WebAuthn Class
Properties Methods Events Config Settings Errors
TBD.
Syntax
cloudsso.WebAuthn
Remarks
The CreateNewCredential, VerifyNewCredential, NewCredentialRequest, and NewCredentialCompleted are used at registration.
The GetAssertionOptions, MakeAssertion, AssertionRequest, and AssertionCompleted are used at authentication.
TBD.
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
| ExistingCredentials | TBD. |
| PublicKeyAlgorithms | TBD. |
| RpId | TBD. |
| RpName | TBD. |
| Timeout | TBD. |
| UserDisplayName | TBD. |
| UserName | TBD. |
| UserVerification | TBD. |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
| AddExistingCredential | TBD. |
| Config | Sets or retrieves a configuration setting. |
| CreateNewCredential | TBD. |
| GetAssertionOptions | TBD. |
| MakeAssertion | TBD. |
| Reset | Resets the class properties. |
| VerifyNewCredential | TBD. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
| AssertionCompleted | TBD. |
| AssertionRequest | TBD. |
| Error | Fired when information is available about errors during data delivery. |
| Log | This event fires once for each log message. |
| NewCredentialCompleted | TBD. |
| NewCredentialRequest | TBD. |
Config Settings
The following is a list of config settings for the class with short descriptions. Click on the links for further details.
| BuildInfo | Information about the product's build. |
| GUIAvailable | Whether or not a message loop is available for processing events. |
| LicenseInfo | Information about the current license. |
| MaskSensitiveData | Whether sensitive data is masked in log messages. |
| UseDaemonThreads | Whether threads created by the class are daemon threads. |
| UseInternalSecurityAPI | Whether or not to use the system security libraries or an internal implementation. |
ExistingCredentials Property (WebAuthn Class)
TBD.
Syntax
public WACredentialList getExistingCredentials();
Remarks
The user can populate this collection with AddExistingCredential.
1. The CreateNewCredential method uses this collection to generate the excludeCredentails of https://w3c.github.io/webauthn/#dictionary-makecredentialoptions.
2. The VerifyNewCredential method uses this collection to verify the new credential id is unique.
3. The GetAssertionOptions method uses this collection to generate the allowCredentials of https://w3c.github.io/webauthn/#dictionary-assertion-options.
4. The MakeAssertion method uses this collection to verify the existence of the new credential id that has been created.
TBD.
This property is read-only and not available at design time.
Please refer to the WACredential type for a complete list of fields.PublicKeyAlgorithms Property (WebAuthn Class)
TBD.
Syntax
public String getPublicKeyAlgorithms(); public void setPublicKeyAlgorithms(String publicKeyAlgorithms);
Default Value
"ES256,RS256"
Remarks
This is an ordered list of acceptable algorithms for the key. A numeric identifier for the algorithm to be used to generate the key pair. The links between identifier and algorithms are defined in https://www.iana.org/assignments/cose/cose.xhtml#algorithms. The value of ES256 is -7. The value of RS256 is -257.
Though those elements are sorted by preference (the first element being the most preferred), it is up to the client to choose among those elements for building the credential.
TBD.
RpId Property (WebAuthn Class)
TBD.
Syntax
public String getRpId(); public void setRpId(String rpId);
Default Value
""
Remarks
https://w3c.github.io/webauthn/#dictionary-rp-credential-params.
It is a valid domain string identifying the WebAuthn Relying Party.
TBD.
RpName Property (WebAuthn Class)
TBD.
Syntax
public String getRpName(); public void setRpName(String rpName);
Default Value
""
Remarks
https://w3c.github.io/webauthn/#dictionary-pkcredentialentity
Is is a human-palatable identifier for the Relying Party, intended only for display. For example, "ACME Corporation", "Wonderful Widgets, Inc.".
TBD.
Timeout Property (WebAuthn Class)
TBD.
Syntax
public int getTimeout(); public void setTimeout(int timeout);
Default Value
60
Remarks
Make it in seconds. When sent to the client, convert it to milliseconds.
The timeout property, of the PublicKeyCredentialCreationOptions dictionary, represents an hint, given in milliseconds, for the time the script is willing to wait for the completion of the creation operation. This property is optional and merely is a hint which may be overridden by the browser.
TBD.
UserDisplayName Property (WebAuthn Class)
TBD.
