nevis_mobile_authentication_sdk_platform_interface 3.7.0

A common platform interface for the nevis_mobile_authentication_sdk plugin.

3.7.0

• Updated Nevis Mobile Authentication SDK to version 3.7.0.
• Updated minimum supported SDK version to Dart 3.1.0.
• A new experimental API (PendingOutOfBandOperations) to retrieve pending out-of-band operations has been added.
• A new MetaData API to retrieve Nevis Mobile Authentication SDK version and other platform-dependent information is available. For applications running on Android, the API retrieves the SHA-256 hash of the signing certificate of the application that includes the SDK. For iOS applications, the API provides the FacetId of the application that includes the SDK.

Breaking Changes

• NEW: A new alphanumeric Password Authenticator is available. Note that this requires the nevisFIDO 8.2405.0 component version, otherwise you will need to manually extend the metadata and policy configuration files in nevisFIDO to support this new authenticator type. In this case refer to Default Nevis Authenticator Metadata to obtain the metadata statements and don't forget to add the authenticator AAIDs to the policy file(s). This is classified as a breaking change as depending on your implementation you may need to adapt your code when filtering or listing the available authenticators.

3.6.0

• The PinPolicy has been extended with the validatePinForEnrollment and validatePinForPinChange methods. These methods allow implementing custom PIN policies of any nature.

3.5.1

• Changes to support latest Flutter version (3.13.9).

3.5.0

• Updated Nevis Mobile Authentication SDK to version 3.5.0.

3.4.1

• Generic error handling fixes.

3.4.0

• From this version on, the signature of the Authentication.onError callback function has changed. This method is invoked with an AuthenticationError which returns a SessionProvider that can be used to continue with the authentication session.
• From this version on, the plugin provides also the device identifier via DeviceInformation. It is used in the backend to associate FIDO UAF credentials with a device.
• From this version on, the plugin supports registering authenticators in multiple servers.
• New device passcode authenticator is introduced.
• On new registrations, the biometric credentials will be invalidated when a new biometric is added to the operating system if invalidateOnNewOsBiometrics is not invoked (see Registration.invalidateOnNewOsBiometrics, AuthCloudApiRegistration.invalidateOnNewOsBiometrics and OutOfBandRegistration.invalidateOnNewOsBiometrics).
• On new registrations, the device passcode cannot be used with biometric credentials by default (see Registration.allowDevicePasscodeAsFallback, AuthCloudApiRegistration.allowDevicePasscodeAsFallback, OutOfBandRegistration.allowDevicePasscodeAsFallback).

3.3.0

• We now support invalidating the FIDO UAF credentials of biometric and fingerprint authenticators when the user adds new biometric credentials in the OS settings, see Registration.invalidateOnNewOsBiometrics.
• We now support providing HTTP request headers that can be sent in the HTTP request during all the operations, see requestHeaders.
• From this version on, the LocalData.deleteAuthenticator method does not require the aaid to be provided. Providing no aaid leads to all authenticator data being deleted.
• Removed property validation for all operations as they are now handled by the native SDKs.

3.2.0

• We now support disabling the device passcode as fallback for the biometric authenticator. See Registration.allowDevicePasscodeAsFallback, AuthCloudApiRegistration.allowDevicePasscodeAsFallback and OutOfBandRegistration.allowDevicePasscodeAsFallback.
• We now support adding a retry strategy to the device information change operation.
• The authenticationRetryInterval and authenticationMaxRetries properties have been removed from the Configuration object. Use the Authentication.retryPolicyObtainingAuthorizationProvider instead.
• We fixed the deregistration operation, the SDK now fully supports the nevisProxy cookie renewal feature.

3.1.0

• From this version on, the deregistration operation does not require the aaid to be provided. Providing no aaid in the operation leads to the whole account being deregistered instead of a single authenticator.
• We now support class 2 sensors for the biometric authenticator on Android platform.
• Deregistration in the Identity Suite environment is not working when cookie renewal is enabled on the backend.

3.0.1

• Initial release.