Fix for #230

- Change `extensions` to `extensionsData` and add `extensionsDataBuffer`
author: Eiji Kitamura <agektmr@google.com> 2022-07-22 15:44:32 +0900
committer: Eiji Kitamura <agektmr@google.com> 2022-07-22 15:44:32 +0900
commit: 8cc0d0c9fe9c0e5c978d2a09eb17c4760481ec3f (patch)
tree: 93e29d5f8b872aee04a5022891730803bb36e0c0 /packages/server/src
parent: 53dd14e4dc21b1d97224f6b8b5f36285ed72283a (diff)
6 files changed, 19 insertions, 15 deletions
diff --git a/packages/server/src/authentication/verifyAuthenticationResponse.test.ts b/packages/server/src/authentication/verifyAuthenticationResponse.test.ts
index 5e9d0c1..96cc4b5 100644
--- a/packages/server/src/authentication/verifyAuthenticationResponse.test.ts
+++ b/packages/server/src/authentication/verifyAuthenticationResponse.test.ts
@@ -336,7 +336,7 @@ test('should return authenticator extension output', async () => {
     }
   });
 
-  expect(verification.authenticationInfo?.extensions).toMatchObject({
+  expect(verification.authenticationInfo?.extensionsData).toMatchObject({
     'devicePublicKey': {
       'dpk': Buffer.from('A5010203262001215820991AABED9DE4271A9EDEAD8806F9DC96D6DCCD0C476253A5510489EC8379BE5B225820A0973CFDEDBB79E27FEF4EE7481673FB3312504DDCA5434CFD23431D6AD29EDA', 'hex'),
       'sig': Buffer.from('3045022049526CD28AEF6B4E621A7D5936D2B504952FC0AE2313A4F0357AAFFFAEA964740221009D513ACAEFB0B32C765AAE6FEBA8C294685EFF63FF1CBF11ECF2107AF4FEB8F8', 'hex'),
diff --git a/packages/server/src/authentication/verifyAuthenticationResponse.ts b/packages/server/src/authentication/verifyAuthenticationResponse.ts
index e938834..341835c 100644
--- a/packages/server/src/authentication/verifyAuthenticationResponse.ts
+++ b/packages/server/src/authentication/verifyAuthenticationResponse.ts
@@ -135,7 +135,7 @@ export default function verifyAuthenticationResponse(
 
   const authDataBuffer = base64url.toBuffer(response.authenticatorData);
   const parsedAuthData = parseAuthenticatorData(authDataBuffer);
-  const { rpIdHash, flags, counter, extensions } = parsedAuthData;
+  const { rpIdHash, flags, counter, extensionsData } = parsedAuthData;
 
   // Make sure the response's RP ID is ours
   if (typeof expectedRPID === 'string') {
@@ -190,7 +190,7 @@ export default function verifyAuthenticationResponse(
       credentialID: authenticator.credentialID,
       credentialDeviceType,
       credentialBackedUp,
-      extensions
+      extensionsData
     },
   };
 
@@ -220,6 +220,6 @@ export type VerifiedAuthenticationResponse = {
     newCounter: number;
     credentialDeviceType: CredentialDeviceType;
     credentialBackedUp: boolean;
-    extensions?: AuthenticationExtensionsAuthenticatorOutputs;
+    extensionsData?: AuthenticationExtensionsAuthenticatorOutputs;
   };
 };
diff --git a/packages/server/src/helpers/parseAuthenticatorData.test.ts b/packages/server/src/helpers/parseAuthenticatorData.test.ts
index 29abf64..e199898 100644
--- a/packages/server/src/helpers/parseAuthenticatorData.test.ts
+++ b/packages/server/src/helpers/parseAuthenticatorData.test.ts
@@ -43,10 +43,10 @@ test('should parse extension data', () => {
 
   const parsed = parseAuthenticatorData(authDataWithED);
 
-  const { extensions } = parsed;
+  const { extensionsData } = parsed;
 
-  if (extensions) {
-    expect(extensions).toEqual({
+  if (extensionsData) {
+    expect(extensionsData).toEqual({
       'example.extension':
         'This is an example extension! If you read this message, you probably successfully passing conformance tests. Good job!',
     });
diff --git a/packages/server/src/helpers/parseAuthenticatorData.ts b/packages/server/src/helpers/parseAuthenticatorData.ts
index e79580b..439070d 100644
--- a/packages/server/src/helpers/parseAuthenticatorData.ts
+++ b/packages/server/src/helpers/parseAuthenticatorData.ts
@@ -53,12 +53,14 @@ export default function parseAuthenticatorData(authData: Buffer): ParsedAuthenti
     pointer += firstEncoded.byteLength;
   }
 
