Skip to content

Commit

Permalink
Append https:// in front of RP ID when excluding devices (#2755)
Browse files Browse the repository at this point in the history
* Convert cancelled rp id to full urls

* Fix issue with `undefined` rpId
  • Loading branch information
lmuntaner authored Dec 19, 2024
1 parent aaf88ff commit d376785
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 9 deletions.
8 changes: 4 additions & 4 deletions src/frontend/src/utils/findWebAuthnRpId.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -180,7 +180,7 @@ describe("excludeCredentialsFromOrigins", () => {
mockDeviceData("https://identity.internetcomputer.org"),
mockDeviceData("https://identity.icp0.io"),
];
const originsToExclude = new Set(["https://identity.ic0.app"]);
const originsToExclude = new Set(["identity.ic0.app"]);
const currentOrigin = "https://identity.internetcomputer.org";

const result = excludeCredentialsFromOrigins(
Expand All @@ -201,7 +201,7 @@ describe("excludeCredentialsFromOrigins", () => {
mockDeviceData(undefined), // Should be treated as DEFAULT_DOMAIN
mockDeviceData("https://identity.internetcomputer.org"),
];
const originsToExclude = new Set(["https://identity.ic0.app"]); // Should match DEFAULT_DOMAIN
const originsToExclude = new Set(["identity.ic0.app"]); // Should match DEFAULT_DOMAIN
const currentOrigin = "https://identity.internetcomputer.org";

const result = excludeCredentialsFromOrigins(
Expand Down Expand Up @@ -240,8 +240,8 @@ describe("excludeCredentialsFromOrigins", () => {
mockDeviceData("https://identity.internetcomputer.org"),
];
const originsToExclude = new Set([
"https://identity.ic0.app",
"https://identity.internetcomputer.org",
"identity.ic0.app",
"identity.internetcomputer.org",
]);
const currentOrigin = "https://identity.ic0.app";

Expand Down
10 changes: 5 additions & 5 deletions src/frontend/src/utils/findWebAuthnRpId.ts
Original file line number Diff line number Diff line change
Expand Up @@ -43,21 +43,21 @@ export const hasCredentialsFromMultipleOrigins = (
* Two origins match if they have the same hostname (domain).
*
* @param credentials - List of credential devices to filter
* @param origins - Set of origins to exclude (undefined values are treated as `currentOrigin`)
* @param rpIds - Set of origins to exclude (undefined values are treated as `currentOrigin`)
* @param currentOrigin - The current origin to use when comparing against undefined origins
* @returns Filtered list of credentials, excluding those from the specified origins
*/
export const excludeCredentialsFromOrigins = (
credentials: CredentialData[],
origins: Set<string | undefined>,
rpIds: Set<string | undefined>,
currentOrigin: string
): CredentialData[] => {
if (origins.size === 0) {
if (rpIds.size === 0) {
return credentials;
}
// Change `undefined` to the current origin.
const originsToExclude = Array.from(origins).map(
(origin) => origin ?? currentOrigin
const originsToExclude = Array.from(rpIds).map((origin) =>
origin === undefined ? currentOrigin : `https://${origin}`
);
return credentials.filter(
(credential) =>
Expand Down

0 comments on commit d376785

Please sign in to comment.