Changes:
Changes:
- Update dependency versions in setup.py (#151)
Changes:
- Move the
RegistrationCredential.transports
property intoRegistrationCredential.response.transports
to better conform to upcoming WebAuthn JSON serialization method output (#150)
Changes:
- Update
cryptography
to 39.0.1 (and its dependencypyOpenSSL
to 23.0.0) (#148)- See "39.0.1 - 2023-02-07" in cryptography's CHANGELOG for more info
Changes:
- Add support for
from webauthn import *
syntax with proper use of__all__
(#146)
Changes:
- Add new
authenticator_attachment
value toRegistrationCredential
andAuthenticationCredential
, defining the attachment of the authenticator that completed a corresponding ceremony, as it may be returned by the WebAuthn API (#141)
Changes:
- Add new
credential_device_type
andcredential_backed_up
values to output fromverify_registration_response()
andverify_authentication_response()
(#136) - Add support for the new
"hybrid"
transport (the generalized, eventual successor to"cable"
) (#137)
Changes:
- Restore the ability to pass more common bytes-like values for
bytes
fields, such asstr
values (#132)
Changes:
- Refine support for bytes-like inputs to comply with stricter mypy configurations (#130)
Changes:
- Fix authenticator data parsing to correctly parse extension data when present (#125)
- Add support for the new
"cable"
transport (#129)
Changes:
- Add support for
memoryviews
forBytesLike
properties includingcredential_public_key
,authenticator_data
, etc...
Changes:
- Switch back from attrs + cattrs to Pydantic while preserving support for
bytes
-like values in subclasses ofWebAuthnBaseModel
.- See issue #113 for more context
Changes:
- Clarify
credential
docstring forverify_authentication_response()
Changes:
- Switched from Pydantic to the combination of attrs + cattrs. This achieves more-Pythonic library behavior when used in a project alongside other third-party packages that use subclasses of
bytes
to represent such values as credential IDs and public keys.
Changes:
- Fixed SafetyNet attestation statement verification failing due to server time drift
- Added py.typed file to indicate type information is present (PEP-561)
Changes:
- Fixed SafetyNet unit test failing due to expired x5c certs (see PR #99)
This preview release of the revitalized py_webauthn library features an entirely new API, as well as support for all attestation statement formats included in L2 of the WebAuthn spec:
- Packed
- TPM
- Android Key
- Android SafetyNet
- FIDO U2F
- Apple
- None
Practical examples are included in the examples/ directory to serve as a primary reference for now on how to use the new library functionality.
Changes:
- Everything. The entire package was replaced with a new library with a new API. Check it out 🚀