Webauthn Framework
v4.8
v4.8
  • WebAuthn: Strong Authentication for your PHP applications
  • The project
    • What is Webauthn?
    • Web Browser Support
    • Installation
    • Contributing
  • Webauthn In A Nutshell
    • Authenticators
    • Ceremonies
    • User Verification
    • Metadata Statement
    • Extensions
  • Prerequisites
    • The Relying Party
    • Credential Source
    • User Entity
    • Javascript
  • Pure PHP
    • Webauthn Server
    • Input Loading
    • Input Validation
    • Register Authenticators
    • Authenticate Your Users
    • Advanced Behaviours
      • Debugging
      • User Verification
      • Authenticator Selection Criteria
      • Authentication without username
      • Authenticator Algorithms
      • Attestation and Metadata Statement
      • Extensions
      • Authenticator Counter
      • Dealing with “localhost”
  • Symfony Bundle
    • Bundle Installation
    • Credential Source Repository
    • User Entity Repository
    • Firewall
    • Configuration References
    • Advanced Behaviors
      • Register Additional Authenticators
      • Debugging
      • User Verification
      • Attestation and Metadata Statement
      • Authenticator Selection Criteria
      • Authentication without username
      • Extensions
      • Authenticator Counter
      • Dealing with “localhost”
  • Migration
    • From v3.x to v4.0
    • From 4.x to 5.0
  • Symfony UX
    • Installation
    • Integration
Powered by GitBook
On this page
  • Ceremony Step Manager Factory
  • Response Validators

Was this helpful?

Edit on GitHub
Export as PDF
  1. Pure PHP

Input Validation

PreviousInput LoadingNextRegister Authenticators

Last updated 1 year ago

Was this helpful?

The loaded data needs to be verified. The library will perform several actions to make sure the input you received is valid. This verification process is performed by a Ceremony Step Manager (CSM). The Webauthn Specification distinguish two types of ceremonies.

Ceremony Step Manager Factory

To facilitate the creation of the CSM, a default factory is included. This factory requires no external services to function.

<?php

declare(strict_types=1);

use Webauthn\CeremonyStep\CeremonyStepManagerFactory;

$csmFactory = new CeremonyStepManagerFactory();

$creationCSM = $csmFactory->creationCeremony();
$requestCSM = $csmFactory->requestCeremony();

You can customize its behavior to fit the specific needs of your application by modifying the provided factory. Please refer to the dedicated pages for more information.

These CSM services are meant to be used by Response Validators. On a similar way, there are two types of validators:

  • Authenticator Attestation Response Validator: used during the creation ceremony

  • Authenticator Assertion Response Validator: used during the request ceremony

Response Validators

All null values below correspond to deprecated parameters. They will be removed in 5.0.0

<?php

declare(strict_types=1);

use Webauthn\AuthenticatorAttestationResponseValidator;
use Webauthn\AuthenticatorAssertionResponseValidator;

$authenticatorAttestationResponseValidator = AuthenticatorAttestationResponseValidator::create(
    null, //Deprecated
    null, //Deprecated
    null, //Deprecated
    null, //Deprecated
    null, //Deprecated
    $creationCSM
);
$authenticatorAssertionResponseValidator = AuthenticatorAssertionResponseValidator::create(
    null, //Deprecated
    null, //Deprecated
    null, //Deprecated
    null, //Deprecated
    null, //Deprecated
    $requestCSM
);

// Also valid
$authenticatorAttestationResponseValidator = AuthenticatorAttestationResponseValidator::create(
    ceremonyStepManager: $creationCSM
);
$authenticatorAssertionResponseValidator = AuthenticatorAssertionResponseValidator::create(
    ceremonyStepManager: $requestCSM
);

The Authenticator Attestation Response Validator and Authenticator Assertion Response Validator services are directly used when receiving Authenticator Responses in order to or .

register authenticators
authenticate users
described in this page
Counter Checker
Extension Output Checker Handler
Algorithm Manager
Attestation Statement Support Manager
Metadata Statement Repository
Status Report Repository
Certification Chain Validator