Document PublicKeyCredentialCreationOptionsRepository

Issue gh-16396
2025-01-17 20:47:45 -06:00 · 2025-01-17 20:47:45 -06:00 · 718c90d7ad
parent 4314e68329
commit 718c90d7ad
2 changed files with 40 additions and 0 deletions
--- a/docs/modules/ROOT/pages/servlet/authentication/passkeys.adoc
+++ b/docs/modules/ROOT/pages/servlet/authentication/passkeys.adoc
@ -60,6 +60,7 @@ Java::
 ----
@Bean
 SecurityFilterChain filterChain(HttpSecurity http) {
 	// ...
 	http
 		// ...
 		.formLogin(withDefaults())
@ -67,6 +68,8 @@ SecurityFilterChain filterChain(HttpSecurity http) {
 			.rpName("Spring Security Relying Party")
 			.rpId("example.com")
 			.allowedOrigins("https://example.com")
 			// optional properties
 			.creationOptionsRepository(new CustomPublicKeyCredentialCreationOptionsRepository())
 		);
 	return http.build();
 }
@ -89,11 +92,14 @@ Kotlin::
 ----
@Bean
 open fun filterChain(http: HttpSecurity): SecurityFilterChain {
 	// ...
 	http {
 		webAuthn {
 			rpName = "Spring Security Relying Party"
 			rpId = "example.com"
 			allowedOrigins = setOf("https://example.com")
 			// optional properties
 			creationOptionsRepository = CustomPublicKeyCredentialCreationOptionsRepository()
 		}
 	}
 }
@ -110,6 +116,36 @@ open fun userDetailsService(): UserDetailsService {
 ----
 ======
 [[passkeys-configuration-pkccor]]
 === Custom PublicKeyCredentialCreationOptionsRepository
 The `PublicKeyCredentialCreationOptionsRepository` is used to persist the `PublicKeyCredentialCreationOptions` between requests.
 The default is to persist it the `HttpSession`, but at times users may need to customize this behavior.
 This can be done by setting the optional property `creationOptionsRepository` demonstrated in xref:./passkeys.adoc#passkeys-configuration[Configuration] or by exposing a `PublicKeyCredentialCreationOptionsRepository` Bean:
 [tabs]
 ======
 Java::
 +
 [source,java,role="primary"]
 ----
@Bean
 CustomPublicKeyCredentialCreationOptionsRepository creationOptionsRepository() {
 	return new CustomPublicKeyCredentialCreationOptionsRepository();
 }
 ----
 Kotlin::
 +
 [source,kotlin,role="secondary"]
 ----
@Bean
 open fun creationOptionsRepository(): CustomPublicKeyCredentialCreationOptionsRepository {
 	return CustomPublicKeyCredentialCreationOptionsRepository()
 }
 ----
 ======
 [[passkeys-register]]
 == Register a New Credential
--- a/docs/modules/ROOT/pages/whats-new.adoc
+++ b/docs/modules/ROOT/pages/whats-new.adoc
@ -14,3 +14,7 @@ Note that this may affect reports that operate on this key name.
 == OAuth
 * https://github.com/spring-projects/spring-security/pull/16386[gh-16386] - Enable PKCE for confidential clients using `ClientRegistration.clientSettings.requireProofKey=true` for xref:servlet/oauth2/client/core.adoc#oauth2Client-client-registration-requireProofKey[servlet] and xref:reactive/oauth2/client/core.adoc#oauth2Client-client-registration-requireProofKey[reactive] applications
 == WebAuthn
 * https://github.com/spring-projects/spring-security/pull/16396[gh-16396] - Added the ability to configure a custom xref:servlet/authentication/passkeys.adoc#passkeys-configuration-pkccor[`PublicKeyCredentialCreationOptionsRepository`]