Skip to main content

LAContext

localauthentication::la_context

Struct LAContext 

Source 
pub struct LAContext { /* private fields */ }
Expand description

Managed wrapper around Apple’s LAContext.

Implementations§

Source§

impl LAContext

Source

pub fn new() -> Result<Self>

Create a new authentication context.

§Errors

Returns an error if the Swift bridge fails to allocate the underlying LAContext.

Examples found in repository?
examples/02_policy_catalog.rs (line 4)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    let policies = [
6        LAPolicy::DeviceOwnerAuthenticationWithBiometrics,
7        LAPolicy::DeviceOwnerAuthentication,
8        LAPolicy::DeviceOwnerAuthenticationWithCompanion,
9        LAPolicy::DeviceOwnerAuthenticationWithBiometricsOrCompanion,
10    ];
11
12    for policy in policies {
13        println!(
14            "{} => {:?}",
15            policy.description(),
16            context.can_evaluate_policy(policy)
17        );
18    }
19
20    println!("✅ policy catalogue OK");
21    Ok(())
22}
More examples
Hide additional examples
examples/04_credentials.rs (line 4)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    let password = LACredential::application_password(b"p@ssword".to_vec());
6    let pin = LACredential::smart_card_pin(b"123456".to_vec());
7
8    assert!(context.set_credential(&password)?);
9    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
10    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
11
12    assert!(context.set_credential(&pin)?);
13    assert!(context.is_credential_set(LACredentialType::SmartCardPin)?);
14    assert!(context.clear_credential(LACredentialType::SmartCardPin)?);
15
16    println!("password bytes: {}", password.bytes().len());
17    println!("pin bytes: {}", pin.bytes().len());
18    println!("✅ credential round-trip OK");
19    Ok(())
20}
examples/01_smoke.rs (line 4)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    context.set_interaction_not_allowed(true)?;
6    context.set_localized_fallback_title(Some("Use Password"))?;
7    context.set_localized_cancel_title(Some("Cancel"))?;
8    context.set_localized_reason("inspect the device owner's authentication state")?;
9    context.set_touch_id_authentication_allowable_reuse_duration(30.0)?;
10
11    let credential = LACredential::application_password(b"secret".to_vec());
12    assert!(context.set_credential(&credential)?);
13    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
14    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
15
16    let preflight =
17        match context.can_evaluate_policy(LAPolicy::DeviceOwnerAuthenticationWithBiometrics) {
18            Ok(true) => "biometry available".to_owned(),
19            Ok(false) => "biometry unavailable without a framework error".to_owned(),
20            Err(error) => format!("biometry unavailable: {error}"),
21        };
22    let domain_state = context.domain_state()?;
23
24    println!("preflight: {preflight}");
25    println!("localized reason: {}", context.localized_reason()?);
26    println!("biometry type: {:?}", context.biometry_type()?);
27    println!(
28        "domain state hash bytes: {}",
29        domain_state.state_hash().map_or(0, <[u8]>::len)
30    );
31    println!(
32        "reuse max seconds: {}",
33        LAContext::touch_id_authentication_maximum_allowable_reuse_duration()
34    );
35    println!("✅ localauth context + credentials OK");
36    Ok(())
37}
Source

pub fn invalidate(&self) -> Result<()>

Invalidate this context.

§Errors

Returns an error if the Swift bridge rejects the request.

Source

pub fn can_evaluate_policy(&self, policy: LAPolicy) -> Result<bool>

Check whether a policy can be evaluated without prompting the user.

§Errors

Returns a mapped framework error when the policy is unavailable, or a bridge error if the request itself fails.

