summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
Diffstat
-rw-r--r--packages/server/src/attestation/verifyAttestationResponse.ts10
1 files changed, 6 insertions, 4 deletions
diff --git a/packages/server/src/attestation/verifyAttestationResponse.ts b/packages/server/src/attestation/verifyAttestationResponse.ts
index f52b13e..e696027 100644
--- a/packages/server/src/attestation/verifyAttestationResponse.ts
+++ b/packages/server/src/attestation/verifyAttestationResponse.ts
@@ -17,7 +17,7 @@ type Options = {
credential: AttestationCredentialJSON;
expectedChallenge: string;
expectedOrigin: string;
- expectedRPID: string;
+ expectedRPID?: string;
requireUserVerification?: boolean;
};
@@ -72,9 +72,11 @@ export default function verifyAttestationResponse(options: Options): VerifiedAtt
const { rpIdHash, flags, credentialID, counter, credentialPublicKey } = parsedAuthData;
// Make sure the response's RP ID is ours
- const expectedRPIDHash = toHash(Buffer.from(expectedRPID, 'ascii'));
- if (!rpIdHash.equals(expectedRPIDHash)) {
- throw new Error(`Unexpected RP ID hash`);
+ if (expectedRPID) {
+ const expectedRPIDHash = toHash(Buffer.from(expectedRPID, 'ascii'));
+ if (!rpIdHash.equals(expectedRPIDHash)) {
+ throw new Error(`Unexpected RP ID hash`);
+ }
}
// Make sure someone was physically present
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-29 08:55:42 +0000