Passkey v0.3.0
passkey-authenticator v0.3.0
- Added: support for signature counters
- ⚠ BREAKING: Add
update_credential
function toCredentialStore
(#23). - Add
make_credentials_with_signature_counter
toAuthenticator
.
- ⚠ BREAKING: Add
- ⚠ BREAKING: Merge functions in
UserValidationMethod
(#24)- Removed:
UserValidationMethod::check_user_presence
- Removed:
UserValidationMethod::check_user_verification
- Added:
UserValidationMethod::check_user
. This function now performs both user presence and user verification checks.
The function now also returns which validations were performed, even if they were not requested.
- Removed:
- Added: Support for discoverable credentials
- ⚠ BREAKING: Added:
CredentialStore::get_info
which returnsStoreInfo
containingDiscoverabilitySupport
. - ⚠ BREAKING: Changed:
CredentialStore::save_credential
now also takesOptions
. - Changed:
Authenticator::make_credentials
now returns an error if a discoverable credential was requested but not supported by the store.
- ⚠ BREAKING: Added:
passkey-client v0.3.0
- Changed: The
Client
no longer hardcodes the UV value sent to theAuthenticator
(#22). - Changed: The
Client
no longer hardcodes the RK value sent to theAuthenticator
(#27). - The client now supports additional user-defined properties in the client data, while also clarifying how the client
handles client data and its hash.- ⚠ BREAKING: Changed:
register
andauthenticate
takeClientData<E>
instead ofOption<Vec<u8>>
. - ⚠ BREAKING: Changed: Custom client data hashes are now specified using
DefaultClientDataWithCustomHash(Vec<u8>)
instead of
Some(Vec<u8>)
. - Added: Additional fields can be added to the client data using
DefaultClientDataWithExtra(ExtraData)
.
- ⚠ BREAKING: Changed:
- Added: The
Client
now has the ability to adjust the response for quirky relying parties
when a fully featured response would break their server side validation. (#31) - ⚠ BREAKING: Added the
Origin
enum which is now the origin parameter for the following methods (#32):Client::register
takes animpl Into<Origin>
instead of a&Url
Client::authenticate
takes animpl Into<Origin>
instead of a&Url
RpIdValidator::assert_domain
takes an&Origin
instead of a&Url
- ⚠ BREAKING: The collected client data will now have the android app signature as the origin when a request comes from an app directly. (#32)
passkey-types v0.3.0
CollectedClientData
is now generic and supports additional strongly typed fields. (#28)- Changed:
CollectedClientData
has changed toCollectedClientData<E = ()>
- Changed:
- The
Client
now returnsCredProps::rk
depending on the authenticator's capabilities. (#29) - ⚠ BREAKING: Rename webauthn extension outputs to be consistent with inputs. (#33)
- ⚠ BREAKING: Create new extension inputs for the CTAP authenticator inputs. (#33)
- ⚠ BREAKING: Add unsigned extension outputs for the CTAP authenticator outputs. (#34)
- ⚠ BREAKING: Add ability for
Passkey
to store associated extension data. (#36) - ⚠ BREAKING: Change version and extension information in
ctap2::get_info
from strings to enums. (#39) - ⚠ BREAKING: Add missing CTAP2.1 fields to
make_credential::Response
andget_assertion::Response
. (#39) - Make the
PublicKeyCredential
outputs equatable in swift. (#39)
Full Changelog: passkey-v0.2.0...passkey-v0.3.0