1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
//! This file has been automatically generated by `objc2`'s `header-translator`.
//! DO NOT EDIT
use core::ffi::*;
use core::ptr::NonNull;
use objc2::__framework_prelude::*;
use objc2_foundation::*;
#[cfg(feature = "objc2-security")]
use objc2_security::*;
use crate::*;
/// [Apple's documentation](https://developer.apple.com/documentation/authenticationservices/asauthorizationproviderextensionkeytype?language=objc)
// NS_ENUM
#[repr(transparent)]
#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord)]
pub struct ASAuthorizationProviderExtensionKeyType(pub NSInteger);
impl ASAuthorizationProviderExtensionKeyType {
/// The user's device signing key.
#[doc(alias = "ASAuthorizationProviderExtensionKeyTypeUserDeviceSigning")]
pub const UserDeviceSigning: Self = Self(1);
/// The user's device encryption key.
#[doc(alias = "ASAuthorizationProviderExtensionKeyTypeUserDeviceEncryption")]
pub const UserDeviceEncryption: Self = Self(2);
/// The user's Secure Enclave backed key.
#[doc(alias = "ASAuthorizationProviderExtensionKeyTypeUserSecureEnclaveKey")]
pub const UserSecureEnclaveKey: Self = Self(3);
/// The shared device signing key.
#[doc(alias = "ASAuthorizationProviderExtensionKeyTypeSharedDeviceSigning")]
pub const SharedDeviceSigning: Self = Self(4);
/// The shared device encryption key.
#[doc(alias = "ASAuthorizationProviderExtensionKeyTypeSharedDeviceEncryption")]
pub const SharedDeviceEncryption: Self = Self(5);
/// The currentdevice signing key.
#[doc(alias = "ASAuthorizationProviderExtensionKeyTypeCurrentDeviceSigning")]
pub const CurrentDeviceSigning: Self = Self(10);
/// The current device encryption key.
#[doc(alias = "ASAuthorizationProviderExtensionKeyTypeCurrentDeviceEncryption")]
pub const CurrentDeviceEncryption: Self = Self(11);
/// The current device encryption key.
#[doc(alias = "ASAuthorizationProviderExtensionKeyTypeUserSmartCard")]
pub const UserSmartCard: Self = Self(20);
}
unsafe impl Encode for ASAuthorizationProviderExtensionKeyType {
const ENCODING: Encoding = NSInteger::ENCODING;
}
unsafe impl RefEncode for ASAuthorizationProviderExtensionKeyType {
const ENCODING_REF: Encoding = Encoding::Pointer(&Self::ENCODING);
}
extern_class!(
/// [Apple's documentation](https://developer.apple.com/documentation/authenticationservices/asauthorizationproviderextensionloginmanager?language=objc)
#[unsafe(super(NSObject))]
#[derive(Debug, PartialEq, Eq, Hash)]
pub struct ASAuthorizationProviderExtensionLoginManager;
);
extern_conformance!(
unsafe impl NSObjectProtocol for ASAuthorizationProviderExtensionLoginManager {}
);
impl ASAuthorizationProviderExtensionLoginManager {
extern_methods!(
#[unsafe(method(init))]
#[unsafe(method_family = init)]
pub unsafe fn init(this: Allocated<Self>) -> Retained<Self>;
#[unsafe(method(new))]
#[unsafe(method_family = new)]
pub unsafe fn new() -> Retained<Self>;
/// Returns YES if the current device completed registration.
#[unsafe(method(isDeviceRegistered))]
#[unsafe(method_family = none)]
pub unsafe fn isDeviceRegistered(&self) -> bool;
/// Returns YES if current user completed registration.
#[unsafe(method(isUserRegistered))]
#[unsafe(method_family = none)]
pub unsafe fn isUserRegistered(&self) -> bool;
/// Returns the device registration token from the MDM profile.
#[unsafe(method(registrationToken))]
#[unsafe(method_family = none)]
pub unsafe fn registrationToken(&self) -> Option<Retained<NSString>>;
#[cfg(feature = "ASAuthorizationProviderExtensionRegistrationHandler")]
/// Returns the authentication method used for the device.
#[unsafe(method(authenticationMethod))]
#[unsafe(method_family = none)]
pub unsafe fn authenticationMethod(
&self,
) -> ASAuthorizationProviderExtensionAuthenticationMethod;
/// Returns the extension data from the MDM profile.
#[unsafe(method(extensionData))]
#[unsafe(method_family = none)]
pub unsafe fn extensionData(&self) -> Retained<NSDictionary>;
/// The user name to use when authenticating with the identity provider.
