Source code
Revision control
Copy as Markdown
Other Tools
/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
*
* The origin of this IDL file is
*/
/***** Interfaces to Data *****/
[SecureContext, Pref="security.webauth.webauthn",
Exposed=Window]
interface PublicKeyCredential : Credential {
[SameObject] readonly attribute ArrayBuffer rawId;
[SameObject] readonly attribute AuthenticatorResponse response;
AuthenticationExtensionsClientOutputs getClientExtensionResults();
};
[SecureContext]
partial interface PublicKeyCredential {
[NewObject] static Promise<boolean> isUserVerifyingPlatformAuthenticatorAvailable();
[NewObject] static Promise<boolean> isExternalCTAP2SecurityKeySupported();
};
[SecureContext, Pref="security.webauth.webauthn",
Exposed=Window]
interface AuthenticatorResponse {
[SameObject] readonly attribute ArrayBuffer clientDataJSON;
};
[SecureContext, Pref="security.webauth.webauthn",
Exposed=Window]
interface AuthenticatorAttestationResponse : AuthenticatorResponse {
[SameObject] readonly attribute ArrayBuffer attestationObject;
};
[SecureContext, Pref="security.webauth.webauthn",
Exposed=Window]
interface AuthenticatorAssertionResponse : AuthenticatorResponse {
[SameObject] readonly attribute ArrayBuffer authenticatorData;
[SameObject] readonly attribute ArrayBuffer signature;
[SameObject] readonly attribute ArrayBuffer? userHandle;
};
dictionary PublicKeyCredentialParameters {
required DOMString type;
required COSEAlgorithmIdentifier alg;
};
dictionary PublicKeyCredentialCreationOptions {
required PublicKeyCredentialRpEntity rp;
required PublicKeyCredentialUserEntity user;
required BufferSource challenge;
required sequence<PublicKeyCredentialParameters> pubKeyCredParams;
unsigned long timeout;
sequence<PublicKeyCredentialDescriptor> excludeCredentials = [];
AuthenticatorSelectionCriteria authenticatorSelection = {};
DOMString attestation = "none";
AuthenticationExtensionsClientInputs extensions = {};
};
dictionary PublicKeyCredentialEntity {
required DOMString name;
USVString icon;
};
dictionary PublicKeyCredentialRpEntity : PublicKeyCredentialEntity {
DOMString id;
};
dictionary PublicKeyCredentialUserEntity : PublicKeyCredentialEntity {
required BufferSource id;
required DOMString displayName;
};
dictionary AuthenticatorSelectionCriteria {
DOMString authenticatorAttachment;
DOMString residentKey;
boolean requireResidentKey = false;
DOMString userVerification = "preferred";
};
dictionary PublicKeyCredentialRequestOptions {
required BufferSource challenge;
unsigned long timeout;
USVString rpId;
sequence<PublicKeyCredentialDescriptor> allowCredentials = [];
DOMString userVerification = "preferred";
AuthenticationExtensionsClientInputs extensions = {};
};
dictionary AuthenticationExtensionsClientInputs {
// FIDO AppID Extension (appid)
USVString appid;
// hmac-secret
boolean hmacCreateSecret;
};
dictionary AuthenticationExtensionsClientOutputs {
// FIDO AppID Extension (appid)
boolean appid;
boolean hmacCreateSecret;
};
typedef record<DOMString, DOMString> AuthenticationExtensionsAuthenticatorInputs;
[GenerateToJSON]
dictionary CollectedClientData {
required DOMString type;
required DOMString challenge;
required DOMString origin;
TokenBinding tokenBinding;
};
dictionary TokenBinding {
required DOMString status;
DOMString id;
};
dictionary PublicKeyCredentialDescriptor {
required DOMString type;
required BufferSource id;
// Transports is a string that is matched against the AuthenticatorTransport
// enumeration so that we have forward-compatibility for new transports.
sequence<DOMString> transports;
};
typedef long COSEAlgorithmIdentifier;
typedef sequence<AAGUID> AuthenticatorSelectionList;
typedef BufferSource AAGUID;
/*
// FIDO AppID Extension (appid)
partial dictionary AuthenticationExtensionsClientInputs {
USVString appid;
};
// FIDO AppID Extension (appid)
partial dictionary AuthenticationExtensionsClientOutputs {
boolean appid;
};
*/