Releases: YubicoLabs/passkey-workshop
Releases · YubicoLabs/passkey-workshop
Version 2.0.0
Documentation
- [High assurance] Added section on the fundamentals of high assurance scenarios (step-up authentication, advanced protection, and LoA)
Relying Party
- [API] Expanded
/attestation/result
API to indicate if new registration was low or high assurance - [API] Expanded
/assertion/result
API to indicate if session was authenticated with low or high assurance credential - [API] API methods added to support advanced protection
- [Database] New field added to indicate if a credential is low or high assurance
- [Java app] Relying party no longer deletes a registration from the database, instead opting to utilize a status flag to indicate deletion
- [Java app] Relying party allows for a user to declare advanced protection for their account
- [Java app] Now allows for the creation of an allow list
- [Deployment] Deployment moved to the deploy folder, scripts and env variables simplified
Identity Provider
- [Keycloak] New SPI created to support high assurance bank example
Deployment
- [Docker] Docker files moved to the deploy folder
- [ENV] Environment variables consolidated to single file, with multiple templates
High assurance example
- [Web] New react app added to simulate an online banking service. This is used to demonstrate UX best practices, step up authentication, advanced protection, and level of assurance
- [Mobile] New iOS application added to support high assurance examples including reg/auth and step-up authentication
- [Bank API] New Java app added to simulate an online banking service. This is used to by the bank client to demonstrate step up authentication based on low and high assurance policies
Version 1.0.0
Documentation
- [Fundamentals] Added section on passkey fundamentals
- [Architecture] Added section on passkey application architecture
- [Deploy] Added section on deploying the project
- [Web client] Added section on developing a web client
- [Mobile client] Added section on developing a mobile client
- [Advanced topics] Added section on attestation
Relying Party
- [API] Developed standard API schema for passkey applications
- [API] Made Swagger docs are available from a running instance of the Java application
- [Java app] Developed core application using the java-webauthn-server library
- [Java app] Implemented interfaces to allow for the addition of new data sources
- [Java app] Implanted attestation support leveraging the FIDO MDS
- [Deployment] Created Docker templates to deploy the Java app and MySQL server
Web Client
- [User flows] Added authentication flows for discoverable modal, discoverable autofill, and non-discoverable scenarios
- [User flows] Added user registration flow for a user to create an account and passkey at the same time
- [User flows] Added credential management options to add, delete, and update nicknames
- [Test panel] Introduced test panel to quickly test WebAuthn functionality in the application
Mobile Client
- [User flows] Added authentication flows for discoverable modal, discoverable autofill, and non-discoverable scenarios
- [User flows] Added user registration flow for a user to create an account and passkey at the same time
Identity Provider
- [Keycloak] Developed custom authenticator SPI that connects to Java application
- [Keycloak] Created Docker templates to deploy a configured Keycloak application