/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "nsISupports.idl" #include "nsIWebAuthnArgs.idl" #include "nsIWebAuthnPromise.idl" [scriptable, uuid(6c4ecd9f-57c0-4d7d-8080-bf6e4d499f8f)] interface nsICredentialParameters : nsISupports { readonly attribute ACString credentialId; readonly attribute boolean isResidentCredential; readonly attribute ACString rpId; readonly attribute ACString privateKey; readonly attribute ACString userHandle; readonly attribute uint32_t signCount; }; [scriptable, uuid(686d552e-a39d-4ba2-8127-faca54274039)] interface nsIWebAuthnAutoFillEntry: nsISupports { const octet PROVIDER_UNKNOWN = 0; const octet PROVIDER_TEST_TOKEN = 1; const octet PROVIDER_PLATFORM_WINDOWS = 2; const octet PROVIDER_PLATFORM_MACOS = 3; const octet PROVIDER_PLATFORM_ANDROID = 4; readonly attribute octet provider; readonly attribute AString userName; readonly attribute AString rpId; readonly attribute Array credentialId; }; [scriptable, uuid(e236a9b4-a26f-11ed-b6cc-07a9834e19b1)] interface nsIWebAuthnService : nsISupports { // IsUserVerifyingPlatformAuthenticatorAvailable readonly attribute boolean isUVPAA; [noscript] void makeCredential( in uint64_t aTransactionId, in uint64_t browsingContextId, in nsIWebAuthnRegisterArgs args, in nsIWebAuthnRegisterPromise promise); [noscript] void getAssertion( in uint64_t aTransactionId, in uint64_t browsingContextId, in nsIWebAuthnSignArgs args, in nsIWebAuthnSignPromise promise); // Cancel the ongoing transaction and any prompts that are shown, but do not reject // its promise. This is used by the IPC parent when it receives an abort signal. // The IPC child has already rejected the promises at this point. [noscript] void reset(); // Cancel the ongoing transaction. Reject its promise, but do not cancel // prompts. This is used by WebAuthnPromptHelper when the user hits the // "cancel" button. void cancel(in uint64_t aTransactionId); // `hasPendingConditionalGet` returns the transaction ID of a pending // conditionally-mediated getAssertion promise. The browsing context and // origin arguments must match those of the pending promise. If there is no // pending getAssertion promise, or the browsing context and origin do not // match, then `hasPendingConditionalGet` returns 0. uint64_t hasPendingConditionalGet(in uint64_t aBrowsingContextId, in AString aOrigin); // If there is a pending conditionally-mediated getAssertion promise with // transaction ID equal to `aTransactionId`, `getAutoFillEntries` returns // an nsIWebAuthnAutoFillEntry for each silently discoverable credential // that can be used to fullfill the request. Array getAutoFillEntries(in uint64_t aTransactionId); // A pending conditionally-mediated getAssertion promise is resolved by // calling `selectAutoFillEntry` or `resumeConditionalGet`. // `selectAutoFillEntry` specifies the credential ID that should be used to // fulfill the request, whereas `resumeConditionalGet` indicates that any // allowed credential can be used. void selectAutoFillEntry(in uint64_t aTransactionId, in Array aCredentialId); void resumeConditionalGet(in uint64_t aTransactionId); void pinCallback(in uint64_t aTransactionId, in ACString aPin); void setHasAttestationConsent(in uint64_t aTransactionId, in boolean aHasConsent); void selectionCallback(in uint64_t aTransactionId, in uint64_t aIndex); // Adds a virtual (software) authenticator for use in tests (particularly // tests run via WebDriver). See // https://w3c.github.io/webauthn/#sctn-automation-add-virtual-authenticator. uint64_t addVirtualAuthenticator( in ACString protocol, in ACString transport, in boolean hasResidentKey, in boolean hasUserVerification, in boolean isUserConsenting, in boolean isUserVerified); // Removes a previously-added virtual authenticator, as identified by its // id. See // https://w3c.github.io/webauthn/#sctn-automation-remove-virtual-authenticator void removeVirtualAuthenticator(in uint64_t authenticatorId); // Adds a credential to a previously-added authenticator. See // https://w3c.github.io/webauthn/#sctn-automation-add-credential void addCredential( in uint64_t authenticatorId, in ACString credentialId, in boolean isResidentCredential, in ACString rpId, in ACString privateKey, in ACString userHandle, in uint32_t signCount); // Gets all credentials that have been added to a virtual authenticator. // See https://w3c.github.io/webauthn/#sctn-automation-get-credentials Array getCredentials(in uint64_t authenticatorId); // Removes a credential from a virtual authenticator. See // https://w3c.github.io/webauthn/#sctn-automation-remove-credential void removeCredential(in uint64_t authenticatorId, in ACString credentialId); // Removes all credentials from a virtual authenticator. See // https://w3c.github.io/webauthn/#sctn-automation-remove-all-credentials void removeAllCredentials(in uint64_t authenticatorId); // Sets the "isUserVerified" bit on a virtual authenticator. See // https://w3c.github.io/webauthn/#sctn-automation-set-user-verified void setUserVerified(in uint64_t authenticatorId, in boolean isUserVerified); // about:webauthn-specific functions void listen(); void runCommand(in ACString aCommand); };