diff options
| author | Matthew Miller <matthew@millerti.me> | 2022-07-22 19:11:46 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-07-22 19:11:46 -0700 |
| commit | ea6ced40a0edbdd7c9be9270bb168b7f117547bd (patch) | |
| tree | 23d64ae95264edecd19590c3612046d86e2e8ddc /packages/server/src/authentication/verifyAuthenticationResponse.ts | |
| parent | cfa689214f772a6375dcc385714982209ddf1f08 (diff) | |
| parent | c532f52e265ab272762f872f70346ce2f66f0199 (diff) | |
Merge pull request #230 from agektmr/dev
Return `AuthenticationExtensionsAuthenticatorOutputs` as part of registration and authentication
Diffstat (limited to 'packages/server/src/authentication/verifyAuthenticationResponse.ts')
| -rw-r--r-- | packages/server/src/authentication/verifyAuthenticationResponse.ts | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/packages/server/src/authentication/verifyAuthenticationResponse.ts b/packages/server/src/authentication/verifyAuthenticationResponse.ts index 264a2f2..ebc1dca 100644 --- a/packages/server/src/authentication/verifyAuthenticationResponse.ts +++ b/packages/server/src/authentication/verifyAuthenticationResponse.ts @@ -12,6 +12,7 @@ import verifySignature from '../helpers/verifySignature'; import parseAuthenticatorData from '../helpers/parseAuthenticatorData'; import isBase64URLString from '../helpers/isBase64URLString'; import { parseBackupFlags } from '../helpers/parseBackupFlags'; +import { AuthenticationExtensionsAuthenticatorOutputs } from '../helpers/decodeAuthenticatorExtensions'; export type VerifyAuthenticationResponseOpts = { credential: AuthenticationCredentialJSON; @@ -134,7 +135,7 @@ export default function verifyAuthenticationResponse( const authDataBuffer = base64url.toBuffer(response.authenticatorData); const parsedAuthData = parseAuthenticatorData(authDataBuffer); - const { rpIdHash, flags, counter } = parsedAuthData; + const { rpIdHash, flags, counter, extensionsData } = parsedAuthData; // Make sure the response's RP ID is ours if (typeof expectedRPID === 'string') { @@ -189,6 +190,7 @@ export default function verifyAuthenticationResponse( credentialID: authenticator.credentialID, credentialDeviceType, credentialBackedUp, + authenticatorExtensionResults: extensionsData, }, }; @@ -210,6 +212,8 @@ export default function verifyAuthenticationResponse( * @param authenticationInfo.credentialBackedUp Whether or not the multi-device credential has been * backed up. Always `false` for single-device credentials. **Should be kept in a DB for later * reference!** + * @param authenticationInfo?.authenticatorExtensionResults The authenticator extensions returned + * by the browser */ export type VerifiedAuthenticationResponse = { verified: boolean; @@ -218,5 +222,6 @@ export type VerifiedAuthenticationResponse = { newCounter: number; credentialDeviceType: CredentialDeviceType; credentialBackedUp: boolean; + authenticatorExtensionResults?: AuthenticationExtensionsAuthenticatorOutputs; }; }; |