#[deprecated]
#[unsafe(method(loginUserName))]
#[unsafe(method_family = none)]
pub unsafe fn loginUserName(&self) -> Option<Retained<NSString>>;
/// Setter for [`loginUserName`][Self::loginUserName].
///
/// This is [copied][objc2_foundation::NSCopying::copy] when set.
#[deprecated]
#[unsafe(method(setLoginUserName:))]
#[unsafe(method_family = none)]
pub unsafe fn setLoginUserName(&self, login_user_name: Option<&NSString>);
#[cfg(feature = "ASAuthorizationProviderExtensionUserLoginConfiguration")]
/// Retrieves the current user login configuration for the extension.
#[unsafe(method(userLoginConfiguration))]
#[unsafe(method_family = none)]
pub unsafe fn userLoginConfiguration(
&self,
) -> Option<Retained<ASAuthorizationProviderExtensionUserLoginConfiguration>>;
#[cfg(feature = "ASAuthorizationProviderExtensionUserLoginConfiguration")]
/// Saves or replaces the user login configration.
///
/// Parameter `userLoginConfiguration`: The user login configration to use.
///
/// Parameter `error`: The error when there are validation errors or nil.
#[unsafe(method(saveUserLoginConfiguration:error:_))]
#[unsafe(method_family = none)]
pub unsafe fn saveUserLoginConfiguration_error(
&self,
user_login_configuration: &ASAuthorizationProviderExtensionUserLoginConfiguration,
) -> Result<(), Retained<NSError>>;
/// Retrieves or sets the current SSO tokens response for the current user and extension.
#[unsafe(method(ssoTokens))]
#[unsafe(method_family = none)]
pub unsafe fn ssoTokens(&self) -> Option<Retained<NSDictionary>>;
/// Setter for [`ssoTokens`][Self::ssoTokens].
///
/// This is [copied][objc2_foundation::NSCopying::copy] when set.
///
/// # Safety
///
/// `sso_tokens` generic should be of the correct type.
#[unsafe(method(setSsoTokens:))]
#[unsafe(method_family = none)]
pub unsafe fn setSsoTokens(&self, sso_tokens: Option<&NSDictionary>);
#[cfg(feature = "ASAuthorizationProviderExtensionLoginConfiguration")]
/// Retrieves or sets the current login configuration for the extension.
#[unsafe(method(loginConfiguration))]
#[unsafe(method_family = none)]
pub unsafe fn loginConfiguration(
&self,
) -> Option<Retained<ASAuthorizationProviderExtensionLoginConfiguration>>;
#[cfg(feature = "ASAuthorizationProviderExtensionLoginConfiguration")]
/// Saves or replaces the login configration.
///
/// Parameter `loginConfiguration`: The login configration to use.
///
/// Parameter `error`: The error when there are validation errors or nil.
#[unsafe(method(saveLoginConfiguration:error:_))]
#[unsafe(method_family = none)]
pub unsafe fn saveLoginConfiguration_error(
&self,
login_configuration: &ASAuthorizationProviderExtensionLoginConfiguration,
) -> Result<(), Retained<NSError>>;
#[cfg(feature = "objc2-security")]
/// Saves the provided certificate for the key type.
///
/// Parameter `certificate`: The certificate to save.
///
/// Parameter `keyType`: The key type for the certificate.
#[unsafe(method(saveCertificate:keyType:))]
#[unsafe(method_family = none)]
pub unsafe fn saveCertificate_keyType(
&self,
certificate: &SecCertificate,
key_type: ASAuthorizationProviderExtensionKeyType,
);
#[cfg(feature = "objc2-security")]
/// Retrieves the key for the specified platform SSO key type.
///
/// Parameter `keyType`: The key type to retrieve.
#[unsafe(method(copyKeyForKeyType:))]
#[unsafe(method_family = copy)]
pub unsafe fn copyKeyForKeyType(
&self,
key_type: ASAuthorizationProviderExtensionKeyType,
) -> Option<Retained<SecKey>>;
#[cfg(feature = "objc2-security")]
/// Retrieves the identity for the specified platform SSO key type.
///
/// Parameter `keyType`: The key type to retrieve.
#[unsafe(method(copyIdentityForKeyType:))]
#[unsafe(method_family = copy)]
pub unsafe fn copyIdentityForKeyType(
&self,
key_type: ASAuthorizationProviderExtensionKeyType,
) -> Option<Retained<SecIdentity>>;
#[cfg(feature = "objc2-security")]
/// Generates a new key for the specified platform SSO key type using the strongest supported key strength returning the new key. Nil is returned if there is an error generating the new key.
///
/// Parameter `keyType`: The key type to retrieve.
#[unsafe(method(beginKeyRotationForKeyType:))]
// required for soundness, method has `returns_retained` attribute.
