Changes since 2.6.0-alpha8

webauthn-server-core:

Breaking changes:

Removed the suite of experimental interfaces related with CredentialRepositoryV2. These will be postponed to minor release 2.7 instead.
Removed property RegisteredCredential.transports.
Removed property credProps.authenticatorDisplayName.
Removed credProps extension from assertion extension outputs.

webauthn-server-attestation:

New features:

FidoMetadataDownloader now parses the CRLDistributionPoints extension on the application level, so the com.sun.security.enableCRLDP=true system property setting is no longer necessary.
Added helper function CertificateUtil.parseFidoSernumExtension for parsing serial number from enterprise attestation certificates.

Changes since 2.5.4

webauthn-server-core:

New features:

Added method getParsedPublicKey(): java.security.PublicKey to RegistrationResult and RegisteredCredential.
- Thanks to Jakob Heher (A-SIT) for the contribution, see #299
Added enum parsing functions:
- AuthenticatorAttachment.fromValue(String): Optional<AuthenticatorAttachment>
- PublicKeyCredentialType.fromId(String): Optional<PublicKeyCredentialType>
- ResidentKeyRequirement.fromValue(String): Optional<ResidentKeyRequirement>
- TokenBindingStatus.fromValue(String): Optional<TokenBindingStatus>
- UserVerificationRequirement.fromValue(String): Optional<UserVerificationRequirement>
Added public builder to CredentialPropertiesOutput.
Added public factory function LargeBlobRegistrationOutput.supported(boolean).
Added public factory functions to LargeBlobAuthenticationOutput.
Added hints property to StartRegistrationOptions, StartAssertionOptions, PublicKeyCredentialCreationOptions and PublicKeyCredentialRequestOptions, and class PublicKeyCredentialHint to support them, to support the hints parameter introduced in WebAuthn L3: https://www.w3.org/TR/2023/WD-webauthn-3-20230927/#dom-publickeycredentialcreationoptions-hints
(Experimental) Added option isSecurePaymentConfirmation(boolean) to FinishAssertionOptions. When set, RelyingParty.finishAssertion() will adapt the validation logic for a Secure Payment Confirmation (SPC) response instead of an ordinary WebAuthn response. See the JavaDoc for details.
- NOTE: Experimental features may receive breaking changes without a major version increase.

webauthn-server-attestation:

New features:

FidoMetadataDownloader now parses the CRLDistributionPoints extension on the application level, so the com.sun.security.enableCRLDP=true system property setting is no longer necessary.
Added helper function CertificateUtil.parseFidoSernumExtension for parsing serial number from enterprise attestation certificates.

Artifacts built with openjdk version "17.0.13" 2024-10-15.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Changes since 2.6.0-alpha8

Changes since 2.5.4

Releases: Yubico/java-webauthn-server

Pre-release 2.6.0-RC1

Changes since 2.6.0-alpha8

Changes since 2.5.4

Experimental release 2.6.0-alpha8

Version 2.5.4

Pre-release 2.5.4-RC1

Experimental release 2.6.0-alpha7

Version 2.5.3

Pre-release 2.5.3-RC2

Pre-release 2.5.3-RC1

Experimental release 2.6.0-alpha6

Version 2.5.2