@capawesome/capacitor-passkeys 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CapawesomeCapacitorPasskeys.podspec +17 -0
- package/LICENSE +21 -0
- package/Package.swift +28 -0
- package/README.md +472 -0
- package/android/build.gradle +61 -0
- package/android/src/main/AndroidManifest.xml +2 -0
- package/android/src/main/java/io/capawesome/capacitorjs/plugins/passkeys/Passkeys.java +173 -0
- package/android/src/main/java/io/capawesome/capacitorjs/plugins/passkeys/PasskeysPlugin.java +115 -0
- package/android/src/main/java/io/capawesome/capacitorjs/plugins/passkeys/classes/CustomException.java +20 -0
- package/android/src/main/java/io/capawesome/capacitorjs/plugins/passkeys/classes/CustomExceptions.java +12 -0
- package/android/src/main/java/io/capawesome/capacitorjs/plugins/passkeys/classes/options/CreatePasskeyOptions.java +38 -0
- package/android/src/main/java/io/capawesome/capacitorjs/plugins/passkeys/classes/options/GetPasskeyOptions.java +33 -0
- package/android/src/main/java/io/capawesome/capacitorjs/plugins/passkeys/classes/results/CreatePasskeyResult.java +22 -0
- package/android/src/main/java/io/capawesome/capacitorjs/plugins/passkeys/classes/results/GetPasskeyResult.java +22 -0
- package/android/src/main/java/io/capawesome/capacitorjs/plugins/passkeys/classes/results/IsAvailableResult.java +22 -0
- package/android/src/main/java/io/capawesome/capacitorjs/plugins/passkeys/interfaces/Callback.java +5 -0
- package/android/src/main/java/io/capawesome/capacitorjs/plugins/passkeys/interfaces/NonEmptyResultCallback.java +7 -0
- package/android/src/main/java/io/capawesome/capacitorjs/plugins/passkeys/interfaces/Result.java +7 -0
- package/android/src/main/res/.gitkeep +0 -0
- package/dist/docs.json +1091 -0
- package/dist/esm/definitions.d.ts +567 -0
- package/dist/esm/definitions.js +47 -0
- package/dist/esm/definitions.js.map +1 -0
- package/dist/esm/index.d.ts +4 -0
- package/dist/esm/index.js +7 -0
- package/dist/esm/index.js.map +1 -0
- package/dist/esm/web.d.ts +18 -0
- package/dist/esm/web.js +184 -0
- package/dist/esm/web.js.map +1 -0
- package/dist/plugin.cjs.js +244 -0
- package/dist/plugin.cjs.js.map +1 -0
- package/dist/plugin.js +247 -0
- package/dist/plugin.js.map +1 -0
- package/ios/Plugin/Classes/Options/CreatePasskeyOptions.swift +81 -0
- package/ios/Plugin/Classes/Options/GetPasskeyOptions.swift +54 -0
- package/ios/Plugin/Classes/Results/CreatePasskeyResult.swift +28 -0
- package/ios/Plugin/Classes/Results/GetPasskeyResult.swift +34 -0
- package/ios/Plugin/Classes/Results/IsAvailableResult.swift +16 -0
- package/ios/Plugin/Enums/CustomError.swift +65 -0
- package/ios/Plugin/Info.plist +24 -0
- package/ios/Plugin/Passkeys.swift +118 -0
- package/ios/Plugin/PasskeysHelper.swift +20 -0
- package/ios/Plugin/PasskeysPlugin.swift +86 -0
- package/ios/Plugin/Protocols/Result.swift +5 -0
- package/package.json +91 -0
|
@@ -0,0 +1,567 @@
|
|
|
1
|
+
export interface PasskeysPlugin {
|
|
2
|
+
/**
|
|
3
|
+
* Create (register) a new passkey.
|
|
4
|
+
*
|
|
5
|
+
* The options mirror the WebAuthn `PublicKeyCredentialCreationOptions` JSON
|
|
6
|
+
* serialization so that the values provided by any WebAuthn server library
|
|
7
|
+
* can be passed through unchanged.
|
|
8
|
+
*
|
|
9
|
+
* @since 0.1.0
|
|
10
|
+
*/
|
|
11
|
+
createPasskey(options: CreatePasskeyOptions): Promise<CreatePasskeyResult>;
|
|
12
|
+
/**
|
|
13
|
+
* Get (authenticate with) an existing passkey.
|
|
14
|
+
*
|
|
15
|
+
* The options mirror the WebAuthn `PublicKeyCredentialRequestOptions` JSON
|
|
16
|
+
* serialization so that the values provided by any WebAuthn server library
|
|
17
|
+
* can be passed through unchanged.
|
|
18
|
+
*
|
|
19
|
+
* @since 0.1.0
|
|
20
|
+
*/
|
|
21
|
+
getPasskey(options: GetPasskeyOptions): Promise<GetPasskeyResult>;
|
|
22
|
+
/**
|
|
23
|
+
* Check if passkeys are available on this device.
|
|
24
|
+
*
|
|
25
|
+
* On **Android**, this returns `true` if the device runs Android 9 (API level 28) or higher.
|
|
26
|
+
* On **iOS**, this always returns `true`.
|
|
27
|
+
* On **Web**, this returns `true` if the browser supports WebAuthn and
|
|
28
|
+
* a user-verifying platform authenticator is available.
|
|
29
|
+
*
|
|
30
|
+
* @since 0.1.0
|
|
31
|
+
*/
|
|
32
|
+
isAvailable(): Promise<IsAvailableResult>;
|
|
33
|
+
}
|
|
34
|
+
/**
|
|
35
|
+
* @since 0.1.0
|
|
36
|
+
*/
|
|
37
|
+
export interface CreatePasskeyOptions {
|
|
38
|
+
/**
|
|
39
|
+
* The attestation conveyance preference.
|
|
40
|
+
*
|
|
41
|
+
* @since 0.1.0
|
|
42
|
+
* @default 'none'
|
|
43
|
+
* @example 'none'
|
|
44
|
+
*/
|
|
45
|
+
attestation?: PasskeyAttestation;
|
|
46
|
+
/**
|
|
47
|
+
* Criteria that the authenticator must meet.