#[unsafe(method_family = copy)]
pub unsafe fn beginKeyRotationForKeyType(
&self,
key_type: ASAuthorizationProviderExtensionKeyType,
) -> Option<Retained<SecKey>>;
/// Completes rotation for the key to replace the previous key.
///
/// Parameter `keyType`: The key type to retrieve.
#[unsafe(method(completeKeyRotationForKeyType:))]
#[unsafe(method_family = none)]
pub unsafe fn completeKeyRotationForKeyType(
&self,
key_type: ASAuthorizationProviderExtensionKeyType,
);
#[cfg(feature = "block2")]
/// Requests AppSSOAgent reauthenticate the current user for the current extension. This is used when the tokens are revoked, or expired and need to be requested again.
#[unsafe(method(userNeedsReauthenticationWithCompletion:))]
#[unsafe(method_family = none)]
pub unsafe fn userNeedsReauthenticationWithCompletion(
&self,
completion: &block2::DynBlock<dyn Fn(*mut NSError)>,
);
/// Requests that the device registration be run again to repair it.
#[unsafe(method(deviceRegistrationsNeedsRepair))]
#[unsafe(method_family = none)]
pub unsafe fn deviceRegistrationsNeedsRepair(&self);
/// Requests that user registration be run again for the current user to repair it.
#[unsafe(method(userRegistrationsNeedsRepair))]
#[unsafe(method_family = none)]
pub unsafe fn userRegistrationsNeedsRepair(&self);
/// Requests that the decryption keys are repaired.
#[unsafe(method(decryptionKeysNeedRepair))]
#[unsafe(method_family = none)]
pub unsafe fn decryptionKeysNeedRepair(&self);
/// Creates new Encryption, Signing, and Secure Enclave keys for the user. The old keys will be destroyed.
#[unsafe(method(resetKeys))]
#[unsafe(method_family = none)]
pub unsafe fn resetKeys(&self);
/// Creates new Encryption, and Signing keys for the device or user. The old keys will be destroyed.
#[unsafe(method(resetDeviceKeys))]
#[unsafe(method_family = none)]
pub unsafe fn resetDeviceKeys(&self);
/// Creates new Encryption, Signing, and Secure Enclave keys for the user. The old keys will be destroyed.
#[unsafe(method(resetUserSecureEnclaveKey))]
#[unsafe(method_family = none)]
pub unsafe fn resetUserSecureEnclaveKey(&self);
#[cfg(feature = "block2")]
/// Provides a new or cached attestation for the specified key type.
///
/// Parameter `keyType`: The key type for the attestation.
///
/// Parameter `clientDataHash`: A SHA256 hash of a unique, single-use data block that embeds a challenge from your server.
///
/// Parameter `completion`: A closure that the method calls upon completion with the following parameters:
/// * attestationCertificates An array of certificates that verify the validity of the key associated with the keyType. Send this to your server for processing.
/// * error A DCError instance that indicates the reason for failure, or nil on success.
#[unsafe(method(attestKey:clientDataHash:completion:))]
#[unsafe(method_family = none)]
pub unsafe fn attestKey_clientDataHash_completion(
&self,
key_type: ASAuthorizationProviderExtensionKeyType,
client_data_hash: &NSData,
completion: &block2::DynBlock<dyn Fn(*mut NSArray, *mut NSError)>,
);
#[cfg(feature = "block2")]
/// Provides a new or cached attestation for the specified pending key type.
///
/// Parameter `keyType`: The pending key type for the attestation.
///
/// Parameter `clientDataHash`: A SHA256 hash of a unique, single-use data block that embeds a challenge from your server.
///
/// Parameter `completion`: A closure that the method calls upon completion with the following parameters:
/// * attestationCertificates An array of certificates that verify the validity of the pending key associated with the keyType. Send this to your server for processing.
/// * error A DCError instance that indicates the reason for failure, or nil on success.
#[unsafe(method(attestPendingKey:clientDataHash:completion:))]
#[unsafe(method_family = none)]
pub unsafe fn attestPendingKey_clientDataHash_completion(
&self,
key_type: ASAuthorizationProviderExtensionKeyType,
client_data_hash: &NSData,
completion: &block2::DynBlock<dyn Fn(*mut NSArray, *mut NSError)>,
);
#[cfg(feature = "block2")]
/// Asks authorization service to show extension view controller for registration. If the controller cannot be shown an error is returned. This is only valid during registration.
#[unsafe(method(presentRegistrationViewControllerWithCompletion:))]
#[unsafe(method_family = none)]
pub unsafe fn presentRegistrationViewControllerWithCompletion(
&self,
completion: &block2::DynBlock<dyn Fn(*mut NSError)>,
);
);
}