tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

webauthn.idl (14291B)

      1 // GENERATED CONTENT - DO NOT EDIT
      2 // Content was automatically extracted by Reffy into webref
      3 // (https://github.com/w3c/webref)
      4 // Source: Web Authentication: An API for accessing Public Key Credentials - Level 3 (https://w3c.github.io/webauthn/)
      5 
      6 [SecureContext, Exposed=Window]
      7 interface PublicKeyCredential : Credential {
      8    [SameObject] readonly attribute ArrayBuffer              rawId;
      9    [SameObject] readonly attribute AuthenticatorResponse    response;
     10    readonly attribute DOMString?                            authenticatorAttachment;
     11    AuthenticationExtensionsClientOutputs getClientExtensionResults();
     12    static Promise<boolean> isConditionalMediationAvailable();
     13    PublicKeyCredentialJSON toJSON();
     14 };
     15 
     16 typedef DOMString Base64URLString;
     17 // The structure of this object will be either
     18 // RegistrationResponseJSON or AuthenticationResponseJSON
     19 typedef object PublicKeyCredentialJSON;
     20 
     21 dictionary RegistrationResponseJSON {
     22    required DOMString id;
     23    required Base64URLString rawId;
     24    required AuthenticatorAttestationResponseJSON response;
     25    DOMString authenticatorAttachment;
     26    required AuthenticationExtensionsClientOutputsJSON clientExtensionResults;
     27    required DOMString type;
     28 };
     29 
     30 dictionary AuthenticatorAttestationResponseJSON {
     31    required Base64URLString clientDataJSON;
     32    required Base64URLString authenticatorData;
     33    required sequence<DOMString> transports;
     34    // The publicKey field will be missing if pubKeyCredParams was used to
     35    // negotiate a public-key algorithm that the user agent doesn't
     36    // understand. (See section “Easily accessing credential data” for a
     37    // list of which algorithms user agents must support.) If using such an
     38    // algorithm then the public key must be parsed directly from
     39    // attestationObject or authenticatorData.
     40    Base64URLString publicKey;
     41    required COSEAlgorithmIdentifier publicKeyAlgorithm;
     42    // This value contains copies of some of the fields above. See
     43    // section “Easily accessing credential data”.
     44    required Base64URLString attestationObject;
     45 };
     46 
     47 dictionary AuthenticationResponseJSON {
     48    required DOMString id;
     49    required Base64URLString rawId;
     50    required AuthenticatorAssertionResponseJSON response;
     51    DOMString authenticatorAttachment;
     52    required AuthenticationExtensionsClientOutputsJSON clientExtensionResults;
     53    required DOMString type;
     54 };
     55 
     56 dictionary AuthenticatorAssertionResponseJSON {
     57    required Base64URLString clientDataJSON;
     58    required Base64URLString authenticatorData;
     59    required Base64URLString signature;
     60    Base64URLString userHandle;
     61 };
     62 
     63 dictionary AuthenticationExtensionsClientOutputsJSON {
     64 };
     65 
     66 partial dictionary CredentialCreationOptions {
     67    PublicKeyCredentialCreationOptions      publicKey;
     68 };
     69 
     70 partial dictionary CredentialRequestOptions {
     71    PublicKeyCredentialRequestOptions      publicKey;
     72 };
     73 
     74 partial interface PublicKeyCredential {
     75    static Promise<boolean> isUserVerifyingPlatformAuthenticatorAvailable();
     76 };
     77 
     78 partial interface PublicKeyCredential {
     79    static Promise<PublicKeyCredentialClientCapabilities> getClientCapabilities();
     80 };
     81 
     82 typedef record<DOMString, boolean> PublicKeyCredentialClientCapabilities;
     83 
     84 partial interface PublicKeyCredential {
     85    static PublicKeyCredentialCreationOptions parseCreationOptionsFromJSON(PublicKeyCredentialCreationOptionsJSON options);
     86 };
     87 
     88 dictionary PublicKeyCredentialCreationOptionsJSON {
     89    required PublicKeyCredentialRpEntity                    rp;
     90    required PublicKeyCredentialUserEntityJSON              user;
     91    required Base64URLString                                challenge;
