[4.x] Adds custom validation callback (#112)

* Should fix tests.

* Fixes static analysis

* Fixes tests.

* Should fix static analysis

Author: DarkGhostHunter

composer.json

@@ -46,7 +46,7 @@
     },
     "require-dev": {
         "ext-sodium": "*",
-        "orchestra/testbench": "9.*|10.*"
+        "orchestra/testbench": "^9.16|10.*"
     },
     "suggest": {
         "paragonie/sodium_compat": "To enable EdDSA 25519 keys from authenticators, if `ext-sodium` is unavailable."

src/Auth/WebAuthnUserProvider.php

@@ -2,6 +2,7 @@
 
 namespace Laragear\WebAuthn\Auth;
 
+use Closure;
 use Illuminate\Auth\EloquentUserProvider;
 use Illuminate\Contracts\Auth\Authenticatable as UserContract;
 use Illuminate\Contracts\Database\Eloquent\Builder;
@@ -15,6 +16,7 @@
 use function class_implements;
 use function config;
 use function in_array;
+use function is_bool;
 use function logger;
 
 /**
@@ -24,6 +26,13 @@
  */
 class WebAuthnUserProvider extends EloquentUserProvider
 {
+    /**
+     * Custom callback to validate the user credentials.
+     *
+     * @var (\Closure(\Illuminate\Contracts\Auth\Authenticatable|\Laragear\WebAuthn\Contracts\WebAuthnAuthenticatable, array):bool|null)|null
+     */
+    public static ?Closure $validateUsing;
+
     /**
      * Create a new database user provider.
      */
@@ -87,6 +96,10 @@ protected function isSignedChallenge(array $credentials): bool
      */
     public function validateCredentials($user, array $credentials): bool
     {
+        if (isset(static::$validateUsing) && is_bool($result = (static::$validateUsing)($user, $credentials))) { // @phpstan-ignore-line
+            return $result;
+        }
+
         if ($user instanceof WebAuthnAuthenticatable && $this->isSignedChallenge($credentials)) {
             return $this->validateWebAuthn($user, $credentials);
         }

src/CborDecoder.php

@@ -103,7 +103,7 @@ public static function decode(ByteBuffer|string $encoded): ByteBuffer|array|bool
      *
      * @throws \Laragear\WebAuthn\Exceptions\DataException
      */
-    public static function decodePortion(ByteBuffer|string $bufOrBin, int $startOffset, ?int &$endOffset = null): ByteBuffer|array|bool|float|int|string|null // @phpstan-ignore-line
+    public static function decodePortion(ByteBuffer|string $bufOrBin, int $startOffset, ?int &$endOffset = null): ByteBuffer|array|bool|float|int|string|null
     {
         $buf = $bufOrBin instanceof ByteBuffer ? $bufOrBin : new ByteBuffer($bufOrBin);
 

src/Models/WebAuthnCredential.php

@@ -207,7 +207,7 @@ protected function rpId(): Attribute
      */
     public static function migration(): CustomMigration
     {
-        return new CustomMigration(new static, function (Blueprint $table): void { // @phpstan-ignore-line
+        return new CustomMigration(new static, function (Blueprint $table): void {
             // Here we set the PublicKeyCredential ID generated by the authenticator as string.
             // This way it's easier and faster for the database to find the right credential
             // on the Assertion procedure as the device returns which credential it used.

tests/Auth/EloquentWebAuthnProviderTest.php

@@ -9,7 +9,7 @@
 use Laragear\WebAuthn\Assertion\Validator\AssertionValidator;
 use Laragear\WebAuthn\Auth\WebAuthnUserProvider;
 use Laragear\WebAuthn\Exceptions\AssertionException;
-use Laragear\WebAuthn\Repositories\Eloquent\WebAuthnCredential;
+use Laragear\WebAuthn\Models\WebAuthnCredential;
 use Mockery;
 use Psr\Log\LoggerInterface;
 use Ramsey\Uuid\Uuid;