adding capability to override rp id/name

passwordless-id · Apr 18, 2024 · 1c005db · 1c005db
1 parent c4e0963
commit 1c005db
Show file tree

Hide file tree

Showing 6 changed files with 14 additions and 7 deletions.
diff --git a/README.md b/README.md
@@ -398,9 +398,12 @@ Registration options
 --------------------
 
 - `discoverable`: (`'discouraged'`, `'preferred'` or `'required'`) If the credential is "discoverable", it can be selected using `authenticate` without providing credential IDs. In that case, a native pop-up will appear for user selection. This may have an impact on the "passkeys" user experience and syncing behavior of the key. *(Default: 'preferred')*
-- `attestation`: If enabled, the device attestation and clientData will be provided as base64 encoded binary data. Note that this may impact the authenticator information available or the UX depending on the platform. *(Default: false)*
+- `attestation`: If enabled, the device attestation and clientData will be provided as base64 encoded binary data. Note that this may impact the authenticator information available or the UX depending on the platform. *(Default: false)* 
 - `userHandle`: The user "handle" (also known as user "id") can be used to re-register credentials for an existing user, thus overriding the current credential key pair and username for that `userHandle`. *The default here is based on a hash of the `username`, and thus has some security implications as described in [issue](https://github.com/passwordless-id/webauthn/issues/29).*
-
+- `rp:{id:..., name: ...}`: By default the domain name is used as relying party ID and name. However, there are uses cases where you may want to customize it:
+ - defining a parent domain to let the credential work on all subdomains
+ - for browser extensions requiring specific IDs
+ - for specific iframes use cases?
 
 Authentication options
 ----------------------

diff --git a/dist/webauthn.min.js b/dist/webauthn.min.js
diff --git a/dist/webauthn.min.js.map b/dist/webauthn.min.js.map
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@passwordless-id/webauthn",
- "version": "1.5.0",
+ "version": "1.6.0",
  "description": "A small wrapper around the webauthn protocol to make one's life easier.",
  "type": "module",
  "main": "dist/esm/index.js",

diff --git a/src/client.ts b/src/client.ts
@@ -79,7 +79,7 @@ export async function register(username :string, challenge :string, options? :Re
 
  const creationOptions :PublicKeyCredentialCreationOptions = {
  challenge: utils.parseBase64url(challenge),
- rp: {
+ rp: options.rp ?? {
  id: window.location.hostname,
  name: window.location.hostname
  },

diff --git a/src/types.ts b/src/types.ts
@@ -42,6 +42,10 @@ export interface RegisterOptions extends CommonOptions {
  userHandle?: string
  attestation?: boolean
  discoverable?: ResidentKeyRequirement
+ rp?: {
+ id :string,
+ name :string
+ }
 }