     92    required sequence<PublicKeyCredentialParameters>        pubKeyCredParams;
     93    unsigned long                                           timeout;
     94    sequence<PublicKeyCredentialDescriptorJSON>             excludeCredentials = [];
     95    AuthenticatorSelectionCriteria                          authenticatorSelection;
     96    sequence<DOMString>                                     hints = [];
     97    DOMString                                               attestation = "none";
     98    sequence<DOMString>                                     attestationFormats = [];
     99    AuthenticationExtensionsClientInputsJSON                extensions;
    100 };
    101 
    102 dictionary PublicKeyCredentialUserEntityJSON {
    103    required Base64URLString        id;
    104    required DOMString              name;
    105    required DOMString              displayName;
    106 };
    107 
    108 dictionary PublicKeyCredentialDescriptorJSON {
    109    required DOMString              type;
    110    required Base64URLString        id;
    111    sequence<DOMString>             transports;
    112 };
    113 
    114 dictionary AuthenticationExtensionsClientInputsJSON {
    115 };
    116 
    117 partial interface PublicKeyCredential {
    118    static PublicKeyCredentialRequestOptions parseRequestOptionsFromJSON(PublicKeyCredentialRequestOptionsJSON options);
    119 };
    120 
    121 dictionary PublicKeyCredentialRequestOptionsJSON {
    122    required Base64URLString                                challenge;
    123    unsigned long                                           timeout;
    124    DOMString                                               rpId;
    125    sequence<PublicKeyCredentialDescriptorJSON>             allowCredentials = [];
    126    DOMString                                               userVerification = "preferred";
    127    sequence<DOMString>                                     hints = [];
    128    AuthenticationExtensionsClientInputsJSON                extensions;
    129 };
    130 
    131 partial interface PublicKeyCredential {
    132    static Promise<undefined> signalUnknownCredential(UnknownCredentialOptions options);
    133    static Promise<undefined> signalAllAcceptedCredentials(AllAcceptedCredentialsOptions options);
    134    static Promise<undefined> signalCurrentUserDetails(CurrentUserDetailsOptions options);
    135 };
    136 
    137 dictionary UnknownCredentialOptions {
    138    required DOMString                     rpId;
    139    required Base64URLString               credentialId;
    140 };
    141 
    142 dictionary AllAcceptedCredentialsOptions {
    143    required DOMString                     rpId;
    144    required Base64URLString               userId;
    145    required sequence<Base64URLString>     allAcceptedCredentialIds;
    146 };
    147 
    148 dictionary CurrentUserDetailsOptions {
    149    required DOMString                     rpId;
    150    required Base64URLString               userId;
    151    required DOMString                     name;
    152    required DOMString                     displayName;
    153 };
    154 
    155 [SecureContext, Exposed=Window]
    156 interface AuthenticatorResponse {
    157    [SameObject] readonly attribute ArrayBuffer      clientDataJSON;
    158 };
    159 
    160 [SecureContext, Exposed=Window]
    161 interface AuthenticatorAttestationResponse : AuthenticatorResponse {
    162    [SameObject] readonly attribute ArrayBuffer      attestationObject;
    163    sequence<DOMString>                              getTransports();
    164    ArrayBuffer                                      getAuthenticatorData();
    165    ArrayBuffer?                                     getPublicKey();
    166    COSEAlgorithmIdentifier                          getPublicKeyAlgorithm();
    167 };
    168 
    169 [SecureContext, Exposed=Window]
    170 interface AuthenticatorAssertionResponse : AuthenticatorResponse {
    171    [SameObject] readonly attribute ArrayBuffer      authenticatorData;
    172    [SameObject] readonly attribute ArrayBuffer      signature;
    173    [SameObject] readonly attribute ArrayBuffer?     userHandle;
    174 };
    175 
    176 dictionary PublicKeyCredentialParameters {
    177    required DOMString                    type;
    178    required COSEAlgorithmIdentifier      alg;
    179 };
