Release notes 6.X

6.1.6

Improvements

  • Security improvements.

6.1.5

Bug fixes

  • Fixed error returned after cancelling fingerprint authentication.
  • Fixed mobile authentication issues when payload encryption is on.
  • Fingerprint is no longer deregistered when the device is locked during authentication.
  • Fixed error decryption crash when payload encryption is on.

6.1.4

Bug fixes

  • Fixed DCU failure when Tampering Protection was turned on.
  • Fixed fingerprint authenticator deregistration during migration.

6.1.3

Bug fixes

  • Added missing body parameter to ONGResourceRequest.

6.1.2

Bug fixes

  • Fixed jailbreak detection false positives.

6.1.1

Bug fixes

  • The access token is now properly added to a multipart request.
  • Fixed a case where the SDK would think all user profiles are deregistered because of an issue with the NSUserDefaults.
  • Added a missing file to the FIDO version.

6.1.0

Features

  • Added multipart support to ONGResourceRequest.

Bugfixes

  • Fixed concurrency issues with dynamic client registration.

6.0.1

Bug fixes

  • The client configuration is now cached on the device.
  • Fixed a crash related to debug detection.
  • Fixed a crash occurring when no response body was received from the Security Proxy.

6.0.0

Improvements

  • Inline error handling for the handleOTPMobileAuthRequest and handlePushMobileAuthRequest methods.

Bugfixes

  • Prevent an error when dynamic client upgrade is performed concurrently.
  • Fixed error handling crashes occurring when payload encryption is turned on.

6.0.0-BETA

Features

  • Added possibility to perform mobile authentication with OTP.

Improvements

  • Separated enrollment methods for mobile authentication and mobile authentication with push.

Bugfixes

  • The SDK will no longer deregister the device in case of unsupported client credentials grant type.

Release notes 5.X

5.04.00

Features

  • Transaction signing support for mobile authentication with push.

Improvements

  • ONGAuthenticationErrorAuthenticatorDeregistered is returned when the fingerprint authenticator is deregistered
  • Internet connectivity and server reachability errors are now returned as ONGGenericErrorNetworkConnectivityFailure and ONGGenericErrorServerNotReachable respectively and no longer as ONGGenericErrorUnknown.

Bugfixes

  • The fingerprint authenticator was not marked as preferred after migrating from iOS SDK version 4.x to 5.04.00.

5.03.08

Bug fixes

  • Fixed error returned after cancelling fingerprint authentication.
  • Fingerprint is no longer deregistered when the device is locked during authentication.
  • Fixed error decryption crash when payload encryption is on.

5.03.07

Bug fixes

  • Fixed fingerprint and mobile authentication migration issues.
  • Fixed DCU error preventing successful client validation.

5.03.06

Bug fixes

  • Added missing body parameter to ONGResourceRequest.

5.03.05

Bug fixes

  • Fixed jailbreak detection false positives.

5.03.04

Bug fixes

  • Fixed a case where the SDK would think all user profiles are deregistered because of an issue with the NSUserDefaults.
  • Fixed concurrency issues with dynamic client registration.
  • Fixed an issue that prevented detecting abuse (jailbreak / debugger) on the Server side in a certain case.

5.03.03

Bug fixes

  • The invalid grant type error will no longer deregister the device.
  • The client configuration is now cached on the device.
  • Fixed a crash occurring when no response body was received from the Security Proxy.
  • Fixed a crash during error handling when payload encryption is turned on.

5.03.02

Bugfixes

  • The fingerprint authenticator was not marked as preferred after migrating from iOS SDK version 4.x to 5.x.

5.03.01

Bugfixes

  • The local logout error is no longer propagated when revocation succeeded with unsupported content type.

5.03.00

Features

  • Added support for unauthenticated resource calls.
  • Network communication can now be logged using SecurityController.

Improvements

  • Improved security of tokens stored in the memory.

5.02.01

Bugfixes

  • Fixed crash when payload encrytion handshake fails during resource requests.

5.02.00

Features

  • Registration requests are now cancellable.
  • Mobile Authentication transactionId is now accessible in ONGMobileAuthRequest.

