From fe16d4afff35b886d30084b664715a38692b7148 Mon Sep 17 00:00:00 2001 From: Kagami Sascha Rosylight Date: Wed, 5 Jun 2019 16:02:45 +0900 Subject: [PATCH] add Web Authentication types --- baselines/dom.generated.d.ts | 133 +++++++++++++++ inputfiles/idl/Web Authentication.widl | 224 +++++++++++++++++++++++++ inputfiles/idlSources.json | 4 + 3 files changed, 361 insertions(+) create mode 100644 inputfiles/idl/Web Authentication.widl diff --git a/baselines/dom.generated.d.ts b/baselines/dom.generated.d.ts index e527838fc..d86793910 100644 --- a/baselines/dom.generated.d.ts +++ b/baselines/dom.generated.d.ts @@ -133,6 +133,34 @@ interface AudioWorkletNodeOptions extends AudioNodeOptions { processorOptions?: any; } +interface AuthenticationExtensionsClientInputs { + appid?: string; + authnSel?: AuthenticatorSelectionList; + exts?: boolean; + loc?: boolean; + txAuthGeneric?: txAuthGenericArg; + txAuthSimple?: string; + uvi?: boolean; + uvm?: boolean; +} + +interface AuthenticationExtensionsClientOutputs { + appid?: boolean; + authnSel?: boolean; + exts?: AuthenticationExtensionsSupported; + loc?: Coordinates; + txAuthGeneric?: ArrayBuffer; + txAuthSimple?: string; + uvi?: ArrayBuffer; + uvm?: UvmEntries; +} + +interface AuthenticatorSelectionCriteria { + authenticatorAttachment?: AuthenticatorAttachment; + requireResidentKey?: boolean; + userVerification?: UserVerificationRequirement; +} + interface BiquadFilterOptions extends AudioNodeOptions { Q?: number; detune?: number; @@ -251,11 +279,13 @@ interface ConvolverOptions extends AudioNodeOptions { } interface CredentialCreationOptions { + publicKey?: PublicKeyCredentialCreationOptions; signal?: AbortSignal; } interface CredentialRequestOptions { mediation?: CredentialMediationRequirement; + publicKey?: PublicKeyCredentialRequestOptions; signal?: AbortSignal; } @@ -1033,6 +1063,52 @@ interface PropertyIndexedKeyframes { [property: string]: string | string[] | number | null | (number | null)[] | undefined; } +interface PublicKeyCredentialCreationOptions { + attestation?: AttestationConveyancePreference; + authenticatorSelection?: AuthenticatorSelectionCriteria; + challenge: BufferSource; + excludeCredentials?: PublicKeyCredentialDescriptor[]; + extensions?: AuthenticationExtensionsClientInputs; + pubKeyCredParams: PublicKeyCredentialParameters[]; + rp: PublicKeyCredentialRpEntity; + timeout?: number; + user: PublicKeyCredentialUserEntity; +} + +interface PublicKeyCredentialDescriptor { + id: BufferSource; + transports?: AuthenticatorTransport[]; + type: PublicKeyCredentialType; +} + +interface PublicKeyCredentialEntity { + icon?: string; + name: string; +} + +interface PublicKeyCredentialParameters { + alg: COSEAlgorithmIdentifier; + type: PublicKeyCredentialType; +} + +interface PublicKeyCredentialRequestOptions { + allowCredentials?: PublicKeyCredentialDescriptor[]; + challenge: BufferSource; + extensions?: AuthenticationExtensionsClientInputs; + rpId?: string; + timeout?: number; + userVerification?: UserVerificationRequirement; +} + +interface PublicKeyCredentialRpEntity extends PublicKeyCredentialEntity { + id?: string; +} + +interface PublicKeyCredentialUserEntity extends PublicKeyCredentialEntity { + displayName: string; + id: BufferSource; +} + interface PushPermissionDescriptor extends PermissionDescriptor { name: "push"; userVisibleOnly?: boolean; @@ -1761,6 +1837,11 @@ interface WorkletOptions { credentials?: RequestCredentials; } +interface