Releases · YubicoLabs/WebAuthnKit

03 Oct 15:25

Version 2.2.0-RC Pre-release

Pre-release

New Features

Improvements

[Code] Updated java-webauthn-server from v2.0.0 to v2.1.0
[Code] java-webauthn-server library now supports TPM attestation, removed workaround needed for AAGUID only attestation for Windows Hello registrations
[Code] AWS Lambda Node functions upgraded from NodeJS v12 to v16
[Code] AWS Lambda Java function upgraded from 1.8 to 11

Docs

Assets 2

10 May 14:23

Version 2.1.0 Latest

Latest

New Features

[Attestation] Integration with the FIDO MDS to extend attestation capabilities to non-Yubico devices
[Credential Management] FIDO MDS integration now automatically gives descriptive nicknames to new registrations, assuming attestation was allowed
[Trusted Devices] The Trusted Device list now has the same "Edit" modal as Security Keys

Improvements

[Code] The new default Resident Key option has been changed to PREFERRED rather than DISCOURAGED
[UX] Updated Recovery Code modal. The modal now explains it's behavior, and allows users to opt out of generating codes to prevent the modal from continuing to pop up
[Code] Updated dependencies to migrate from V1 to V2 of the java-webauthn-server
[Code] Updated React app to accept the new attestation data format
[Code] Introduced new java class, AttestationRegistration, used for metadata statements that belong to a new registration
[Code] Fields originally named base64 have been updated to base64url

Fixes

[Bug] Fixed issue with internationalization for Windows platform guidance not resolving to the correct wording
[Bug] Fixxed issues with resident keys on Android. The checkbox for discoverable credentials will not appear on Android devices, and will resolve resident key to false when submitting a new trusted device registration
[Bug] Fixed issue with Safari populating userHandle as "", when our RP is expecting null

Docs

Assets 2

11 Apr 19:57

Version 2.0.0

New Features

[UI] The UI has a new look and feel to demonstrate Yubico's best practices for guiding users through the lifecycle of an account with Adaptive MFA backed by WebAuthn
[Attestation] Device Attestation data now appears on both the Home screen and the Edit screen for specific devices (Note: Attestation data is currently only available for YubiKeys)
[Trusted Devices] Specific prompts are now shown to help guide the user in registering a Platform Authenticator as a Trusted Device. Specific prompts given for Face ID, Touch ID, Windows Hello, and Android Biometrics
[Credential Management] The Home screen will enforce the registration of a specific type of authenticator (Platform x Cross Platform) based on the user’s selection of “Add a Trusted Device” or “Add a Security Key”

Improvements

[Code] Migrated codebase from JavaScript to TypeScript to enforce consistency across the project
[Code] Added a Linting service to ensure the code maintains a high degree of readability and consistency
[Code] Introduced Internationalization to enforce the use of consistent language across the application
[Code] All WebAuthn related actions have been consolidated to the WebAuthnClient.ts component, helping to reduce duplicate logic
[Error Handling] Errors now displayed to the user consistently through an Alert Box displayed at the top of the Home Screen or currently displayed Modal

Fixes

[Bug] Fixed issue with WebKit on Safari not allowing new user registrations
[Bug] Fixed issue where Cognito and WebKit on Safari were not allowing the use of Face ID
[Dependencies] Standard updating of dependencies to mitigate security risks

Docs

Updated screenshots from Starter Kit V1 to the new V2 views
Replaced the term Server-Verified PIN, with U2F Password
Replaced the term Identifier First Flow with Adaptive Multi-Factor Authentication
Added page describing Adaptive Multi-Factor Authentication, and its use in the WebAuthn Starter Kit

Assets 2