|
|
48
|
+
*
|
|
49
|
+
* @since 0.1.0
|
|
50
|
+
*/
|
|
51
|
+
authenticatorSelection?: PasskeyAuthenticatorSelection;
|
|
52
|
+
/**
|
|
53
|
+
* The challenge provided by the relying party server as a
|
|
54
|
+
* base64url-encoded string.
|
|
55
|
+
*
|
|
56
|
+
* @since 0.1.0
|
|
57
|
+
* @example 'dGhpc2lzYWNoYWxsZW5nZQ'
|
|
58
|
+
*/
|
|
59
|
+
challenge: string;
|
|
60
|
+
/**
|
|
61
|
+
* Credentials that already exist for the user, so that the authenticator
|
|
62
|
+
* does not create a second passkey for the same account.
|
|
63
|
+
*
|
|
64
|
+
* On **iOS**, this option is only applied on iOS 17.4 and later.
|
|
65
|
+
*
|
|
66
|
+
* @since 0.1.0
|
|
67
|
+
*/
|
|
68
|
+
excludeCredentials?: PasskeyCredentialDescriptor[];
|
|
69
|
+
/**
|
|
70
|
+
* The public key credential types and algorithms that the relying
|
|
71
|
+
* party server supports, ordered from most to least preferred.
|
|
72
|
+
*
|
|
73
|
+
* Only available on Android and Web.
|
|
74
|
+
*
|
|
75
|
+
* @since 0.1.0
|
|
76
|
+
* @example [{ alg: -7, type: 'public-key' }, { alg: -257, type: 'public-key' }]
|
|
77
|
+
*/
|
|
78
|
+
pubKeyCredParams: PasskeyCredentialParameter[];
|
|
79
|
+
/**
|
|
80
|
+
* The relying party for which the passkey is created.
|
|
81
|
+
*
|
|
82
|
+
* @since 0.1.0
|
|
83
|
+
*/
|
|
84
|
+
rp: PasskeyRelyingParty;
|
|
85
|
+
/**
|
|
86
|
+
* The time in milliseconds that the caller is willing to wait for the
|
|
87
|
+
* operation to complete.
|
|
88
|
+
*
|
|
89
|
+
* Only available on Android and Web.
|
|
90
|
+
*
|
|
91
|
+
* @since 0.1.0
|
|
92
|
+
* @example 60000
|
|
93
|
+
*/
|
|
94
|
+
timeout?: number;
|
|
95
|
+
/**
|
|
96
|
+
* The user account for which the passkey is created.
|
|
97
|
+
*
|
|
98
|
+
* @since 0.1.0
|
|
99
|
+
*/
|
|
100
|
+
user: PasskeyUser;
|
|
101
|
+
}
|
|
102
|
+
/**
|
|
103
|
+
* The response of the authenticator for the registration of a new passkey.
|
|
104
|
+
*
|
|
105
|
+
* This mirrors the WebAuthn `AuthenticatorAttestationResponse` JSON
|
|
106
|
+
* serialization.
|
|
107
|
+
*
|
|
108
|
+
* @since 0.1.0
|
|
109
|
+
*/
|
|
110
|
+
export interface CreatePasskeyResponse {
|
|
111
|
+
/**
|
|
112
|
+
* The attestation object as a base64url-encoded string.
|
|
113
|
+
*
|
|
114
|
+
* @since 0.1.0
|
|
115
|
+
*/
|
|
116
|
+
attestationObject: string;
|
|
117
|
+
/**
|
|
118
|
+
* The authenticator data as a base64url-encoded string.
|
|
119
|
+
*
|
|
120
|
+
* Only available on Android and Web.
|
|
121
|
+
*
|
|
122
|
+
* @since 0.1.0
|
|
123
|
+
*/
|
|
124
|
+
authenticatorData?: string;
|
|
125
|
+
/**
|
|
126
|
+
* The client data as a base64url-encoded string.
|
|
127
|
+
*
|
|
128
|
+
* @since 0.1.0
|
|
129
|
+
*/
|
|
130
|
+
clientDataJSON: string;
|
|
131
|
+
/**
|
|
132
|
+
* The DER-encoded public key as a base64url-encoded string.
|
|
133
|
+
*
|
|
134
|
+
* Only available on Android and Web.
|
|
135
|
+
*
|
|
136
|
+
* @since 0.1.0
|
|
137
|
+
*/
|
|
138
|
+
publicKey?: string;
|
|
139
|
+
/**
|
|
140
|
+
* The COSE algorithm identifier of the public key.
|
|
141
|
+
*
|
|
142
|
+
* Only available on Android and Web.
|
|
143
|
+
*
|
|
144
|
+
* @since 0.1.0
|
|
145
|
+
* @example -7
|
|
146
|
+
*/
|
|
147
|
+
publicKeyAlgorithm?: number;
|
|
148
|
+
/**
|
|
149
|
+
* The transports that the authenticator supports.
|
|
150
|
+
*
|
|
151
|
+
* Only available on Android and Web.
|
|
152
|
+
*
|
|
153
|
+
* @since 0.1.0
|
|
154
|
+
* @example ['internal', 'hybrid']
|
|
155
|
+
*/
|
|
156
|
+
transports?: PasskeyTransport[];
|
|
157
|
+
}
|
|
158
|
+
/**
|
|
159
|
+
* The result of the passkey creation.
|
|
160
|
+
*
|
|
161
|
+
* This mirrors the WebAuthn `RegistrationResponseJSON` so it can be
|
|
162
|
+
* passed to any WebAuthn server library for verification.
|
|
163
|
+
*
|
|
164
|
+
* @since 0.1.0
|
|
165
|
+
*/
|
|
166
|
+
export interface CreatePasskeyResult {
|
|
167
|
+
/**
|
|
168
|
+
* The attachment of the authenticator that created the passkey.
|
|
169
|
+
*
|
|
170
|
+
* @since 0.1.0
|
|
171
|
+
* @example 'platform'
|
|
172
|
+
*/
|
|
173
|
+
authenticatorAttachment?: PasskeyAuthenticatorAttachment;
|
|
174
|
+
/**
|
|
175
|
+
* The credential identifier as a base64url-encoded string.