txAuthGenericArg { + content: ArrayBuffer; + contentType: string; +} + interface EventListener { (evt: Event): void; } @@ -2286,6 +2367,35 @@ declare var AudioWorkletNode: { new(context: BaseAudioContext, name: string, options?: AudioWorkletNodeOptions): AudioWorkletNode; }; +interface AuthenticatorAssertionResponse extends AuthenticatorResponse { + readonly authenticatorData: ArrayBuffer; + readonly signature: ArrayBuffer; + readonly userHandle: ArrayBuffer | null; +} + +declare var AuthenticatorAssertionResponse: { + prototype: AuthenticatorAssertionResponse; + new(): AuthenticatorAssertionResponse; +}; + +interface AuthenticatorAttestationResponse extends AuthenticatorResponse { + readonly attestationObject: ArrayBuffer; +} + +declare var AuthenticatorAttestationResponse: { + prototype: AuthenticatorAttestationResponse; + new(): AuthenticatorAttestationResponse; +}; + +interface AuthenticatorResponse { + readonly clientDataJSON: ArrayBuffer; +} + +declare var AuthenticatorResponse: { + prototype: AuthenticatorResponse; + new(): AuthenticatorResponse; +}; + interface BarProp { readonly visible: boolean; } @@ -11830,6 +11940,18 @@ declare var PromiseRejectionEvent: { new(type: string, eventInitDict: PromiseRejectionEventInit): PromiseRejectionEvent; }; +interface PublicKeyCredential extends Credential { + readonly rawId: ArrayBuffer; + readonly response: AuthenticatorResponse; + getClientExtensionResults(): AuthenticationExtensionsClientOutputs; +} + +declare var PublicKeyCredential: { + prototype: PublicKeyCredential; + new(): PublicKeyCredential; + isUserVerifyingPlatformAuthenticatorAvailable(): Promise; +}; + /** This Push API interface provides a way to receive notifications from third-party servers as well as request URLs for push notifications. */ interface PushManager { getSubscription(): Promise; @@ -18776,6 +18898,12 @@ type ConstrainBoolean = boolean | ConstrainBooleanParameters; type ConstrainDOMString = string | string[] | ConstrainDOMStringParameters; type PerformanceEntryList = PerformanceEntry[]; type VibratePattern = number | number[]; +type COSEAlgorithmIdentifier = number; +type AuthenticatorSelectionList = AAGUID[]; +type AAGUID = BufferSource; +type AuthenticationExtensionsSupported = string[]; +type UvmEntry = number[]; +type UvmEntries = UvmEntry[]; type AlgorithmIdentifier = string | Algorithm; type HashAlgorithmIdentifier = AlgorithmIdentifier; type BigInteger = Uint8Array; @@ -18810,8 +18938,11 @@ type WindowProxy = Window; type AlignSetting = "start" | "center" | "end" | "left" | "right"; type AnimationPlayState = "idle" | "running" | "paused" | "finished"; type AppendMode = "segments" | "sequence"; +type AttestationConveyancePreference = "none" | "indirect" | "direct"; type AudioContextLatencyCategory = "balanced" | "interactive" | "playback"; type AudioContextState = "suspended" | "running" | "closed"; +type AuthenticatorAttachment = "platform" | "cross-platform"; +type AuthenticatorTransport = "usb" | "nfc" | "ble" | "internal"; type AutoKeyword = "auto"; type AutomationRate = "a-rate" | "k-rate"; type BinaryType = "blob" | "arraybuffer"; @@ -18877,6 +19008,7 @@ type PermissionName = "geolocation" | "notifications" | "push" | "midi" | "camer type PermissionState = "granted" | "denied" | "prompt"; type PlaybackDirection = "normal" | "reverse" | "alternate" | "alternate-reverse"; type PositionAlignSetting = "line-left" | "center" | "line-right" | "auto"; +type