Version 0.1.0 of java-webauthn-server

- First release of [Web Authentication][webauthn] support
- Merged U2F subprojects into webauthn-server-core and deleted lots of
  unused code

[webauthn]: https://www.w3.org/TR/webauthn/

Author: emlun

.gitignore

@@ -8,6 +8,7 @@
 out/
 *.iml
 *.iws
+*/out/
 
 # Mac
 .DS_Store

NEWS

@@ -1,3 +1,14 @@
+== Version 0.1.0 ==
+
+* First release of https://www.w3.org/TR/webauthn/[Web Authentication] support
+* Merged U2F subprojects into webauthn-server-core and deleted lots of unused code
+
+
+= java-u2flib-server version history =
+
+This project was forked from https://developers.yubico.com/java-u2flib-server/[java-u2flib-server]. Below is the version history from before the fork.
+
+
 == Version 0.19.0 ==
 
 Breaking changes:

README

@@ -1,78 +1,23 @@
-== java-u2flib-server
+== java-webauthn-server
 
-image:https://travis-ci.org/Yubico/java-u2flib-server.svg?branch=master["Build Status", link="https://travis-ci.org/Yubico/java-u2flib-server"]
-image:https://coveralls.io/repos/github/Yubico/java-u2flib-server/badge.svg["Coverage Status", link="https://coveralls.io/github/Yubico/java-u2flib-server"]
+_Note: This is a work in progress. The https://www.w3.org/TR/webauthn/[Web
+Authentication standard] is not yet finished, and any part of this project may
+change at any time._
 
-Server-side https://developers.yubico.com/U2F[U2F] library for Java. Provides functionality for registering
-U2F devices and authenticating with said devices.
+image:https://travis-ci.org/Yubico/java-webauthn-server.svg?branch=master["Build Status", link="https://travis-ci.org/Yubico/java-webauthn-server"]
+image:https://coveralls.io/repos/github/Yubico/java-webauthn-server/badge.svg["Coverage Status", link="https://coveralls.io/github/Yubico/java-webauthn-server"]
 
-=== Dependency
+Server-side https://www.w3.org/TR/webauthn/[Web Authentication] library for
+Java. Provides implementations of the
+https://www.w3.org/TR/webauthn/#rp-operations[Relying Party operations] required
+for a server to support Web Authentication. This includes registering
+authenticators and authenticating registered authenticators.
 
-Maven:
-[source, xml]
- <dependency>
-   <groupId>com.yubico</groupId>
-   <artifactId>u2flib-server-core</artifactId>
-   <version>0.19.0</version>
- </dependency>
+The project is currently implemented mostly in Scala; this is intended to be
+translated to Java when the specification and these APIs seem stable enough.
 
-Gradle:
-[source, groovy]
- repositories{ mavenCentral() }
- dependencies {
-   compile 'com.yubico:u2flib-server-core:0.19.0'
- }
 
 === Example Usage
-NOTE: Make sure that you have read https://developers.yubico.com/U2F/Libraries/Using_a_library.html[Using a U2F library] before continuing.
 
