From 7bf277470deed71b657bb95df93fb1a27fb6523d Mon Sep 17 00:00:00 2001
From: Matthew Miller <matthew@millerti.me>
Date: Sun, 7 Jun 2020 19:28:55 -0700
Subject: Make expectedRPID optional

---
 packages/server/src/attestation/verifyAttestationResponse.ts | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'packages/server/src')

diff --git a/packages/server/src/attestation/verifyAttestationResponse.ts b/packages/server/src/attestation/verifyAttestationResponse.ts
index f52b13e..e696027 100644
--- a/packages/server/src/attestation/verifyAttestationResponse.ts
+++ b/packages/server/src/attestation/verifyAttestationResponse.ts
@@ -17,7 +17,7 @@ type Options = {
   credential: AttestationCredentialJSON;
   expectedChallenge: string;
   expectedOrigin: string;
-  expectedRPID: string;
+  expectedRPID?: string;
   requireUserVerification?: boolean;
 };
 
@@ -72,9 +72,11 @@ export default function verifyAttestationResponse(options: Options): VerifiedAtt
   const { rpIdHash, flags, credentialID, counter, credentialPublicKey } = parsedAuthData;
 
   // Make sure the response's RP ID is ours
-  const expectedRPIDHash = toHash(Buffer.from(expectedRPID, 'ascii'));
-  if (!rpIdHash.equals(expectedRPIDHash)) {
-    throw new Error(`Unexpected RP ID hash`);
+  if (expectedRPID) {
+    const expectedRPIDHash = toHash(Buffer.from(expectedRPID, 'ascii'));
+    if (!rpIdHash.equals(expectedRPIDHash)) {
+      throw new Error(`Unexpected RP ID hash`);
+    }
   }
 
   // Make sure someone was physically present
-- 
cgit v1.2.3