@@ -42,6 +42,8 @@ public interface CredentialRepository {
4242 *
4343 * <p>After a successful registration ceremony, the {@link RegistrationResult#getKeyId()} method
4444 * returns a value suitable for inclusion in this set.
45+ *
46+ * <p>Implementations of this method MUST NOT return null.
4547 */
4648 Set <PublicKeyCredentialDescriptor > getCredentialIdsForUsername (String username );
4749
@@ -51,6 +53,8 @@ public interface CredentialRepository {
5153 *
5254 * <p>Used to look up the user handle based on the username, for authentication ceremonies where
5355 * the username is already given.
56+ *
57+ * <p>Implementations of this method MUST NOT return null.
5458 */
5559 Optional <ByteArray > getUserHandleForUsername (String username );
5660
@@ -60,6 +64,8 @@ public interface CredentialRepository {
6064 *
6165 * <p>Used to look up the username based on the user handle, for username-less authentication
6266 * ceremonies.
67+ *
68+ * <p>Implementations of this method MUST NOT return null.
6369 */
6470 Optional <String > getUsernameForUserHandle (ByteArray userHandle );
6571
@@ -69,6 +75,8 @@ public interface CredentialRepository {
6975 *
7076 * <p>The returned {@link RegisteredCredential} is not expected to be long-lived. It may be read
7177 * directly from a database or assembled from other components.
78+ *
79+ * <p>Implementations of this method MUST NOT return null.
7280 */
7381 Optional <RegisteredCredential > lookup (ByteArray credentialId , ByteArray userHandle );
7482
@@ -79,6 +87,8 @@ public interface CredentialRepository {
7987 * <p>This is used to refuse registration of duplicate credential IDs. Therefore, under normal
8088 * circumstances this method should only return zero or one credential (this is an expected
8189 * consequence, not an interface requirement).
90+ *
91+ * <p>Implementations of this method MUST NOT return null.
8292 */
8393 Set <RegisteredCredential > lookupAll (ByteArray credentialId );
8494}
0 commit comments