From a186d323144c0c542811f119a658e2bff577014f Mon Sep 17 00:00:00 2001
From: SmithThe4th <gsmith@bitwarden.com>
Date: Mon, 2 Oct 2023 18:14:39 -0400
Subject: [PATCH] Bug during reafactoring where the hostname is not used if the
 rpId is undefined (#6484)

---
 .../src/vault/services/fido2/fido2-client.service.ts | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/libs/common/src/vault/services/fido2/fido2-client.service.ts b/libs/common/src/vault/services/fido2/fido2-client.service.ts
index 0057e0c0c08..1b4c2cbf9ef 100644
--- a/libs/common/src/vault/services/fido2/fido2-client.service.ts
+++ b/libs/common/src/vault/services/fido2/fido2-client.service.ts
@@ -71,16 +71,16 @@ export class Fido2ClientService implements Fido2ClientServiceAbstraction {
     }
 
     const parsedOrigin = parse(params.origin, { allowPrivateDomains: true });
-    const rpId = params.rp.id ?? parsedOrigin.hostname;
+    params.rp.id = params.rp.id ?? parsedOrigin.hostname;
 
     if (parsedOrigin.hostname == undefined || !params.origin.startsWith("https://")) {
       this.logService?.warning(`[Fido2Client] Invalid https origin: ${params.origin}`);
       throw new DOMException("'origin' is not a valid https origin", "SecurityError");
     }
 
-    if (!isValidRpId(rpId, params.origin)) {
+    if (!isValidRpId(params.rp.id, params.origin)) {
       this.logService?.warning(
-        `[Fido2Client] 'rp.id' cannot be used with the current origin: rp.id = ${rpId}; origin = ${params.origin}`
+        `[Fido2Client] 'rp.id' cannot be used with the current origin: rp.id = ${params.rp.id}; origin = ${params.origin}`
       );
       throw new DOMException("'rp.id' cannot be used with the current origin", "SecurityError");
     }
@@ -202,16 +202,16 @@ export class Fido2ClientService implements Fido2ClientServiceAbstraction {
     }
 
     const parsedOrigin = parse(params.origin, { allowPrivateDomains: true });
-    const rpId = params.rpId ?? parsedOrigin.hostname;
+    params.rpId = params.rpId ?? parsedOrigin.hostname;
 
     if (parsedOrigin.hostname == undefined || !params.origin.startsWith("https://")) {
       this.logService?.warning(`[Fido2Client] Invalid https origin: ${params.origin}`);
       throw new DOMException("'origin' is not a valid https origin", "SecurityError");
     }
 
-    if (!isValidRpId(rpId, params.origin)) {
+    if (!isValidRpId(params.rpId, params.origin)) {
       this.logService?.warning(
-        `[Fido2Client] 'rp.id' cannot be used with the current origin: rp.id = ${rpId}; origin = ${params.origin}`
+        `[Fido2Client] 'rp.id' cannot be used with the current origin: rp.id = ${params.rpId}; origin = ${params.origin}`
       );
       throw new DOMException("'rp.id' cannot be used with the current origin", "SecurityError");
     }