Package com.yubico.webauthn

Class StartAssertionOptions.StartAssertionOptionsBuilder

java.lang.Object

com.yubico.webauthn.StartAssertionOptions.StartAssertionOptionsBuilder

Enclosing class:

StartAssertionOptions

public static class StartAssertionOptions.StartAssertionOptionsBuilder
extends Object

Method Summary

Modifier and Type	Method	Description
StartAssertionOptions	build()
StartAssertionOptions.StartAssertionOptionsBuilder	extensions(@NonNull AssertionExtensionInputs extensions)	Extension inputs for this authentication operation.
StartAssertionOptions.StartAssertionOptionsBuilder	timeout(long timeout)	The value for PublicKeyCredentialRequestOptions.getTimeout() for this authentication operation.
StartAssertionOptions.StartAssertionOptionsBuilder	timeout(@NonNull Optional<Long> timeout)	The value for PublicKeyCredentialRequestOptions.getTimeout() for this authentication operation.
String	toString()
StartAssertionOptions.StartAssertionOptionsBuilder	userHandle(@NonNull Optional<ByteArray> userHandle)	The user handle of the user to authenticate, if the user has already been identified.
StartAssertionOptions.StartAssertionOptionsBuilder	userHandle(ByteArray userHandle)	The user handle of the user to authenticate, if the user has already been identified.
StartAssertionOptions.StartAssertionOptionsBuilder	username(@NonNull Optional<String> username)	The username of the user to authenticate, if the user has already been identified.
StartAssertionOptions.StartAssertionOptionsBuilder	username(String username)	The username of the user to authenticate, if the user has already been identified.
StartAssertionOptions.StartAssertionOptionsBuilder	userVerification(@NonNull Optional<UserVerificationRequirement> userVerification)	The value for PublicKeyCredentialRequestOptions.getUserVerification() for this authentication operation.
StartAssertionOptions.StartAssertionOptionsBuilder	userVerification(UserVerificationRequirement userVerification)	The value for PublicKeyCredentialRequestOptions.getUserVerification() for this authentication operation.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Method Details

username

public StartAssertionOptions.StartAssertionOptionsBuilder username(@NonNull
 @NonNull Optional<String> username)

The username of the user to authenticate, if the user has already been identified.

Mutually exclusive with userHandle(Optional). Setting this to a present value will set userHandle(Optional) to empty.

If this or userHandle(Optional) is present, then RelyingParty.startAssertion(StartAssertionOptions) will set PublicKeyCredentialRequestOptions.getAllowCredentials() to the list of that user's credentials.

If this and StartAssertionOptions.getUserHandle() are both absent, that implies authentication with a discoverable credential (passkey) - meaning identification of the user is deferred until after receiving the response from the client.

The default is empty (absent).

See Also:

• username(String)
• userHandle(Optional)
• userHandle(ByteArray)
• Client-side-discoverable credential
• Passkey in passkeys.dev reference

username

public StartAssertionOptions.StartAssertionOptionsBuilder username(String username)

The username of the user to authenticate, if the user has already been identified.

Mutually exclusive with userHandle(Optional). Setting this to a non-null value will set userHandle(Optional) to empty.

If this or userHandle(Optional) is present, then RelyingParty.startAssertion(StartAssertionOptions) will set PublicKeyCredentialRequestOptions.getAllowCredentials() to the list of that user's credentials.

If this and StartAssertionOptions.getUserHandle() are both absent, that implies authentication with a discoverable credential (passkey) - meaning identification of the user is deferred until after receiving the response from the client.

The default is empty (absent).

See Also:

• username(Optional)
• userHandle(Optional)
• userHandle(ByteArray)
• Client-side-discoverable credential
• Passkey in passkeys.dev reference

userHandle

public StartAssertionOptions.StartAssertionOptionsBuilder userHandle(@NonNull
 @NonNull Optional<ByteArray> userHandle)

The user handle of the user to authenticate, if the user has already been identified.

Mutually exclusive with username(Optional). Setting this to a present value will set username(Optional) to empty.

If this or username(Optional) is present, then RelyingParty.startAssertion(StartAssertionOptions) will set PublicKeyCredentialRequestOptions.getAllowCredentials() to the list of that user's credentials.

If this and StartAssertionOptions.getUsername() are both absent, that implies authentication with a discoverable credential (passkey) - meaning identification of the user is deferred until after receiving the response from the client.

The default is empty (absent).

See Also:

• username(String)
• username(Optional)
• userHandle(ByteArray)
• User Handle
• Client-side-discoverable credential
• Passkey in passkeys.dev reference

userHandle

public StartAssertionOptions.StartAssertionOptionsBuilder userHandle(ByteArray userHandle)

The user handle of the user to authenticate, if the user has already been identified.

Mutually exclusive with username(Optional). Setting this to a non-null value will set username(Optional) to empty.

If this or username(Optional) is present, then RelyingParty.startAssertion(StartAssertionOptions) will set PublicKeyCredentialRequestOptions.getAllowCredentials() to the list of that user's credentials.

If this and StartAssertionOptions.getUsername() are both absent, that implies authentication with a discoverable credential (passkey) - meaning identification of the user is deferred until after receiving the response from the client.

The default is empty (absent).

See Also:

• username(String)
• username(Optional)
• userHandle(Optional)
• Client-side-discoverable credential
• Passkey in passkeys.dev reference

userVerification

public StartAssertionOptions.StartAssertionOptionsBuilder userVerification(@NonNull
 @NonNull Optional<UserVerificationRequirement> userVerification)

The value for PublicKeyCredentialRequestOptions.getUserVerification() for this authentication operation.

If set to UserVerificationRequirement.REQUIRED, then RelyingParty.finishAssertion(FinishAssertionOptions) will enforce that user verificationwas performed in this authentication ceremony.

The default is UserVerificationRequirement.PREFERRED.

userVerification

public StartAssertionOptions.StartAssertionOptionsBuilder userVerification(UserVerificationRequirement userVerification)

The value for PublicKeyCredentialRequestOptions.getUserVerification() for this authentication operation.

If set to UserVerificationRequirement.REQUIRED, then RelyingParty.finishAssertion(FinishAssertionOptions) will enforce that user verificationwas performed in this authentication ceremony.

The default is UserVerificationRequirement.PREFERRED.

timeout

public StartAssertionOptions.StartAssertionOptionsBuilder timeout(@NonNull
 @NonNull Optional<Long> timeout)

The value for PublicKeyCredentialRequestOptions.getTimeout() for this authentication operation.

This library does not take the timeout into account in any way, other than passing it through to the PublicKeyCredentialRequestOptions so it can be used as an argument to navigator.credentials.get() on the client side.

The default is empty.

timeout

public StartAssertionOptions.StartAssertionOptionsBuilder timeout(long timeout)

The value for PublicKeyCredentialRequestOptions.getTimeout() for this authentication operation.

This library does not take the timeout into account in any way, other than passing it through to the PublicKeyCredentialRequestOptions so it can be used as an argument to navigator.credentials.get() on the client side.

The default is empty.

extensions

public StartAssertionOptions.StartAssertionOptionsBuilder extensions(@NonNull
 @NonNull AssertionExtensionInputs extensions)

Extension inputs for this authentication operation.

If RelyingParty.getAppId() is set, RelyingParty.startAssertion(StartAssertionOptions) will overwrite any appId extension input set herein.

The default specifies no extension inputs.

Returns:

this.

build

public StartAssertionOptions build()

toString

public String toString()

Overrides:

toString in class Object