зеркало из https://github.com/mozilla/gecko-dev.git
114 строки
3.5 KiB
Plaintext
114 строки
3.5 KiB
Plaintext
/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
|
* You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
*
|
|
* The origin of this IDL file is
|
|
* https://www.w3.org/TR/webauthn/
|
|
*/
|
|
|
|
/***** Interfaces to Data *****/
|
|
|
|
[SecureContext]
|
|
interface ScopedCredentialInfo {
|
|
readonly attribute ScopedCredential credential;
|
|
readonly attribute WebAuthnAttestation attestation;
|
|
};
|
|
|
|
dictionary Account {
|
|
required DOMString rpDisplayName;
|
|
required DOMString displayName;
|
|
required DOMString id;
|
|
DOMString name;
|
|
DOMString imageURL;
|
|
};
|
|
|
|
typedef (boolean or DOMString) WebAuthnAlgorithmID; // Fix when upstream there's a definition of how to serialize AlgorithmIdentifier
|
|
|
|
dictionary ScopedCredentialParameters {
|
|
required ScopedCredentialType type;
|
|
required WebAuthnAlgorithmID algorithm; // NOTE: changed from AllgorithmIdentifier because typedef (object or DOMString) not serializable
|
|
};
|
|
|
|
dictionary ScopedCredentialOptions {
|
|
unsigned long timeoutSeconds;
|
|
USVString rpId;
|
|
sequence<ScopedCredentialDescriptor> excludeList;
|
|
WebAuthnExtensions extensions;
|
|
};
|
|
|
|
[SecureContext]
|
|
interface WebAuthnAssertion {
|
|
readonly attribute ScopedCredential credential;
|
|
readonly attribute ArrayBuffer clientData;
|
|
readonly attribute ArrayBuffer authenticatorData;
|
|
readonly attribute ArrayBuffer signature;
|
|
};
|
|
|
|
dictionary AssertionOptions {
|
|
unsigned long timeoutSeconds;
|
|
USVString rpId;
|
|
sequence<ScopedCredentialDescriptor> allowList;
|
|
WebAuthnExtensions extensions;
|
|
};
|
|
|
|
dictionary WebAuthnExtensions {
|
|
};
|
|
|
|
[SecureContext]
|
|
interface WebAuthnAttestation {
|
|
readonly attribute USVString format;
|
|
readonly attribute ArrayBuffer clientData;
|
|
readonly attribute ArrayBuffer authenticatorData;
|
|
readonly attribute any attestation;
|
|
};
|
|
|
|
// Renamed from "ClientData" to avoid a collision with U2F
|
|
dictionary WebAuthnClientData {
|
|
required DOMString challenge;
|
|
required DOMString origin;
|
|
required WebAuthnAlgorithmID hashAlg; // NOTE: changed from AllgorithmIdentifier because typedef (object or DOMString) not serializable
|
|
DOMString tokenBinding;
|
|
WebAuthnExtensions extensions;
|
|
};
|
|
|
|
enum ScopedCredentialType {
|
|
"ScopedCred"
|
|
};
|
|
|
|
[SecureContext]
|
|
interface ScopedCredential {
|
|
readonly attribute ScopedCredentialType type;
|
|
readonly attribute ArrayBuffer id;
|
|
};
|
|
|
|
dictionary ScopedCredentialDescriptor {
|
|
required ScopedCredentialType type;
|
|
required BufferSource id;
|
|
sequence <WebAuthnTransport> transports;
|
|
};
|
|
|
|
// Renamed from "Transport" to avoid a collision with U2F
|
|
enum WebAuthnTransport {
|
|
"usb",
|
|
"nfc",
|
|
"ble"
|
|
};
|
|
|
|
/***** The Main API *****/
|
|
|
|
[SecureContext]
|
|
interface WebAuthentication {
|
|
Promise<ScopedCredentialInfo> makeCredential (
|
|
Account accountInformation,
|
|
sequence<ScopedCredentialParameters> cryptoParameters,
|
|
BufferSource attestationChallenge,
|
|
optional ScopedCredentialOptions options
|
|
);
|
|
|
|
Promise<WebAuthnAssertion> getAssertion (
|
|
BufferSource assertionChallenge,
|
|
optional AssertionOptions options
|
|
);
|
|
};
|