Merge pull request #415 from Mikescops/feature/add-origin-authentication-registration-info

Add origin and rpID in authentication and registration info

1 files changed, 7 insertions, 1 deletions

diff --git a/packages/server/src/authentication/verifyAuthenticationResponse.ts b/packages/server/src/authentication/verifyAuthenticationResponse.ts
index d95bca5..c9f23ca 100644
--- a/packages/server/src/authentication/verifyAuthenticationResponse.ts
+++ b/packages/server/src/authentication/verifyAuthenticationResponse.ts
@@ -154,7 +154,7 @@ export async function verifyAuthenticationResponse(
     expectedRPIDs = expectedRPID;
   }
 
-  await matchExpectedRPID(rpIdHash, expectedRPIDs);
+  const matchedRPID = await matchExpectedRPID(rpIdHash, expectedRPIDs);
 
   if (advancedFIDOConfig !== undefined) {
     const { userVerification: fidoUserVerification } = advancedFIDOConfig;
@@ -215,6 +215,8 @@ export async function verifyAuthenticationResponse(
       credentialDeviceType,
       credentialBackedUp,
       authenticatorExtensionResults: extensionsData,
+      origin: clientDataJSON.origin,
+      rpID: matchedRPID,
     },
   };
 
@@ -236,6 +238,8 @@ export async function verifyAuthenticationResponse(
  * @param authenticationInfo.credentialBackedUp Whether or not the multi-device credential has been
  * backed up. Always `false` for single-device credentials. **Should be kept in a DB for later
  * reference!**
+ * @param authenticationInfo.origin The origin of the website that the authentication occurred on
+ * @param authenticationInfo.rpID The RP ID that the authentication occurred on
  * @param authenticationInfo?.authenticatorExtensionResults The authenticator extensions returned
  * by the browser
  */
@@ -247,6 +251,8 @@ export type VerifiedAuthenticationResponse = {
     userVerified: boolean;
     credentialDeviceType: CredentialDeviceType;
     credentialBackedUp: boolean;
+    origin: string;
+    rpID: string;
     authenticatorExtensionResults?: AuthenticationExtensionsAuthenticatorOutputs;
   };
 };