Improvements

  • Improved security of the randomization algorythm used in payload encryption.

Bugfixes

  • ONGRequestBuilder now properly sets headers property when building ONGResourceRequest.
  • Fixed error handling for FIDO errors.

5.01.02

Bugfixes

  • Touch ID authentication was not properly disabled after the SDK detected abuse.
  • Correctly handle User and device deregistration for Touch ID authentication.
  • Only return fully registered profiles.
  • Prevent generating empty nonces for payload encryption messages.

Improvements

  • Add accept application/json headers to all REST requests.

5.01.01

Bugfixes

  • Deregistering FIDO authenticator doesnt mark all of FIDO authenticator as deregistered anymore.
  • Fixed user deregistered and device deregistered error handling.
  • Payload encryption handshake is no longer failing when executing concurrent network tasks.

5.01.00

Features

  • Support for FIDO UAF (Fast IDentity Online) authenticators.

Improvements

  • Authenticator type values inlined with Android SDK.

Bugfixes

  • Fixed concurrency issue which might have prevented from receiving a new pin challenge.
  • Fixed validatePinWithPolicy issue preventing successful registration.
  • Cancelling mobile authentication now sends error with correct description.
  • Fixed issue when mobile authentication might have logout the user.

5.00.02

Features

  • Added beta support for FIDO authentication.

Bugfixes

  • Fixed bug preventing retrial of DCU.
  • Fixed device registration & upgrade for iOS 10 on a Cordova app.

5.00.01

Bugfixes

  • Fixed the bug which was preventing from including a path within base URL.

5.00.00

Improvements

  • Error codes were aligned with Android.
  • Create and change pin challenges are now cancellable.
  • Methods for fetching registered and nonregistered authenticators are now both synchronous and take a user profile as a parameter.
  • Introduced allAuthenticatorsForUser: convenience method.

Bugfixes

  • Fixed mobile authentication cancellation.
  • Fixed occasional error preventing registration completion.
  • The authenticatedUserProfile property of ONGUserClient is now updated after deregistration.
  • The ONGMobileAuthRequest now provides a message property instead of a title and body.
  • The ONGMobileAuthRequest now properly returns a user profile.
  • Removed clearTokens: and isAuthorized methods from ONGUserClient.
  • Fixed migration issues.

5.00.00-BETA

This is a BETA release that can still contain bugs and issues. You should not use it for any production releases!

Improvements

  • Completely redesigned public API to make the SDK easier to use.

Release notes 4.X

4.10.09

Bug fixes

  • Fixed error handling crashes occurring when payload encryption is turned on.

4.10.08

Bug fixes

  • Fixed data migration issue causing user deregistration.

4.10.07

Bug fixes

  • Prevent the payload encryption handshake to be executed concurrently.
  • Fixed a crash when the fingerprint refresh token was nil but it's not expected to be nil.

4.10.06

Improvements

  • Improved security of the randomization algorithm used in payload encryption.

Bug fixes

  • Fixed crash when payload encryption handshake fails during resource requests.

4.10.05

Bug fixes

  • Touch ID authentication was not properly disabled after the SDK detected abuse
  • Prevent generating empty nonces for payload encryption messages

4.10.04

Bug fixes

  • Fixed user profile management for the deprecated API.

4.10.03

Bug fixes

  • Fix a potential issue with the device upgrade flow if there are connectivity issues
  • Fix device registration & upgrade for iOS 10 on a Cordova app

4.10.02

Bug fixes

  • Fixed invalid architecture header sent when using 64 bit simulator.

4.10.01

Bug fixes

  • A third party dependency was linked twice in the SDK which could cause problems in some linking scenarios
  • Mobile authentication did not work after performing DCU
  • AFNetworking could cause linking issues if included into the application that included the iOS SDK
  • Logging out caused a network error
  • In case of enabled Payload encryption the app could crash if a malformed http request was returned to the SDK

4.10.00

Features

  • Introduced multiple user profiles feature

Bug fixes

  • Mobile authentication with fingerprint is now properly working before the user is authenticated.

