Google Git
Sign in
chromium / devtools / devtools-frontend.git / HEAD / . / node_modules / devtools-protocol / pdl / domains / WebAuthn.pdl
blob: 0ef007ce2ac4102334d3c694f7bc9ec8e73c3889 [file] [log] [blame]
# Copyright 2017 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
#
# Contributing to Chrome DevTools Protocol: https://goo.gle/devtools-contribution-guide-cdp
# This domain allows configuring virtual authenticators to test the WebAuthn
# API.
experimental domain WebAuthn
type AuthenticatorId extends string
type AuthenticatorProtocol extends string
enum
# Universal 2nd Factor.
u2f
# Client To Authenticator Protocol 2.
ctap2
type Ctap2Version extends string
enum
ctap2_0
ctap2_1
type AuthenticatorTransport extends string
enum
# Cross-Platform authenticator attachments:
usb
nfc
ble
cable
# Platform authenticator attachment:
internal
type VirtualAuthenticatorOptions extends object
properties
AuthenticatorProtocol protocol
# Defaults to ctap2_0. Ignored if |protocol| == u2f.
optional Ctap2Version ctap2Version
AuthenticatorTransport transport
# Defaults to false.
optional boolean hasResidentKey
# Defaults to false.
optional boolean hasUserVerification
# If set to true, the authenticator will support the largeBlob extension.
# https://w3c.github.io/webauthn#largeBlob
# Defaults to false.
optional boolean hasLargeBlob
# If set to true, the authenticator will support the credBlob extension.
# https://fidoalliance.org/specs/fido-v2.1-rd-20201208/fido-client-to-authenticator-protocol-v2.1-rd-20201208.html#sctn-credBlob-extension
# Defaults to false.
optional boolean hasCredBlob
# If set to true, the authenticator will support the minPinLength extension.
# https://fidoalliance.org/specs/fido-v2.1-ps-20210615/fido-client-to-authenticator-protocol-v2.1-ps-20210615.html#sctn-minpinlength-extension
# Defaults to false.
optional boolean hasMinPinLength
# If set to true, the authenticator will support the prf extension.
# https://w3c.github.io/webauthn/#prf-extension
# Defaults to false.
optional boolean hasPrf
# If set to true, tests of user presence will succeed immediately.
# Otherwise, they will not be resolved. Defaults to true.
optional boolean automaticPresenceSimulation
# Sets whether User Verification succeeds or fails for an authenticator.
# Defaults to false.
optional boolean isUserVerified
# Credentials created by this authenticator will have the backup
# eligibility (BE) flag set to this value. Defaults to false.
# https://w3c.github.io/webauthn/#sctn-credential-backup
optional boolean defaultBackupEligibility
# Credentials created by this authenticator will have the backup state
# (BS) flag set to this value. Defaults to false.
# https://w3c.github.io/webauthn/#sctn-credential-backup
optional boolean defaultBackupState
type Credential extends object
properties
binary credentialId
boolean isResidentCredential
# Relying Party ID the credential is scoped to. Must be set when adding a
# credential.
optional string rpId
# The ECDSA P-256 private key in PKCS#8 format.
binary privateKey
# An opaque byte sequence with a maximum size of 64 bytes mapping the
# credential to a specific user.
optional binary userHandle
# Signature counter. This is incremented by one for each successful
# assertion.
# See https://w3c.github.io/webauthn/#signature-counter
integer signCount
# The large blob associated with the credential.
# See https://w3c.github.io/webauthn/#sctn-large-blob-extension
optional binary largeBlob
# Assertions returned by this credential will have the backup eligibility
# (BE) flag set to this value. Defaults to the authenticator's
# defaultBackupEligibility value.
optional boolean backupEligibility
# Assertions returned by this credential will have the backup state (BS)
# flag set to this value. Defaults to the authenticator's
# defaultBackupState value.
optional boolean backupState
# The credential's user.name property. Equivalent to empty if not set.
# https://w3c.github.io/webauthn/#dom-publickeycredentialentity-name
optional string userName
# The credential's user.displayName property. Equivalent to empty if
# not set.
# https://w3c.github.io/webauthn/#dom-publickeycredentialuserentity-displayname
optional string userDisplayName
# Enable the WebAuthn domain and start intercepting credential storage and
# retrieval with a virtual authenticator.
command enable
parameters
# Whether to enable the WebAuthn user interface. Enabling the UI is
# recommended for debugging and demo purposes, as it is closer to the real
# experience. Disabling the UI is recommended for automated testing.
# Supported at the embedder's discretion if UI is available.
# Defaults to false.
optional boolean enableUI
# Disable the WebAuthn domain.
command disable
# Creates and adds a virtual authenticator.
command addVirtualAuthenticator
parameters
VirtualAuthenticatorOptions options
returns
AuthenticatorId authenticatorId
# Resets parameters isBogusSignature, isBadUV, isBadUP to false if they are not present.
command setResponseOverrideBits
parameters
AuthenticatorId authenticatorId
# If isBogusSignature is set, overrides the signature in the authenticator response to be zero.
# Defaults to false.
optional boolean isBogusSignature
# If isBadUV is set, overrides the UV bit in the flags in the authenticator response to
# be zero. Defaults to false.
optional boolean isBadUV
# If isBadUP is set, overrides the UP bit in the flags in the authenticator response to
# be zero. Defaults to false.
optional boolean isBadUP
# Removes the given authenticator.
command removeVirtualAuthenticator
parameters
AuthenticatorId authenticatorId
# Adds the credential to the specified authenticator.
command addCredential
parameters
AuthenticatorId authenticatorId
Credential credential
# Returns a single credential stored in the given virtual authenticator that
# matches the credential ID.
command getCredential
parameters
AuthenticatorId authenticatorId
binary credentialId
returns
Credential credential
# Returns all the credentials stored in the given virtual authenticator.
command getCredentials
parameters
AuthenticatorId authenticatorId
returns
array of Credential credentials
# Removes a credential from the authenticator.
command removeCredential
parameters
AuthenticatorId authenticatorId
binary credentialId
# Clears all the credentials from the specified device.
command clearCredentials
parameters
AuthenticatorId authenticatorId
# Sets whether User Verification succeeds or fails for an authenticator.
# The default is true.
command setUserVerified
parameters
AuthenticatorId authenticatorId
boolean isUserVerified
# Sets whether tests of user presence will succeed immediately (if true) or fail to resolve (if false) for an authenticator.
# The default is true.
command setAutomaticPresenceSimulation
parameters
AuthenticatorId authenticatorId
boolean enabled
# Allows setting credential properties.
# https://w3c.github.io/webauthn/#sctn-automation-set-credential-properties
command setCredentialProperties
parameters
AuthenticatorId authenticatorId
binary credentialId
optional boolean backupEligibility
optional boolean backupState
# Triggered when a credential is added to an authenticator.
event credentialAdded
parameters
AuthenticatorId authenticatorId
Credential credential
# Triggered when a credential is deleted, e.g. through
# PublicKeyCredential.signalUnknownCredential().
event credentialDeleted
parameters
AuthenticatorId authenticatorId
binary credentialId
# Triggered when a credential is updated, e.g. through
# PublicKeyCredential.signalCurrentUserDetails().
event credentialUpdated
parameters
AuthenticatorId authenticatorId
Credential credential
# Triggered when a credential is used in a webauthn assertion.
event credentialAsserted
parameters
AuthenticatorId authenticatorId
Credential credential