@simplewebauthn/server
Advanced tools
Changelog
v0.10.2
Packages:
Changes:
Changelog
v0.10.1
Packages:
Changes:
Changelog
v0.10.0 - The one you can use your face with
Packages:
Changes:
allowCredentials
and
excludeCredentials
transports
in response from
startAttestation()
AuthenticatorAttestationResponseFuture
type for better typing of
credential response methods (getTransports()
, getAuthenticatorData()
, etc...)generateAttestationOptions()
and
generateAssertionOptions()
must be updated to specify credentials with their own transports:generateAttestationOptions()
// OLD
const options = generateAttestationOptions({
excludedCredentialIDs: devices.map((dev) => dev.credentialID),
suggestedTransports: ['usb', 'ble', 'nfc', 'internal'],
});
// NEW
const options = generateAttestationOptions({
excludeCredentials: devices.map((dev) => ({
id: dev.credentialID,
type: 'public-key',
transports: dev.transports,
})),
});
generateAssertionOptions()
// OLD
const options = generateAssertionOptions({
allowedCredentialIDs: user.devices.map((dev) => dev.credentialID),
suggestedTransports: ['usb', 'ble', 'nfc', 'internal'],
});
// NEW
const options = generateAssertionOptions({
allowCredentials: devices.map((dev) => ({
id: dev.credentialID,
type: 'public-key',
transports: dev.transports,
})),
});
Changelog
v0.9.1
Packages:
Changes:
Changelog
v0.9.0 - The one that knows RSA from EC2
Packages:
Changes:
authenticatorInfo.base64PublicKey
returned by verifyAttestationResponse()
is now
the entire public key buffer instead of a pared down form of it (it's still returned
base64url-encoded). This helps ensure support for existing public keys, as well as future public
key formats that may be introduced in the future. Public keys previously returned by this method
must be upgraded via
this "upgrader" script to
work with future assertions.serviceName
argument for generateAttestationOptions()
has been renamed to
rpName
. This brings it in line with the existing rpID
argument and maps more obviously to its
respective property within the returned options.Changelog
v0.8.2
Packages:
Changes:
authenticatorSelection
in return value from
generateAttestationOptions()
for enhanced device compatibility.Changelog
v0.8.1
Packages:
Changes:
supportedAlgorithmIDs
when calling
generateAttestationOptions()
Changelog
v0.8.0 - The one with better challenges
Packages:
Changes:
challenge
parameter of generateAttestationOptions()
and
generateAssertionOptions()
is now optional.
startAttestation()
and startAssertion()
now convert the base64url-encoded
options.challenge
to a buffer before passing it to the authenticator.verifyAttestationResponse()
and verifyAssertionResponse()
now require the
base64url-encoded challenge to be passed in as expectedChallenge
:Before:
const challenge = 'someChallenge';
const opts = generateAttestationOptions({
...atteOpts,
challenge,
});
const verification = verifyAttestationResponse({
...atteResp,
// Raw original value
expectedChallenge: challenge,
});
After:
const challenge = 'someChallenge';
const opts = generateAttestationOptions({
...atteOpts,
// This is now optional
challenge,
});
const verification = verifyAttestationResponse({
...atteResp,
// Now expected to be the base64url-encoded `challenge` returned
// by `generateAttestationOptions()`
expectedChallenge: opts.challenge,
});