v0.14.0
Note for users of the irmaclient package (e.g. maintainers of the Yivi app): the KeyshareVerifyPin function requires the renewal endpoint for the keyshare attribute to be present. Therefore, this version should first be deployed on keyshare servers before the client side can be upgraded.
Added
- Option
skipExpiryCheckin disclosure requests to allow disclosure of expired credentials (e.g."skipExpiryCheck": ["irma-demo.sidn-pbdf.email"]) - Option
hostin session request to overrule host name in IRMA QR if permission has been granted (see below)This leads to the following session package:{ "@context": "https://irma.app/ld/request/disclosure/v2", "host": "irma.example.com", "disclose": ... }{ "token":"KzxuWKwL5KGLKr4uerws", "sessionPtr": {"u":"https://irma.example.com/irma/session/ysDohpoySavbHAUDjmpz","irmaqr":"disclosing"}, "frontendRequest": { "authorization":"qGrMmL8UZwZ88Sq8gobV", "minProtocolVersion": "1.0", "maxProtocolVersion": "1.1" } } - Permission option
host_permsin the requestor configuration to specify which values a requestor may use for thehostoption in session requests{ "requestors": { "myapp": { "disclose_perms": [ "irma-demo.MijnOverheid.ageLower.over18" ], "sign_perms": [ "irma-demo.MijnOverheid.ageLower.*" ], "issue_perms": [ "irma-demo.MijnOverheid.ageLower" ], "host_perms": ["*.example.com"] "auth_method": "token", "key": "eGE2PSomOT84amVVdTU" } } } - Renewal endpoint for keyshare attribute in the keyshare server (
/users/renewKeyshareAttribute) - Keyshare server /api/v2/prove/... endpoints for the new keyshare protocol
Changed
KeyshareVerifyPinfunction in irmaclient ensures the keyshare attribute is valid- Sending the account expiry email is done when user has only valid e-mail addresses
- Strip unnecessary details from database errors
Fixed
- User account expiry continues when one or more e-mail addresses are marked for revalidation