","L_KEY_ALREADY_REGISTERED","L_UNKNOWN_ERROR","L_FETCHING_REG_INFO","L_GENERATING_CREDENTIALS","L_REGISTERING_CREDENTIALS","L_FAILED_TO_CREATE_CREDENTIALS","L_KEY_REGISTERED","L_SENDING_REQUEST","L_KEY_REVOKED","L_KEY_RENAMED","arrayToBase64String","a","window","btoa","String","fromCharCode","apply","base64UrlDecode","input","atob","replace","repeat","length","stringToBuffer","s","Uint8Array","from","c","charCodeAt","ajaxRequest","data","Promise","resolve","reject","jQuery","ajax","method","url","ajaxurl","done","response","fail","message","responseJSON","statusText","Error","$","parent","updateStatus","status","find","html","text","errorHandler","e","DOMException","isAuth","name","decodeDOMException","table","siblings","remove","before","on","prev","action","_ajax_nonce","tfa_webauthn","nonce","user_id","val","then","publicKey","_extends","user","id","challenge","excludeCredentials","_a","map","preparePublicKeyCreationOptions","options","navigator","credentials","create","credential","JSON","stringify","type","rawId","clientExtensionResults","getClientExtensionResults","attestationObject","undefined","authenticatorData","signature","userHandle","clientDataJSON","after","row","preventDefault","target","actions","closest","handle","tpl","hide","append","trim","keyname","r"],"mappings":"mPAEwCA,EAAAA,GAAG,4CAA6C,gCAC3CA,EAAAA,GAC5C,yCACA,gCAEM,IAAMC,EAAsBD,EAAEA,GAAC,8BAA+B,gCACxDE,EAAmBF,EAAEA,GAAC,6BAA8B,gCACpDG,EAAwBH,EAAEA,GAAC,kCAAmC,gCAC9DI,EAAgBJ,EAAEA,GAAC,8BAA+B,gCAClDK,EAAgBL,EAAEA,GAAC,qCAAsC,gCACzDM,EAA2BN,EAAEA,GAAC,kCAAmC,gCACjEO,EAAkBP,EAAEA,GAAC,kCAAmC,gCACxDQ,EAAsBR,EAAEA,GAAC,qCAAsC,gCAC/DS,EAA2BT,EAAEA,GAAC,0BAA2B,gCACzDU,EAA4BV,EAAEA,GAAC,2BAA4B,gCAC3DW,EAAiCX,EAAEA,GAC/C,0CACA,gCAEYY,EAAmBZ,EAAEA,GAAC,+BAAgC,gCACtDa,EAAoBb,EAAEA,GAAC,mBAAoB,gCAC3Cc,EAAgBd,EAAEA,GAAC,4BAA6B,gCAChDe,EAAgBf,EAAAA,GAAG,4BAA6B,gCCgB7D,SAASgB,EAAoBC,GAC5B,OAAOC,OAAOC,KAAKC,OAAOC,aAAYC,MAAnBF,OAAuBH,GAC3C,CAEA,SAASM,EAAgBC,GACxB,OAAON,OAAOO,KAAKD,EAAME,QAAQ,KAAM,KAAKA,QAAQ,KAAM,KAAO,IAAIC,OAAO,GAAM,EAAIH,EAAMI,QAAU,GACvG,CAEA,SAASC,EAAeC,GACvB,OAAOC,WAAWC,KAAKF,GAAG,SAACG,GAAC,OAAKA,EAAEC,WAAW,KAC/C,CCFA,SAASC,EAAeC,GACvB,OAAO,IAAIC,SAAW,SAACC,EAASC,GAC/BC,EACEC,KAAK,CACLC,OAAQ,OACRC,IAAKC,QACLR,KAAAA,IAEAS,MAAK,SAACC,GACNR,EAAQQ,EACT,IACCC,MAAK,SAACD,GACN,IAAIE,EAEHA,EADGF,EAASG,aACFH,EAASG,aAAab,MAAQ7B,EAE9BuC,EAASI,WAGpBX,EAAO,IAAIY,MAAMH,GAClB,GACF,GACD,CAEAR,GAAO,SAACY,GACP,IAAMC,EAASD,EAAE,mCAEjB,SAASE,EAAaC,GAChBA,EAGJF,EACEG,KAAK,wBACLC,KAAK,6CAA+CF,EAAS,cAJ/DF,EAAOG,KAAK,wBAAwBE,KAAK,GAM3C,CAEA,SAASC,EAAaC,GACrB,IAAMZ,EAAUY,aAAaC,aD0Bf,SAAmBD,EAAiBE,GACnD,OAAQF,EAAEG,MACT,IAAK,kBACJ,OAAO9D,EAER,IAAK,gBACJ,OAAOC,EAER,IAAK,oBACJ,OAAOC,EAER,IAAK,aACJ,OAAOC,EAER,IAAK,oBACJ,OAAO0D,EAASzD,EAAgBC,EAEjC,QACC,OAAOsD,EAAEZ,QAEZ,CC9C8CgB,CAAmBJ,GAAG,GAASA,EAAEZ,QACvEiB,EAAQZ,EAAOG,KAAK,oBAC1BS,EAAMC,SAAS,WAAWC,SAC1BF,EAAMG,OAAO,2DAA6DpB,EAAU,aACrF,CAkDAK,EAAOG,KAAK,4BAA4Ba,GAAG,SAhD3C,WACChB,EAAOG,KAAK,oBAAoBc,KAAK,WAAWH,SAChDb,EAAa9C,GAEb2B,EAAiC,CAChCoC,OAAQ,uBACRC,YAAaC,aAAaC,MAC1BC,QAASvB,EAAE,YAAYwB,QAEtBC,MAAK,SAAC/B,GACNQ,EAAa7C,GACbgE,aAAaC,MAAQ5B,EAASV,KAAKsC,MACnC,IAAMI,EDpDJ,SACLA,SAEA,OAAAC,KACID,EAAS,CACZE,KAAID,EACAD,GAAAA,EAAUE,KAAI,CACjBC,GAAIpD,EAAeN,EAAgBuD,EAAUE,KAAKC,OAEnDC,UAAWrD,EAAeN,EAAgBuD,EAAUI,YACpDC,mBAAgD,QAA5BC,EAAAN,EAAUK,0BAAkB,IAAAC,OAAA,EAAAA,EAAEC,KACjD,SAACjD,GAA4C,OAAA2C,KACzC3C,EAAI,CACP6C,GAAIpD,EAAeN,EAAgBa,EAAK6C,WAI5C,CCmCsBK,CAAgCxC,EAASV,KAAKmD,SAChE,OAAOC,UAAUC,YAAYC,OAAO,CACnCZ,UAAAA,GAEF,IACCD,MAAK,SAAC5C,GACN,GAAIA,EAAG,CACNqB,EAAa5C,GACb,IAAMqD,EAAOX,EAAE,sBAAsBwB,MACrC,OAAOzC,EAA8B,CACpCoC,OAAQ,oBACRC,YAAaC,aAAaC,MAC1BiB,WAAYC,KAAKC,WD9BoBzD,EC8BiBH,ED7BrDa,EAAWV,EAAKU,SACf,CACNmC,GAAI7C,EAAK6C,GACTa,KAAM1D,EAAK0D,KACXC,MAAO/E,EAAoB,IAAIe,WAAWK,EAAK2D,QAC/CC,uBAAwB5D,EAAK6D,4BAC7BnD,SAAU,CACToD,kBACC,sBAAuBpD,EACpB9B,EAAoB,IAAIe,WAAWe,EAASoD,yBAC5CC,EACJC,kBACC,sBAAuBtD,EACpB9B,EAAoB,IAAIe,WAAWe,EAASsD,yBAC5CD,EACJE,UAAW,cAAevD,EAAW9B,EAAoB,IAAIe,WAAWe,EAASuD,iBAAcF,EAC/FG,WACC,eAAgBxD,GAAYA,EAASwD,WAClCtF,EAAoB,IAAIe,WAAWe,EAASwD,kBAC5CH,EACJI,eAAgBvF,EAAoB,IAAIe,WAAWK,EAAKU,SAASyD,qBCU9D5B,QAASvB,EAAE,YAAYwB,MACvBb,KAAAA,GAED,CDlCC,IAAqC3B,EACpCU,ECmCH,MAAM,IAAIK,MAAMxC,EACjB,IACCkE,MAAK,SAAC/B,GACN2B,aAAaC,MAAQ5B,EAASV,KAAKsC,MACnC,IAAMT,EAAQZ,EAAOG,KAAK,oBAC1BS,EAAMT,KAAK,yBAAyBgD,MAAM1D,EAASV,KAAKqE,KACxDxC,EAAMT,KAAK,uBAAuBW,SAClCF,EAAMG,OACL,6DAA+DxD,EAAmB,aAEnF,IACK,MAAC+C,GAAa,SACX,WACRL,EAAa,IACbF,EAAE,sBAAsBwB,IAAI,GAC7B,GACF,IAIAvB,EAAOG,KAAK,oBAAoBa,GAAG,QAAS,mBAAmB,SAACT,GAC/DP,EAAOG,KAAK,oBAAoBc,KAAK,WAAWH,SAChDP,EAAE8C,iBACF,IAAMzF,EAAImC,EAAEQ,EAAE+C,QACRC,EAAU3F,EAAE4F,QAAQ,gBAC1B,IAAID,EAAQ1C,SAAS,mBAAmBtC,OAAxC,CAIA,IAAMkF,EAAiB7F,EAAEmB,KAAK,UACxBsC,EAAgBzD,EAAEmB,KAAK,SACvB6B,EAAQZ,EAAOG,KAAK,oBAEpBuD,EAAM3D,EAAEA,EAAE,4BAA4BM,QAC5CkD,EAAQJ,MAAMO,GACdH,EACE1C,SAAS,mBACTG,GAAG,QAAS,qBAAqB,WACjCuC,EAAQ1C,SAAS,mBAAmBC,QACpC,IACAE,GAAG,QAAS,uBAAuB,WAGnC,OAFAuC,EAAQ1C,SAAS,mBAAmB8C,OACpC1D,EAAazC,GACNsB,EAAqB,CAC3BoC,OAAQ,sBACRC,YAAaE,EACbC,QAASvB,EAAE,YAAYwB,MACvBkC,OAAAA,IAECjC,MAAK,WACLZ,EAAMG,OACL,6DAA+DtD,EAAgB,cAEhFG,EAAE4F,QAAQ,MAAM1C,SACXF,EAAMT,KAAK,cAAc5B,QAC7BqC,EAAMT,KAAK,SAASyD,OAAO7D,EAAE,qBAAqBM,OAEnD,IACK,MAACC,GAAa,SACX,WACRL,EAAa,IACbsD,EAAQ1C,SAAS,mBAAmBC,QACrC,GACF,GApCA,CAqCF,IAEAd,EAAOG,KAAK,oBAAoBa,GAAG,QAAS,mBAAmB,SAACT,GAC/DP,EAAOG,KAAK,oBAAoBc,KAAK,WAAWH,SAChDP,EAAE8C,iBACF,IAAMzF,EAAImC,EAAEQ,EAAE+C,QACRC,EAAU3F,EAAE4F,QAAQ,gBAC1B,IAAID,EAAQ1C,SAAS,eAAetC,OAApC,CAIA,IAAMkF,EAAiB7F,EAAEmB,KAAK,UACxBsC,EAAgBzD,EAAEmB,KAAK,SACvB2B,EAAO9C,EAAE4F,QAAQ,MAAMrD,KAAK,iBAAiBE,OAAOwD,OACpDjD,EAAQZ,EAAOG,KAAK,oBAEpBuD,EAAM3D,EAAEA,EAAE,wBAAwBM,QACxCkD,EAAQJ,MAAMO,GACdH,EACE1C,SAAS,eACTG,GAAG,QAAS,qBAAqB,WACjCuC,EAAQ1C,SAAS,eAAeC,QAChC,IACAE,GAAG,QAAS,mBAAmB,WAC/B,IAAM8C,EAAUP,EAAQ1C,SAAS,eAAeV,KAAK,sBAAsBoB,MAG3E,OAFAgC,EAAQ1C,SAAS,eAAe8C,OAChC1D,EAAazC,GACNsB,EAA4B,CAClCoC,OAAQ,sBACRC,YAAaE,EACbC,QAASvB,EAAE,YAAYwB,MACvBkC,OAAAA,EACA/C,KAAMoD,IAELtC,MAAK,SAACuC,GACNnD,EAAMG,OACL,6DAA+DrD,EAAgB,cAGhFE,EAAE4F,QAAQ,MAAMrD,KAAK,iBAAiBE,KAAK0D,EAAEhF,KAAK2B,KAClD,IACK,MAACJ,GAAa,SACX,WACRL,EAAa,IACbsD,EAAQ1C,SAAS,eAAeC,QACjC,GACD,IACAX,KAAK,sBACLoB,IAAIb,EAvCL,CAwCF,GACD"} \ No newline at end of file diff --git a/assets/profile.ts b/assets/profile.ts index 72aedcd5..0ce5bea9 100644 --- a/assets/profile.ts +++ b/assets/profile.ts @@ -97,6 +97,7 @@ jQuery(($) => { ajaxRequest({ action: 'webauthn_preregister', _ajax_nonce: tfa_webauthn.nonce, + user_id: $('#user_id').val(), }) .then((response) => { updateStatus(L_GENERATING_CREDENTIALS); @@ -114,6 +115,7 @@ jQuery(($) => { action: 'webauthn_register', _ajax_nonce: tfa_webauthn.nonce, credential: JSON.stringify(preparePublicKeyCredential(c)), + user_id: $('#user_id').val(), name, }); } @@ -164,6 +166,7 @@ jQuery(($) => { return ajaxRequest({ action: 'webauthn_delete_key', _ajax_nonce: nonce, + user_id: $('#user_id').val(), handle, }) .then(() => { @@ -211,6 +214,7 @@ jQuery(($) => { return ajaxRequest({ action: 'webauthn_rename_key', _ajax_nonce: nonce, + user_id: $('#user_id').val(), handle, name: keyname, }) diff --git a/inc/class-admin.php b/inc/class-admin.php index 936fbcaf..6ed26417 100644 --- a/inc/class-admin.php +++ b/inc/class-admin.php @@ -36,8 +36,11 @@ public static function options_page(): void { /** * @param string $hook * @return void + * @global int $user_id */ public function admin_enqueue_scripts( $hook ): void { + /** @var int $user_id */ + global $user_id; if ( in_array( $hook, array( 'user-edit.php', 'profile.php' ), true ) ) { wp_enqueue_script( 'webauthn-register-key', @@ -47,9 +50,8 @@ public function admin_enqueue_scripts( $hook ): void { true ); - $user = wp_get_current_user(); wp_localize_script( 'webauthn-register-key', 'tfa_webauthn', [ - 'nonce' => wp_create_nonce( "webauthn-register_key_{$user->ID}" ), + 'nonce' => wp_create_nonce( "webauthn-register_key_{$user_id}" ), ] ); wp_set_script_translations( 'webauthn-register-key', 'two-factor-provider-webauthn', plugin_dir_path( dirname( __DIR__ ) . '/index.php' ) . 