Document PublicKeyCredentialCreationOptionsRepository
Issue gh-16396
This commit is contained in:
Rob Winch
parent
4314e68329
commit
718c90d7ad
|
|
@ -60,6 +60,7 @@ Java::
|
|||
----
|
||||
@Bean
|
||||
SecurityFilterChain filterChain(HttpSecurity http) {
|
||||
// ...
|
||||
http
|
||||
// ...
|
||||
.formLogin(withDefaults())
|
||||
|
|
@ -67,6 +68,8 @@ SecurityFilterChain filterChain(HttpSecurity http) {
|
|||
.rpName("Spring Security Relying Party")
|
||||
.rpId("example.com")
|
||||
.allowedOrigins("https://example.com")
|
||||
// optional properties
|
||||
.creationOptionsRepository(new CustomPublicKeyCredentialCreationOptionsRepository())
|
||||
);
|
||||
return http.build();
|
||||
}
|
||||
|
|
@ -89,11 +92,14 @@ Kotlin::
|
|||
----
|
||||
@Bean
|
||||
open fun filterChain(http: HttpSecurity): SecurityFilterChain {
|
||||
// ...
|
||||
http {
|
||||
webAuthn {
|
||||
rpName = "Spring Security Relying Party"
|
||||
rpId = "example.com"
|
||||
allowedOrigins = setOf("https://example.com")
|
||||
// optional properties
|
||||
creationOptionsRepository = CustomPublicKeyCredentialCreationOptionsRepository()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -110,6 +116,36 @@ open fun userDetailsService(): UserDetailsService {
|
|||
----
|
||||
======
|
||||
|
||||
[[passkeys-configuration-pkccor]]
|
||||
=== Custom PublicKeyCredentialCreationOptionsRepository
|
||||
|
||||
The `PublicKeyCredentialCreationOptionsRepository` is used to persist the `PublicKeyCredentialCreationOptions` between requests.
|
||||
The default is to persist it the `HttpSession`, but at times users may need to customize this behavior.
|
||||
This can be done by setting the optional property `creationOptionsRepository` demonstrated in xref:./passkeys.adoc#passkeys-configuration[Configuration] or by exposing a `PublicKeyCredentialCreationOptionsRepository` Bean:
|
||||
|
||||
[tabs]
|
||||
======
|
||||
Java::
|
||||
+
|
||||
[source,java,role="primary"]
|
||||
----
|
||||
@Bean
|
||||
CustomPublicKeyCredentialCreationOptionsRepository creationOptionsRepository() {
|
||||
return new CustomPublicKeyCredentialCreationOptionsRepository();
|
||||
}
|
||||
----
|
||||
|
||||
Kotlin::
|
||||
+
|
||||
[source,kotlin,role="secondary"]
|
||||
----
|
||||
@Bean
|
||||
open fun creationOptionsRepository(): CustomPublicKeyCredentialCreationOptionsRepository {
|
||||
return CustomPublicKeyCredentialCreationOptionsRepository()
|
||||
}
|
||||
----
|
||||
======
|
||||
|
||||
[[passkeys-register]]
|
||||
== Register a New Credential
|
||||
|
||||
|
|
|
|||
|
|
@ -14,3 +14,7 @@ Note that this may affect reports that operate on this key name.
|
|||
== OAuth
|
||||
|
||||
* https://github.com/spring-projects/spring-security/pull/16386[gh-16386] - Enable PKCE for confidential clients using `ClientRegistration.clientSettings.requireProofKey=true` for xref:servlet/oauth2/client/core.adoc#oauth2Client-client-registration-requireProofKey[servlet] and xref:reactive/oauth2/client/core.adoc#oauth2Client-client-registration-requireProofKey[reactive] applications
|
||||
|
||||
== WebAuthn
|
||||
|
||||
* https://github.com/spring-projects/spring-security/pull/16396[gh-16396] - Added the ability to configure a custom xref:servlet/authentication/passkeys.adoc#passkeys-configuration-pkccor[`PublicKeyCredentialCreationOptionsRepository`]
|
||||
|
|
|
|||
Loading…
Reference in New Issue