Examples found in repository?
examples/02_policy_catalog.rs (line 16)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    let policies = [
6        LAPolicy::DeviceOwnerAuthenticationWithBiometrics,
7        LAPolicy::DeviceOwnerAuthentication,
8        LAPolicy::DeviceOwnerAuthenticationWithCompanion,
9        LAPolicy::DeviceOwnerAuthenticationWithBiometricsOrCompanion,
10    ];
11
12    for policy in policies {
13        println!(
14            "{} => {:?}",
15            policy.description(),
16            context.can_evaluate_policy(policy)
17        );
18    }
19
20    println!("✅ policy catalogue OK");
21    Ok(())
22}
More examples
Hide additional examples
examples/01_smoke.rs (line 17)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    context.set_interaction_not_allowed(true)?;
6    context.set_localized_fallback_title(Some("Use Password"))?;
7    context.set_localized_cancel_title(Some("Cancel"))?;
8    context.set_localized_reason("inspect the device owner's authentication state")?;
9    context.set_touch_id_authentication_allowable_reuse_duration(30.0)?;
10
11    let credential = LACredential::application_password(b"secret".to_vec());
12    assert!(context.set_credential(&credential)?);
13    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
14    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
15
16    let preflight =
17        match context.can_evaluate_policy(LAPolicy::DeviceOwnerAuthenticationWithBiometrics) {
18            Ok(true) => "biometry available".to_owned(),
19            Ok(false) => "biometry unavailable without a framework error".to_owned(),
20            Err(error) => format!("biometry unavailable: {error}"),
21        };
22    let domain_state = context.domain_state()?;
23
24    println!("preflight: {preflight}");
25    println!("localized reason: {}", context.localized_reason()?);
26    println!("biometry type: {:?}", context.biometry_type()?);
27    println!(
28        "domain state hash bytes: {}",
29        domain_state.state_hash().map_or(0, <[u8]>::len)
30    );
31    println!(
32        "reuse max seconds: {}",
33        LAContext::touch_id_authentication_maximum_allowable_reuse_duration()
34    );
35    println!("✅ localauth context + credentials OK");
36    Ok(())
37}
Source

pub fn evaluate_policy( &self, policy: LAPolicy, localized_reason: &str, ) -> Result<bool>

Evaluate a policy with the supplied localized reason string.

§Errors

Returns a mapped framework or bridge error when evaluation fails.

Source

pub unsafe fn evaluate_access_control_raw( &self, access_control: *const c_void, operation: LAAccessControlOperation, localized_reason: &str, ) -> Result<bool>

Evaluate a SecAccessControlRef for the given operation.

§Safety

access_control must be a valid borrowed SecAccessControlRef for the duration of the call.

§Errors

Returns a mapped framework or bridge error when evaluation fails.

Source

pub fn localized_fallback_title(&self) -> Result<Option<String>>

Read the localized fallback title.

§Errors

Returns an error if the Swift bridge rejects the request.

Source

pub fn set_localized_fallback_title(&self, title: Option<&str>) -> Result<()>

Update the localized fallback title. Pass None to restore the default title.

§Errors

Returns an error if the title contains an interior NUL byte or the Swift bridge rejects the request.

Examples found in repository?
examples/01_smoke.rs (line 6)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    context.set_interaction_not_allowed(true)?;
6    context.set_localized_fallback_title(Some("Use Password"))?;
7    context.set_localized_cancel_title(Some("Cancel"))?;
8    context.set_localized_reason("inspect the device owner's authentication state")?;
9    context.set_touch_id_authentication_allowable_reuse_duration(30.0)?;
10
11    let credential = LACredential::application_password(b"secret".to_vec());
12    assert!(context.set_credential(&credential)?);
13    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
14    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
15
16    let preflight =
17        match context.can_evaluate_policy(LAPolicy::DeviceOwnerAuthenticationWithBiometrics) {
18            Ok(true) => "biometry available".to_owned(),
19            Ok(false) => "biometry unavailable without a framework error".to_owned(),
20            Err(error) => format!("biometry unavailable: {error}"),
21        };
22    let domain_state = context.domain_state()?;
23
24    println!("preflight: {preflight}");
25    println!("localized reason: {}", context.localized_reason()?);
26    println!("biometry type: {:?}", context.biometry_type()?);
27    println!(
28        "domain state hash bytes: {}",
29        domain_state.state_hash().map_or(0, <[u8]>::len)
30    );
31    println!(
32        "reuse max seconds: {}",
33        LAContext::touch_id_authentication_maximum_allowable_reuse_duration()
34    );
35    println!("✅ localauth context + credentials OK");
36    Ok(())
37}
Source

pub fn localized_cancel_title(&self) -> Result<Option<String>>

Read the localized cancel title.

§Errors

Returns an error if the Swift bridge rejects the request.

Source

pub fn set_localized_cancel_title(&self, title: Option<&str>) -> Result<()>

Update the localized cancel title. Pass None to restore the default title.

§Errors

Returns an error if the title contains an interior NUL byte or the Swift bridge rejects the request.

