Skip to content

Releases: Yubico/java-webauthn-server

0.5.0

13 Nov 15:11
0.5.0
9c27b3b
Compare
Choose a tag to compare
0.5.0 Pre-release
Pre-release

webauthn-server-core

New features:

  • PackedAttestationStatementVerifier now supports SHA256WithRSA signatures

Bug fixes:

  • PublicKeyCredentialDescriptor.compareTo is now consistent with equals
  • AuthenticatorData constructor should now throw more descriptive exceptions instead of raw ArrayIndexOutOfBoundsExceptions

webauthn-server-attestation

Breaking changes:

  • Interface MetadataResolver replaced with interfaces AttestationResolver and TrustResolver
    • Class SimpleResolver split into SimpleAttestationResolver and SimpleTrustResolver
      • Both of these classes now take the metadata as a constructor parameter instead of exposing addMetadata methods
    • Class CompositeResolver split into CompositeAttestationResolver and CompositeTrustResolver
  • Class StandardMetadataService overhauled

0.4.0

08 Oct 13:41
0.4.0
dd85090
Compare
Choose a tag to compare
0.4.0 Pre-release
Pre-release

Breaking changes:

  • Field StartRegistrationOptions.requireResidentKey: boolean replaced with field authenticatorSelection: Optional<AuthenticatorSelectionCriteria>

0.3.0

01 Oct 08:29
0.3.0
536bb84
Compare
Choose a tag to compare
0.3.0 Pre-release
Pre-release

With this release, the library is getting close to mature enough for a production-ready release. There may be breaking API changes necessary before 1.0, but none are planned.

Changes:

  • Major API overhaul; public API changes include but are not limited to:
    • Reorganised package structure
    • CredentialRepository.getCredentialIdsForUsername(String) now returns Set instead of List
    • Most data classes now expose a builder instead of a public constructor
    • Shortcut constants added to COSEAlgorithmIdentifier and PublicKeyCredentialParameters
    • Exception U2fBadConfigurationException renamed to BadConfigurationException
    • RelyingParty.startRegistration now accepts one StartRegistrationOptions parameter instead of several parameters
    • RelyingParty.finishRegistration now accepts one FinishRegistrationOptions parameter instead of several parameters
    • RelyingParty.startAssertion now accepts one StartAssertionOptions parameter instead of several parameters
    • RelyingParty.finishAssertion now accepts one FinishAssertionOptions parameter instead of several parameters
    • RelyingParty.finishRegistration now throws checked RegistrationFailedException instead of IllegalArgumentException on most failures
    • RelyingParty.finishAssertion now throws checked AssertionFailedException instead of IllegalArgumentException on most failures
    • Class MetadataResolver replaced with interface
    • Constructor CollectedClientData(JsonNode) deleted
    • Type of fields StartAssertionOptions.extensions, StartRegistrationOptions.extensions and PublicKeyCredential.clientExtensionOutputs narrowed from JsonNode to ObjectNode
    • Parameters StartRegistrationOptions.excludeCredentials and StartAssertionOptions.allowCredentials deleted; they are now discovered automatically from the CredentialRepository. If custom control over excludeCredentials or allowCredentials is needed, modify the PublicKeyCredentialCreationOptions or PublicKeyCredentialRequestOptions object manually.
    • COSEAlgorithmIdentifier is now an actual enum
    • Extensions are now passed and returned as domain objects instead of as Jackson types
    • Type parameter added to PublicKeyCredential to express extensions type
    • Fields CollectedClientData.authenticatorExtensions and .clientExtensions deleted
  • Fixed a bug in AuthenticatorDataFlags that caused the ED (0x80) flag to never be set
  • All classes in com.yubico.webauthn.data can now be serialized and deserialized using Jackson
    • JSON output has been slightly changed:
      • AttestationObject, AuthenticatorData and CollectedClientData now serialize back to Base64Url encoded bytes instead of to JSON objects
      • Member _attestationObject removed from serialized AuthenticatorAttestationResponse
      • Member authenticatorData removed from serialized AuthenticatorAttestationResponse
  • New methods ByteArray.size(): int and .isEmpty(): boolean
  • ByteArray is now Comparable to itself
  • Added support for appid extension