'lang' ); diff --git a/inc/class-ajax.php b/inc/class-ajax.php index 33e25899..c181ca89 100644 --- a/inc/class-ajax.php +++ b/inc/class-ajax.php @@ -36,15 +36,20 @@ private function verify_nonce( string $nonce ): void { } } - private function check_registration_nonce( WP_User $user ): void { - $this->verify_nonce( "webauthn-register_key_{$user->ID}" ); + private function check_registration_nonce( int $user_id ): void { + $this->verify_nonce( "webauthn-register_key_{$user_id}" ); } public function wp_ajax_webauthn_preregister(): void { - $user = wp_get_current_user(); - $this->check_registration_nonce( $user ); + $user_id = (int) Utils::get_post_field_as_string( 'user_id' ); + $this->check_registration_nonce( $user_id ); try { + $user = get_user_by( 'id', $user_id ); + if ( false === $user ) { + throw new InvalidArgumentException( __( 'Bad request.', 'two-factor-provider-webauthn' ) ); + } + $server = Utils::create_webauthn_server(); $settings = Settings::instance(); @@ -64,10 +69,10 @@ public function wp_ajax_webauthn_preregister(): void { $context = $options->getContext(); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.serialize_serialize - update_user_meta( $user->ID, self::REGISTRATION_CONTEXT_USER_META, base64_encode( serialize( $context ) ) ); + update_user_meta( $user_id, self::REGISTRATION_CONTEXT_USER_META, base64_encode( serialize( $context ) ) ); wp_send_json_success( [ 'options' => $options->getClientOptionsJson(), - 'nonce' => wp_create_nonce( "webauthn-register_key_{$user->ID}" ), + 'nonce' => wp_create_nonce( "webauthn-register_key_{$user_id}" ), ] ); } catch ( Throwable $e ) { wp_send_json_error( $e->getMessage() ); @@ -78,12 +83,17 @@ public function wp_ajax_webauthn_preregister(): void { * @global wpdb $wpdb */ public function wp_ajax_webauthn_register(): void { - $user = wp_get_current_user(); - $this->check_registration_nonce( $user ); + $user_id = (int) Utils::get_post_field_as_string( 'user_id' ); + $this->check_registration_nonce( $user_id ); try { + $user = get_user_by( 'id', $user_id ); + if ( false === $user ) { + throw new InvalidArgumentException( __( 'Bad request.', 'two-factor-provider-webauthn' ) ); + } + $server = Utils::create_webauthn_server(); - $context = (string) get_user_meta( $user->ID, self::REGISTRATION_CONTEXT_USER_META, true ); + $context = (string) get_user_meta( $user_id, self::REGISTRATION_CONTEXT_USER_META, true ); /** @var mixed */ $context = unserialize( base64_decode( $context ) ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.serialize_unserialize if ( ! ( $context instanceof RegistrationContext ) ) { @@ -151,7 +161,7 @@ public function wp_ajax_webauthn_register(): void { wp_send_json_success( [ 'row' => $row, - 'nonce' => wp_create_nonce( "webauthn-register_key_{$user->ID}" ), + 'nonce' => wp_create_nonce( "webauthn-register_key_{$user_id}" ), ] ); } else { throw new InvalidArgumentException( __( 'Bad request.', 'two-factor-provider-webauthn' ) ); @@ -159,21 +169,28 @@ public function wp_ajax_webauthn_register(): void { } catch ( Throwable $e ) { wp_send_json_error( $e->getMessage(), 400 ); } finally { - delete_user_meta( $user->ID, self::REGISTRATION_CONTEXT_USER_META ); + delete_user_meta( $user_id, self::REGISTRATION_CONTEXT_USER_META ); } } public function wp_ajax_webauthn_delete_key(): void { - $handle = Utils::get_post_field_as_string( 'handle' ); + $user_id = Utils::get_post_field_as_string( 'user_id' ); + $handle = Utils::get_post_field_as_string( 'handle' ); $this->verify_nonce( "delete-key_{$handle}" ); + $user = get_user_by( 'id', $user_id ); + if ( false === $user ) { + wp_send_json_error( __( 'Bad request.', 'two-factor-provider-webauthn' ), 400 ); + } + $store = new WebAuthn_Credential_Store(); - $store->delete_user_key( wp_get_current_user(), $handle ); + $store->delete_user_key( $user, $handle ); wp_send_json_success(); } public function wp_ajax_webauthn_rename_key(): void { - $handle = Utils::get_post_field_as_string( 'handle' ); + $user_id = Utils::get_post_field_as_string( 'user_id' ); + $handle = Utils::get_post_field_as_string( 'handle' ); $this->verify_nonce( "rename-key_{$handle}" ); $name = Utils::get_post_field_as_string( 'name' ); @@ -181,8 +198,13 @@ public function wp_ajax_webauthn_rename_key(): void { wp_send_json_error( __( 'Key name cannot be empty.', 'two-factor-provider-webauthn' ), 400 ); } + $user = get_user_by( 'id', $user_id ); + if ( false === $user ) { + wp_send_json_error( __( 'Bad request.', 'two-factor-provider-webauthn' ), 400 ); + } + $store = new WebAuthn_Credential_Store(); - $success = $store->rename_key( wp_get_current_user(), $handle, $name ); + $success = $store->rename_key( $user, $handle, $name ); if ( $success ) { wp_send_json_success( [ 'name' => $name ] ); } diff --git a/stubs/wordpress.stubs.php b/stubs/wordpress.stubs.php index 7217aeda..271e80e2 100644 --- a/stubs/wordpress.stubs.php +++ b/stubs/wordpress.stubs.php @@ -63,7 +63,7 @@ class wpdb { public function prepare( $query, ...$args ) {} } - /* + /** * @param mixed $data Optional. Data to encode as JSON, then print and die. Default null. * @param int $status_code Optional. The HTTP status code to output. Default null. * @param int $options Optional. Options to be passed to json_encode(). Default 0.