Syntax
public String getUserDisplayName(); public void setUserDisplayName(String userDisplayName);
Default Value
""
Remarks
https://w3c.github.io/webauthn/#dictionary-user-credential-params.
A human-palatable name for the user account, intended only for display.
TBD.
UserName Property (WebAuthn Class)
TBD.
Syntax
public String getUserName(); public void setUserName(String userName);
Default Value
""
Remarks
https://w3c.github.io/webauthn/#dictionary-pkcredentialentity.
It is a human-palatable identifier for a user account. Examples of suitable values for this identifier include, "alexm", "+14255551234", "alex.mueller@example.com", "alex.mueller@example.com (prod-env)".
The CreateNewCredential can parse input registration client data to populate this property or the GetAssertionOptions can parse input authentication client data to populate this property.
TBD.
UserVerification Property (WebAuthn Class)
TBD.
Syntax
public String getUserVerification(); public void setUserVerification(String userVerification);
Default Value
"preferred"
Remarks
https://w3c.github.io/webauthn/#enum-userVerificationRequirement.
Values: "required", "preferred", "discouraged"
Default value: "preferred"
TBD.
AddExistingCredential Method (WebAuthn Class)
TBD.
Syntax
public void addExistingCredential(byte[] credentialId, String publicKey, int signCount, String algorithm);
Remarks
When NewCredentialRequest is fired, user can call this method to add excluding credentials to the ExistingCredentials collection.
When AssertionRequest is fired, user can call this method to add allowing credentials to the ExistingCredentials collection.
TBD.
Config Method (WebAuthn Class)
Sets or retrieves a configuration setting.
Syntax
public String config(String configurationString);
Remarks
Config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.
These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.
To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).
To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.
CreateNewCredential Method (WebAuthn Class)
TBD.
Syntax
public String createNewCredential(String data);
Remarks
1. This method parse client registration data.
2. Fire NewCredentialRequest event, let user call AddExistingCredential method to add all user-related credentials to the ExistingCredentials.
3. Generate json format response. Example: {"rp":{"id":"fido2-net-lib.passwordless.dev","name":"WebAuthn Test"},"user":{"name":"testName","id":"QnjZC2XuY0uWDJ4CbkKV-PT9jT8peFVIVSr9xx70tJU","displayName":"testDisplayName"},"challenge":"U02lnAqw67nokWiFr_Hj2w","pubKeyCredParams":[{"type":"public-key","alg":"-7"},{"type":"public-key","alg":"-257"}],"timeout":60000,"attestation":"none","authenticatorSelection":{"userVerification":"preferred"},"excludeCredentials":[],"extensions":{}}
TBD.
GetAssertionOptions Method (WebAuthn Class)
TBD.
Syntax
public String getAssertionOptions(String data);
Remarks
1. This method parse client authentication data.
2. Fire AssertionRequest event, let user call AddExistingCredential method to add all user-related credentials to the ExistingCredentials.
3. Generate json format response. Example: {"rpId":"fido2-net-lib.passwordless.dev","challenge":"qs2oz6qkWqFCVJw72ixFvg","timeout":60000,"userVerification":"preferred","allowCredentials":[{"id":"LrPbJZFbkNgSYft8vVzHRpICDq7MeK8hHTEaKZYR3EY","type":"public-key"}],"extensions":{}}
TBD.
MakeAssertion Method (WebAuthn Class)
TBD.
Syntax
public void makeAssertion(String data);
Remarks
1. This method verify the assertion according to https://w3c.github.io/webauthn/#sctn-verifying-assertion.
2. After verification, fire AssertionCompleted expose credentialId, signCount, UvInitialized.
TBD.
Reset Method (WebAuthn Class)
Resets the class properties.
Syntax
public void reset();
Remarks
This method resets all message and key properties to their default values.
VerifyNewCredential Method (WebAuthn Class)
TBD.
Syntax
public void verifyNewCredential(String data);
Remarks
1. This method verify the new credential according to https://w3c.github.io/webauthn/#sctn-registering-a-new-credential.
2. After verification, fire NewCredentialCompleted expose credentialId, publicKey, signCount, UvInitialized, COSE algorithm, userName.
TBD.
AssertionCompleted Event (WebAuthn Class)
TBD.