-  let extensions: AuthenticationExtensionsAuthenticatorOutputs | undefined = undefined;
+  let extensionsData: AuthenticationExtensionsAuthenticatorOutputs | undefined = undefined;
+  let extensionsDataBuffer: Buffer | undefined = undefined;
 
   if (flags.ed) {
     const firstDecoded = decodeCborFirst(authData.slice(pointer));
     const firstEncoded = Buffer.from(cbor.encode(firstDecoded) as ArrayBuffer);
-    extensions = decodeAuthenticatorExtensionData(firstEncoded);
+    extensionsDataBuffer = firstEncoded;
+    extensionsData = decodeAuthenticatorExtensionData(extensionsDataBuffer);
     pointer += firstEncoded.byteLength;
   }
 
@@ -76,7 +78,8 @@ export default function parseAuthenticatorData(authData: Buffer): ParsedAuthenti
     aaguid,
     credentialID,
     credentialPublicKey,
-    extensions,
+    extensionsData,
+    extensionsDataBuffer
   };
 }
 
@@ -97,5 +100,6 @@ export type ParsedAuthenticatorData = {
   aaguid?: Buffer;
   credentialID?: Buffer;
   credentialPublicKey?: Buffer;
-  extensions?: AuthenticationExtensionsAuthenticatorOutputs;
+  extensionsData?: AuthenticationExtensionsAuthenticatorOutputs;
+  extensionsDataBuffer?: Buffer;
 };
diff --git a/packages/server/src/registration/verifyRegistrationResponse.test.ts b/packages/server/src/registration/verifyRegistrationResponse.test.ts
index 38896b0..4a966b5 100644
--- a/packages/server/src/registration/verifyRegistrationResponse.test.ts
+++ b/packages/server/src/registration/verifyRegistrationResponse.test.ts
@@ -607,7 +607,7 @@ test('should return authenticator extension output', async () => {
     expectedRPID: 'try-webauthn.appspot.com',
   });
 
-  expect(verification.registrationInfo?.extensions).toMatchObject({
+  expect(verification.registrationInfo?.extensionsData).toMatchObject({
     'devicePublicKey': {
       "dpk": Buffer.from('A5010203262001215820991AABED9DE4271A9EDEAD8806F9DC96D6DCCD0C476253A5510489EC8379BE5B225820A0973CFDEDBB79E27FEF4EE7481673FB3312504DDCA5434CFD23431D6AD29EDA', 'hex'),
       "sig": Buffer.from('3045022100EFB38074BD15B8C82CF09F87FBC6FB3C7169EA4F1806B7E90937374302345B7A02202B7113040731A0E727D338D48542863CE65880AA79E5EA740AC8CCD94347988E', 'hex'),
diff --git a/packages/server/src/registration/verifyRegistrationResponse.ts b/packages/server/src/registration/verifyRegistrationResponse.ts
index 4d1796c..2377ea4 100644
--- a/packages/server/src/registration/verifyRegistrationResponse.ts
+++ b/packages/server/src/registration/verifyRegistrationResponse.ts
@@ -133,7 +133,7 @@ export default async function verifyRegistrationResponse(
   const { fmt, authData, attStmt } = decodedAttestationObject;
 
   const parsedAuthData = parseAuthenticatorData(authData);
-  const { aaguid, rpIdHash, flags, credentialID, counter, credentialPublicKey, extensions } = parsedAuthData;
+  const { aaguid, rpIdHash, flags, credentialID, counter, credentialPublicKey, extensionsData } = parsedAuthData;
 
   // Make sure the response's RP ID is ours
   if (expectedRPID) {
@@ -249,7 +249,7 @@ export default async function verifyRegistrationResponse(
       userVerified: flags.uv,
       credentialDeviceType,
       credentialBackedUp,
-      extensions,
+      extensionsData,
     };
   }
 
@@ -291,7 +291,7 @@ export type VerifiedRegistrationResponse = {
     userVerified: boolean;
     credentialDeviceType: CredentialDeviceType;
     credentialBackedUp: boolean;
-    extensions?: AuthenticationExtensionsAuthenticatorOutputs;
+    extensionsData?: AuthenticationExtensionsAuthenticatorOutputs;
   };
 };
author	Eiji Kitamura <agektmr@google.com>	2022-07-22 15:44:32 +0900
committer	Eiji Kitamura <agektmr@google.com>	2022-07-22 15:44:32 +0900
commit	8cc0d0c9fe9c0e5c978d2a09eb17c4760481ec3f (patch)
tree	93e29d5f8b872aee04a5022891730803bb36e0c0 /packages/server/src
parent	53dd14e4dc21b1d97224f6b8b5f36285ed72283a (diff)