1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
//! This file has been automatically generated by `objc2`'s `header-translator`.
//! DO NOT EDIT
use core::ffi::*;
use core::ptr::NonNull;
use objc2::__framework_prelude::*;
#[cfg(target_os = "macos")]
use objc2_app_kit::*;
use objc2_foundation::*;
use crate::*;
#[cfg(target_os = "macos")]
extern_conformance!(
unsafe impl NSCoding for ASCredentialProviderViewController {}
);
#[cfg(target_os = "macos")]
extern_conformance!(
unsafe impl NSEditor for ASCredentialProviderViewController {}
);
#[cfg(target_os = "macos")]
extern_conformance!(
unsafe impl NSObjectProtocol for ASCredentialProviderViewController {}
);
#[cfg(target_os = "macos")]
extern_conformance!(
unsafe impl NSSeguePerforming for ASCredentialProviderViewController {}
);
#[cfg(target_os = "macos")]
extern_conformance!(
unsafe impl NSUserInterfaceItemIdentification for ASCredentialProviderViewController {}
);
#[cfg(target_os = "macos")]
impl ASCredentialProviderViewController {
extern_methods!(
#[cfg(feature = "ASCredentialProviderExtensionContext")]
#[unsafe(method(extensionContext))]
#[unsafe(method_family = none)]
pub unsafe fn extensionContext(&self) -> Retained<ASCredentialProviderExtensionContext>;
#[cfg(feature = "ASCredentialServiceIdentifier")]
/// Prepare the view controller to show a list of credentials.
///
/// Parameter `serviceIdentifiers`: the array of service identifiers.
///
/// This method is called by the system to prepare the extension's view controller to present the list of credentials.
/// A service identifier array is passed which can be used to filter or prioritize the credentials that closely match each service.
/// The service identifier array could have zero or more items. If there are more than one item in the array, items with lower indexes
/// represent more specific identifiers for which a credential is being requested. For example, the array could contain identifiers
/// [m.example.com, example.com] with the first item representing the more specifc service that requires a credential.
/// If the array of service identifiers is empty, it is expected that the credential list should still show credentials that the user can pick from.
#[unsafe(method(prepareCredentialListForServiceIdentifiers:))]
#[unsafe(method_family = none)]
pub unsafe fn prepareCredentialListForServiceIdentifiers(
&self,
service_identifiers: &NSArray<ASCredentialServiceIdentifier>,
);
#[cfg(all(
feature = "ASCredentialServiceIdentifier",
feature = "ASPasskeyCredentialRequestParameters"
))]
/// Prepare the view controller to show a list of passkey and password credentials.
///
/// Parameter `serviceIdentifiers`: the array of service identifiers.
///
/// Parameter `requestParameters`: the parameters of the active passkey request.
///
/// This method is called by the system to prepare the extension's view controller to present the list of credentials.
/// A service identifier array is passed which can be used to filter or prioritize the credentials that closely match each service.
/// The service identifier array could have zero or more items. If there is more than one item in the array, items with lower indexes
/// represent more specific identifiers for which a credential is being requested. For example, the array could contain identifiers
/// [m.example.com, example.com] with the first item representing the more specifc service that requires a credential.
/// If the array of service identifiers is empty, it is expected that the credential list should still show credentials that the user can pick from.
/// If a passkey credential is selected, the extension should use the requestParameters object to complete the request using the selected
/// passkey credential.
#[unsafe(method(prepareCredentialListForServiceIdentifiers:requestParameters:))]
#[unsafe(method_family = none)]
pub unsafe fn prepareCredentialListForServiceIdentifiers_requestParameters(
&self,
service_identifiers: &NSArray<ASCredentialServiceIdentifier>,
request_parameters: &ASPasskeyCredentialRequestParameters,
);
#[cfg(feature = "ASCredentialServiceIdentifier")]
/// Prepare the view controller to show a list of one time code credentials.
///
/// Parameter `serviceIdentifiers`: the array of service identifiers.
///
/// This method is called by the system to prepare the extension's view controller to present the list of credentials.
/// A service identifier array is passed which can be used to filter or prioritize the credentials that closely match each service.
/// The service identifier array could have zero or more items. If there is more than one item in the array, items with lower indexes
/// represent more specific identifiers for which a credential is being requested. For example, the array could contain identifiers
/// [m.example.com, example.com] with the first item representing the more specifc service that requires a credential.
/// If the array of service identifiers is empty, it is expected that the credential list should still show credentials that the user can pick from.
#[unsafe(method(prepareOneTimeCodeCredentialListForServiceIdentifiers:))]
#[unsafe(method_family = none)]
pub unsafe fn prepareOneTimeCodeCredentialListForServiceIdentifiers(
&self,
service_identifiers: &NSArray<ASCredentialServiceIdentifier>,
);
#[cfg(feature = "ASPasswordCredentialIdentity")]
/// Attempt to provide the user-requested credential without any user interaction.
