dom/webauthn/nsIWebAuthnArgs.idl

   1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
   2 /* This Source Code Form is subject to the terms of the Mozilla Public
   3  * License, v. 2.0. If a copy of the MPL was not distributed with this
   4  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   5
   6 #include "nsISupports.idl"
   7
   8 typedef long COSEAlgorithmIdentifier;
   9
  10 [uuid(2fc8febe-a277-11ed-bda2-8f6495a5e75c)]
  11 interface nsIWebAuthnRegisterArgs : nsISupports {
  12     // TODO(Bug 1820035) The origin is only used for prompt callbacks. Refactor and remove.
  13     readonly attribute AString origin;
  14
  15     readonly attribute Array<octet> challenge;
  16
  17     readonly attribute ACString clientDataJSON;
  18
  19     readonly attribute Array<octet> clientDataHash;
  20
  21     // A PublicKeyCredentialRpEntity
  22     readonly attribute AString rpId;
  23     [must_use] readonly attribute AString rpName;
  24
  25     // A PublicKeyCredentialUserEntity
  26     [must_use] readonly attribute Array<octet> userId;
  27     [must_use] readonly attribute AString userName;
  28     [must_use] readonly attribute AString userDisplayName;
  29
  30     // The spec defines this as a sequence<PublicKeyCredentialParameters>.
  31     // We require type = "public-key" and only serialize the alg fields.
  32     [must_use] readonly attribute Array<COSEAlgorithmIdentifier> coseAlgs;
  33
  34     // The spec defines this as a sequence<PublicKeyCredentialDescriptor>,
  35     // we use separate arrays for the credential IDs and transports.
  36     readonly attribute Array<Array<octet> > excludeList;
  37     readonly attribute Array<octet> excludeListTransports;
  38
  39     // CTAP2 passes extensions in a CBOR map of extension identifier ->
  40     // WebAuthn AuthenticationExtensionsClientInputs. That's not feasible here.
  41     // So we define a getter for each supported extension input and use the
  42     // return code to signal presence.
  43     [must_use] readonly attribute boolean credProps;
  44     [must_use] readonly attribute boolean hmacCreateSecret;
  45     [must_use] readonly attribute boolean minPinLength;
  46     [must_use] readonly attribute boolean prf;
  47     [must_use] readonly attribute Array<octet> prfEvalFirst;
  48     [must_use] readonly attribute Array<octet> prfEvalSecond;
  49
  50     // Options.
  51     readonly attribute AString residentKey;
  52     readonly attribute AString userVerification;
  53     [must_use] readonly attribute AString authenticatorAttachment;
  54
  55     // This is the WebAuthn PublicKeyCredentialCreationOptions timeout.
  56     // Arguably we don't need to pass it through since WebAuthnController can
  57     // cancel transactions.
  58     readonly attribute uint32_t timeoutMS;
  59
  60     // This is the WebAuthn PublicKeyCredentialCreationOptions attestation.
  61     // We might overwrite the provided value with "none" if the user declines the
  62     // consent popup.
  63     [must_use] readonly attribute AString attestationConveyancePreference;
  64 };
  65
  66 [uuid(2e621cf4-a277-11ed-ae00-bf41a54ef553)]
  67 interface nsIWebAuthnSignArgs : nsISupports {
  68     // TODO(Bug 1820035) The origin is only used for prompt callbacks. Refactor and remove.
  69     readonly attribute AString origin;
  70
  71     // The spec only asks for the ID field of a PublicKeyCredentialRpEntity here
  72     readonly attribute AString rpId;
  73
  74     readonly attribute Array<octet> challenge;
  75
  76     readonly attribute ACString clientDataJSON;
  77
  78     readonly attribute Array<octet> clientDataHash;
  79
  80     // The spec defines this as a sequence<PublicKeyCredentialDescriptor>,
  81     // we use separate arrays for the credential IDs and transports.
  82     readonly attribute Array<Array<octet> > allowList;
  83     readonly attribute Array<octet> allowListTransports;
  84
  85     // CTAP2 passes extensions in a CBOR map of extension identifier ->
  86     // WebAuthn AuthenticationExtensionsClientInputs. That's not feasible here.
  87     // So we define a getter for each supported extension input and use the
  88     // return code to signal presence.
  89     [must_use] readonly attribute boolean hmacCreateSecret;
  90     [must_use] readonly attribute AString appId;
  91     [must_use] readonly attribute boolean prf;
  92     [must_use] readonly attribute Array<octet> prfEvalFirst;
  93     [must_use] readonly attribute Array<octet> prfEvalSecond;
  94     [must_use] readonly attribute Array<Array<octet> > prfEvalByCredentialCredentialId;
  95     [must_use] readonly attribute Array<Array<octet> > prfEvalByCredentialEvalFirst;
  96     [must_use] readonly attribute Array<boolean> prfEvalByCredentialEvalSecondMaybe;
  97     [must_use] readonly attribute Array<Array<octet> > prfEvalByCredentialEvalSecond;
  98
  99     // Options
 100     [must_use] readonly attribute AString userVerification;
 101
 102     // This is the WebAuthn PublicKeyCredentialCreationOptions timeout.
 103     // Arguably we don't need to pass it through since WebAuthnController can
 104     // cancel transactions.
 105     readonly attribute unsigned long timeoutMS;
 106
 107     readonly attribute boolean conditionallyMediated;
 108 };