Skip to content

Instruction for upgrading the Onegini Android SDK to version 11.0

MSP compatibility

This version of the SDK requires: - the Token Server 12.12.0 or newer in case when the app is not using the optional Payload Encryption feature - the Token Server 12.12.0 or newer and the Security Proxy 5.4.0 or newer when the app is using the optional Payload Encryption feature

New security controls

The security controls implementation has been modified, making the tampering protection optional. The application thumbprint (formerly known as
application signature) can be calculated with two integrity levels: FULL or NONE. In case of a FULL integrity check, the SDK will perform a full binary
check to be sure that the app was not modified, but it means that you will not be able to use features like App Bundles,
because they change the application binaries. If you want to use this or any other feature that can modify the app binary, then you should use the NONE
integrity level, which will skip the binary check, while still making basic application sanity checks.

The level of the integrity check can be set in the Token Server configuration

Error codes

OneginiInitializationError

The OneginiInitializationError does not return CONFIGURATION_ERROR 10001 anymore.

The OneginiInitializationError can return a new APP_INTEGRITY_FAILURE 10024 error in a case when the app integrity check has returned the wrong result.

OneginiRegistrationError

The OneginiRegistrationError can return a new APP_INTEGRITY_FAILURE 10024 error in a case when the app integrity check has returned the wrong result.

OneginiMobileAuthEnrollmentError

The OneginiMobileAuthEnrollmentError does not return USER_ALREADY_ENROLLED 9018 anymore.

OneginiDeviceAuthenticationError

The OneginiDeviceAuthenticationError can return a new APP_INTEGRITY_FAILURE 10024 error in a case when the app integrity check has returned the wrong result.

Third-party libraries were updated

A couple of third-party libraries were updated, if you provide the SDK as an aar archive please update the dependencies in your project:

  • OkHttp library was updated to the version 4.9.0: 

    1
2
3
    com.squareup.okhttp3:okhttp:4.9.0
com.squareup.okhttp3:okhttp-urlconnection:4.9.0
com.squareup.okhttp3:logging-interceptor:4.9.0

  • RxJava library was updated the the version 3.0.9: 

    1
2
    io.reactivex.rxjava3:rxandroid:3.0.0
io.reactivex.rxjava3:rxjava:3.0.9

  • Retrofit adapter library was updated to the version 3.0.0: 

    1
    com.squareup.retrofit2:adapter-rxjava3:3.0.0

  • Retrofit library was updated to the version 2.9.0: 

    1
2
3
    com.squareup.retrofit2:retrofit:2.9.0
com.squareup.retrofit2:converter-gson:2.9.0
com.squareup.retrofit2:adapter-rxjava2:2.9.0

  • BouncyCastle library was updated to the version 1.65: 

    1
2
    org.bouncycastle:bcprov-jdk15on:1.65
org.bouncycastle:bcpg-jdk15on:1.65

  • SQLCipher library was updated to the version 4.4.2: net.zetetic:android-database-sqlcipher:4.4.2

  • Apache Commons IO (commons-io:commons-io:2.5) dependency has been removed.

  • Libsodium dependencies have been added: 

    1
2
    com.goterl.lazycode:lazysodium-android:4.2.0
net.java.dev.jna:jna:5.6.0