PublicKeyCredentialType = "public-key"; type PushEncryptionKeyName = "p256dh" | "auth"; type PushPermissionState = "denied" | "granted" | "prompt"; type RTCBundlePolicy = "balanced" | "max-compat" | "max-bundle"; @@ -18932,6 +19064,7 @@ type TextTrackKind = "subtitles" | "captions" | "descriptions" | "chapters" | "m type TextTrackMode = "disabled" | "hidden" | "showing"; type TouchType = "direct" | "stylus"; type Transport = "usb" | "nfc" | "ble"; +type UserVerificationRequirement = "required" | "preferred" | "discouraged"; type VRDisplayEventReason = "mounted" | "navigation" | "requested" | "unmounted"; type VideoFacingModeEnum = "user" | "environment" | "left" | "right"; type VisibilityState = "hidden" | "visible" | "prerender"; diff --git a/inputfiles/idl/Web Authentication.widl b/inputfiles/idl/Web Authentication.widl new file mode 100644 index 000000000..fe0aefe46 --- /dev/null +++ b/inputfiles/idl/Web Authentication.widl @@ -0,0 +1,224 @@ +[SecureContext, Exposed=Window] +interface PublicKeyCredential : Credential { + [SameObject] readonly attribute ArrayBuffer rawId; + [SameObject] readonly attribute AuthenticatorResponse response; + AuthenticationExtensionsClientOutputs getClientExtensionResults(); +}; + +partial dictionary CredentialCreationOptions { + PublicKeyCredentialCreationOptions publicKey; +}; + +partial dictionary CredentialRequestOptions { + PublicKeyCredentialRequestOptions publicKey; +}; + +partial interface PublicKeyCredential { + static Promise isUserVerifyingPlatformAuthenticatorAvailable(); +}; + +[SecureContext, Exposed=Window] +interface AuthenticatorResponse { + [SameObject] readonly attribute ArrayBuffer clientDataJSON; +}; + +[SecureContext, Exposed=Window] +interface AuthenticatorAttestationResponse : AuthenticatorResponse { + [SameObject] readonly attribute ArrayBuffer attestationObject; +}; + +[SecureContext, Exposed=Window] +interface AuthenticatorAssertionResponse : AuthenticatorResponse { + [SameObject] readonly attribute ArrayBuffer authenticatorData; + [SameObject] readonly attribute ArrayBuffer signature; + [SameObject] readonly attribute ArrayBuffer? userHandle; +}; + +dictionary PublicKeyCredentialParameters { + required PublicKeyCredentialType type; + required COSEAlgorithmIdentifier alg; +}; + +dictionary PublicKeyCredentialCreationOptions { + required PublicKeyCredentialRpEntity rp; + required PublicKeyCredentialUserEntity user; + + required BufferSource challenge; + required sequence pubKeyCredParams; + + unsigned long timeout; + sequence excludeCredentials = []; + AuthenticatorSelectionCriteria authenticatorSelection; + AttestationConveyancePreference attestation = "none"; + AuthenticationExtensionsClientInputs extensions; +}; + +dictionary PublicKeyCredentialEntity { + required DOMString name; + USVString icon; +}; + +dictionary PublicKeyCredentialRpEntity : PublicKeyCredentialEntity { + DOMString id; +}; + +dictionary PublicKeyCredentialUserEntity : PublicKeyCredentialEntity { + required BufferSource id; + required DOMString displayName; +}; + +dictionary AuthenticatorSelectionCriteria { + AuthenticatorAttachment authenticatorAttachment; + boolean requireResidentKey = false; + UserVerificationRequirement userVerification = "preferred"; +}; + +enum AuthenticatorAttachment { + "platform", + "cross-platform" +}; + +enum AttestationConveyancePreference { + "none", + "indirect", + "direct" +}; + +dictionary