From a0a16867700563788a0b83e578b33c2355382e25 Mon Sep 17 00:00:00 2001
From: stevenwdv <stevenwdv@gmail.com>
Date: Mon, 25 Oct 2021 19:16:31 +0200
Subject: [PATCH] Force Fido2Client to accept any RP ID, incl.
 'solo-sign-hash:...'

---
 solo/devices/solo_v1.py | 3 ++-
 solo/hmac_secret.py     | 4 ++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/solo/devices/solo_v1.py b/solo/devices/solo_v1.py
index 5752f99..a482e8e 100644
--- a/solo/devices/solo_v1.py
+++ b/solo/devices/solo_v1.py
@@ -73,7 +73,8 @@ def find_device(self, dev=None, solo_serial=None):
             self.ctap2 = None
 
         try:
-            self.client = Fido2Client(dev, self.origin)
+            # Accept any RP ID, including e.g. 'solo-sign-hash:...'
+            self.client = Fido2Client(dev, self.origin, verify=lambda _rp_id, _origin: True)
         except CtapError:
             print("Not using FIDO2 interface.")
             self.client = None
diff --git a/solo/hmac_secret.py b/solo/hmac_secret.py
index a50ee40..760edbc 100644
--- a/solo/hmac_secret.py
+++ b/solo/hmac_secret.py
@@ -42,7 +42,7 @@ def make_credential(
 
     rp = PublicKeyCredentialRpEntity(host, "Example RP")
     client.host = host
-    client.origin = f"https://{client.host}"
+    client.origin = client.host if ":" in client.host else f"https://{client.host}"
     client.user_id = user_id
     user = fido2.webauthn.PublicKeyCredentialUserEntity(user_id, "A. User")
     challenge = secrets.token_bytes(32)
@@ -89,7 +89,7 @@ def simple_secret(
 
     # rp = {"id": host, "name": "Example RP"}
     client.host = host
-    client.origin = f"https://{client.host}"
+    client.origin = client.host if ":" in client.host else f"https://{client.host}"
     client.user_id = user_id
     # user = {"id": user_id, "name": "A. User"}
     credential_id = binascii.a2b_hex(credential_id)