Examples found in repository?
examples/01_smoke.rs (line 7)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    context.set_interaction_not_allowed(true)?;
6    context.set_localized_fallback_title(Some("Use Password"))?;
7    context.set_localized_cancel_title(Some("Cancel"))?;
8    context.set_localized_reason("inspect the device owner's authentication state")?;
9    context.set_touch_id_authentication_allowable_reuse_duration(30.0)?;
10
11    let credential = LACredential::application_password(b"secret".to_vec());
12    assert!(context.set_credential(&credential)?);
13    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
14    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
15
16    let preflight =
17        match context.can_evaluate_policy(LAPolicy::DeviceOwnerAuthenticationWithBiometrics) {
18            Ok(true) => "biometry available".to_owned(),
19            Ok(false) => "biometry unavailable without a framework error".to_owned(),
20            Err(error) => format!("biometry unavailable: {error}"),
21        };
22    let domain_state = context.domain_state()?;
23
24    println!("preflight: {preflight}");
25    println!("localized reason: {}", context.localized_reason()?);
26    println!("biometry type: {:?}", context.biometry_type()?);
27    println!(
28        "domain state hash bytes: {}",
29        domain_state.state_hash().map_or(0, <[u8]>::len)
30    );
31    println!(
32        "reuse max seconds: {}",
33        LAContext::touch_id_authentication_maximum_allowable_reuse_duration()
34    );
35    println!("✅ localauth context + credentials OK");
36    Ok(())
37}
Source

pub fn localized_reason(&self) -> Result<String>

Read the default localized reason used for authentication requests.

§Errors

Returns an error if the Swift bridge rejects the request.

Examples found in repository?
examples/01_smoke.rs (line 25)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    context.set_interaction_not_allowed(true)?;
6    context.set_localized_fallback_title(Some("Use Password"))?;
7    context.set_localized_cancel_title(Some("Cancel"))?;
8    context.set_localized_reason("inspect the device owner's authentication state")?;
9    context.set_touch_id_authentication_allowable_reuse_duration(30.0)?;
10
11    let credential = LACredential::application_password(b"secret".to_vec());
12    assert!(context.set_credential(&credential)?);
13    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
14    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
15
16    let preflight =
17        match context.can_evaluate_policy(LAPolicy::DeviceOwnerAuthenticationWithBiometrics) {
18            Ok(true) => "biometry available".to_owned(),
19            Ok(false) => "biometry unavailable without a framework error".to_owned(),
20            Err(error) => format!("biometry unavailable: {error}"),
21        };
22    let domain_state = context.domain_state()?;
23
24    println!("preflight: {preflight}");
25    println!("localized reason: {}", context.localized_reason()?);
26    println!("biometry type: {:?}", context.biometry_type()?);
27    println!(
28        "domain state hash bytes: {}",
29        domain_state.state_hash().map_or(0, <[u8]>::len)
30    );
31    println!(
32        "reuse max seconds: {}",
33        LAContext::touch_id_authentication_maximum_allowable_reuse_duration()
34    );
35    println!("✅ localauth context + credentials OK");
36    Ok(())
37}
Source

pub fn set_localized_reason(&self, localized_reason: &str) -> Result<()>

Update the default localized reason used for authentication requests.

§Errors

Returns an error if the string contains an interior NUL byte or the Swift bridge rejects the request.

Examples found in repository?
examples/01_smoke.rs (line 8)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    context.set_interaction_not_allowed(true)?;
6    context.set_localized_fallback_title(Some("Use Password"))?;
7    context.set_localized_cancel_title(Some("Cancel"))?;
8    context.set_localized_reason("inspect the device owner's authentication state")?;
9    context.set_touch_id_authentication_allowable_reuse_duration(30.0)?;
10
11    let credential = LACredential::application_password(b"secret".to_vec());
12    assert!(context.set_credential(&credential)?);
13    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
14    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
15
16    let preflight =
17        match context.can_evaluate_policy(LAPolicy::DeviceOwnerAuthenticationWithBiometrics) {
18            Ok(true) => "biometry available".to_owned(),
19            Ok(false) => "biometry unavailable without a framework error".to_owned(),
20            Err(error) => format!("biometry unavailable: {error}"),
21        };
22    let domain_state = context.domain_state()?;
23
24    println!("preflight: {preflight}");
25    println!("localized reason: {}", context.localized_reason()?);
26    println!("biometry type: {:?}", context.biometry_type()?);
27    println!(
28        "domain state hash bytes: {}",
29        domain_state.state_hash().map_or(0, <[u8]>::len)
30    );
31    println!(
32        "reuse max seconds: {}",
33        LAContext::touch_id_authentication_maximum_allowable_reuse_duration()
34    );
35    println!("✅ localauth context + credentials OK");
36    Ok(())
37}
Source

pub fn touch_id_authentication_allowable_reuse_duration(&self) -> Result<f64>

Read the allowable biometric reuse duration, in seconds.

