Fix property access for rpId (#546)

Fix property access for rpId
web-auth · Feb 2, 2024 · 4ad5b42 · 4ad5b42
1 parent 54d2713
commit 4ad5b42
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/src/webauthn/src/CeremonyStep/CheckOrigin.php b/src/webauthn/src/CeremonyStep/CheckOrigin.php
@@ -34,7 +34,7 @@ public function process(
     ): void {
         $authData = $authenticatorResponse instanceof AuthenticatorAssertionResponse ? $authenticatorResponse->authenticatorData : $authenticatorResponse->attestationObject->authData;
         $C = $authenticatorResponse->clientDataJSON;
-        $rpId = $publicKeyCredentialOptions->rpId ?? $host;
+        $rpId = $publicKeyCredentialOptions->rpId ?? $publicKeyCredentialOptions->rp->id ?? $host;
         $facetId = $this->getFacetId($rpId, $publicKeyCredentialOptions->extensions, $authData->extensions);
         $parsedRelyingPartyId = parse_url($C->origin);
         is_array($parsedRelyingPartyId) || throw AuthenticatorResponseVerificationException::create(

diff --git a/src/webauthn/src/CeremonyStep/CheckRelyingPartyIdIdHash.php b/src/webauthn/src/CeremonyStep/CheckRelyingPartyIdIdHash.php
@@ -31,7 +31,7 @@ public function process(
             'No public key available.'
         );
         $isU2F = U2FPublicKey::isU2FKey($credentialPublicKey);
-        $rpId = $publicKeyCredentialOptions->rpId ?? $host;
+        $rpId = $publicKeyCredentialOptions->rpId ?? $publicKeyCredentialOptions->rp->id ?? $host;
         $facetId = $this->getFacetId($rpId, $publicKeyCredentialOptions->extensions, $authData ->extensions);
         $rpIdHash = hash('sha256', $isU2F ? $C->origin : $facetId, true);
         hash_equals(