|
|
176
|
+
*
|
|
177
|
+
* @since 0.1.0
|
|
178
|
+
*/
|
|
179
|
+
id: string;
|
|
180
|
+
/**
|
|
181
|
+
* The raw credential identifier as a base64url-encoded string.
|
|
182
|
+
*
|
|
183
|
+
* @since 0.1.0
|
|
184
|
+
*/
|
|
185
|
+
rawId: string;
|
|
186
|
+
/**
|
|
187
|
+
* The response of the authenticator.
|
|
188
|
+
*
|
|
189
|
+
* @since 0.1.0
|
|
190
|
+
*/
|
|
191
|
+
response: CreatePasskeyResponse;
|
|
192
|
+
/**
|
|
193
|
+
* The credential type.
|
|
194
|
+
*
|
|
195
|
+
* @since 0.1.0
|
|
196
|
+
* @example 'public-key'
|
|
197
|
+
*/
|
|
198
|
+
type: 'public-key';
|
|
199
|
+
}
|
|
200
|
+
/**
|
|
201
|
+
* @since 0.1.0
|
|
202
|
+
*/
|
|
203
|
+
export interface GetPasskeyOptions {
|
|
204
|
+
/**
|
|
205
|
+
* The credentials that are acceptable to the relying party server.
|
|
206
|
+
*
|
|
207
|
+
* If not provided, the user can select from any discoverable
|
|
208
|
+
* credential (passkey) of the relying party.
|
|
209
|
+
*
|
|
210
|
+
* @since 0.1.0
|
|
211
|
+
*/
|
|
212
|
+
allowCredentials?: PasskeyCredentialDescriptor[];
|
|
213
|
+
/**
|
|
214
|
+
* The challenge provided by the relying party server as a
|
|
215
|
+
* base64url-encoded string.
|
|
216
|
+
*
|
|
217
|
+
* @since 0.1.0
|
|
218
|
+
* @example 'dGhpc2lzYWNoYWxsZW5nZQ'
|
|
219
|
+
*/
|
|
220
|
+
challenge: string;
|
|
221
|
+
/**
|
|
222
|
+
* The identifier of the relying party.
|
|
223
|
+
*
|
|
224
|
+
* @since 0.1.0
|
|
225
|
+
* @example 'example.com'
|
|
226
|
+
*/
|
|
227
|
+
rpId: string;
|
|
228
|
+
/**
|
|
229
|
+
* The time in milliseconds that the caller is willing to wait for the
|
|
230
|
+
* operation to complete.
|
|
231
|
+
*
|
|
232
|
+
* Only available on Android and Web.
|
|
233
|
+
*
|
|
234
|
+
* @since 0.1.0
|
|
235
|
+
* @example 60000
|
|
236
|
+
*/
|
|
237
|
+
timeout?: number;
|
|
238
|
+
/**
|
|
239
|
+
* The user verification requirement.
|
|
240
|
+
*
|
|
241
|
+
* @since 0.1.0
|
|
242
|
+
* @default 'preferred'
|
|
243
|
+
* @example 'required'
|
|
244
|
+
*/
|
|
245
|
+
userVerification?: PasskeyUserVerification;
|
|
246
|
+
}
|
|
247
|
+
/**
|
|
248
|
+
* The response of the authenticator for the authentication with an
|
|
249
|
+
* existing passkey.
|
|
250
|
+
*
|
|
251
|
+
* This mirrors the WebAuthn `AuthenticatorAssertionResponse` JSON
|
|
252
|
+
* serialization.
|
|
253
|
+
*
|
|
254
|
+
* @since 0.1.0
|
|
255
|
+
*/
|
|
256
|
+
export interface GetPasskeyResponse {
|
|
257
|
+
/**
|
|
258
|
+
* The authenticator data as a base64url-encoded string.
|
|
259
|
+
*
|
|
260
|
+
* @since 0.1.0
|
|
261
|
+
*/
|
|
262
|
+
authenticatorData: string;
|
|
263
|
+
/**
|
|
264
|
+
* The client data as a base64url-encoded string.
|
|
265
|
+
*
|
|
266
|
+
* @since 0.1.0
|
|
267
|
+
*/
|
|
268
|
+
clientDataJSON: string;
|
|
269
|
+
/**
|
|
270
|
+
* The signature as a base64url-encoded string.
|
|
271
|
+
*
|
|
272
|
+
* @since 0.1.0
|
|
273
|
+
*/
|
|
274
|
+
signature: string;
|
|
275
|
+
/**
|
|
276
|
+
* The user handle (the `user.id` provided during creation) as a
|
|
277
|
+
* base64url-encoded string.
|
|
278
|
+
*
|
|
279
|
+
* @since 0.1.0
|
|
280
|
+
*/
|
|
281
|
+
userHandle?: string;
|
|
282
|
+
}
|
|
283
|
+
/**
|
|
284
|
+
* The result of the passkey authentication.
|
|
285
|
+
*
|
|
286
|
+
* This mirrors the WebAuthn `AuthenticationResponseJSON` so it can be
|
|
287
|
+
* passed to any WebAuthn server library for verification.
|
|
288
|
+
*
|
|
289
|
+
* @since 0.1.0
|
|
290
|
+
*/
|
|
291
|
+
export interface GetPasskeyResult {
|
|
292
|
+
/**
|
|
293
|
+
* The attachment of the authenticator that provided the passkey.
|
|
294
|
+
*
|
|
295
|
+
* @since 0.1.0
|
|
296
|
+
* @example 'platform'
|
|
297
|
+
*/
|
|
298
|
+
authenticatorAttachment?: PasskeyAuthenticatorAttachment;
|
|
299
|
+
/**
|
|
300
|
+
* The credential identifier as a base64url-encoded string.
|
|
301
|
+
*
|
|
302
|
+
* @since 0.1.0
|
|
303
|
+
*/
|
|
304
|
+
id: string;
|
|
305
|
+
/**
|
|
306
|
+
* The raw credential identifier as a base64url-encoded string.
|
|
307
|
+
*
|
|
308
|
+
* @since 0.1.0
|
|
309
|
+
*/
|
|
310
|
+
rawId: string;
|
|
311
|
+
/**
|
|
312
|
+
* The response of the authenticator.
