/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "nsISupports.idl" typedef long COSEAlgorithmIdentifier; [uuid(2fc8febe-a277-11ed-bda2-8f6495a5e75c)] interface nsIWebAuthnRegisterArgs : nsISupports { // TODO(Bug 1820035) The origin is only used for prompt callbacks. Refactor and remove. readonly attribute AString origin; readonly attribute Array challenge; readonly attribute ACString clientDataJSON; readonly attribute Array clientDataHash; // A PublicKeyCredentialRpEntity readonly attribute AString rpId; [must_use] readonly attribute AString rpName; // A PublicKeyCredentialUserEntity [must_use] readonly attribute Array userId; [must_use] readonly attribute AString userName; [must_use] readonly attribute AString userDisplayName; // The spec defines this as a sequence. // We require type = "public-key" and only serialize the alg fields. [must_use] readonly attribute Array coseAlgs; // The spec defines this as a sequence, // we use separate arrays for the credential IDs and transports. readonly attribute Array > excludeList; readonly attribute Array excludeListTransports; // CTAP2 passes extensions in a CBOR map of extension identifier -> // WebAuthn AuthenticationExtensionsClientInputs. That's not feasible here. // So we define a getter for each supported extension input and use the // return code to signal presence. [must_use] readonly attribute boolean credProps; [must_use] readonly attribute boolean hmacCreateSecret; [must_use] readonly attribute boolean minPinLength; // Options. readonly attribute AString residentKey; readonly attribute AString userVerification; [must_use] readonly attribute AString authenticatorAttachment; // This is the WebAuthn PublicKeyCredentialCreationOptions timeout. // Arguably we don't need to pass it through since WebAuthnController can // cancel transactions. readonly attribute uint32_t timeoutMS; // This is the WebAuthn PublicKeyCredentialCreationOptions attestation. // We might overwrite the provided value with "none" if the user declines the // consent popup. [must_use] readonly attribute AString attestationConveyancePreference; }; [uuid(2e621cf4-a277-11ed-ae00-bf41a54ef553)] interface nsIWebAuthnSignArgs : nsISupports { // TODO(Bug 1820035) The origin is only used for prompt callbacks. Refactor and remove. readonly attribute AString origin; // The spec only asks for the ID field of a PublicKeyCredentialRpEntity here readonly attribute AString rpId; readonly attribute Array challenge; readonly attribute ACString clientDataJSON; readonly attribute Array clientDataHash; // The spec defines this as a sequence, // we use separate arrays for the credential IDs and transports. readonly attribute Array > allowList; readonly attribute Array allowListTransports; // CTAP2 passes extensions in a CBOR map of extension identifier -> // WebAuthn AuthenticationExtensionsClientInputs. That's not feasible here. // So we define a getter for each supported extension input and use the // return code to signal presence. [must_use] readonly attribute boolean hmacCreateSecret; [must_use] readonly attribute AString appId; // Options [must_use] readonly attribute AString userVerification; // This is the WebAuthn PublicKeyCredentialCreationOptions timeout. // Arguably we don't need to pass it through since WebAuthnController can // cancel transactions. readonly attribute unsigned long timeoutMS; readonly attribute boolean conditionallyMediated; };