Package com.yubico.webauthn.data

Class PublicKeyCredentialRequestOptions

java.lang.Object

com.yubico.webauthn.data.PublicKeyCredentialRequestOptions

public final class PublicKeyCredentialRequestOptions
extends Object

The PublicKeyCredentialRequestOptions dictionary supplies get() with the data it needs to generate an assertion.

Its `challenge` member must be present, while its other members are optional.

See Also:

• §5.5. Options for Assertion Generation (dictionary PublicKeyCredentialRequestOptions)

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	PublicKeyCredentialRequestOptions.PublicKeyCredentialRequestOptionsBuilder

Method Summary

Modifier and Type	Method	Description
static PublicKeyCredentialRequestOptions.PublicKeyCredentialRequestOptionsBuilder.MandatoryStages	builder()
boolean	equals(Object o)
Optional<List<PublicKeyCredentialDescriptor>>	getAllowCredentials()
@NonNull ByteArray	getChallenge()	A challenge that the selected authenticator signs, along with other data, when producing an authentication assertion.
@NonNull AssertionExtensionInputs	getExtensions()	Additional parameters requesting additional processing by the client and authenticator.
List<String>	getHints()	Zero or more hints, in descending order of preference, to guide the user agent in interacting with the user during this authentication operation.
String	getRpId()	Specifies the relying party identifier claimed by the caller.
Optional<Long>	getTimeout()
Optional<UserVerificationRequirement>	getUserVerification()
int	hashCode()
PublicKeyCredentialRequestOptions.PublicKeyCredentialRequestOptionsBuilder	toBuilder()
String	toCredentialsGetJson()	Serialize this PublicKeyCredentialRequestOptions value to JSON suitable for sending to the client.
String	toString()

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Method Details

getTimeout

public Optional<Long> getTimeout()

getAllowCredentials

public Optional<List<PublicKeyCredentialDescriptor>> getAllowCredentials()

getUserVerification

public Optional<UserVerificationRequirement> getUserVerification()

toCredentialsGetJson

public String toCredentialsGetJson()
                            throws com.fasterxml.jackson.core.JsonProcessingException

Serialize this PublicKeyCredentialRequestOptions value to JSON suitable for sending to the client.

Any ByteArray values in this data structure will be Base64Url encoded. Those values MUST be decoded into BufferSource values (such as Uint8Array) on the client side before calling navigator.credentials.get() .

After decoding binary values, the resulting JavaScript object is suitable for passing as an argument to navigator.credentials.get().

Returns:

a JSON value suitable for sending to the client and passing as an argument to navigator.credentials.get(), after decoding binary options from Base64Url strings.

Throws:

com.fasterxml.jackson.core.JsonProcessingException - if JSON serialization fails.

builder

public static PublicKeyCredentialRequestOptions.PublicKeyCredentialRequestOptionsBuilder.MandatoryStages builder()

toBuilder

public PublicKeyCredentialRequestOptions.PublicKeyCredentialRequestOptionsBuilder toBuilder()

getChallenge

@NonNull
public @NonNull ByteArray getChallenge()

A challenge that the selected authenticator signs, along with other data, when producing an authentication assertion. See the §13.1 Cryptographic Challenges security consideration.

getHints

public List<String> getHints()

Zero or more hints, in descending order of preference, to guide the user agent in interacting with the user during this authentication operation.

For example, the PublicKeyCredentialHint.SECURITY_KEY hint may be used to ask the client to emphasize the option of authenticating with an external security key, or the PublicKeyCredentialHint.CLIENT_DEVICE hint may be used to ask the client to emphasize the option of authenticating a built-in passkey provider.

These hints are not requirements, and do not bind the user-agent, but may guide it in providing the best experience by using contextual information about the request.

Hints MAY contradict information contained in PublicKeyCredentialDescriptor.getTransports(). When this occurs, the hints take precedence.

This library does not take these hints into account in any way, other than passing them through so they can be used in the argument to navigator.credentials.get() on the client side.

The default is empty.

See Also:

• PublicKeyCredentialHint
• StartAssertionOptions.getHints()
• PublicKeyCredentialRequestOptions.PublicKeyCredentialRequestOptionsBuilder.hints(List)
• PublicKeyCredentialRequestOptions.PublicKeyCredentialRequestOptionsBuilder.hints(String...)
• PublicKeyCredentialRequestOptions.PublicKeyCredentialRequestOptionsBuilder.hints(PublicKeyCredentialHint...)
• PublicKeyCredentialRequestOptions.hints
• §5.8.7. User-agent Hints Enumeration (enum PublicKeyCredentialHints)

getRpId

public String getRpId()

Specifies the relying party identifier claimed by the caller.

If omitted, its value will be set by the client.

getExtensions

@NonNull
public @NonNull AssertionExtensionInputs getExtensions()

Additional parameters requesting additional processing by the client and authenticator.

For example, if transaction confirmation is sought from the user, then the prompt string might be included as an extension.

equals

public boolean equals(Object o)

Overrides:

equals in class Object

hashCode

public int hashCode()

Overrides:

hashCode in class Object

toString

public String toString()

Overrides:

toString in class Object