Skip to content

Commit 78ad52f

Browse files
MasterKaleMasterKale
committed
Add and handle new mdsBlobs arg to initialize()
1 parent 53f90f5 commit 78ad52f

1 file changed

Lines changed: 15 additions & 1 deletion

File tree

packages/server/src/services/metadataService.ts

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -67,6 +67,8 @@ interface MetadataService {
6767
* (version 3.0)-compatible servers. Defaults to the official FIDO MDS server
6868
* @param opts.statements An array of local metadata statements. Statements will be loaded but
6969
* not refreshed
70+
* @param opts.mdsBlobs An array of local MDS blob JWTs. Entries in each blob will be loaded but
71+
* not refreshed
7072
* @param opts.verificationMode How MetadataService will handle unregistered AAGUIDs. Defaults to
7173
* `"strict"` which throws errors during registration response verification when an
7274
* unregistered AAGUID is encountered. Set to `"permissive"` to allow registration by
@@ -75,6 +77,7 @@ interface MetadataService {
7577
initialize(opts?: {
7678
mdsServers?: string[];
7779
statements?: MetadataStatement[];
80+
mdsBlobs?: string[];
7881
verificationMode?: VerificationMode;
7982
}): Promise<void>;
8083
/**
@@ -102,10 +105,11 @@ export class BaseMetadataService implements MetadataService {
102105
opts: {
103106
mdsServers?: string[];
104107
statements?: MetadataStatement[];
108+
mdsBlobs?: string[];
105109
verificationMode?: VerificationMode;
106110
} = {},
107111
): Promise<void> {
108-
const { mdsServers = [defaultURLMDS], statements, verificationMode } = opts;
112+
const { mdsServers = [defaultURLMDS], statements, mdsBlobs, verificationMode } = opts;
109113

110114
this.setState(SERVICE_STATE.REFRESHING);
111115

@@ -135,6 +139,16 @@ export class BaseMetadataService implements MetadataService {
135139
log(`Cached ${statementsAdded} local statements`);
136140
}
137141

142+
/**
143+
* Next, if cached MDS blobs are provided, verify each JWT and then add their entries into the
144+
* cache. Blobs loaded in this way will not be refreshed when a stale entry within is detected.
145+
*/
146+
if (mdsBlobs?.length) {
147+
for (const blob of mdsBlobs) {
148+
await this.verifyBlob(blob, NonRefreshingMDS);
149+
}
150+
}
151+
138152
/**
139153
* If MDS servers are provided, then download blobs from them, verify them, and then add their
140154
* entries to the cache. Blobs loaded in this way will be refreshed when a stale entry within is

0 commit comments

Comments
 (0)