Skip to content

Releases: YubicoLabs/passkey-workshop

Version 2.0.0

26 Feb 22:39
@csalas-yubico csalas-yubico
v2.0.0
43d290e
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 2.0.0 Latest
Latest

Documentation

  • [High assurance] Added section on the fundamentals of high assurance scenarios (step-up authentication, advanced protection, and LoA)

Relying Party

  • [API] Expanded /attestation/result API to indicate if new registration was low or high assurance
  • [API] Expanded /assertion/result API to indicate if session was authenticated with low or high assurance credential
  • [API] API methods added to support advanced protection
  • [Database] New field added to indicate if a credential is low or high assurance
  • [Java app] Relying party no longer deletes a registration from the database, instead opting to utilize a status flag to indicate deletion
  • [Java app] Relying party allows for a user to declare advanced protection for their account
  • [Java app] Now allows for the creation of an allow list
  • [Deployment] Deployment moved to the deploy folder, scripts and env variables simplified

Identity Provider

  • [Keycloak] New SPI created to support high assurance bank example

Deployment

  • [Docker] Docker files moved to the deploy folder
  • [ENV] Environment variables consolidated to single file, with multiple templates

High assurance example

  • [Web] New react app added to simulate an online banking service. This is used to demonstrate UX best practices, step up authentication, advanced protection, and level of assurance
  • [Mobile] New iOS application added to support high assurance examples including reg/auth and step-up authentication
  • [Bank API] New Java app added to simulate an online banking service. This is used to by the bank client to demonstrate step up authentication based on low and high assurance policies
Assets 3
Loading

Version 1.0.0

10 May 18:52
@csalas-yubico csalas-yubico
v.1.0.0
3721ada
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 1.0.0

Documentation

  • [Fundamentals] Added section on passkey fundamentals
  • [Architecture] Added section on passkey application architecture
  • [Deploy] Added section on deploying the project
  • [Web client] Added section on developing a web client
  • [Mobile client] Added section on developing a mobile client
  • [Advanced topics] Added section on attestation

Relying Party

  • [API] Developed standard API schema for passkey applications
  • [API] Made Swagger docs are available from a running instance of the Java application
  • [Java app] Developed core application using the java-webauthn-server library
  • [Java app] Implemented interfaces to allow for the addition of new data sources
  • [Java app] Implanted attestation support leveraging the FIDO MDS
  • [Deployment] Created Docker templates to deploy the Java app and MySQL server

Web Client

  • [User flows] Added authentication flows for discoverable modal, discoverable autofill, and non-discoverable scenarios
  • [User flows] Added user registration flow for a user to create an account and passkey at the same time
  • [User flows] Added credential management options to add, delete, and update nicknames
  • [Test panel] Introduced test panel to quickly test WebAuthn functionality in the application

Mobile Client

  • [User flows] Added authentication flows for discoverable modal, discoverable autofill, and non-discoverable scenarios
  • [User flows] Added user registration flow for a user to create an account and passkey at the same time

Identity Provider

  • [Keycloak] Developed custom authenticator SPI that connects to Java application
  • [Keycloak] Created Docker templates to deploy a configured Keycloak application
Assets 2
Loading