///
/// Parameter `credentialIdentity`: the credential identity for which a credential should be provided.
///
/// After the user selects a credential identity, the system may ask your extension to provide the credential without showing any
/// user interface if possible to enhance the user experience. If your extension can accomplish this (for example, the user’s passwords database is
/// still unlocked from a recent interaction), call -[ASCredentialProviderExtensionContext completeRequestWithSelectedCredential:completionHandler:]
/// to provide the credential.
/// If an error occurs, call -[ASCredentialProviderExtensionContext cancelRequestWithError:] and pass an error with domain
/// ASExtensionErrorDomain and an appropriate error code from ASExtensionErrorCode. For example, if your extension requires user interaction
/// because the passwords database needs to be unlocked, pass an error with code ASExtensionErrorCodeUserInteractionRequired.
///
/// Note: When this method is called, your extension's view controller is not present on the screen. Do not attempt or expect to show any user
/// interface in this method.
#[deprecated]
#[unsafe(method(provideCredentialWithoutUserInteractionForIdentity:))]
#[unsafe(method_family = none)]
pub unsafe fn provideCredentialWithoutUserInteractionForIdentity(
&self,
credential_identity: &ASPasswordCredentialIdentity,
);
#[cfg(feature = "ASCredentialRequest")]
/// Attempt to provide the user-requested credential without any user interaction.
///
/// After the user selects a credential identity, the system will create a credential request, the contents of
/// which will depend on whether the credential to use is a password or passkey. The request type will match
/// the type of credential that was requested. Refer to `ASPasswordCredentialRequest`,
/// `ASPasskeyCredentialRequest`, and `ASOneTimeCodeCredentialRequest` for details.
///
/// The system may ask your extension to provide the credential without showing any user interface if possible
/// to enhance the user experience. If your extension can accomplish this (for example, the user’s passwords
/// database is still unlocked from a recent interaction), call `-[ASCredentialProviderExtensionContext completeRequestWithSelectedCredential:completionHandler:]`
/// for password credentials, `-[ASCredentialProviderExtensionContext completeAssertionRequestWithSelectedPasskeyCredential:completionHandler:]` for passkey credentials,
/// or `-[ASCredentialProviderExtensionContext completeOneTimeCodeRequestWithSelectedCredential:completionHandler:]` for one time code credentials.
/// If an error occurs, call `-[ASCredentialProviderExtensionContext cancelRequestWithError:]`
/// and pass an error with domain `ASExtensionErrorDomain` and an appropriate error code from
/// `ASExtensionErrorCode`. For example, if your extension requires user interaction because the
/// passwords database needs to be unlocked, pass an error with code `ASExtensionErrorCodeUserInteractionRequired`.
///
/// In order for your extension to be presented in the list of options for passkey assertion requests, your
/// extension needs to specify a true value for the Information Property List key `ProvidesPasskeys`
/// under the `ASCredentialProviderExtensionCapabilities` dictionary.
///
/// Info.plist
/// ├─ NSExtension
/// ├─ NSExtensionAttributes
/// ├─ ASCredentialProviderExtensionCapabilities
/// ├─ ProvidesPasskeys => true
///
/// Similarly, your extension needs to specify a true value for the Information Property List key `ProvidesOneTimeCodes`
/// under the `ASCredentialProviderExtensionCapabilities` dictionary in order to be presented in
/// the list of options for one time code requests.
///
/// - Note: When this method is called, your extension's view controller is not present on the screen. Do not
/// attempt or expect to show any user interface in this method.
///
/// - Parameter credentialRequest: The credential request for which a credential should be provided.
#[unsafe(method(provideCredentialWithoutUserInteractionForRequest:))]
#[unsafe(method_family = none)]
pub unsafe fn provideCredentialWithoutUserInteractionForRequest(
&self,
credential_request: &ProtocolObject<dyn ASCredentialRequest>,
);
#[cfg(feature = "ASPasswordCredentialIdentity")]
/// Prepare the view controller to show user interface for providing the user-requested credential.
///
/// Parameter `credentialIdentity`: the credential identity for which a credential should be provided.
///
/// The system calls this method when your extension cannot provide the requested credential without user interaction.
/// Set up the view controller for any user interaction required to provide the requested credential only. The user interaction should
/// be limited in nature to operations required for providing the requested credential. An example is showing an authentication UI to
/// unlock the user's passwords database.
/// Call -[ASCredentialProviderExtensionContext completeRequestWithSelectedCredential:completionHandler:] to provide the credential.
/// If an error occurs, call -[ASCredentialProviderExtensionContext cancelRequestWithError:] and pass an error with domain
/// ASExtensionErrorDomain and an appropriate error code from ASExtensionErrorCode. For example, if the credential identity cannot
/// be found in the database, pass an error with code ASExtensionErrorCodeCredentialIdentityNotFound.
