Skip to content

passkey-v0.3.0

Latest
Compare
Choose a tag to compare
@Progdrasil Progdrasil released this 13 Sep 20:17
· 7 commits to main since this release
ecc029e

Passkey v0.3.0

passkey-authenticator v0.3.0

  • Added: support for signature counters
    • ⚠ BREAKING: Add update_credential function to CredentialStore (#23).
    • Add make_credentials_with_signature_counter to Authenticator.
  • ⚠ BREAKING: Merge functions in UserValidationMethod (#24)
    • Removed: UserValidationMethod::check_user_presence
    • Removed: UserValidationMethod::check_user_verification
    • Added: UserValidationMethod::check_user. This function now performs both user presence and user verification checks.
      The function now also returns which validations were performed, even if they were not requested.
  • Added: Support for discoverable credentials
    • ⚠ BREAKING: Added: CredentialStore::get_info which returns StoreInfo containing DiscoverabilitySupport.
    • ⚠ BREAKING: Changed: CredentialStore::save_credential now also takes Options.
    • Changed: Authenticator::make_credentials now returns an error if a discoverable credential was requested but not supported by the store.

passkey-client v0.3.0

  • Changed: The Client no longer hardcodes the UV value sent to the Authenticator (#22).
  • Changed: The Client no longer hardcodes the RK value sent to the Authenticator (#27).
  • The client now supports additional user-defined properties in the client data, while also clarifying how the client
    handles client data and its hash.
    • ⚠ BREAKING: Changed: register and authenticate take ClientData<E> instead of Option<Vec<u8>>.
    • ⚠ BREAKING: Changed: Custom client data hashes are now specified using DefaultClientDataWithCustomHash(Vec<u8>) instead of
      Some(Vec<u8>).
    • Added: Additional fields can be added to the client data using DefaultClientDataWithExtra(ExtraData).
  • Added: The Client now has the ability to adjust the response for quirky relying parties
    when a fully featured response would break their server side validation. (#31)
  • ⚠ BREAKING: Added the Origin enum which is now the origin parameter for the following methods (#32):
    • Client::register takes an impl Into<Origin> instead of a &Url
    • Client::authenticate takes an impl Into<Origin> instead of a &Url
    • RpIdValidator::assert_domain takes an &Origin instead of a &Url
  • ⚠ BREAKING: The collected client data will now have the android app signature as the origin when a request comes from an app directly. (#32)

passkey-types v0.3.0

  • CollectedClientData is now generic and supports additional strongly typed fields. (#28)
    • Changed: CollectedClientData has changed to CollectedClientData<E = ()>
  • The Client now returns CredProps::rk depending on the authenticator's capabilities. (#29)
  • ⚠ BREAKING: Rename webauthn extension outputs to be consistent with inputs. (#33)
  • ⚠ BREAKING: Create new extension inputs for the CTAP authenticator inputs. (#33)
  • ⚠ BREAKING: Add unsigned extension outputs for the CTAP authenticator outputs. (#34)
  • ⚠ BREAKING: Add ability for Passkey to store associated extension data. (#36)
  • ⚠ BREAKING: Change version and extension information in ctap2::get_info from strings to enums. (#39)
  • ⚠ BREAKING: Add missing CTAP2.1 fields to make_credential::Response and get_assertion::Response. (#39)
  • Make the PublicKeyCredential outputs equatable in swift. (#39)

Full Changelog: passkey-v0.2.0...passkey-v0.3.0