|
|
313
|
+
*
|
|
314
|
+
* @since 0.1.0
|
|
315
|
+
*/
|
|
316
|
+
response: GetPasskeyResponse;
|
|
317
|
+
/**
|
|
318
|
+
* The credential type.
|
|
319
|
+
*
|
|
320
|
+
* @since 0.1.0
|
|
321
|
+
* @example 'public-key'
|
|
322
|
+
*/
|
|
323
|
+
type: 'public-key';
|
|
324
|
+
}
|
|
325
|
+
/**
|
|
326
|
+
* @since 0.1.0
|
|
327
|
+
*/
|
|
328
|
+
export interface IsAvailableResult {
|
|
329
|
+
/**
|
|
330
|
+
* Whether or not passkeys are available on this device.
|
|
331
|
+
*
|
|
332
|
+
* @since 0.1.0
|
|
333
|
+
* @example true
|
|
334
|
+
*/
|
|
335
|
+
available: boolean;
|
|
336
|
+
}
|
|
337
|
+
/**
|
|
338
|
+
* Criteria that the authenticator must meet to create a passkey.
|
|
339
|
+
*
|
|
340
|
+
* @since 0.1.0
|
|
341
|
+
*/
|
|
342
|
+
export interface PasskeyAuthenticatorSelection {
|
|
343
|
+
/**
|
|
344
|
+
* The authenticator attachment modality.
|
|
345
|
+
*
|
|
346
|
+
* Only available on Android and Web.
|
|
347
|
+
*
|
|
348
|
+
* @since 0.1.0
|
|
349
|
+
* @example 'platform'
|
|
350
|
+
*/
|
|
351
|
+
authenticatorAttachment?: PasskeyAuthenticatorAttachment;
|
|
352
|
+
/**
|
|
353
|
+
* Whether or not a discoverable credential (passkey) is required.
|
|
354
|
+
*
|
|
355
|
+
* This property is retained for backwards compatibility with
|
|
356
|
+
* WebAuthn Level 1. Prefer `residentKey`.
|
|
357
|
+
*
|
|
358
|
+
* Only available on Android and Web.
|
|
359
|
+
*
|
|
360
|
+
* @since 0.1.0
|
|
361
|
+
* @example true
|
|
362
|
+
*/
|
|
363
|
+
requireResidentKey?: boolean;
|
|
364
|
+
/**
|
|
365
|
+
* The extent to which the relying party desires to create a
|
|
366
|
+
* discoverable credential (passkey).
|
|
367
|
+
*
|
|
368
|
+
* Only available on Android and Web.
|
|
369
|
+
*
|
|
370
|
+
* @since 0.1.0
|
|
371
|
+
* @example 'required'
|
|
372
|
+
*/
|
|
373
|
+
residentKey?: PasskeyResidentKey;
|
|
374
|
+
/**
|
|
375
|
+
* The user verification requirement.
|
|
376
|
+
*
|
|
377
|
+
* @since 0.1.0
|
|
378
|
+
* @default 'preferred'
|
|
379
|
+
* @example 'required'
|
|
380
|
+
*/
|
|
381
|
+
userVerification?: PasskeyUserVerification;
|
|
382
|
+
}
|
|
383
|
+
/**
|
|
384
|
+
* A descriptor that identifies a specific credential.
|
|
385
|
+
*
|
|
386
|
+
* @since 0.1.0
|
|
387
|
+
*/
|
|
388
|
+
export interface PasskeyCredentialDescriptor {
|
|
389
|
+
/**
|
|
390
|
+
* The credential identifier as a base64url-encoded string.
|
|
391
|
+
*
|
|
392
|
+
* @since 0.1.0
|
|
393
|
+
*/
|
|
394
|
+
id: string;
|
|
395
|
+
/**
|
|
396
|
+
* The transports that the authenticator of the credential supports.
|
|
397
|
+
*
|
|
398
|
+
* Only available on Android and Web.
|
|
399
|
+
*
|
|
400
|
+
* @since 0.1.0
|
|
401
|
+
* @example ['internal', 'hybrid']
|
|
402
|
+
*/
|
|
403
|
+
transports?: PasskeyTransport[];
|
|
404
|
+
/**
|
|
405
|
+
* The credential type.
|
|
406
|
+
*
|
|
407
|
+
* @since 0.1.0
|
|
408
|
+
* @example 'public-key'
|
|
409
|
+
*/
|
|
410
|
+
type: 'public-key';
|
|
411
|
+
}
|
|
412
|
+
/**
|
|
413
|
+
* A public key credential type and algorithm that the relying party
|
|
414
|
+
* server supports.
|
|
415
|
+
*
|
|
416
|
+
* @since 0.1.0
|
|
417
|
+
*/
|
|
418
|
+
export interface PasskeyCredentialParameter {
|
|
419
|
+
/**
|
|
420
|
+
* The COSE algorithm identifier, e.g. `-7` for ES256 or `-257` for RS256.
|
|
421
|
+
*
|
|
422
|
+
* @since 0.1.0
|
|
423
|
+
* @example -7
|
|
424
|
+
*/
|
|
425
|
+
alg: number;
|
|
426
|
+
/**
|
|
427
|
+
* The credential type.
|
|
428
|
+
*
|
|
429
|
+
* @since 0.1.0
|
|
430
|
+
* @example 'public-key'
|
|
431
|
+
*/
|
|
432
|
+
type: 'public-key';
|
|
433
|
+
}
|
|
434
|
+
/**
|
|
435
|
+
* The relying party for which a passkey is created.
|
|
436
|
+
*
|
|
437
|
+
* @since 0.1.0
|
|
438
|
+
*/
|
|
439
|
+
export interface PasskeyRelyingParty {
|
|
440
|
+
/**
|
|
441
|
+
* The identifier of the relying party.
|
|
442
|
+
*
|
|
443
|
+
* This must be a registrable domain suffix of (or equal to) the
|
|
444
|
+
* domain that the app is associated with.
|
|
445
|
+
*
|
|
446
|
+
* @since 0.1.0
|
|
447
|
+
* @example 'example.com'
|
|
448
|
+
*/
|
|
449
|
+
id: string;
|
|
450
|
+
/**
|
|
451
|
+
* The human-readable name of the relying party.
