-
Notifications
You must be signed in to change notification settings - Fork 142
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
`webauthn-server-core`: New features: - Added support for RS384 and RS512 signature algorithms. - Thanks to GitHub user JohnnyJayJay for the contribution, see #235 - Added `userHandle` field to `AssertionRequest` as part of the second bug fix below. `userHandle` is mutually exclusive with `username`. This was originally released in pre-release `1.12.3-RC3`, but was accidentally left out of the `1.12.3` release. Fixes: - During `RelyingParty.finishRegistration()` if an `attestationTrustSource` is configured, if the `aaguid` in the authenticator data is zero, the call to `AttestationTrustSource.findTrustRoots` will fall back to reading the AAGUID from the attestation certificate if possible. - Fixed bug in `RelyingParty.finishAssertion` where if `StartAssertionOptions.userHandle` was set, it did not propagate to `RelyingParty.finishAssertion` and caused an error saying username and user handle are both absent unless a user handle was returned by the authenticator. This was originally released in pre-release `1.12.3-RC3`, but was accidentally left out of the `1.12.3` release. - Fixed regression in `PublicKeyCredentialCreationOptions.toCredentialsCreateJson()`, which has not been emitting a `requireResidentKey` member since version `2.0.0`. This meant the JSON output was not backwards compatible with browsers that only support the Level 1 version of the WebAuthn spec. `webauthn-server-attestation`: Fixes: - `findEntries` and `findTrustRoots` methods in `FidoMetadataService` now attempt to read AAGUID from the attestation certificate if the `aaguid` argument is absent or zero. - Method `FidoMetadataService.Filters.allOf` now has `@SafeVarargs` annotation.
- Loading branch information
Showing
66 changed files
with
2,400 additions
and
1,499 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
479492c
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Mutation test results
com.yubico.fido.metadata
com.yubico.internal.util
com.yubico.webauthn
com.yubico.webauthn.attestation
com.yubico.webauthn.data
com.yubico.webauthn.extension.appid
com.yubico.webauthn.extension.uvm
com.yubico.webauthn.meta
Previous run: 547389b - Diff
Detailed reports: workflow run #203