§Errors

Returns an error if the Swift bridge rejects the request.

Source

pub fn allowable_reuse_duration(&self) -> Result<f64>

Backward-compatible alias for touch_id_authentication_allowable_reuse_duration.

§Errors

Propagates any error returned by touch_id_authentication_allowable_reuse_duration.

Source

pub fn set_touch_id_authentication_allowable_reuse_duration( &self, duration: f64, ) -> Result<()>

Update the allowable biometric reuse duration, in seconds.

§Errors

Returns an error if the value is negative, non-finite, or the Swift bridge rejects the request.

Examples found in repository?
examples/01_smoke.rs (line 9)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    context.set_interaction_not_allowed(true)?;
6    context.set_localized_fallback_title(Some("Use Password"))?;
7    context.set_localized_cancel_title(Some("Cancel"))?;
8    context.set_localized_reason("inspect the device owner's authentication state")?;
9    context.set_touch_id_authentication_allowable_reuse_duration(30.0)?;
10
11    let credential = LACredential::application_password(b"secret".to_vec());
12    assert!(context.set_credential(&credential)?);
13    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
14    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
15
16    let preflight =
17        match context.can_evaluate_policy(LAPolicy::DeviceOwnerAuthenticationWithBiometrics) {
18            Ok(true) => "biometry available".to_owned(),
19            Ok(false) => "biometry unavailable without a framework error".to_owned(),
20            Err(error) => format!("biometry unavailable: {error}"),
21        };
22    let domain_state = context.domain_state()?;
23
24    println!("preflight: {preflight}");
25    println!("localized reason: {}", context.localized_reason()?);
26    println!("biometry type: {:?}", context.biometry_type()?);
27    println!(
28        "domain state hash bytes: {}",
29        domain_state.state_hash().map_or(0, <[u8]>::len)
30    );
31    println!(
32        "reuse max seconds: {}",
33        LAContext::touch_id_authentication_maximum_allowable_reuse_duration()
34    );
35    println!("✅ localauth context + credentials OK");
36    Ok(())
37}
Source

pub fn set_allowable_reuse_duration(&self, duration: f64) -> Result<()>

Backward-compatible alias for set_touch_id_authentication_allowable_reuse_duration.

§Errors

Propagates any error returned by set_touch_id_authentication_allowable_reuse_duration.

Source

pub fn touch_id_authentication_maximum_allowable_reuse_duration() -> f64

The framework-defined maximum reuse duration, in seconds.

Examples found in repository?
examples/01_smoke.rs (line 33)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    context.set_interaction_not_allowed(true)?;
6    context.set_localized_fallback_title(Some("Use Password"))?;
7    context.set_localized_cancel_title(Some("Cancel"))?;
8    context.set_localized_reason("inspect the device owner's authentication state")?;
9    context.set_touch_id_authentication_allowable_reuse_duration(30.0)?;
10
11    let credential = LACredential::application_password(b"secret".to_vec());
12    assert!(context.set_credential(&credential)?);
13    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
14    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
15
16    let preflight =
17        match context.can_evaluate_policy(LAPolicy::DeviceOwnerAuthenticationWithBiometrics) {
18            Ok(true) => "biometry available".to_owned(),
19            Ok(false) => "biometry unavailable without a framework error".to_owned(),
20            Err(error) => format!("biometry unavailable: {error}"),
21        };
22    let domain_state = context.domain_state()?;
23
24    println!("preflight: {preflight}");
25    println!("localized reason: {}", context.localized_reason()?);
26    println!("biometry type: {:?}", context.biometry_type()?);
27    println!(
28        "domain state hash bytes: {}",
29        domain_state.state_hash().map_or(0, <[u8]>::len)
30    );
31    println!(
32        "reuse max seconds: {}",
33        LAContext::touch_id_authentication_maximum_allowable_reuse_duration()
34    );
35    println!("✅ localauth context + credentials OK");
36    Ok(())
37}
Source

pub fn interaction_not_allowed(&self) -> Result<bool>

Read whether interactive authentication UI is disabled.

