diff options
| -rw-r--r-- | packages/server/src/attestation/generateAttestationOptions.ts | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/packages/server/src/attestation/generateAttestationOptions.ts b/packages/server/src/attestation/generateAttestationOptions.ts index e1fc70e..2c0f85b 100644 --- a/packages/server/src/attestation/generateAttestationOptions.ts +++ b/packages/server/src/attestation/generateAttestationOptions.ts @@ -119,6 +119,18 @@ export default function generateAttestationOptions( type: 'public-key', })); + /** + * "Relying Parties SHOULD set [requireResidentKey] to true if, and only if, residentKey is set + * to "required"" + * + * See https://www.w3.org/TR/webauthn-2/#dom-authenticatorselectioncriteria-requireresidentkey + */ + if (authenticatorSelection.residentKey === 'required') { + authenticatorSelection.requireResidentKey = true; + } else { + authenticatorSelection.requireResidentKey = false; + } + return { challenge: base64url.encode(challenge), rp: { |