- update to 2.0.0:
* See also the migration guide: doc/Migration_1-2.adoc.
* Python 3.10 or later is now required.
* WebAuthn dataclasses have been updated to align with the
WebAuthn Level 3 Working Draft. Constructors now require
keyword arguments (kwargs_only=True), and serialization to/from
dictionaries is compatible with standardized JSON formats.
* The features.webauthn_json_mapping flag has been removed, as
its behavior (standardized JSON mapping) is now default.
* Fido2Client and WindowsClient constructors now accept a
ClientDataCollector instance instead of origin and verify
parameters.
* WindowsClient has been relocated to fido2.client.windows.
Importing this class on non-Windows platforms will now raise an
ImportError.
* Fido2Client methods now return RegistrationResponse and
AuthenticationResponse objects, instead of raw
attestation/assertion data.
* CTAP2/WebAuthn extension handling has been redesigned.
Fido2Client now expects a list of Ctap2Extension instances.
Default behavior includes extensions commonly supported by
browsers.
* The fido2.cbor module's load_x and dump_x functions have been
made private (renamed with a leading underscore) and should not
be used directly.
* Previously deprecated functions and APIs have been removed.
* The __version__ attribute in fido2/__init__.py has been
removed. Use importlib.metadata.version('fido2') to get the
package version.
* Add support for Persistent PinUvAuthToken and encIdentifier.
* Add support for hmac-secret-mc and thirdPartyPayments
exensions.
* Add new GetInfo fields based on CTAP 2.2
* Update COSE algorithnm types.
* Building the library now requires Poetry version 2.0 or later.
OBS-URL: https://build.opensuse.org/request/show/1294069
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-fido2?expand=0&rev=20
- update to 1.1.3:
* Fix USB HID issue on MacOS that sometimes caused a pause
while waiting for a timeout.
* Fix argument to CredProp extension where an enum value
was required instead of also allowing a string.
* Fix parsing of some key types (ES384, ES512) causing
signature verification to fail.
* Deprecation: Calling websafe_decode with a bytes argument
instead of str.
This will raise a TypeError in the next major version of
the library.
OBS-URL: https://build.opensuse.org/request/show/1172492
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-fido2?expand=0&rev=18
* Fix USB HID issue on MacOS that sometimes caused a pause
while waiting for a timeout.
* Fix argument to CredProp extension where an enum value
was required instead of also allowing a string.
* Fix parsing of some key types (ES384, ES512) causing
signature verification to fail.
* Deprecation: Calling websafe_decode with a bytes argument
instead of str.
This will raise a TypeError in the next major version of
the library.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-fido2?expand=0&rev=36
- drop python-fido2-no-mock.patch
- Update to version 1.1.0
* Bugfix: Fix name of "crossOrigin" in CollectedClientData.create().
* Bugfix: Some incorrect type hints in the MDS3 classes were fixed.
* Stricter checking of dataclass field types.
* Add support for JSON-serialization of WebAuthn data classes.
This changes the objects dict representation to align with new additions in the
WebAuthn specification. As this may break compatibility, the new behavior
requires explicit opt-in until python-fido2 2.0 is released.
* Update server example to use JSON serialization.
* Server: Add support for passing RegistrationResponse/AuthenticationResponse (or
their deserialized JSON data) to register_complete/authenticate_complete.
* Add new "hybrid" AuthenticatorTransport.
* Add new AuthenticatorData flags, and use 2-letter names as in the WebAuthn spec
(long names are still available as aliases).
- version 1.0.0
* Release Candidate 1 of first stable release.
* Require Python 3.7 or later.
* APIs have updated to align with WebAuthn level 2.
* Several CTAP 2.1 features have been implemented.
OBS-URL: https://build.opensuse.org/request/show/1040193
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-fido2?expand=0&rev=26
- update to 0.9.3:
* Don't fail device discovery when hidraw doesn't support HIDIOCGRAWUNIQ
* Support the latest Windows webauthn.h API (included in Windows 11).
* Add product name and serial number to HidDescriptors.
* Remove the need for the uhid-freebsd dependency on FreeBSD.
- drop 0001-Don-t-use-enum.auto-Python-2.patch
0001-Skip-tests-on-older-Cryptography-versions.patch (upstream)
OBS-URL: https://build.opensuse.org/request/show/946688
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-fido2?expand=0&rev=11
* Don't fail device discovery when hidraw doesn't support HIDIOCGRAWUNIQ
* Support the latest Windows webauthn.h API (included in Windows 11).
* Add product name and serial number to HidDescriptors.
* Remove the need for the uhid-freebsd dependency on FreeBSD.
- drop 0001-Don-t-use-enum.auto-Python-2.patch
0001-Skip-tests-on-older-Cryptography-versions.patch (upstream)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-fido2?expand=0&rev=23
- Version 0.8.1 (released 2019-11-25)
* Bugfix: WindowsClient.make_credential error when resident key requirement is unspecified.
- Version 0.8.0 (released 2019-11-25)
* New fido2.webauthn classes modeled after the W3C WebAuthn spec introduced.
* CTAP2 send_cbor/make_credential/get_assertion and U2fClient request/authenticate timeout arguments replaced with event used to cancel a request.
* Fido2Client:
- make_credential/get_assertion now take WebAuthn options objects.
- timeout is now provided in ms in WebAuthn options objects. Event based cancelation also available by passing an Event.
* Fido2Server:
- ATTESTATION, USER_VERIFICATION, and AUTHENTICATOR_ATTACHMENT enums have been replaced with fido2.webauthn classes.
- RelyingParty has been replaced with PublicKeyCredentialRpEntity, and name is no longer optional.
- Options returned by register_begin/authenticate_begin now omit unspecified values if they are optional, instead of filling in default values.
- Fido2Server.allowed_algorithms now contains a list of PublicKeyCredentialParameters instead of algorithm identifiers.
- Fido2Server.timeout is now in ms and of type int.
* Support native WebAuthn API on Windows through WindowsClient.
- Version 0.7.3 (released 2019-10-24)
j Bugfix: Workaround for size of int on Python 2 on Windows.
- Version 0.7.2 (released 2019-10-24)
* Support for the TPM attestation format.
* Allow passing custom challenges to register/authenticate in Fido2Server.
* Bugfix: CTAP2 CANCEL command response handling fixed.
* Bugfix: Fido2Client fix handling of empty allow_list.
* Bugfix: Fix typo in CTAP2.get_assertions() causing it to fail.
- Version 0.7.1 (released 2019-09-20)
* Support for FreeBSD.
* Enforce canonical CBOR on Authenticator responses by default.
* PCSC: Support extended APDUs.
* Server: Verify that UP flag is set.
* U2FFido2Server: Implement AppID exclusion extension.
* U2FFido2Server: Allow custom U2F facet verification.
OBS-URL: https://build.opensuse.org/request/show/755089
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-fido2?expand=0&rev=15
- Version 0.6.0 (released 2019-05-10)
* Don't fail if CTAP2 Info contains unknown fields.
* Replace cbor loads/dumps functions with encode/decode/decode_from.
* Server: Add support for AuthenticatorAttachment.
* Server: Add support for more key algorithms.
* Client: Expose CTAP2 Info object as Fido2Client.info.
- Changed source URL to official release tarball
- Verifying signature of release tarball
OBS-URL: https://build.opensuse.org/request/show/706152
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-fido2?expand=0&rev=11