§Errors

Returns an error if the Swift bridge rejects the request.

Source

pub fn set_interaction_not_allowed(&self, value: bool) -> Result<()>

Enable or disable interactive authentication UI.

§Errors

Returns an error if the Swift bridge rejects the request.

Examples found in repository?
examples/01_smoke.rs (line 5)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    context.set_interaction_not_allowed(true)?;
6    context.set_localized_fallback_title(Some("Use Password"))?;
7    context.set_localized_cancel_title(Some("Cancel"))?;
8    context.set_localized_reason("inspect the device owner's authentication state")?;
9    context.set_touch_id_authentication_allowable_reuse_duration(30.0)?;
10
11    let credential = LACredential::application_password(b"secret".to_vec());
12    assert!(context.set_credential(&credential)?);
13    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
14    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
15
16    let preflight =
17        match context.can_evaluate_policy(LAPolicy::DeviceOwnerAuthenticationWithBiometrics) {
18            Ok(true) => "biometry available".to_owned(),
19            Ok(false) => "biometry unavailable without a framework error".to_owned(),
20            Err(error) => format!("biometry unavailable: {error}"),
21        };
22    let domain_state = context.domain_state()?;
23
24    println!("preflight: {preflight}");
25    println!("localized reason: {}", context.localized_reason()?);
26    println!("biometry type: {:?}", context.biometry_type()?);
27    println!(
28        "domain state hash bytes: {}",
29        domain_state.state_hash().map_or(0, <[u8]>::len)
30    );
31    println!(
32        "reuse max seconds: {}",
33        LAContext::touch_id_authentication_maximum_allowable_reuse_duration()
34    );
35    println!("✅ localauth context + credentials OK");
36    Ok(())
37}
Source

pub fn biometry_type(&self) -> Result<BiometryType>

Read the currently reported biometry type.

§Errors

Returns an error if the Swift bridge rejects the request.

Examples found in repository?
examples/01_smoke.rs (line 26)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    context.set_interaction_not_allowed(true)?;
6    context.set_localized_fallback_title(Some("Use Password"))?;
7    context.set_localized_cancel_title(Some("Cancel"))?;
8    context.set_localized_reason("inspect the device owner's authentication state")?;
9    context.set_touch_id_authentication_allowable_reuse_duration(30.0)?;
10
11    let credential = LACredential::application_password(b"secret".to_vec());
12    assert!(context.set_credential(&credential)?);
13    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
14    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
15
16    let preflight =
17        match context.can_evaluate_policy(LAPolicy::DeviceOwnerAuthenticationWithBiometrics) {
18            Ok(true) => "biometry available".to_owned(),
19            Ok(false) => "biometry unavailable without a framework error".to_owned(),
20            Err(error) => format!("biometry unavailable: {error}"),
21        };
22    let domain_state = context.domain_state()?;
23
24    println!("preflight: {preflight}");
25    println!("localized reason: {}", context.localized_reason()?);
26    println!("biometry type: {:?}", context.biometry_type()?);
27    println!(
28        "domain state hash bytes: {}",
29        domain_state.state_hash().map_or(0, <[u8]>::len)
30    );
31    println!(
32        "reuse max seconds: {}",
33        LAContext::touch_id_authentication_maximum_allowable_reuse_duration()
34    );
35    println!("✅ localauth context + credentials OK");
36    Ok(())
37}
Source

pub fn evaluated_policy_domain_state(&self) -> Result<Option<Vec<u8>>>

Read the evaluated policy domain state bytes, if any are available.

§Errors

Returns an error if the Swift bridge rejects the request.

Source

pub fn set_credential(&self, credential: &LACredential) -> Result<bool>

Set an application-provided credential for subsequent authentication operations.

§Errors

Returns an error if the Swift bridge rejects the request.