    180 
    181 dictionary PublicKeyCredentialCreationOptions {
    182    required PublicKeyCredentialRpEntity         rp;
    183    required PublicKeyCredentialUserEntity       user;
    184 
    185    required BufferSource                             challenge;
    186    required sequence<PublicKeyCredentialParameters>  pubKeyCredParams;
    187 
    188    unsigned long                                timeout;
    189    sequence<PublicKeyCredentialDescriptor>      excludeCredentials = [];
    190    AuthenticatorSelectionCriteria               authenticatorSelection;
    191    sequence<DOMString>                          hints = [];
    192    DOMString                                    attestation = "none";
    193    sequence<DOMString>                          attestationFormats = [];
    194    AuthenticationExtensionsClientInputs         extensions;
    195 };
    196 
    197 dictionary PublicKeyCredentialEntity {
    198    required DOMString    name;
    199 };
    200 
    201 dictionary PublicKeyCredentialRpEntity : PublicKeyCredentialEntity {
    202    DOMString      id;
    203 };
    204 
    205 dictionary PublicKeyCredentialUserEntity : PublicKeyCredentialEntity {
    206    required BufferSource   id;
    207    required DOMString      displayName;
    208 };
    209 
    210 dictionary AuthenticatorSelectionCriteria {
    211    DOMString                    authenticatorAttachment;
    212    DOMString                    residentKey;
    213    boolean                      requireResidentKey = false;
    214    DOMString                    userVerification = "preferred";
    215 };
    216 
    217 enum AuthenticatorAttachment {
    218    "platform",
    219    "cross-platform"
    220 };
    221 
    222 enum ResidentKeyRequirement {
    223    "discouraged",
    224    "preferred",
    225    "required"
    226 };
    227 
    228 enum AttestationConveyancePreference {
    229    "none",
    230    "indirect",
    231    "direct",
    232    "enterprise"
    233 };
    234 
    235 dictionary PublicKeyCredentialRequestOptions {
    236    required BufferSource                challenge;
    237    unsigned long                        timeout;
    238    DOMString                            rpId;
    239    sequence<PublicKeyCredentialDescriptor> allowCredentials = [];
    240    DOMString                            userVerification = "preferred";
    241    sequence<DOMString>                  hints = [];
    242    AuthenticationExtensionsClientInputs extensions;
    243 };
    244 
    245 dictionary AuthenticationExtensionsClientInputs {
    246 };
    247 
    248 dictionary AuthenticationExtensionsClientOutputs {
    249 };
    250 
    251 dictionary CollectedClientData {
    252    required DOMString           type;
    253    required DOMString           challenge;
    254    required DOMString           origin;
    255    boolean                      crossOrigin;
    256    DOMString                    topOrigin;
    257 };
    258 
    259 dictionary TokenBinding {
    260    required DOMString status;
    261    DOMString id;
    262 };
    263 
    264 enum TokenBindingStatus { "present", "supported" };
    265 
    266 enum PublicKeyCredentialType {
    267    "public-key"
    268 };
    269 
    270 dictionary PublicKeyCredentialDescriptor {
    271    required DOMString                    type;
    272    required BufferSource                 id;
    273    sequence<DOMString>                   transports;
    274 };
    275 
    276 enum AuthenticatorTransport {
    277    "usb",
    278    "nfc",
    279    "ble",
    280    "smart-card",
    281    "hybrid",
    282    "internal"
    283 };
    284 
    285 typedef long COSEAlgorithmIdentifier;
    286 
    287 enum UserVerificationRequirement {
    288    "required",
    289    "preferred",
    290    "discouraged"
    291 };
    292 
    293 enum ClientCapability {
    294    "conditionalCreate",
    295    "conditionalGet",
    296    "hybridTransport",
    297    "passkeyPlatformAuthenticator",
    298    "userVerifyingPlatformAuthenticator",
    299    "relatedOrigins",
    300    "signalAllAcceptedCredentials",
    301    "signalCurrentUserDetails",
    302    "signalUnknownCredential"
    303 };
    304 
    305 enum PublicKeyCredentialHint {
    306    "security-key",
    307    "client-device",
    308    "hybrid",
    309 };
