Class UserIdentity
- java.lang.Object
-
- com.yubico.webauthn.data.UserIdentity
-
- All Implemented Interfaces:
PublicKeyCredentialEntity
public final class UserIdentity extends java.lang.Object implements PublicKeyCredentialEntity
Describes a user account, with which public key credentials can be associated.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
UserIdentity.UserIdentityBuilder
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description static UserIdentity.UserIdentityBuilder.MandatoryStages
builder()
boolean
equals(java.lang.Object o)
@NonNull java.lang.String
getDisplayName()
A human-palatable name for the user account, intended only for display.java.util.Optional<java.net.URL>
getIcon()
Deprecated.Theicon
property has been removed from WebAuthn Level 2.@NonNull ByteArray
getId()
The user handle for the account, specified by the Relying Party.@NonNull java.lang.String
getName()
A human-palatable identifier for a user account.int
hashCode()
UserIdentity.UserIdentityBuilder
toBuilder()
java.lang.String
toString()
-
-
-
Method Detail
-
builder
public static UserIdentity.UserIdentityBuilder.MandatoryStages builder()
-
getIcon
@Deprecated public java.util.Optional<java.net.URL> getIcon()
Deprecated.Theicon
property has been removed from WebAuthn Level 2. This method will be removed in the next major version of the library.Description copied from interface:PublicKeyCredentialEntity
A serialized URL which resolves to an image associated with the entity.For example, this could be a user's avatar or a Relying Party's logo. This URL MUST be an a priori authenticated URL. Authenticators MUST accept and store a 128-byte minimum length for an icon member's value. Authenticators MAY ignore an icon member's value if its length is greater than 128 bytes. The URL's scheme MAY be "data" to avoid fetches of the URL, at the cost of needing more storage.
- Specified by:
getIcon
in interfacePublicKeyCredentialEntity
-
toBuilder
public UserIdentity.UserIdentityBuilder toBuilder()
-
getDisplayName
@NonNull public @NonNull java.lang.String getDisplayName()
A human-palatable name for the user account, intended only for display. For example, "Alex P. Müller" or "田中 倫". The Relying Party SHOULD let the user choose this, and SHOULD NOT restrict the choice more than necessary.- Relying Parties SHOULD perform enforcement, as prescribed in Section 2.3 of [RFC8266] for
the Nickname Profile of the PRECIS FreeformClass [RFC8264], when setting
displayName
's value, or displaying the value to the user. - Clients SHOULD perform enforcement, as prescribed in Section 2.3 of [RFC8266] for the
Nickname Profile of the PRECIS FreeformClass [RFC8264], on
displayName
's value prior to displaying the value to the user or including the value as a parameter of theauthenticatorMakeCredential
operation.
When clients, client platforms, or authenticators display a
displayName
's value, they should always use UI elements to provide a clear boundary around the displayed value, and not allow overflow into other elements.Authenticators MUST accept and store a 64-byte minimum length for a
displayName
member's value. Authenticators MAY truncate adisplayName
member's value to a length equal to or greater than 64 bytes. - Relying Parties SHOULD perform enforcement, as prescribed in Section 2.3 of [RFC8266] for
the Nickname Profile of the PRECIS FreeformClass [RFC8264], when setting
-
getId
@NonNull public @NonNull ByteArray getId()
The user handle for the account, specified by the Relying Party.A user handle is an opaque byte sequence with a maximum size of 64 bytes. User handles are not meant to be displayed to users. The user handle SHOULD NOT contain personally identifying information about the user, such as a username or e-mail address; see §14.9 User Handle Contents for details.
To ensure secure operation, authentication and authorization decisions MUST be made on the basis of this
id
member, not thedisplayName
norname
members. See Section 6.1 of RFC 8266.An authenticator will never contain more than one credential for a given Relying Party under the same user handle.
-
equals
public boolean equals(java.lang.Object o)
- Overrides:
equals
in classjava.lang.Object
-
hashCode
public int hashCode()
- Overrides:
hashCode
in classjava.lang.Object
-
toString
public java.lang.String toString()
- Overrides:
toString
in classjava.lang.Object
-
getName
@NonNull public @NonNull java.lang.String getName()
A human-palatable identifier for a user account. It is intended only for display, i.e., aiding the user in determining the difference between user accounts with similardisplayName
s.For example: "alexm", "alex.p.mueller@example.com" or "+14255551234".
- Specified by:
getName
in interfacePublicKeyCredentialEntity
- See Also:
- RFC 8264, RFC 8265
-
-