|
|
452
|
+
*
|
|
453
|
+
* @since 0.1.0
|
|
454
|
+
* @example 'Example Inc.'
|
|
455
|
+
*/
|
|
456
|
+
name: string;
|
|
457
|
+
}
|
|
458
|
+
/**
|
|
459
|
+
* The user account for which a passkey is created.
|
|
460
|
+
*
|
|
461
|
+
* @since 0.1.0
|
|
462
|
+
*/
|
|
463
|
+
export interface PasskeyUser {
|
|
464
|
+
/**
|
|
465
|
+
* The human-readable display name of the user account.
|
|
466
|
+
*
|
|
467
|
+
* @since 0.1.0
|
|
468
|
+
* @example 'Jane Doe'
|
|
469
|
+
*/
|
|
470
|
+
displayName: string;
|
|
471
|
+
/**
|
|
472
|
+
* The user handle of the user account as a base64url-encoded string.
|
|
473
|
+
*
|
|
474
|
+
* @since 0.1.0
|
|
475
|
+
* @example 'anVzdGFyYW5kb21pZA'
|
|
476
|
+
*/
|
|
477
|
+
id: string;
|
|
478
|
+
/**
|
|
479
|
+
* The human-readable name of the user account, e.g. a username
|
|
480
|
+
* or email address.
|
|
481
|
+
*
|
|
482
|
+
* @since 0.1.0
|
|
483
|
+
* @example 'jane.doe@example.com'
|
|
484
|
+
*/
|
|
485
|
+
name: string;
|
|
486
|
+
}
|
|
487
|
+
/**
|
|
488
|
+
* The attestation conveyance preference.
|
|
489
|
+
*
|
|
490
|
+
* @since 0.1.0
|
|
491
|
+
*/
|
|
492
|
+
export type PasskeyAttestation = 'direct' | 'enterprise' | 'indirect' | 'none';
|
|
493
|
+
/**
|
|
494
|
+
* The authenticator attachment modality.
|
|
495
|
+
*
|
|
496
|
+
* @since 0.1.0
|
|
497
|
+
*/
|
|
498
|
+
export type PasskeyAuthenticatorAttachment = 'cross-platform' | 'platform';
|
|
499
|
+
/**
|
|
500
|
+
* The extent to which the relying party desires to create a
|
|
501
|
+
* discoverable credential (passkey).
|
|
502
|
+
*
|
|
503
|
+
* @since 0.1.0
|
|
504
|
+
*/
|
|
505
|
+
export type PasskeyResidentKey = 'discouraged' | 'preferred' | 'required';
|
|
506
|
+
/**
|
|
507
|
+
* A transport that an authenticator supports.
|
|
508
|
+
*
|
|
509
|
+
* @since 0.1.0
|
|
510
|
+
*/
|
|
511
|
+
export type PasskeyTransport = 'ble' | 'hybrid' | 'internal' | 'nfc' | 'smart-card' | 'usb';
|
|
512
|
+
/**
|
|
513
|
+
* The user verification requirement.
|
|
514
|
+
*
|
|
515
|
+
* - `discouraged`: The relying party prefers no user verification.
|
|
516
|
+
* - `preferred`: The relying party prefers user verification but will
|
|
517
|
+
* not fail the operation without it.
|
|
518
|
+
* - `required`: The relying party requires user verification.
|
|
519
|
+
*
|
|
520
|
+
* @since 0.1.0
|
|
521
|
+
*/
|
|
522
|
+
export type PasskeyUserVerification = 'discouraged' | 'preferred' | 'required';
|
|
523
|
+
/**
|
|
524
|
+
* @since 0.1.0
|
|
525
|
+
*/
|
|
526
|
+
export declare enum ErrorCode {
|
|
527
|
+
/**
|
|
528
|
+
* The operation was canceled by the user.
|
|
529
|
+
*
|
|
530
|
+
* @since 0.1.0
|
|
531
|
+
*/
|
|
532
|
+
Canceled = "CANCELED",
|
|
533
|
+
/**
|
|
534
|
+
* The passkey could not be created.
|
|
535
|
+
*
|
|
536
|
+
* @since 0.1.0
|
|
537
|
+
*/
|
|
538
|
+
CreateFailed = "CREATE_FAILED",
|
|
539
|
+
/**
|
|
540
|
+
* The app is not associated with the relying party domain.
|
|
541
|
+
*
|
|
542
|
+
* On **Android**, make sure that the Digital Asset Links file is set up
|
|
543
|
+
* correctly. On **iOS**, make sure that the Associated Domains
|
|
544
|
+
* entitlement is set up correctly.
|
|
545
|
+
*
|
|
546
|
+
* @since 0.1.0
|
|
547
|
+
*/
|
|
548
|
+
DomainNotAssociated = "DOMAIN_NOT_ASSOCIATED",
|
|
549
|
+
/**
|
|
550
|
+
* The passkey could not be retrieved.
|
|
551
|
+
*
|
|
552
|
+
* @since 0.1.0
|
|
553
|
+
*/
|
|
554
|
+
GetFailed = "GET_FAILED",
|
|
555
|
+
/**
|
|
556
|
+
* No matching passkey was found.
|
|
557
|
+
*
|
|
558
|
+
* @since 0.1.0
|
|
559
|
+
*/
|
|
560
|
+
NoCredential = "NO_CREDENTIAL",
|
|
561
|
+
/**
|
|
562
|
+
* Passkeys are not supported on this device.
|
|
563
|
+
*
|
|
564
|
+
* @since 0.1.0
|
|
565
|
+
*/
|
|
566
|
+
NotSupported = "NOT_SUPPORTED"
|
|
567
|
+
}
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @since 0.1.0
|
|
3
|
+
*/
|
|
4
|
+
export var ErrorCode;
|
|
5
|
+
(function (ErrorCode) {
|
|
6
|
+
/**
|
|
7
|
+
* The operation was canceled by the user.
|
|
8
|
+
*
|
|
9
|
+
* @since 0.1.0
|
|
10
|
+
*/
|
|
11
|
+
ErrorCode["Canceled"] = "CANCELED";
|
|
12
|
+
/**
|
|
13
|
+
* The passkey could not be created.