    310 
    311 partial dictionary AuthenticationExtensionsClientInputs {
    312  DOMString appid;
    313 };
    314 partial dictionary AuthenticationExtensionsClientInputsJSON {
    315  DOMString appid;
    316 };
    317 
    318 partial dictionary AuthenticationExtensionsClientOutputs {
    319  boolean appid;
    320 };
    321 partial dictionary AuthenticationExtensionsClientOutputsJSON {
    322  boolean appid;
    323 };
    324 
    325 partial dictionary AuthenticationExtensionsClientInputs {
    326  DOMString appidExclude;
    327 };
    328 partial dictionary AuthenticationExtensionsClientInputsJSON {
    329  DOMString appidExclude;
    330 };
    331 
    332 partial dictionary AuthenticationExtensionsClientOutputs {
    333  boolean appidExclude;
    334 };
    335 partial dictionary AuthenticationExtensionsClientOutputsJSON {
    336  boolean appidExclude;
    337 };
    338 
    339 partial dictionary AuthenticationExtensionsClientInputs {
    340    boolean credProps;
    341 };
    342 partial dictionary AuthenticationExtensionsClientInputsJSON {
    343    boolean credProps;
    344 };
    345 
    346 dictionary CredentialPropertiesOutput {
    347    boolean rk;
    348 };
    349 
    350 partial dictionary AuthenticationExtensionsClientOutputs {
    351    CredentialPropertiesOutput credProps;
    352 };
    353 partial dictionary AuthenticationExtensionsClientOutputsJSON {
    354    CredentialPropertiesOutput credProps;
    355 };
    356 
    357 dictionary AuthenticationExtensionsPRFValues {
    358    required BufferSource first;
    359    BufferSource second;
    360 };
    361 dictionary AuthenticationExtensionsPRFValuesJSON {
    362    required Base64URLString first;
    363    Base64URLString second;
    364 };
    365 
    366 dictionary AuthenticationExtensionsPRFInputs {
    367    AuthenticationExtensionsPRFValues eval;
    368    record<DOMString, AuthenticationExtensionsPRFValues> evalByCredential;
    369 };
    370 dictionary AuthenticationExtensionsPRFInputsJSON {
    371    AuthenticationExtensionsPRFValuesJSON eval;
    372    record<DOMString, AuthenticationExtensionsPRFValuesJSON> evalByCredential;
    373 };
    374 
    375 partial dictionary AuthenticationExtensionsClientInputs {
    376    AuthenticationExtensionsPRFInputs prf;
    377 };
    378 partial dictionary AuthenticationExtensionsClientInputsJSON {
    379    AuthenticationExtensionsPRFInputsJSON prf;
    380 };
    381 
    382 dictionary AuthenticationExtensionsPRFOutputs {
    383    boolean enabled;
    384    AuthenticationExtensionsPRFValues results;
    385 };
    386 dictionary AuthenticationExtensionsPRFOutputsJSON {
    387    boolean enabled;
    388    AuthenticationExtensionsPRFValuesJSON results;
    389 };
    390 
    391 partial dictionary AuthenticationExtensionsClientOutputs {
    392    AuthenticationExtensionsPRFOutputs prf;
    393 };
    394 partial dictionary AuthenticationExtensionsClientOutputsJSON {
    395    AuthenticationExtensionsPRFOutputsJSON prf;
    396 };
    397 
    398 partial dictionary AuthenticationExtensionsClientInputs {
    399    AuthenticationExtensionsLargeBlobInputs largeBlob;
    400 };
    401 partial dictionary AuthenticationExtensionsClientInputsJSON {
    402    AuthenticationExtensionsLargeBlobInputsJSON largeBlob;
    403 };
    404 
    405 enum LargeBlobSupport {
    406  "required",
    407  "preferred",
    408 };
    409 
    410 dictionary AuthenticationExtensionsLargeBlobInputs {
    411    DOMString support;
    412    boolean read;
    413    BufferSource write;
    414 };
    415 dictionary AuthenticationExtensionsLargeBlobInputsJSON {
    416    DOMString support;
    417    boolean read;
    418    Base64URLString write;
    419 };
    420 
    421 partial dictionary AuthenticationExtensionsClientOutputs {
    422    AuthenticationExtensionsLargeBlobOutputs largeBlob;
    423 };
    424 partial dictionary AuthenticationExtensionsClientOutputsJSON {
    425    AuthenticationExtensionsLargeBlobOutputsJSON largeBlob;
    426 };
    427 
    428 dictionary AuthenticationExtensionsLargeBlobOutputs {
    429    boolean supported;
    430    ArrayBuffer blob;
    431    boolean written;
    432 };
    433 dictionary AuthenticationExtensionsLargeBlobOutputsJSON {
    434    boolean supported;
    435    Base64URLString blob;
    436    boolean written;
    437 };