Make expectedRPID optional

author: Matthew Miller <matthew@millerti.me> 2020-06-07 19:28:55 -0700
committer: Matthew Miller <matthew@millerti.me> 2020-06-07 19:28:55 -0700
commit: 7bf277470deed71b657bb95df93fb1a27fb6523d (patch)
tree: 24fae3ef09ef8320aed34fc762e5343a29f94af9 /packages/server
parent: f552434d312ceccd2c75d9bbb406bb587a156a52 (diff)
1 files changed, 6 insertions, 4 deletions
diff --git a/packages/server/src/attestation/verifyAttestationResponse.ts b/packages/server/src/attestation/verifyAttestationResponse.ts
index f52b13e..e696027 100644
--- a/packages/server/src/attestation/verifyAttestationResponse.ts
+++ b/packages/server/src/attestation/verifyAttestationResponse.ts
@@ -17,7 +17,7 @@ type Options = {
   credential: AttestationCredentialJSON;
   expectedChallenge: string;
   expectedOrigin: string;
-  expectedRPID: string;
+  expectedRPID?: string;
   requireUserVerification?: boolean;
 };
 
@@ -72,9 +72,11 @@ export default function verifyAttestationResponse(options: Options): VerifiedAtt
   const { rpIdHash, flags, credentialID, counter, credentialPublicKey } = parsedAuthData;
 
   // Make sure the response's RP ID is ours
-  const expectedRPIDHash = toHash(Buffer.from(expectedRPID, 'ascii'));
-  if (!rpIdHash.equals(expectedRPIDHash)) {
-    throw new Error(`Unexpected RP ID hash`);
+  if (expectedRPID) {
+    const expectedRPIDHash = toHash(Buffer.from(expectedRPID, 'ascii'));
+    if (!rpIdHash.equals(expectedRPIDHash)) {
+      throw new Error(`Unexpected RP ID hash`);
+    }
   }
 
   // Make sure someone was physically present
author	Matthew Miller <matthew@millerti.me>	2020-06-07 19:28:55 -0700
committer	Matthew Miller <matthew@millerti.me>	2020-06-07 19:28:55 -0700
commit	7bf277470deed71b657bb95df93fb1a27fb6523d (patch)
tree	24fae3ef09ef8320aed34fc762e5343a29f94af9 /packages/server
parent	f552434d312ceccd2c75d9bbb406bb587a156a52 (diff)