|
|
14
|
+
*
|
|
15
|
+
* @since 0.1.0
|
|
16
|
+
*/
|
|
17
|
+
ErrorCode["CreateFailed"] = "CREATE_FAILED";
|
|
18
|
+
/**
|
|
19
|
+
* The app is not associated with the relying party domain.
|
|
20
|
+
*
|
|
21
|
+
* On **Android**, make sure that the Digital Asset Links file is set up
|
|
22
|
+
* correctly. On **iOS**, make sure that the Associated Domains
|
|
23
|
+
* entitlement is set up correctly.
|
|
24
|
+
*
|
|
25
|
+
* @since 0.1.0
|
|
26
|
+
*/
|
|
27
|
+
ErrorCode["DomainNotAssociated"] = "DOMAIN_NOT_ASSOCIATED";
|
|
28
|
+
/**
|
|
29
|
+
* The passkey could not be retrieved.
|
|
30
|
+
*
|
|
31
|
+
* @since 0.1.0
|
|
32
|
+
*/
|
|
33
|
+
ErrorCode["GetFailed"] = "GET_FAILED";
|
|
34
|
+
/**
|
|
35
|
+
* No matching passkey was found.
|
|
36
|
+
*
|
|
37
|
+
* @since 0.1.0
|
|
38
|
+
*/
|
|
39
|
+
ErrorCode["NoCredential"] = "NO_CREDENTIAL";
|
|
40
|
+
/**
|
|
41
|
+
* Passkeys are not supported on this device.
|
|
42
|
+
*
|
|
43
|
+
* @since 0.1.0
|
|
44
|
+
*/
|
|
45
|
+
ErrorCode["NotSupported"] = "NOT_SUPPORTED";
|
|
46
|
+
})(ErrorCode || (ErrorCode = {}));
|
|
47
|
+
//# sourceMappingURL=definitions.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"definitions.js","sourceRoot":"","sources":["../../src/definitions.ts"],"names":[],"mappings":"AAkiBA;;GAEG;AACH,MAAM,CAAN,IAAY,SAyCX;AAzCD,WAAY,SAAS;IACnB;;;;OAIG;IACH,kCAAqB,CAAA;IACrB;;;;OAIG;IACH,2CAA8B,CAAA;IAC9B;;;;;;;;OAQG;IACH,0DAA6C,CAAA;IAC7C;;;;OAIG;IACH,qCAAwB,CAAA;IACxB;;;;OAIG;IACH,2CAA8B,CAAA;IAC9B;;;;OAIG;IACH,2CAA8B,CAAA;AAChC,CAAC,EAzCW,SAAS,KAAT,SAAS,QAyCpB","sourcesContent":["export interface PasskeysPlugin {\n /**\n * Create (register) a new passkey.\n *\n * The options mirror the WebAuthn `PublicKeyCredentialCreationOptions` JSON\n * serialization so that the values provided by any WebAuthn server library\n * can be passed through unchanged.\n *\n * @since 0.1.0\n */\n createPasskey(options: CreatePasskeyOptions): Promise<CreatePasskeyResult>;\n /**\n * Get (authenticate with) an existing passkey.\n *\n * The options mirror the WebAuthn `PublicKeyCredentialRequestOptions` JSON\n * serialization so that the values provided by any WebAuthn server library\n * can be passed through unchanged.\n *\n * @since 0.1.0\n */\n getPasskey(options: GetPasskeyOptions): Promise<GetPasskeyResult>;\n /**\n * Check if passkeys are available on this device.\n *\n * On **Android**, this returns `true` if the device runs Android 9 (API level 28) or higher.\n * On **iOS**, this always returns `true`.\n * On **Web**, this returns `true` if the browser supports WebAuthn and\n * a user-verifying platform authenticator is available.\n *\n * @since 0.1.0\n */\n isAvailable(): Promise<IsAvailableResult>;\n}\n\n/**\n * @since 0.1.0\n */\nexport interface CreatePasskeyOptions {\n /**\n * The attestation conveyance preference.\n *\n * @since 0.1.0\n * @default 'none'\n * @example 'none'\n */\n attestation?: PasskeyAttestation;\n /**\n * Criteria that the authenticator must meet.\n *\n * @since 0.1.0\n */\n authenticatorSelection?: PasskeyAuthenticatorSelection;\n /**\n * The challenge provided by the relying party server as a\n * base64url-encoded string.\n *\n * @since 0.1.0\n * @example 'dGhpc2lzYWNoYWxsZW5nZQ'\n */\n challenge: string;\n /**\n * Credentials that already exist for the user, so that the authenticator\n * does not create a second passkey for the same account.\n *\n * On **iOS**, this option is only applied on iOS 17.4 and later.\n *\n * @since 0.1.0\n */\n excludeCredentials?: PasskeyCredentialDescriptor[];\n /**\n * The public key credential types and algorithms that the relying\n * party server supports, ordered from most to least preferred.\n *\n * Only available on Android and Web.\n *\n * @since 0.1.0\n * @example [{ alg: -7, type: 'public-key' }, { alg: -257, type: 'public-key' }]\n */\n pubKeyCredParams: PasskeyCredentialParameter[];\n /**\n * The relying party for which the passkey is created.\n *\n * @since 0.1.0\n */\n rp: PasskeyRelyingParty;\n /**\n * The time in milliseconds that the caller is willing to wait for the\n * operation to complete.\n *\n * Only available on Android and Web.\n *\n * @since 0.1.0\n * @example 60000\n */\n timeout?: number;\n /**\n * The user account for which the passkey is created.\n *\n * @since 0.1.0\n */\n user: PasskeyUser;\n}\n\n/**\n * The response of the authenticator for the registration of a new passkey.\n *\n * This mirrors the WebAuthn `AuthenticatorAttestationResponse` JSON\n * serialization.\n *\n * @since 0.1.0\n */\nexport interface CreatePasskeyResponse {\n /**\n * The attestation object as a base64url-encoded string.\n *\n * @since 0.1.0\n */\n attestationObject: string;\n /**\n * The authenticator data as a base64url-encoded string.\n *\n * Only available on Android and Web.\n *\n * @since 0.1.0\n */\n authenticatorData?: string;\n /**\n * The client data as a base64url-encoded string.\n *\n * @since 0.1.0\n */\n clientDataJSON: string;\n /**\n * The DER-encoded public key as a base64url-encoded string.\n *\n * Only available on Android and Web.\n *\n * @since 0.1.0\n */\n publicKey?: string;\n /**\n * The COSE algorithm identifier of the public key.\n *\n * Only available on Android and Web.\n *\n * @since 0.1.0\n * @example -7\n */\n publicKeyAlgorithm?: number;\n /**\n * The transports that the authenticator supports.