Examples found in repository?
examples/04_credentials.rs (line 8)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    let password = LACredential::application_password(b"p@ssword".to_vec());
6    let pin = LACredential::smart_card_pin(b"123456".to_vec());
7
8    assert!(context.set_credential(&password)?);
9    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
10    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
11
12    assert!(context.set_credential(&pin)?);
13    assert!(context.is_credential_set(LACredentialType::SmartCardPin)?);
14    assert!(context.clear_credential(LACredentialType::SmartCardPin)?);
15
16    println!("password bytes: {}", password.bytes().len());
17    println!("pin bytes: {}", pin.bytes().len());
18    println!("✅ credential round-trip OK");
19    Ok(())
20}
More examples
Hide additional examples
examples/01_smoke.rs (line 12)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    context.set_interaction_not_allowed(true)?;
6    context.set_localized_fallback_title(Some("Use Password"))?;
7    context.set_localized_cancel_title(Some("Cancel"))?;
8    context.set_localized_reason("inspect the device owner's authentication state")?;
9    context.set_touch_id_authentication_allowable_reuse_duration(30.0)?;
10
11    let credential = LACredential::application_password(b"secret".to_vec());
12    assert!(context.set_credential(&credential)?);
13    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
14    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
15
16    let preflight =
17        match context.can_evaluate_policy(LAPolicy::DeviceOwnerAuthenticationWithBiometrics) {
18            Ok(true) => "biometry available".to_owned(),
19            Ok(false) => "biometry unavailable without a framework error".to_owned(),
20            Err(error) => format!("biometry unavailable: {error}"),
21        };
22    let domain_state = context.domain_state()?;
23
24    println!("preflight: {preflight}");
25    println!("localized reason: {}", context.localized_reason()?);
26    println!("biometry type: {:?}", context.biometry_type()?);
27    println!(
28        "domain state hash bytes: {}",
29        domain_state.state_hash().map_or(0, <[u8]>::len)
30    );
31    println!(
32        "reuse max seconds: {}",
33        LAContext::touch_id_authentication_maximum_allowable_reuse_duration()
34    );
35    println!("✅ localauth context + credentials OK");
36    Ok(())
37}
Source

pub fn clear_credential( &self, credential_type: LACredentialType, ) -> Result<bool>

Remove any previously-supplied credential of the given type.

§Errors

Returns an error if the Swift bridge rejects the request.

Examples found in repository?
examples/04_credentials.rs (line 10)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    let password = LACredential::application_password(b"p@ssword".to_vec());
6    let pin = LACredential::smart_card_pin(b"123456".to_vec());
7
8    assert!(context.set_credential(&password)?);
9    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
10    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
11
12    assert!(context.set_credential(&pin)?);
13    assert!(context.is_credential_set(LACredentialType::SmartCardPin)?);
14    assert!(context.clear_credential(LACredentialType::SmartCardPin)?);
15
16    println!("password bytes: {}", password.bytes().len());
17    println!("pin bytes: {}", pin.bytes().len());
18    println!("✅ credential round-trip OK");
19    Ok(())
20}
More examples
Hide additional examples
examples/01_smoke.rs (line 14)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    context.set_interaction_not_allowed(true)?;
6    context.set_localized_fallback_title(Some("Use Password"))?;
7    context.set_localized_cancel_title(Some("Cancel"))?;
8    context.set_localized_reason("inspect the device owner's authentication state")?;
9    context.set_touch_id_authentication_allowable_reuse_duration(30.0)?;
10
11    let credential = LACredential::application_password(b"secret".to_vec());
12    assert!(context.set_credential(&credential)?);
13    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
14    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
15
16    let preflight =
17        match context.can_evaluate_policy(LAPolicy::DeviceOwnerAuthenticationWithBiometrics) {
18            Ok(true) => "biometry available".to_owned(),
19            Ok(false) => "biometry unavailable without a framework error".to_owned(),
20            Err(error) => format!("biometry unavailable: {error}"),
21        };
22    let domain_state = context.domain_state()?;
23
24    println!("preflight: {preflight}");
25    println!("localized reason: {}", context.localized_reason()?);
26    println!("biometry type: {:?}", context.biometry_type()?);
27    println!(
28        "domain state hash bytes: {}",
29        domain_state.state_hash().map_or(0, <[u8]>::len)
30    );
31    println!(
32        "reuse max seconds: {}",
33        LAContext::touch_id_authentication_maximum_allowable_reuse_duration()
34    );
35    println!("✅ localauth context + credentials OK");
36    Ok(())
37}
Source

pub fn is_credential_set( &self, credential_type: LACredentialType, ) -> Result<bool>

Check whether a credential of the given type is currently stored on this context.

