Project import generated by Copybara.
GitOrigin-RevId: 63746295f1a5ab5a619056791995793d65529e62
diff --git a/src/ajax/completewebauthnauthentication.php b/src/ajax/completewebauthnauthentication.php
new file mode 100644
index 0000000..8996d42
--- /dev/null
+++ b/src/ajax/completewebauthnauthentication.php
@@ -0,0 +1,21 @@
+<?php
+require_once(__DIR__."/../core.php");
+
+if (!secondFactor::isAvailable() || security::userType() !== security::UNKNOWN || !isset($_SESSION["firstfactorid"]) || !secondFactor::isEnabled($_SESSION["firstfactorid"]) || !secondFactor::hasSecurityKeys($_SESSION["firstfactorid"]) || $_SERVER['REQUEST_METHOD'] !== "POST") {
+ api::error();
+}
+
+$input = api::inputJson();
+if ($input === false || !isset($input["id"]) || !isset($input["clientDataJSON"]) || !isset($input["authenticatorData"]) || !isset($input["signature"])) api::error();
+$id = (string)$input["id"];
+$clientDataJSON = (string)$input["clientDataJSON"];
+$authenticatorData = (string)$input["authenticatorData"];
+$signature = (string)$input["signature"];
+
+try {
+ $result = secondFactor::completeValidationChallenge($id, $clientDataJSON, $authenticatorData, $signature);
+} catch (Throwable $e) {
+ api::error($conf['debug'] ? $e->getMessage() : null);
+}
+
+api::write($result);