Skip to content

Version 1.11.0
Compare
Choose a tag to compare
@emlun emlun released this 04 Nov 17:09
1.11.0
This tag was signed with the committer’s verified signature.
emlun Emil Lundberg
GPG key ID: 0F47E61493A9B8E5
Learn about vigilant mode.
869fff5
This commit was signed with the committer’s verified signature.
emlun Emil Lundberg
GPG key ID: 0F47E61493A9B8E5
Learn about vigilant mode.

Deprecated features:

  • AuthenticatorSelectionCriteria methods builder().requireResidentKey(boolean) and isRequireResidentKey() deprecated in favor of a new option, see below.
  • The icon field in RelyingPartyIdentity and UserIdentity, and its associated methods, are now deprecated. The corresponding property was removed in WebAuthn Level 2.

Deprecated features will be removed in the next major version release.

Changes:

  • RelyingParty.startAssertion() no longer overwrites the appid extension input in the StartAssertionOptions argument.
  • RelyingParty.appId setting now also activates the appidExclude extension in addition to the appid extension.
  • RelyingParty.startRegistration() now enables the credProps extension by default. The extension output, if any, is available as RegistrationResult.isDiscoverable() and RegistrationResult.getClientExtensionOutputs().getCredProps().

New features:

  • RegistrationResult.keyId() now includes transports if any were included in the AuthenticatorAttestatationResponse. To get transports passed through, call PublicKeyCredential.response.getTransports() on the client side after successful registration, and add the result as the property response.transports in the JSON passed into PublicKeyCredential.parseRegistrationResponseJson. See the project README for an example.
  • Added support for the appidExclude, credProps, largeBlob and uvm extensions.
  • Added support for the new authenticatorSelectionCriteria.residentKey option:
    • Added method AuthenticatorSelectionCriteria.builder().residentKey(ResidentKeyRequirement).
    • Added method AuthenticatorSelectionCriteria.getResidentKey().
    • Methods builder().requireResidentKey(boolean) and isRequireResidentKey() deprecated in favor of the above two new methods.
    • The builder methods requireResidentKey(boolean) and residentKey(ResidentKeyRequirement) both control one shared setting, which sets both the requireResidentKey and residentKey options simultaneously and in agreement with each other for backwards compatibility with older browsers.
  • Added methods PublicKeyCredentialCreationOptions.toCredentialsCreateJson(), PublicKeyCredentialRequestOptions.toCredentialsGetJson() and AssertionRequest.toCredentialsGetJson() for serializing to JSON without having to use Jackson directly.
  • Added methods PublicKeyCredentialCreationOptions.toJson() and .fromJson(String) suitable for encoding to and decoding from JSON.
  • Added methods AssertionRequest.toJson() and .fromJson(String) suitable for encoding to and decoding from JSON.
  • Added methods StartAssertionOptions.builder().userHandle(ByteArray) and .userHandle(Optional<ByteArray>) as alternatives to .username(String) and .username(Optional<String>). The userHandle methods fill the same function as, and are mutually exclusive with, the username methods.

Fixes:

  • Added missing JavaDoc for id and name methods of initial RelyingPartyIdentityBuilder stages.
  • Added and improved JavaDoc for required builder methods.
  • Javadoc for TokenBindingInfo.id incorrectly stated that the value is base64url encoded.
  • Javadoc for TokenBindingStatus.PRESENT incorrectly referenced its own (private) id member instead of TokenBindingInfo.id.
  • Improved JavaDoc for StartRegistrationOptions.authenticatorSelection
  • Improved JavaDoc for RelyingParty.appid
  • Make the RelyingParty.validateSignatureCounter JavaDoc also cover the success case where stored and received signature count are both zero.

Artifacts built with openjdk 11.0.12 2021-07-20.

Assets 5
Loading