Syntax
public class DefaultWebAuthnEventListener implements WebAuthnEventListener { ... public void assertionCompleted(WebAuthnAssertionCompletedEvent e) {} ... } public class WebAuthnAssertionCompletedEvent { public byte[] credentialId; public int signCount; public boolean uvInitialized; }
Remarks
TBD.
AssertionRequest Event (WebAuthn Class)
TBD.
Syntax
public class DefaultWebAuthnEventListener implements WebAuthnEventListener { ... public void assertionRequest(WebAuthnAssertionRequestEvent e) {} ... } public class WebAuthnAssertionRequestEvent { public String userName; }
Remarks
TBD.
Error Event (WebAuthn Class)
Fired when information is available about errors during data delivery.
Syntax
public class DefaultWebAuthnEventListener implements WebAuthnEventListener { ... public void error(WebAuthnErrorEvent e) {} ... } public class WebAuthnErrorEvent { public int errorCode; public String description; }
Remarks
The Error event is fired in case of exceptional conditions during message processing. Normally the class throws an exception.
The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.
Log Event (WebAuthn Class)
This event fires once for each log message.
Syntax
public class DefaultWebAuthnEventListener implements WebAuthnEventListener { ... public void log(WebAuthnLogEvent e) {} ... } public class WebAuthnLogEvent { public int logLevel; public String message; public String logType; }
Remarks
This event fires once for each log message generated by the class. The verbosity is controlled by the LogLevel setting.
LogLevel indicates the level of message. Possible values are as follows:
| 0 (None) | No events are logged. |
| 1 (Info - default) | Informational events are logged. |
| 2 (Verbose) | Detailed data are logged. |
| 3 (Debug) | Debug data are logged. |
The value 1 (Info) logs basic information, including the URL, HTTP version, and status details.
The value 2 (Verbose) logs additional information about the request and response.
The value 3 (Debug) logs the headers and body for both the request and response, as well as additional debug information (if any).
Message is the log entry.
LogType identifies the type of log entry. Possible values are as follows:
- "Info"
- "RequestHeaders"
- "ResponseHeaders"
- "RequestBody"
- "ResponseBody"
- "ProxyRequest"
- "ProxyResponse"
- "FirewallRequest"
- "FirewallResponse"
NewCredentialCompleted Event (WebAuthn Class)
TBD.
Syntax
public class DefaultWebAuthnEventListener implements WebAuthnEventListener { ... public void newCredentialCompleted(WebAuthnNewCredentialCompletedEvent e) {} ... } public class WebAuthnNewCredentialCompletedEvent { public byte[] credentialId; public String userName; public String publicKey; public int signCount; public boolean uvInitialized; public String algorithm; }
Remarks
TBD.
NewCredentialRequest Event (WebAuthn Class)
TBD.
Syntax
public class DefaultWebAuthnEventListener implements WebAuthnEventListener { ... public void newCredentialRequest(WebAuthnNewCredentialRequestEvent e) {} ... } public class WebAuthnNewCredentialRequestEvent { public String userName; public String displayName; public String attestation; public String userVerification; }
Remarks
TBD.
WACredential Type
TBD.
Remarks
TBD.
Fields
Id
String
Default Value: ""
TBD.
IdB
byte[]
Default Value: ""
TBD.
PublicKey
String
Default Value: ""
TBD.
SignAlgorithm
String
Default Value: "0"
TBD.
SignCount
int
Default Value: 0
TBD.
Constructors
public WACredential();
Config Settings (WebAuthn Class)
The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.Base Config Settings
In some non-GUI applications, an invalid message loop may be discovered that will result in errant behavior. In these cases, setting GUIAvailable to false will ensure that the class does not attempt to process external events.
- Product: The product the license is for.
- Product Key: The key the license was generated from.
- License Source: Where the license was found (e.g., RuntimeLicense, License File).
- License Type: The type of license installed (e.g., Royalty Free, Single Server).
- Last Valid Build: The last valid build number for which the license will work.
This setting only works on these classes: AS3Receiver, AS3Sender, Atom, Client(3DS), FTP, FTPServer, IMAP, OFTPClient, SSHClient, SCP, Server(3DS), Sexec, SFTP, SFTPServer, SSHServer, TCPClient, TCPServer.
Setting this configuration setting to true tells the class to use the internal implementation instead of using the system security libraries.
This setting is set to false by default on all platforms.