Skip to content

v3.9.3

Choose a tag to compare

View all tags
@dimitrisFuturae dimitrisFuturae released this 30 Jan 16:39
· 4 commits to master since this release
v3.9.3
24a98e1
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Changelog

New Features

  • Application Integrity Check Embedded into Enrollment and Authentication flow: Expose new feature which automatically transmits integrity verdict information, based on the Google Play Integrity API, to the backend during enrollment and authentication. To it setup:
    • provide your Cloud Project Number on futurae.xml, using key ftr_cloud_project_number.
    • configure the IV timeout through SDK Configuration during SDK launch by calling
    • SDKConfiguration.Builder.setBlockingIVCollectionTimeoutOnAuthMillis() method.

Please note that Application Integrity Check Embedded feature needs to be enabled for the respective Futurae Service(s) which this SDK is associated with and the Futurae SDK instance. For further details contact the Futurae support at support@futurae.

  • Added FuturaeOperationsAPI:
    • exchangeTokenForEnrollmentActivationCode(exchangeToken: String): AsyncOperation<String>: validate an exchangeToken to return an enrollment activation code.
    • fun exchangeTokenForSessionToken(exchangeToken: String) : AsyncOperation<String>: validate an exchangeToken to return a session-token.

Exchange tokens can be acquired via various transport channels. To facilitate QRCode and URI support we added:

  • sealed class QRCode now supports additional subclasses EnrollTokenExchange and AuthTokenExchange
  • sealed class FTRUriType now supports additional subclasses EnrollExchangeToken and AuthExchangeToken

Behavior changes

  • The new additions to QRCode and FTRUriType may be a breaking change if using exhaustive when statements.
  • FuturaeQrCodeAPI.getQRCode now supports the new QRCode subclasses

Important notice

  • The deprecated FTQRCodeUtils.getQrcodeType and QRType does NOT offer support for the new token-exchange QRs. Please use FuturaeQrCodeAPI.getQRCode instead.
  • Deprecated FuturaeOperationsApi. handleUri as it cannot support token-exchange which needs a return type. Please use FTUriUtils.getFTRUriType instead and handle the returned FTRUriType accordingly.

New API

We added a new getPendingSessions API that allows getting all existing non-expired sessions for provided user-ids. Similar to the getAccountsStatus but includes all available factors instead of just approve.

  • FuturaeAccountApi -> getPendingSessions(vararg userIds : String) : AsyncOperation<PendingSessions>

Behavior Changes

  • FuturaeOperationsApi.uploadPublicKey(forceReupload: Boolean) now returns FTAccountNotFoundException if called without enrolled accounts, instead of failing silently.
  • FuturaeSDKState exposed via FuturaeSDK.sdkState() has been updated to set and expose FuturaeSDKStatus.Corrupted when FuturaeSDK.launch(...) is called and throws FTCorruptedStateException. It is important to acknowledge that under both FuturaeSDKStatus.Corrupted and FuturaeSDKStatus.Uninitialized the SDK is not initialized, reflected under FuturaeSDK.isSDKInitialized.
  • Deprecated FuturaeOperationsApi.uploadPublicKey() in favor of uploadPublicKey(forceReupload: Boolean) which allows the host app to force a re-upload of public key, regardless of state of FuturaeOperationsApi.isPublicKeyUploaded().
  • SDK public key upload (internal operation) now performs automatic retries to self-recover users without the need to re-launch the SDK.
  • Add extra validation on parameter of FuturaeAccountApi.getAccountsStatus, so now when an empty list is being passed the method throws FTInvalidArgumentException instead of FTEncryptedStorageCorruptedException.

Bug Fixes

  • Fix state management of FuturaeOperationsApi.isPublicKeyUploaded() to accurately depict state of flag after Accounts/SDK Recovery.
  • Fix race condition bug, that would cause public key upload to fail immediately after FuturaeSDK.launchAccountRecovery to recover from SDK corruption after a failed SDK-v1-migration.
  • Fix uncaught exception due to SDK PIN corruption after updating SDK from v2.0.3 to any newer version. This affects only LockConfigurationType.SDK_PIN_WITH_BIOMETRICS_OPTIONAL with biometrics activated. Now SDK will propagate the newly introduced FTPinCorruptedException, when user attempts to unlock using biometrics, and will remove the biometrics from the lsit returned on FuturaeLockApi.getActiveUnlockMethods. Users will need to re-activate biometrics if they want to use them.

Maintenance

  • Bumped OkHttp dependency to latest stable v5, which adds support for Happy Eyeballs (IPv4/IPv6 dual-stack fallback).
  • Bumped Kotlin to 2.2.0
  • BumpedGradle to 8.11.1 and AGP to 8.10.0
Assets 2
Loading