1. Go to this page and download the library: Download firehed/webauthn library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
firehed / webauthn example snippets
$rp = new \Firehed\WebAuthn\SingleOriginRelyingParty('https://www.example.com');
session_start();
$challengeManager = new \Firehed\WebAuthn\SessionChallengeManager();
// Generate and manage challenge
$challenge = \Firehed\WebAuthn\ExpiringChallenge::withLifetime(300);
$challengeManager->manageChallenge($challenge);
// Send to user
header('Content-type: application/json');
echo json_encode($challenge->getBase64());
use Firehed\WebAuthn\{
Codecs,
ArrayBufferResponseParser,
};
$json = file_get_contents('php://input');
$data = json_decode($json, true);
$parser = new ArrayBufferResponseParser();
$createResponse = $parser->parseCreateResponse($data);
try {
// $challengeManager and $rp are the values from the setup step
$credential = $createResponse->verify($challengeManager, $rp);
} catch (Throwable) {
// Verification failed. Send an error to the user?
header('HTTP/1.1 403 Unauthorized');
return;
}
// Store the credential associated with the authenticated user. See
// "Registration & Credential Storage" in the README for more info.
$codec = new Codecs\Credential();
$encodedCredential = $codec->encode($credential);
$pdo = getDatabaseConnection();
$stmt = $pdo->prepare('INSERT INTO credentials (storage_id, user_id, credential) VALUES (:storage_id, :user_id, :encoded);');
$result = $stmt->execute([
'storage_id' => $credential->getStorageId(),
'user_id' => $user->getId(), // $user comes from your authn process
'encoded' => $encodedCredential,
]);
// Continue with normal application flow, error handling, etc.
header('HTTP/1.1 200 OK');
use Firehed\WebAuthn\Codecs;
session_start();
$pdo = getDatabaseConnection();
$user = getUserByName($pdo, $_POST['username']);
if ($user === null) {
header('HTTP/1.1 404 Not Found');
return;
}
$_SESSION['authenticating_user_id'] = $user['id'];
// See examples/functions.php for how this works
$credentialContainer = getCredentialsForUserId($pdo, $user['id']);
// Generate and manage challenge
$challenge = \Firehed\WebAuthn\ExpiringChallenge::withLifetime(300);
$challengeManager->manageChallenge($challenge);
// Send to user
header('Content-type: application/json');
echo json_encode([
'challengeB64' => $challenge->getBase64(),
'credential_ids' => $credentialContainer->getBase64Ids(),
]);
use Firehed\WebAuthn\{
Codecs,
ArrayBufferResponseParser,
};
session_start();
$json = file_get_contents('php://input');
$data = json_decode($json, true);
$parser = new ArrayBufferResponseParser();
$getResponse = $parser->parseGetResponse($data);
$userHandle = $getResponse->getUserHandle();
$credentialContainer = getCredentialsForUserId($pdo, $_SESSION['authenticating_user_id']);
if ($userHandle !== null && $userHandle !== $_SESSION['authenticating_user_id']) {
throw new Exception('User handle does not match authentcating user');
}
try {
// $challengeManager and $rp are the values from the setup step
$updatedCredential = $getResponse->verify($challengeManager, $rp, $credentialContainer);
} catch (Throwable) {
// Verification failed. Send an error to the user?
header('HTTP/1.1 403 Unauthorized');
return;
}
// Update the credential
$codec = new Codecs\Credential();
$encodedCredential = $codec->encode($updatedCredential);
$stmt = $pdo->prepare('UPDATE credentials SET credential = :encoded WHERE storage_id = :storage_id AND user_id = :user_id');
$result = $stmt->execute([
'storage_id' => $updatedCredential->getStorageId(),
'user_id' => $_SESSION['authenticating_user_id'],
'encoded' => $encodedCredential,
]);
header('HTTP/1.1 200 OK');
// Send back whatever your webapp needs to finish authentication
$rp = new \Firehed\WebAuthn\MultiOriginRelyingParty(['https://www.example.com'], 'example.com');