diff options
Diffstat (limited to 'dom/webidl/WebAuthentication.webidl')
| -rw-r--r-- | dom/webidl/WebAuthentication.webidl | 161 |
1 files changed, 161 insertions, 0 deletions
diff --git a/dom/webidl/WebAuthentication.webidl b/dom/webidl/WebAuthentication.webidl new file mode 100644 index 0000000000..9dbad85b64 --- /dev/null +++ b/dom/webidl/WebAuthentication.webidl @@ -0,0 +1,161 @@ +/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. + * + * The origin of this IDL file is + * https://w3c.github.io/webauthn/ + */ + +/***** Interfaces to Data *****/ + +[SecureContext, Pref="security.webauth.webauthn", + Exposed=Window] +interface PublicKeyCredential : Credential { + [SameObject, Throws] readonly attribute ArrayBuffer rawId; + [SameObject] readonly attribute AuthenticatorResponse response; + AuthenticationExtensionsClientOutputs getClientExtensionResults(); +}; + +[SecureContext] +partial interface PublicKeyCredential { + [NewObject] static Promise<boolean> isUserVerifyingPlatformAuthenticatorAvailable(); + // isExternalCTAP2SecurityKeySupported is non-standard; see Bug 1526023 + [NewObject] static Promise<boolean> isExternalCTAP2SecurityKeySupported(); +}; + +[SecureContext, Pref="security.webauth.webauthn", + Exposed=Window] +interface AuthenticatorResponse { + [SameObject, Throws] readonly attribute ArrayBuffer clientDataJSON; +}; + +[SecureContext, Pref="security.webauth.webauthn", + Exposed=Window] +interface AuthenticatorAttestationResponse : AuthenticatorResponse { + [SameObject, Throws] readonly attribute ArrayBuffer attestationObject; +}; + +[SecureContext, Pref="security.webauth.webauthn", + Exposed=Window] +interface AuthenticatorAssertionResponse : AuthenticatorResponse { + [SameObject, Throws] readonly attribute ArrayBuffer authenticatorData; + [SameObject, Throws] readonly attribute ArrayBuffer signature; + [SameObject, Throws] readonly attribute ArrayBuffer? userHandle; +}; + +dictionary PublicKeyCredentialParameters { + required DOMString type; + required COSEAlgorithmIdentifier alg; +}; + +dictionary PublicKeyCredentialCreationOptions { + required PublicKeyCredentialRpEntity rp; + required PublicKeyCredentialUserEntity user; + + required BufferSource challenge; + required sequence<PublicKeyCredentialParameters> pubKeyCredParams; + + unsigned long timeout; + sequence<PublicKeyCredentialDescriptor> excludeCredentials = []; + // FIXME: bug 1493860: should this "= {}" be here? + AuthenticatorSelectionCriteria authenticatorSelection = {}; + DOMString attestation = "none"; + // FIXME: bug 1493860: should this "= {}" be here? + AuthenticationExtensionsClientInputs extensions = {}; +}; + +dictionary PublicKeyCredentialEntity { + required DOMString name; + USVString icon; +}; + +dictionary PublicKeyCredentialRpEntity : PublicKeyCredentialEntity { + DOMString id; +}; + +dictionary PublicKeyCredentialUserEntity : PublicKeyCredentialEntity { + required BufferSource id; + required DOMString displayName; +}; + +dictionary AuthenticatorSelectionCriteria { + DOMString authenticatorAttachment; + DOMString residentKey; + boolean requireResidentKey = false; + DOMString userVerification = "preferred"; +}; + +dictionary PublicKeyCredentialRequestOptions { + required BufferSource challenge; + unsigned long timeout; + USVString rpId; + sequence<PublicKeyCredentialDescriptor> allowCredentials = []; + DOMString userVerification = "preferred"; + // FIXME: bug 1493860: should this "= {}" be here? + AuthenticationExtensionsClientInputs extensions = {}; +}; + +// TODO - Use partial dictionaries when bug 1436329 is fixed. +dictionary AuthenticationExtensionsClientInputs { + // FIDO AppID Extension (appid) + // <https://w3c.github.io/webauthn/#sctn-appid-extension> + USVString appid; + + // hmac-secret + // <https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html#sctn-hmac-secret-extension> + boolean hmacCreateSecret; +}; + +// TODO - Use partial dictionaries when bug 1436329 is fixed. +dictionary AuthenticationExtensionsClientOutputs { + // FIDO AppID Extension (appid) + // <https://w3c.github.io/webauthn/#sctn-appid-extension> + boolean appid; + + // <https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html#sctn-hmac-secret-extension> + boolean hmacCreateSecret; +}; + +typedef record<DOMString, DOMString> AuthenticationExtensionsAuthenticatorInputs; + +[GenerateToJSON] +dictionary CollectedClientData { + required DOMString type; + required DOMString challenge; + required DOMString origin; + TokenBinding tokenBinding; +}; + +dictionary TokenBinding { + required DOMString status; + DOMString id; +}; + +dictionary PublicKeyCredentialDescriptor { + required DOMString type; + required BufferSource id; + // Transports is a string that is matched against the AuthenticatorTransport + // enumeration so that we have forward-compatibility for new transports. + sequence<DOMString> transports; +}; + +typedef long COSEAlgorithmIdentifier; + +typedef sequence<AAGUID> AuthenticatorSelectionList; + +typedef BufferSource AAGUID; + +/* +// FIDO AppID Extension (appid) +// <https://w3c.github.io/webauthn/#sctn-appid-extension> +partial dictionary AuthenticationExtensionsClientInputs { + USVString appid; +}; + +// FIDO AppID Extension (appid) +// <https://w3c.github.io/webauthn/#sctn-appid-extension> +partial dictionary AuthenticationExtensionsClientOutputs { + boolean appid; +}; +*/ |