npm @simplewebauthn/browser 0.8.0
v0.8.0 - The one with better challenges
on Node.js NPM

latest releases: 13.3.0, 13.2.2, 13.2.0...
5 years ago

Packages:

  • @simplewebauthn/browser@0.8.0
  • @simplewebauthn/server@0.8.0
  • @simplewebauthn/typescript-types@0.8.0

Changes:

  • [server] The challenge parameter of generateAttestationOptions() and generateAssertionOptions() is now optional.
    • When undefined the library will generate a random challenge. This value will be base64url-encoded in preparation for transit to the front end.
    • When defined the value will be directly encoded to base64url in preparation for transit to the front end.
  • [browser] startAttestation() and startAssertion() now convert the base64url-encoded options.challenge to a buffer before passing it to the authenticator.

Breaking Changes

  • [server] verifyAttestationResponse() and verifyAssertionResponse() now require the base64url-encoded challenge to be passed in as expectedChallenge:

Before: 

const challenge = 'someChallenge';

const opts = generateAttestationOptions({
  ...atteOpts,
  challenge,
});

const verification = verifyAttestationResponse({
  ...atteResp,
  // Raw original value
  expectedChallenge: challenge,
});

After: 

const challenge = 'someChallenge';

const opts = generateAttestationOptions({
  ...atteOpts,
  // This is now optional
  challenge,
});

const verification = verifyAttestationResponse({
  ...atteResp,
  // Now expected to be the base64url-encoded `challenge` returned
  // by `generateAttestationOptions()`
  expectedChallenge: opts.challenge,
});
Check out latest releases or
releases around @simplewebauthn/browser 0.8.0

Don't miss a new browser release

NewReleases is sending notifications on new releases.

Get notifications