From 9f8b521d7d55014fea74d964882ccc5119381dc4 Mon Sep 17 00:00:00 2001
From: Marcelo Rocha <contato@omarcelo.com.br>
Date: Mon, 16 Jan 2023 14:01:46 -0300
Subject: [PATCH 1/3] Correcly load classed for webauthn

---
 src/Loader/AuthenticationServiceLoader.php | 1 +
 src/Loader/MiddlewareQueueLoader.php       | 1 +
 2 files changed, 2 insertions(+)

diff --git a/src/Loader/AuthenticationServiceLoader.php b/src/Loader/AuthenticationServiceLoader.php
index c4d2b6958..8c3bd4c28 100644
--- a/src/Loader/AuthenticationServiceLoader.php
+++ b/src/Loader/AuthenticationServiceLoader.php
@@ -84,6 +84,7 @@ protected function loadTwoFactorAuthenticator($service)
     {
         if (
             Configure::read('OneTimePasswordAuthenticator.login') !== false
+            || Configure::read('Webauthn2fa.enabled') !== false
             || Configure::read('U2f.enabled') !== false
         ) {
             $service->loadAuthenticator('CakeDC/Auth.TwoFactor', [
diff --git a/src/Loader/MiddlewareQueueLoader.php b/src/Loader/MiddlewareQueueLoader.php
index cb140d87c..0771b976d 100644
--- a/src/Loader/MiddlewareQueueLoader.php
+++ b/src/Loader/MiddlewareQueueLoader.php
@@ -97,6 +97,7 @@ protected function load2faMiddleware(MiddlewareQueue $middlewareQueue)
     {
         if (
             Configure::read('OneTimePasswordAuthenticator.login') !== false
+            || Configure::read('Webauthn2fa.enabled') !== false
             || Configure::read('U2f.enabled') !== false
         ) {
             $middlewareQueue->add(TwoFactorMiddleware::class);

From 04b57c3a9bb7db1c69b89c29049fe477b27d955f Mon Sep 17 00:00:00 2001
From: Marcelo Rocha <contato@omarcelo.com.br>
Date: Mon, 16 Jan 2023 14:04:42 -0300
Subject: [PATCH 2/3] fixing unit tests

---
 tests/TestCase/Provider/AuthenticationServiceProviderTest.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/TestCase/Provider/AuthenticationServiceProviderTest.php b/tests/TestCase/Provider/AuthenticationServiceProviderTest.php
index 710402173..2bc946cb4 100644
--- a/tests/TestCase/Provider/AuthenticationServiceProviderTest.php
+++ b/tests/TestCase/Provider/AuthenticationServiceProviderTest.php
@@ -94,6 +94,7 @@ public function testGetAuthenticationService()
                 'identify' => true,
                 'identityAttribute' => 'identity',
                 'skipTwoFactorVerify' => true,
+                'impersonateSessionKey' => 'AuthImpersonate',
             ],
             FormAuthenticator::class => [
                 'loginUrl' => '/login',
@@ -227,6 +228,7 @@ public function testGetAuthenticationServiceWithoutOneTimePasswordAuthenticator(
                 'identify' => true,
                 'identityAttribute' => 'identity',
                 'skipTwoFactorVerify' => true,
+                'impersonateSessionKey' => 'AuthImpersonate',
             ],
             FormAuthenticator::class => [
                 'loginUrl' => '/login',

From 687034558f24a238d47db195ce894d2b8179f1c7 Mon Sep 17 00:00:00 2001
From: Marcelo Rocha <contato@omarcelo.com.br>
Date: Mon, 16 Jan 2023 14:10:14 -0300
Subject: [PATCH 3/3] Don't check config from specific cakephp versions

---
 .../Provider/AuthenticationServiceProviderTest.php | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/tests/TestCase/Provider/AuthenticationServiceProviderTest.php b/tests/TestCase/Provider/AuthenticationServiceProviderTest.php
index 2bc946cb4..a3ed282bf 100644
--- a/tests/TestCase/Provider/AuthenticationServiceProviderTest.php
+++ b/tests/TestCase/Provider/AuthenticationServiceProviderTest.php
@@ -94,7 +94,6 @@ public function testGetAuthenticationService()
                 'identify' => true,
                 'identityAttribute' => 'identity',
                 'skipTwoFactorVerify' => true,
-                'impersonateSessionKey' => 'AuthImpersonate',
             ],
             FormAuthenticator::class => [
                 'loginUrl' => '/login',
@@ -115,7 +114,9 @@ public function testGetAuthenticationService()
         ];
         $actual = [];
         foreach ($authenticators as $key => $value) {
-            $actual[get_class($value)] = $value->getConfig();
+            $config = $value->getConfig();
+            unset($config['impersonateSessionKey']);
+            $actual[get_class($value)] = $config;
         }
         $this->assertEquals($expected, $actual);
 
@@ -145,7 +146,9 @@ public function testGetAuthenticationService()
         ];
         $actual = [];
         foreach ($identifiers as $key => $value) {
-            $actual[get_class($value)] = $value->getConfig();
+            $config = $value->getConfig();
+            unset($config['impersonateSessionKey'], $config['hashAlgorithm']);
+            $actual[get_class($value)] = $config;
         }
         $this->assertEquals($expected, $actual);
     }
@@ -228,7 +231,6 @@ public function testGetAuthenticationServiceWithoutOneTimePasswordAuthenticator(
                 'identify' => true,
                 'identityAttribute' => 'identity',
                 'skipTwoFactorVerify' => true,
-                'impersonateSessionKey' => 'AuthImpersonate',
             ],
             FormAuthenticator::class => [
                 'loginUrl' => '/login',
@@ -244,7 +246,9 @@ public function testGetAuthenticationServiceWithoutOneTimePasswordAuthenticator(
         ];
         $actual = [];
         foreach ($authenticators as $key => $value) {
-            $actual[get_class($value)] = $value->getConfig();
+            $config = $value->getConfig();
+            unset($config['impersonateSessionKey']);
+            $actual[get_class($value)] = $config;
         }
         $this->assertEquals($expected, $actual);
     }