-[source, java]
-----
-
-private abstract Iterable<DeviceRegistration> getRegistrations(String username);
-
-@GET
-public View startAuthentication(String username) throws NoEligibleDevicesException {
-
-    // Generate a challenge for each U2F device that this user has registered
-    SignRequestData requestData
-        = u2f.startSignature(SERVER_ADDRESS, getRegistrations(username));
-
-    // Store the challenges for future reference
-    requestStorage.put(requestData.getRequestId(), requestData.toJson());
-
-    // Return an HTML page containing the challenges
-    return new AuthenticationView(requestData.toJson(), username);
-}
-
-@POST
-public String finishAuthentication(SignResponse response, String username) throws
-        DeviceCompromisedException {
-
-    // Get the challenges that we stored when starting the authentication
-    SignRequestData signRequest
-        = requestStorage.remove(response.getRequestId());
-
-    // Verify the that the given response is valid for one of the registered devices
-    u2f.finishSignature(signRequest,
-                             response,
-                             getRegistrations(username));
-
-    return "Successfully authenticated!";
-}
-----
-
-In the above example `getRegistrations()` will return the U2F devices currently associated with a given user.
-This is most likely stored in a database. 
-See link:u2flib-server-demo[`u2flib-server-demo`] for a complete demo server (including registration and storage of U2F devices).
-
-=== JavaDoc
-JavaDoc can be found at https://developers.yubico.com/java-u2flib-server[developers.yubico.com/java-u2flib-server].
-
-
-=== Attestation
-The attestation module (`u2flib-server-attestation`) enables you to restrict registrations to certain U2F devices (e.g. devices made by a specific vendor). It can also provide metadata for devices.
-
-=== Serialization
-All relevant classes implement `Serializable`, so instead of using `toJson()`, you can use Java's built in serialization mechanism.
-Internally the classes use Jackson to serialize to and from JSON, and the ObjectMapper from Jackson can be used.
+See link:webauthn-server-demo[`webauthn-server-demo`] for a complete demo
+server, which stores authenticator registrations temporarily in memory.

build.gradle

@@ -12,7 +12,6 @@ plugins {
   id 'net.researchgate.release' version '2.4.0'
 }
 
-import com.yubico.gradle.plugins.signing.GpgSigningPlugin
 
 project.ext.publishEnabled = System.env.CI != 'true' && project.hasProperty('ossrhUsername')
 
@@ -24,24 +23,26 @@ if (publishEnabled) {
   }
 }
 
+task wrapper(type: Wrapper) {
+  gradleVersion = '4.5.1'
+}
+
 allprojects  {
   apply plugin: 'java'
   apply plugin: 'maven'
+  apply plugin: 'signing'
+  apply plugin: 'idea'
 
   if (publishEnabled) {
-    apply plugin: GpgSigningPlugin
     signing {
+      useGpgCmd()
       sign configurations.archives
     }
     signArchives.dependsOn check
   }
 
-  task wrapper(type: Wrapper) {
-    gradleVersion = '4.1'
-  }
-
   group = 'com.yubico'
-  version = '0.19.0'
+  version = '0.1.0'
 
   sourceCompatibility = 1.6
   targetCompatibility = 1.6
@@ -55,6 +56,9 @@ allprojects  {
 
     maven { url "http://repo.maven.apache.org/maven2" }
   }
+
+
+  idea.module { downloadJavadoc = true }
 }
 
 evaluationDependsOnChildren()
@@ -108,15 +112,10 @@ subprojects {
 
           pom.project {
             name project.description
-            description 'Java server-side library for U2F'
+            description 'Java server-side library for Web Authentication'
             url 'https://developers.yubico.com/'
 
             developers {
-              developer {
-                id 'dain'
-                name 'Dain Nilsson'
-                email '[email protected]'
-              }
               developer {
                 id 'emil'
                 name 'Emil Lundberg'
@@ -132,9 +131,9 @@ subprojects {
             }
 
             scm {
-              url 'scm:git:git://github.com/Yubico/java-u2flib-server.git'
-              connection 'scm:git:git://github.com/Yubico/java-u2flib-server.git'
-              developerConnection 'scm:git:ssh://[email protected]/Yubico/java-u2flib-server.git'
+              url 'scm:git:git://github.com/Yubico/java-webauthn-server.git'
+              connection 'scm:git:git://github.com/Yubico/java-webauthn-server.git'
+              developerConnection 'scm:git:ssh://[email protected]/Yubico/java-webauthn-server.git'
               tag 'HEAD'
             }
           }
@@ -145,7 +144,7 @@ subprojects {
 
 }
 
-configure(subprojects.findAll { it.name != 'u2flib-server-demo' }) {
+subprojects {
   apply plugin: 'info.solidsoft.pitest'
 
   pitest {