§Errors

Returns an error if the Swift bridge rejects the request.

Examples found in repository?
examples/04_credentials.rs (line 9)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    let password = LACredential::application_password(b"p@ssword".to_vec());
6    let pin = LACredential::smart_card_pin(b"123456".to_vec());
7
8    assert!(context.set_credential(&password)?);
9    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
10    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
11
12    assert!(context.set_credential(&pin)?);
13    assert!(context.is_credential_set(LACredentialType::SmartCardPin)?);
14    assert!(context.clear_credential(LACredentialType::SmartCardPin)?);
15
16    println!("password bytes: {}", password.bytes().len());
17    println!("pin bytes: {}", pin.bytes().len());
18    println!("✅ credential round-trip OK");
19    Ok(())
20}
More examples
Hide additional examples
examples/01_smoke.rs (line 13)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    context.set_interaction_not_allowed(true)?;
6    context.set_localized_fallback_title(Some("Use Password"))?;
7    context.set_localized_cancel_title(Some("Cancel"))?;
8    context.set_localized_reason("inspect the device owner's authentication state")?;
9    context.set_touch_id_authentication_allowable_reuse_duration(30.0)?;
10
11    let credential = LACredential::application_password(b"secret".to_vec());
12    assert!(context.set_credential(&credential)?);
13    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
14    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
15
16    let preflight =
17        match context.can_evaluate_policy(LAPolicy::DeviceOwnerAuthenticationWithBiometrics) {
18            Ok(true) => "biometry available".to_owned(),
19            Ok(false) => "biometry unavailable without a framework error".to_owned(),
20            Err(error) => format!("biometry unavailable: {error}"),
21        };
22    let domain_state = context.domain_state()?;
23
24    println!("preflight: {preflight}");
25    println!("localized reason: {}", context.localized_reason()?);
26    println!("biometry type: {:?}", context.biometry_type()?);
27    println!(
28        "domain state hash bytes: {}",
29        domain_state.state_hash().map_or(0, <[u8]>::len)
30    );
31    println!(
32        "reuse max seconds: {}",
33        LAContext::touch_id_authentication_maximum_allowable_reuse_duration()
34    );
35    println!("✅ localauth context + credentials OK");
36    Ok(())
37}
Source

pub fn domain_state(&self) -> Result<LADomainState>

Read the richer domainState snapshot available on macOS 15 and newer.

§Errors

Returns an error if the property is unavailable or the Swift bridge rejects the request.

Examples found in repository?
examples/01_smoke.rs (line 22)
3fn main() -> Result<(), Box<dyn std::error::Error>> {
4    let context = LAContext::new()?;
5    context.set_interaction_not_allowed(true)?;
6    context.set_localized_fallback_title(Some("Use Password"))?;
7    context.set_localized_cancel_title(Some("Cancel"))?;
8    context.set_localized_reason("inspect the device owner's authentication state")?;
9    context.set_touch_id_authentication_allowable_reuse_duration(30.0)?;
10
11    let credential = LACredential::application_password(b"secret".to_vec());
12    assert!(context.set_credential(&credential)?);
13    assert!(context.is_credential_set(LACredentialType::ApplicationPassword)?);
14    assert!(context.clear_credential(LACredentialType::ApplicationPassword)?);
15
16    let preflight =
17        match context.can_evaluate_policy(LAPolicy::DeviceOwnerAuthenticationWithBiometrics) {
18            Ok(true) => "biometry available".to_owned(),
19            Ok(false) => "biometry unavailable without a framework error".to_owned(),
20            Err(error) => format!("biometry unavailable: {error}"),
21        };
22    let domain_state = context.domain_state()?;
23
24    println!("preflight: {preflight}");
25    println!("localized reason: {}", context.localized_reason()?);
26    println!("biometry type: {:?}", context.biometry_type()?);
27    println!(
28        "domain state hash bytes: {}",
29        domain_state.state_hash().map_or(0, <[u8]>::len)
30    );
31    println!(
32        "reuse max seconds: {}",
33        LAContext::touch_id_authentication_maximum_allowable_reuse_duration()
34    );
35    println!("✅ localauth context + credentials OK");
36    Ok(())
37}

Trait Implementations§

Source§

impl Debug for LAContext

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.