|
|
@@ -62,8 +62,9 @@ $tfa = new RobThree\Auth\TwoFactorAuth($OTP_LABEL, 6, 30, 'sha1', $qrprovider);
|
|
|
// FIDO2
|
|
|
$formats = $GLOBALS['FIDO2_FORMATS'];
|
|
|
$WebAuthn = new lbuchs\WebAuthn\WebAuthn('WebAuthn Library', $_SERVER['HTTP_HOST'], $formats);
|
|
|
-// only include root ca's when dev mode is false, to support testing with chromiums virutal authenticator
|
|
|
-if (!$DEV_MODE){
|
|
|
+// only include root ca's when needed
|
|
|
+$WEBAUTHN_DISABLE_ROOTCA = (getenv('WEBAUTHN_DISABLE_ROOTCA') == 'y');
|
|
|
+if (!$WEBAUTHN_DISABLE_ROOTCA){
|
|
|
$WebAuthn->addRootCertificates($_SERVER['DOCUMENT_ROOT'] . '/inc/lib/WebAuthn/rootCertificates/solo.pem');
|
|
|
$WebAuthn->addRootCertificates($_SERVER['DOCUMENT_ROOT'] . '/inc/lib/WebAuthn/rootCertificates/apple.pem');
|
|
|
$WebAuthn->addRootCertificates($_SERVER['DOCUMENT_ROOT'] . '/inc/lib/WebAuthn/rootCertificates/nitro.pem');
|
FreddleSpl0it