1use bitwarden_vault::{CipherListView, CipherView, EncryptionContext, Fido2CredentialNewView};
2use passkey::authenticator::UIHint;
3use thiserror::Error;
4
5#[allow(missing_docs)]
6#[derive(Debug, Error)]
7pub enum Fido2CallbackError {
8 #[error("The operation requires user interaction")]
9 UserInterfaceRequired,
10
11 #[error("The operation was cancelled by the user")]
12 OperationCancelled,
13
14 #[error("Unknown error: {0}")]
15 Unknown(String),
16}
17
18#[allow(missing_docs)]
19#[async_trait::async_trait]
20pub trait Fido2UserInterface: Send + Sync {
21 async fn check_user<'a>(
22 &self,
23 options: CheckUserOptions,
24 hint: UIHint<'a, CipherView>,
25 ) -> Result<CheckUserResult, Fido2CallbackError>;
26 async fn pick_credential_for_authentication(
27 &self,
28 available_credentials: Vec<CipherView>,
29 ) -> Result<CipherView, Fido2CallbackError>;
30 async fn check_user_and_pick_credential_for_creation(
31 &self,
32 options: CheckUserOptions,
33 new_credential: Fido2CredentialNewView,
34 ) -> Result<(CipherView, CheckUserResult), Fido2CallbackError>;
35 async fn is_verification_enabled(&self) -> bool;
36}
37
38#[allow(missing_docs)]
39#[async_trait::async_trait]
40pub trait Fido2CredentialStore: Send + Sync {
41 async fn find_credentials(
42 &self,
43 ids: Option<Vec<Vec<u8>>>,
44 rip_id: String,
45 ) -> Result<Vec<CipherView>, Fido2CallbackError>;
46
47 async fn all_credentials(&self) -> Result<Vec<CipherListView>, Fido2CallbackError>;
48
49 async fn save_credential(&self, cred: EncryptionContext) -> Result<(), Fido2CallbackError>;
50}
51
52#[allow(missing_docs)]
53#[derive(Clone)]
54#[cfg_attr(feature = "uniffi", derive(uniffi::Record))]
55pub struct CheckUserOptions {
56 pub require_presence: bool,
57 pub require_verification: Verification,
58}
59
60#[allow(missing_docs)]
61#[derive(Clone)]
62#[cfg_attr(feature = "uniffi", derive(uniffi::Enum))]
63pub enum Verification {
64 Discouraged,
65 Preferred,
66 Required,
67}
68
69#[allow(missing_docs)]
70pub struct CheckUserResult {
71 pub user_present: bool,
72 pub user_verified: bool,
73}