PublicKeyCredentialRequestOptions { + required BufferSource challenge; + unsigned long timeout; + USVString rpId; + sequence allowCredentials = []; + UserVerificationRequirement userVerification = "preferred"; + AuthenticationExtensionsClientInputs extensions; +}; + +dictionary AuthenticationExtensionsClientInputs { +}; + +dictionary AuthenticationExtensionsClientOutputs { +}; + +typedef record AuthenticationExtensionsAuthenticatorInputs; + +dictionary CollectedClientData { + required DOMString type; + required DOMString challenge; + required DOMString origin; + TokenBinding tokenBinding; +}; + +dictionary TokenBinding { + required TokenBindingStatus status; + DOMString id; +}; + +enum TokenBindingStatus { "present", "supported" }; + +enum PublicKeyCredentialType { + "public-key" +}; + +dictionary PublicKeyCredentialDescriptor { + required PublicKeyCredentialType type; + required BufferSource id; + sequence transports; +}; + +enum AuthenticatorTransport { + "usb", + "nfc", + "ble", + "internal" +}; + +typedef long COSEAlgorithmIdentifier; + +enum UserVerificationRequirement { + "required", + "preferred", + "discouraged" +}; + +partial dictionary AuthenticationExtensionsClientInputs { + USVString appid; +}; + +partial dictionary AuthenticationExtensionsClientOutputs { + boolean appid; +}; + +partial dictionary AuthenticationExtensionsClientInputs { + USVString txAuthSimple; +}; + +partial dictionary AuthenticationExtensionsClientOutputs { + USVString txAuthSimple; +}; + +dictionary txAuthGenericArg { + required USVString contentType; // MIME-Type of the content, e.g., "image/png" + required ArrayBuffer content; +}; + +partial dictionary AuthenticationExtensionsClientInputs { + txAuthGenericArg txAuthGeneric; +}; + +partial dictionary AuthenticationExtensionsClientOutputs { + ArrayBuffer txAuthGeneric; +}; + +typedef sequence AuthenticatorSelectionList; + +partial dictionary AuthenticationExtensionsClientInputs { + AuthenticatorSelectionList authnSel; +}; + +typedef BufferSource AAGUID; + +partial dictionary AuthenticationExtensionsClientOutputs { + boolean authnSel; +}; + +partial dictionary AuthenticationExtensionsClientInputs { + boolean exts; +}; + +typedef sequence AuthenticationExtensionsSupported; + +partial dictionary AuthenticationExtensionsClientOutputs { + AuthenticationExtensionsSupported exts; +}; + +partial dictionary AuthenticationExtensionsClientInputs { + boolean uvi; +}; + +partial dictionary AuthenticationExtensionsClientOutputs { + ArrayBuffer uvi; +}; + +partial dictionary AuthenticationExtensionsClientInputs { + boolean loc; +}; + +partial dictionary AuthenticationExtensionsClientOutputs { + Coordinates loc; +}; + +partial dictionary AuthenticationExtensionsClientInputs { + boolean uvm; +}; + +typedef sequence UvmEntry; +typedef sequence UvmEntries; + +partial dictionary AuthenticationExtensionsClientOutputs { + UvmEntries uvm; +}; + +dictionary authenticatorBiometricPerfBounds{ + float FAR; + float FRR; + }; diff --git a/inputfiles/idlSources.json b/inputfiles/idlSources.json index 6f9d6b1c5..4b424be09 100644 --- a/inputfiles/idlSources.json +++ b/inputfiles/idlSources.json @@ -367,6 +367,10 @@ "url": "https://webaudio.github.io/web-audio-api/", "title": "Web Audio" }, + { + "url": "https://www.w3.org/TR/2019/REC-webauthn-1-20190304/", + "title": "Web Authentication" + }, { "url": "https://wicg.github.io/BackgroundSync/spec/", "title": "Web Background Synchronization"