Skip to content

Releases: wultra/powerauth-server

Release 1.8.2

29 Jul 13:09
697cb8d
Compare
Choose a tag to compare

This release contains the following improvements and bugfixes:

  • Additional fix of deadlocks on MSSQL.

Release 1.8.1

26 Jul 16:31
8391240
Compare
Choose a tag to compare

This release contains the following improvements and bugfixes:

  • Support for MSSQL.
  • Fix deadlocks on MSSQL.
  • Improve performance.
  • FIDO2 improvements.
  • Add STATUS_REASON to cancel operations.
  • Escape data in the operation template.
  • Dependency updates.

Release 1.7.2

06 Jun 05:32
5f51d98
Compare
Choose a tag to compare

This release contains the following bugfixes:

  • Create operation does not return proximity OTP.
  • DB migration issue in MS SQL.
  • Missing external ID in FIDO2 operation.

Release 1.7.1

13 May 12:27
80e340f
Compare
Choose a tag to compare

This release contains the following improvements and bugfixes:

  • Improve performance of deleting values in table pa_unique_values.
  • FIDO2: Credential ID now contains operation data to allow display of operation data on hardware authenticator.
  • FIDO2: Return excludeCredentials in registration challenge response to simplify filtering out already registered authenticators.
  • FIDO2: Various fixes for the bugfix release.

Release 1.6.3

30 Apr 07:12
bd9da79
Compare
Choose a tag to compare

This release contains the following improvements and bugfixes:

  • Improve performance of deleting values in table pa_unique_values.

Release 1.7.0

08 Apr 09:54
0a67979
Compare
Choose a tag to compare

This release contains the following improvements and bugfixes:

  • Integration of FIDO2 support into PowerAuth server compatible with a variety of software and hardware authenticators using WebAuthN protocol.
  • Add support for OpenTelemetry Traceparent HTTP Header.
  • User-Agent of the device approving/rejecting the operation is parsed as a Device object in callbacks and Operation detail responses.
  • Dependency updates.

Second snapshot release of FIDO2 support (v2)

19 Mar 16:16
3620c1f
Compare
Choose a tag to compare

Second snapshot including support of FIDO2 protocol in PowerAuth (v2). Do not deploy to production, the functionality will be included in the 1.7.0 release.

Includes: https://github.com/wultra/powerauth-server/releases/tag/fido2-snapshot-20240319

Additional fix: #1417

Second snapshot release of FIDO2 support

19 Mar 06:35
8ab1817
Compare
Choose a tag to compare

Second snapshot including support of FIDO2 protocol in PowerAuth. Do not deploy to production, the functionality will be included in the 1.7.0 release.

Migration notes since first snapshot PoC for FIDO2 support:

  1. Database migration:
  1. Updated REST API parameters:
  • parameter credentialId is used consistently instead of id or externalId (in AuthenticatorDetail, AuthenticatorParameters, AssertionVerificationRequest, RegistrationResponse)
  • parameter operationType changed to templateName in AssertionChallengeRequest, added optional parameter userId to personalize the request
  • added parameter allowCredentials in AssertionChallengeResponse and related AllowCredentials type
  • update model classes are reflected in OpenDoc: http://[host]:[port]/powerauth-java-server/swagger-ui/index.html
  1. Updated signature types:
  • by default all hardware authenticators use the POSSESSION signature type except Wultra hardware authenticator which uses POSSESSION_KNOWLEDGE signature type
  • signature types can be configured for different authenticators in table pa_fido2_authenticator
  1. Supported authenticator attestations:
  • added Basic Attestation using certificates next to existing Self Attestation
  1. Added configuration of FIDO2 functionality:
  • it is possible to restrict allowed attestation formats using configuration key fido2_attestation_fmt_allowed in table pa_application_config as JSON array of strings, e.g. [ "packed" ]
  • it is possible to restrict authenticator AAGUIDs using configuration key fido2_aaguids_allowed in table pa_application_config as JSON array of strings, e.g. [ "5ad235f4-f1f3-4803-966f-1a1950e0f155", "e9b3c0e3-1f91-4d7a-aed2-8d651851866b" ]
  • it is possible to configure root CA certificates for Basic Attestation using configuration key fido2_root_ca_certs in table pa_application_config as JSON array with certificates in PEM format
  • new configuration property powerauth.service.scheduled.job.fido2AuthenticatorCacheEviction to set eviction period of internal pa_fido2_authenticator cache
  1. Bugfix: parameter externalId in AssertionChallengeRequest is no longer ignored
  2. New validations:
  • multiple registations of same credentialId no longer allowed
  • persistance and checking of assertion verification counter
  • protocol checked in existing PowerAuth services
  • AAGUID and attestation formats are checked in case configured
  1. Added logging and auditing for FIDO2 functionality, updated extras for activations and additionalData for operations

Release 1.6.2

07 Mar 06:33
c194a8d
Compare
Choose a tag to compare

This release contains the following improvements and bugfixes:

  • Fixed Liquibase for MSSQL.

Release 1.4.4

28 Feb 12:22
5db57e1
Compare
Choose a tag to compare

This release contains the following improvements and bugfixes:

  • Able to expose metrics for Prometheus, if enabled.