diff options
| author | Matthew Miller <matthew@millerti.me> | 2020-05-22 16:24:37 -0700 |
|---|---|---|
| committer | Matthew Miller <matthew@millerti.me> | 2020-05-22 16:24:37 -0700 |
| commit | ca25260b74cfa8d709571ddacdcfbb4942624ac6 (patch) | |
| tree | 7e6d23fc428b031ac5dadb8bc37035c6cf459b19 | |
| parent | 46a1834e0bfa11e4546b11ae96b02d6a602ac3e2 (diff) | |
Add user presence requirement to assertion
| -rw-r--r-- | packages/server/src/assertion/verifyAssertionResponse.ts | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/packages/server/src/assertion/verifyAssertionResponse.ts b/packages/server/src/assertion/verifyAssertionResponse.ts index 59c3b4e..4441428 100644 --- a/packages/server/src/assertion/verifyAssertionResponse.ts +++ b/packages/server/src/assertion/verifyAssertionResponse.ts @@ -1,7 +1,6 @@ import base64url from 'base64url'; import { AuthenticatorAssertionResponseJSON, - U2F_USER_PRESENTED, AuthenticatorDevice, VerifiedAssertion, } from "@webauthntine/typescript-types"; @@ -41,8 +40,9 @@ export default function verifyAssertionResponse( const authDataBuffer = base64url.toBuffer(base64AuthenticatorData); const authDataStruct = parseAuthenticatorData(authDataBuffer); + const { credentialID, flags, counter } = authDataStruct; - if (!(authData.flags & U2F_USER_PRESENTED)) { + if (!(flags.up)) { throw new Error('User was NOT present during assertion!'); } |