4.09.00

Features

  • Changed the way the SDK allows to perform secure resource calls. Introduced new methods for fetching resources on behalf of a user as well as executing anonymous calls.
  • Deprecated the old API for fetching resources.
  • Added OGOneginiClient#authorizeClient method to allow client authentication which is required for performing anonymous resource calls.

4.08.04

Bug fixes

  • Keychain data management improvements.
  • Cookie policy fix.
  • Push authentication stability improvements.

4.08.03

Bug fixes

  • Fixed revoke issues

4.08.02

Improvements

  • Push authentication security improvements.
  • Added the OGChangePinDelegate protocol method - pinChangeErrorNotAuthenticated. This Method is called whenever a PIN change fails due to an unauthorized client.
  • Added the OGFingerprintDelegete protocol method - fingerprintAuthenticationEnrollmentFailureNotAuthenticated. This Method is called whenever fingerprint enrollment fails due to an unauthorized client.

4.08.01

Bug fixes

  • Fixed push authentication issues

4.08.00

Features

  • Added support for automatization of config delivery and certificate pinning through the Onegini SDK Configurator.

4.07.00

Features

  • Added optional OGCustomizationDelegate which can be used for providing custom TouchID prompts

4.06.00

Features

  • Security improvements
  • Appledocs documentation is now included
  • Support for Xcode 7.2

Bug fixes

  • Fixed disable fingerprint authentication issue
  • The OGFingerprintDelegate will receive fingerprintAuthenticationEnrollmentErrorInvalidPin call when an invalid PIN is provided during the fingerprint authentication enrollment flow

4.05.03

Bug fixes

  • Fixed authorization issue occurring on attempt to fetch a resource with fingerprint authentication enabled

4.05.02

Bug fixes

  • Fixed reauthorize not being able to find an AuthorizationDelegate

4.05.01

Bug fixes

  • Fixed authorization request format when multiple scopes are used

4.05.00

Features

  • Added the reauthorize method to the OGOneginiClient public API which forces a user to re-authenticate regardless of the current access token state

Improvements

  • Fingerprint authentication stability improvements

4.04.00

Features

  • Fingerprint authentication for push notifications

Improvements

  • Added isFingerprintAuthenticationAvailable method which determines if fingerprint authentication is possible by checking if device possess Touch ID sensor, at least one fingerprint is registered and if fingerprint is enabled for client configuration provided by token server. iOS 9 or greater is required.

4.03.00

Improvements

  • Payload Encryption improvements

Bug fixes

  • Authorization error object will be provided safely to the delegate implementor

4.02.00

Features

  • Added support for Xcode 7 and iOS 9

Bug fixes

  • The SDK will always provide a valid client identifier to the backend instance

4.01.00

Bug fixes

  • Fixed authorization error handling when Payload Encryption is enabled

Features

  • Removed deprecated methods from the OGOneginiClient public API
  • Introduced OGLogoutDelegate for the logout action

4.00.01

Bug fixes

  • Removed unneeded headers from requests sent using a native WebView

4.00.00

Features

  • SDK is capable of sending and handling encrypted communication - Payload Encryption

Release notes 3.X

3.05.00

Features

  • Improved root/debug detection
  • Added CPU architecture to User-Agent header

3.04.00

Features

  • Added device unique identifier generation
  • OS version detection
  • Device CPU architecture detection

Improvements

  • Removed unused properties from SDK configuration

3.03.00

Features

  • Fingerprint authentication.
  • Binary hash calculator support for universal binaries.

Bug fixes

  • Error when using multiple certificates for certificate pinning.
  • Removed unnecessary config properties from the config file.

3.02.00

Features

  • Forced update support. SDK validates against Token Server if current application version can be still used and if not notifies that an update is necessary.
  • Extended error handling within the DCR process. All connectivity and other unsuspected errors which will occur within the DCR flow will be mapped to general authorizationError.
  • Support for debug detection.
  • Support for jailbreak detection.
  • Dynamic Client Update flow support.
  • Tampering detection.
  • Custom User-Agent header.

results matching ""

    No results matching ""