\n *\n * Only available on Android and Web.\n *\n * @since 0.1.0\n * @example ['internal', 'hybrid']\n */\n transports?: PasskeyTransport[];\n}\n\n/**\n * The result of the passkey creation.\n *\n * This mirrors the WebAuthn `RegistrationResponseJSON` so it can be\n * passed to any WebAuthn server library for verification.\n *\n * @since 0.1.0\n */\nexport interface CreatePasskeyResult {\n /**\n * The attachment of the authenticator that created the passkey.\n *\n * @since 0.1.0\n * @example 'platform'\n */\n authenticatorAttachment?: PasskeyAuthenticatorAttachment;\n /**\n * The credential identifier as a base64url-encoded string.\n *\n * @since 0.1.0\n */\n id: string;\n /**\n * The raw credential identifier as a base64url-encoded string.\n *\n * @since 0.1.0\n */\n rawId: string;\n /**\n * The response of the authenticator.\n *\n * @since 0.1.0\n */\n response: CreatePasskeyResponse;\n /**\n * The credential type.\n *\n * @since 0.1.0\n * @example 'public-key'\n */\n type: 'public-key';\n}\n\n/**\n * @since 0.1.0\n */\nexport interface GetPasskeyOptions {\n /**\n * The credentials that are acceptable to the relying party server.\n *\n * If not provided, the user can select from any discoverable\n * credential (passkey) of the relying party.\n *\n * @since 0.1.0\n */\n allowCredentials?: PasskeyCredentialDescriptor[];\n /**\n * The challenge provided by the relying party server as a\n * base64url-encoded string.\n *\n * @since 0.1.0\n * @example 'dGhpc2lzYWNoYWxsZW5nZQ'\n */\n challenge: string;\n /**\n * The identifier of the relying party.\n *\n * @since 0.1.0\n * @example 'example.com'\n */\n rpId: string;\n /**\n * The time in milliseconds that the caller is willing to wait for the\n * operation to complete.\n *\n * Only available on Android and Web.\n *\n * @since 0.1.0\n * @example 60000\n */\n timeout?: number;\n /**\n * The user verification requirement.\n *\n * @since 0.1.0\n * @default 'preferred'\n * @example 'required'\n */\n userVerification?: PasskeyUserVerification;\n}\n\n/**\n * The response of the authenticator for the authentication with an\n * existing passkey.\n *\n * This mirrors the WebAuthn `AuthenticatorAssertionResponse` JSON\n * serialization.\n *\n * @since 0.1.0\n */\nexport interface GetPasskeyResponse {\n /**\n * The authenticator data as a base64url-encoded string.\n *\n * @since 0.1.0\n */\n authenticatorData: string;\n /**\n * The client data as a base64url-encoded string.\n *\n * @since 0.1.0\n */\n clientDataJSON: string;\n /**\n * The signature as a base64url-encoded string.\n *\n * @since 0.1.0\n */\n signature: string;\n /**\n * The user handle (the `user.id` provided during creation) as a\n * base64url-encoded string.\n *\n * @since 0.1.0\n */\n userHandle?: string;\n}\n\n/**\n * The result of the passkey authentication.\n *\n * This mirrors the WebAuthn `AuthenticationResponseJSON` so it can be\n * passed to any WebAuthn server library for verification.\n *\n * @since 0.1.0\n */\nexport interface GetPasskeyResult {\n /**\n * The attachment of the authenticator that provided the passkey.\n *\n * @since 0.1.0\n * @example 'platform'\n */\n authenticatorAttachment?: PasskeyAuthenticatorAttachment;\n /**\n * The credential identifier as a base64url-encoded string.\n *\n * @since 0.1.0\n */\n id: string;\n /**\n * The raw credential identifier as a base64url-encoded string.\n *\n * @since 0.1.0\n */\n rawId: string;\n /**\n * The response of the authenticator.\n *\n * @since 0.1.0\n */\n response: GetPasskeyResponse;\n /**\n * The credential type.\n *\n * @since 0.1.0\n * @example 'public-key'\n */\n type: 'public-key';\n}\n\n/**\n * @since 0.1.0\n */\nexport interface IsAvailableResult {\n /**\n * Whether or not passkeys are available on this device.\n *\n * @since 0.1.0\n * @example true\n */\n available: boolean;\n}\n\n/**\n * Criteria that the authenticator must meet to create a passkey.\n *\n * @since 0.1.0\n */\nexport interface PasskeyAuthenticatorSelection {\n /**\n * The authenticator attachment modality.\n *\n * Only available on Android and Web.\n *\n * @since 0.1.0\n * @example 'platform'\n */\n authenticatorAttachment?: PasskeyAuthenticatorAttachment;\n /**\n * Whether or not a discoverable credential (passkey) is required.\n *\n * This property is retained for backwards compatibility with\n * WebAuthn Level 1. Prefer `residentKey`.\n *\n * Only available on Android and Web.\n *\n * @since 0.1.0\n * @example true\n */\n requireResidentKey?: boolean;\n /**\n * The extent to which the relying party desires to create a\n * discoverable credential (passkey).\n *\n * Only available on Android and Web.\n *\n * @since 0.1.0\n * @example 'required'\n */\n residentKey?: PasskeyResidentKey;\n /**\n * The user verification requirement.\n *\n * @since 0.1.0\n * @default 'preferred'\n * @example 'required'\n */\n userVerification?: PasskeyUserVerification;\n}\n\n/**\n * A descriptor that identifies a specific credential.\n *\n * @since 0.1.0\n */\nexport interface PasskeyCredentialDescriptor {\n /**\n * The credential identifier as a base64url-encoded string.\n *\n * @since 0.1.0\n */\n id: string;\n /**\n * The transports that the authenticator of the credential supports.\n *\n * Only available on Android and Web.