1/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ 2/* This Source Code Form is subject to the terms of the Mozilla Public 3 * License, v. 2.0. If a copy of the MPL was not distributed with this file, 4 * You can obtain one at http://mozilla.org/MPL/2.0/. 5 * 6 * The origin of this IDL file is 7 * https://w3c.github.io/webauthn/ 8 */ 9 10/***** Interfaces to Data *****/ 11 12[SecureContext, Pref="security.webauth.webauthn"] 13interface PublicKeyCredential : Credential { 14 [SameObject] readonly attribute ArrayBuffer rawId; 15 [SameObject] readonly attribute AuthenticatorResponse response; 16 AuthenticationExtensionsClientOutputs getClientExtensionResults(); 17}; 18 19[SecureContext] 20partial interface PublicKeyCredential { 21 static Promise<boolean> isUserVerifyingPlatformAuthenticatorAvailable(); 22}; 23 24[SecureContext, Pref="security.webauth.webauthn"] 25interface AuthenticatorResponse { 26 [SameObject] readonly attribute ArrayBuffer clientDataJSON; 27}; 28 29[SecureContext, Pref="security.webauth.webauthn"] 30interface AuthenticatorAttestationResponse : AuthenticatorResponse { 31 [SameObject] readonly attribute ArrayBuffer attestationObject; 32}; 33 34[SecureContext, Pref="security.webauth.webauthn"] 35interface AuthenticatorAssertionResponse : AuthenticatorResponse { 36 [SameObject] readonly attribute ArrayBuffer authenticatorData; 37 [SameObject] readonly attribute ArrayBuffer signature; 38 [SameObject] readonly attribute ArrayBuffer? userHandle; 39}; 40 41dictionary PublicKeyCredentialParameters { 42 required PublicKeyCredentialType type; 43 required COSEAlgorithmIdentifier alg; 44}; 45 46dictionary PublicKeyCredentialCreationOptions { 47 required PublicKeyCredentialRpEntity rp; 48 required PublicKeyCredentialUserEntity user; 49 50 required BufferSource challenge; 51 required sequence<PublicKeyCredentialParameters> pubKeyCredParams; 52 53 unsigned long timeout; 54 sequence<PublicKeyCredentialDescriptor> excludeCredentials = []; 55 AuthenticatorSelectionCriteria authenticatorSelection; 56 AttestationConveyancePreference attestation = "none"; 57 AuthenticationExtensionsClientInputs extensions; 58}; 59 60dictionary PublicKeyCredentialEntity { 61 required DOMString name; 62 USVString icon; 63}; 64 65dictionary PublicKeyCredentialRpEntity : PublicKeyCredentialEntity { 66 DOMString id; 67}; 68 69dictionary PublicKeyCredentialUserEntity : PublicKeyCredentialEntity { 70 required BufferSource id; 71 required DOMString displayName; 72}; 73 74dictionary AuthenticatorSelectionCriteria { 75 AuthenticatorAttachment authenticatorAttachment; 76 boolean requireResidentKey = false; 77 UserVerificationRequirement userVerification = "preferred"; 78}; 79 80enum AuthenticatorAttachment { 81 "platform", // Platform attachment 82 "cross-platform" // Cross-platform attachment 83}; 84 85enum AttestationConveyancePreference { 86 "none", 87 "indirect", 88 "direct" 89}; 90 91enum UserVerificationRequirement { 92 "required", 93 "preferred", 94 "discouraged" 95}; 96 97dictionary PublicKeyCredentialRequestOptions { 98 required BufferSource challenge; 99 unsigned long timeout; 100 USVString rpId; 101 sequence<PublicKeyCredentialDescriptor> allowCredentials = []; 102 UserVerificationRequirement userVerification = "preferred"; 103 AuthenticationExtensionsClientInputs extensions; 104}; 105 106// TODO - Use partial dictionaries when bug 1436329 is fixed. 107dictionary AuthenticationExtensionsClientInputs { 108 // FIDO AppID Extension (appid) 109 // <https://w3c.github.io/webauthn/#sctn-appid-extension> 110 USVString appid; 111}; 112 113// TODO - Use partial dictionaries when bug 1436329 is fixed. 114dictionary AuthenticationExtensionsClientOutputs { 115 // FIDO AppID Extension (appid) 116 // <https://w3c.github.io/webauthn/#sctn-appid-extension> 117 boolean appid; 118}; 119 120typedef record<DOMString, DOMString> AuthenticationExtensionsAuthenticatorInputs; 121 122dictionary CollectedClientData { 123 required DOMString type; 124 required DOMString challenge; 125 required DOMString origin; 126 required DOMString hashAlgorithm; 127 DOMString tokenBindingId; 128 AuthenticationExtensionsClientInputs clientExtensions; 129 AuthenticationExtensionsAuthenticatorInputs authenticatorExtensions; 130}; 131 132enum PublicKeyCredentialType { 133 "public-key" 134}; 135 136dictionary PublicKeyCredentialDescriptor { 137 required PublicKeyCredentialType type; 138 required BufferSource id; 139 sequence<AuthenticatorTransport> transports; 140}; 141 142enum AuthenticatorTransport { 143 "usb", 144 "nfc", 145 "ble" 146}; 147 148typedef long COSEAlgorithmIdentifier; 149 150typedef sequence<AAGUID> AuthenticatorSelectionList; 151 152typedef BufferSource AAGUID; 153 154/* 155// FIDO AppID Extension (appid) 156// <https://w3c.github.io/webauthn/#sctn-appid-extension> 157partial dictionary AuthenticationExtensionsClientInputs { 158 USVString appid; 159}; 160 161// FIDO AppID Extension (appid) 162// <https://w3c.github.io/webauthn/#sctn-appid-extension> 163partial dictionary AuthenticationExtensionsClientOutputs { 164 boolean appid; 165}; 166*/ 167