Move the filtering to WPORG_TwoFactor_Provider_WebAuthn

WordPress · May 22, 2023 · c85f865 · c85f865
1 parent eba6128
commit c85f865
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 36 deletions.
diff --git a/class-wporg-webauthn-provider.php b/class-wporg-webauthn-provider.php
@@ -75,6 +75,9 @@ public function _add_filters() {
 		// Disable the admin UI if it needs revalidation.
 		add_action( 'show_user_security_settings', [ $this, '_show_user_security_settings' ], -1 );
 
+		// Disable EdDSA support for keys, to enable Android NFC to work with modern keys.
+		add_action( 'wp_ajax_webauthn_preregister', [ $this, '_remove_eddsa_alg' ], 1 );
+
 		// Extend the session revalidation after registering a new key.
 		add_action( 'wp_ajax_webauthn_register', [ $this, '_extend_revalidation' ], 1 );
 	}
@@ -125,6 +128,33 @@ public function _extend_revalidation() {
 		} );
 	}
 
+	/**
+	 * Resolve Android NFC Security Key issues when a newer key is registered through a desktop client.
+	 *
+	 * This disables EdDSA (aka. ES25519) support, which Android NFC appears to lack.
+	 *
+	 * @see https://github.com/sjinks/wp-two-factor-provider-webauthn/issues/221#issuecomment-1539543124
+	 */
+	public function _remove_eddsa_alg() {
+		ob_start( function( $output ) {
+			$json = json_decode( $output );
+
+			if ( $json && ! empty( $json->data->options->pubKeyCredParams ) ) {
+				$json->data->options->pubKeyCredParams = array_values(
+					wp_list_filter(
+						$json->data->options->pubKeyCredParams,
+						[ 'alg' => -8 ],
+						'NOT'
+					)
+				);
+
+				$output = wp_json_encode( $json );
+			}
+
+			return $output;
+		} );
+	}
+
 	public function _clear_cache() {
 		wp_cache_delete( 'webauthn:' . get_current_user_id(), 'users' );
 	}

diff --git a/wporg-two-factor.php b/wporg-two-factor.php
@@ -290,42 +290,6 @@ function get_edit_account_url() : string {
 	return $url;
 }
 
-/**
- * Resolve Android NFC Security Key issues when a newer key is registered through a desktop client.
- *
- * This disables EdDSA (aka. Ed25519) support, which Android NFC appears to lack.
- *
- * @see https://github.com/sjinks/wp-two-factor-provider-webauthn/issues/221
- * @codeCoverageIgnore
- */
-add_action( 'wp_ajax_webauthn_preregister', __NAMESPACE__ . '\webauthn_preregister_remove_eddsa', 1 );
-function webauthn_preregister_remove_eddsa() {
-	ob_start( __NAMESPACE__ . '\webauthn_preregister_remove_eddsa_callback' );
-}
-
-/**
- * Callback for webauthn_preregister_remove_eddsa().
- *
- * @codeCoverageIgnore
- */
-function webauthn_preregister_remove_eddsa_callback( string $output ) : string {
-	$json = json_decode( $output );
-
-	if ( $json && ! empty( $json->data->options->pubKeyCredParams ) ) {
-		$json->data->options->pubKeyCredParams = array_values(
-			wp_list_filter(
-				$json->data->options->pubKeyCredParams,
-				[ 'alg' => -8 ],
-				'NOT'
-			)
-		);
-
-		$output = wp_json_encode( $json );
-	}
-
-	return $output;
-}
-
 /*
  * Switch out the TOTP provider for one that encrypts the TOTP key.
  */