\n *\n * @since 0.1.0\n * @example ['internal', 'hybrid']\n */\n transports?: PasskeyTransport[];\n /**\n * The credential type.\n *\n * @since 0.1.0\n * @example 'public-key'\n */\n type: 'public-key';\n}\n\n/**\n * A public key credential type and algorithm that the relying party\n * server supports.\n *\n * @since 0.1.0\n */\nexport interface PasskeyCredentialParameter {\n /**\n * The COSE algorithm identifier, e.g. `-7` for ES256 or `-257` for RS256.\n *\n * @since 0.1.0\n * @example -7\n */\n alg: number;\n /**\n * The credential type.\n *\n * @since 0.1.0\n * @example 'public-key'\n */\n type: 'public-key';\n}\n\n/**\n * The relying party for which a passkey is created.\n *\n * @since 0.1.0\n */\nexport interface PasskeyRelyingParty {\n /**\n * The identifier of the relying party.\n *\n * This must be a registrable domain suffix of (or equal to) the\n * domain that the app is associated with.\n *\n * @since 0.1.0\n * @example 'example.com'\n */\n id: string;\n /**\n * The human-readable name of the relying party.\n *\n * @since 0.1.0\n * @example 'Example Inc.'\n */\n name: string;\n}\n\n/**\n * The user account for which a passkey is created.\n *\n * @since 0.1.0\n */\nexport interface PasskeyUser {\n /**\n * The human-readable display name of the user account.\n *\n * @since 0.1.0\n * @example 'Jane Doe'\n */\n displayName: string;\n /**\n * The user handle of the user account as a base64url-encoded string.\n *\n * @since 0.1.0\n * @example 'anVzdGFyYW5kb21pZA'\n */\n id: string;\n /**\n * The human-readable name of the user account, e.g. a username\n * or email address.\n *\n * @since 0.1.0\n * @example 'jane.doe@example.com'\n */\n name: string;\n}\n\n/**\n * The attestation conveyance preference.\n *\n * @since 0.1.0\n */\nexport type PasskeyAttestation = 'direct' | 'enterprise' | 'indirect' | 'none';\n\n/**\n * The authenticator attachment modality.\n *\n * @since 0.1.0\n */\nexport type PasskeyAuthenticatorAttachment = 'cross-platform' | 'platform';\n\n/**\n * The extent to which the relying party desires to create a\n * discoverable credential (passkey).\n *\n * @since 0.1.0\n */\nexport type PasskeyResidentKey = 'discouraged' | 'preferred' | 'required';\n\n/**\n * A transport that an authenticator supports.\n *\n * @since 0.1.0\n */\nexport type PasskeyTransport =\n | 'ble'\n | 'hybrid'\n | 'internal'\n | 'nfc'\n | 'smart-card'\n | 'usb';\n\n/**\n * The user verification requirement.\n *\n * - `discouraged`: The relying party prefers no user verification.\n * - `preferred`: The relying party prefers user verification but will\n * not fail the operation without it.\n * - `required`: The relying party requires user verification.\n *\n * @since 0.1.0\n */\nexport type PasskeyUserVerification = 'discouraged' | 'preferred' | 'required';\n\n/**\n * @since 0.1.0\n */\nexport enum ErrorCode {\n /**\n * The operation was canceled by the user.\n *\n * @since 0.1.0\n */\n Canceled = 'CANCELED',\n /**\n * The passkey could not be created.\n *\n * @since 0.1.0\n */\n CreateFailed = 'CREATE_FAILED',\n /**\n * The app is not associated with the relying party domain.\n *\n * On **Android**, make sure that the Digital Asset Links file is set up\n * correctly. On **iOS**, make sure that the Associated Domains\n * entitlement is set up correctly.\n *\n * @since 0.1.0\n */\n DomainNotAssociated = 'DOMAIN_NOT_ASSOCIATED',\n /**\n * The passkey could not be retrieved.\n *\n * @since 0.1.0\n */\n GetFailed = 'GET_FAILED',\n /**\n * No matching passkey was found.\n *\n * @since 0.1.0\n */\n NoCredential = 'NO_CREDENTIAL',\n /**\n * Passkeys are not supported on this device.\n *\n * @since 0.1.0\n */\n NotSupported = 'NOT_SUPPORTED',\n}\n"]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAIjD,MAAM,QAAQ,GAAG,cAAc,CAAiB,UAAU,EAAE;IAC1D,GAAG,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;CAC1D,CAAC,CAAC;AAEH,cAAc,eAAe,CAAC;AAC9B,OAAO,EAAE,QAAQ,EAAE,CAAC","sourcesContent":["import { registerPlugin } from '@capacitor/core';\n\nimport type { PasskeysPlugin } from './definitions';\n\nconst Passkeys = registerPlugin<PasskeysPlugin>('Passkeys', {\n web: () => import('./web').then(m => new m.PasskeysWeb()),\n});\n\nexport * from './definitions';\nexport { Passkeys };\n"]}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import { WebPlugin } from '@capacitor/core';
|
|
2
|
+
import type { CreatePasskeyOptions, CreatePasskeyResult, GetPasskeyOptions, GetPasskeyResult, IsAvailableResult, PasskeysPlugin } from './definitions';
|
|
3
|
+
export declare class PasskeysWeb extends WebPlugin implements PasskeysPlugin {
|
|
4
|
+
private static readonly errorCreateFailed;
|
|
5
|
+
private static readonly errorGetFailed;
|
|
6
|
+
private static readonly errorNotSupported;
|
|
7
|
+
createPasskey(options: CreatePasskeyOptions): Promise<CreatePasskeyResult>;
|
|
8
|
+
getPasskey(options: GetPasskeyOptions): Promise<GetPasskeyResult>;
|
|
9
|
+
isAvailable(): Promise<IsAvailableResult>;
|
|
10
|
+
private static arrayBufferToBase64Url;
|
|
11
|
+
private static base64UrlToArrayBuffer;
|
|
12
|
+
private static createException;
|
|
13
|
+
private static createNotSupportedException;
|
|
14
|
+
private static isWebAuthnSupported;
|
|
15
|
+
private static parseCreationOptions;
|
|
16
|
+
private static parseRequestOptions;
|
|
17
|
+
private static serializeCredential;
|
|
18
|
+
}
|