#[deprecated]
#[unsafe(method(prepareInterfaceToProvideCredentialForIdentity:))]
#[unsafe(method_family = none)]
pub unsafe fn prepareInterfaceToProvideCredentialForIdentity(
&self,
credential_identity: &ASPasswordCredentialIdentity,
);
#[cfg(feature = "ASCredentialRequest")]
/// Prepare the view controller to show user interface for providing the user-requested credential.
///
/// Parameter `credentialRequest`: the credential request for which a credential should be provided.
///
/// The system calls this method when your extension cannot provide the requested credential without user interaction.
/// Set up the view controller for any user interaction required to provide the requested credential only. The user interaction should
/// be limited in nature to operations required for providing the requested credential. An example is showing an authentication UI to
/// unlock the user's passwords database.
/// Call -[ASCredentialProviderExtensionContext completeRequestWithSelectedCredential:completionHandler:] for password credentials or
/// -[ASCredentialProviderExtensionContext completeAssertionRequestWithSelectedPasskeyCredential:completionHandler:] for passkey credentials.
/// If an error occurs, call -[ASCredentialProviderExtensionContext cancelRequestWithError:] and pass an error with domain
/// ASExtensionErrorDomain and an appropriate error code from ASExtensionErrorCode. For example, if the credential identity cannot
/// be found in the database, pass an error with code ASExtensionErrorCodeCredentialIdentityNotFound.
#[unsafe(method(prepareInterfaceToProvideCredentialForRequest:))]
#[unsafe(method_family = none)]
pub unsafe fn prepareInterfaceToProvideCredentialForRequest(
&self,
credential_request: &ProtocolObject<dyn ASCredentialRequest>,
);
/// Prepare the view controller to show user interface when the user enables your extension.
///
/// The system calls this method after your extension is enabled by the user in Settings. You can
/// use this method to give the user a chance to configure the extension or to provide credential identities
/// to the system. After the configuration is done, call -[ASCredentialProviderExtensionContext completeExtensionConfigurationRequest].
///
/// Note: This method only gets called if your extension supports this functionality by specifying
/// "ASCredentialProviderExtensionShowsConfigurationUI": YES in its extension attributes.
#[unsafe(method(prepareInterfaceForExtensionConfiguration))]
#[unsafe(method_family = none)]
pub unsafe fn prepareInterfaceForExtensionConfiguration(&self);
#[cfg(feature = "ASCredentialRequest")]
/// Prepare UI to register a passkey for the specified relying party.
///
/// The system calls this method when the user selects your extension to use for creating a passkey. In order
/// for your extension to be presented in the list of options for passkey registration requests, your extension
/// needs to specify a true value for the Information Property List key `ProvidesPasskeys` under the
/// `ASCredentialProviderExtensionCapabilities` dictionary.
///
/// Info.plist
/// ├─ NSExtension
/// ├─ NSExtensionAttributes
/// ├─ ASCredentialProviderExtensionCapabilities
/// ├─ ProvidesPasskeys => true
///
/// This method will present your extension's UI for user authentication before creating the passkey. Once the
/// passkey is created, your extension should call `-[ASCredentialProviderExtensionContext completeRegistrationRequestWithSelectedPasskeyCredential:completionHandler:]`
/// with the newly created ASPasskeyCredential object. If an error occurs, call
/// `-[ASCredentialProviderExtensionContext cancelRequestWithError:]` and pass an
/// error with domain `ASExtensionErrorDomain` and an appropriate error code from `ASExtensionErrorCode`.
///
/// - Parameter registrationRequest: The passkey registration request parameters needed to
/// register a new passkey.
#[unsafe(method(prepareInterfaceForPasskeyRegistration:))]
#[unsafe(method_family = none)]
pub unsafe fn prepareInterfaceForPasskeyRegistration(
&self,
registration_request: &ProtocolObject<dyn ASCredentialRequest>,
);
#[cfg(feature = "ASPasskeyCredentialRequest")]
/// Perform a conditional passkey registration, if possible.
///
/// This method will be called for handling conditional passkey registration requests. A conditional passkey registration request allows
/// your extension to opportunistically register passkeys in the background, if and only if you believe the user is in a good state to do
/// so. Your extension decides can decide what conditions make sense for whether to fulfill or reject this request. For example, an
/// extension may decide to register a passkey only if all of the following conditions are met:
/// - The user's vault is currently unlocked.
/// - The user name for the registration request matches that for an existing saved password.
/// - The matching saved password was filled recently.
/// - The user does not already have a passkey for this account.
///
/// Fulfilling this request should not remove a user's saved password for this account, but it may mean that the passkey will be
/// preferred over the password in future AutoFill invocations, if both are supported.
///
/// Your extension should complete this request by calling `-[ASCredentialProviderExtensionContext completeRegistrationRequestWithSelectedPasskeyCredential:completionHandler:]`
/// or`-[ASCredentialProviderExtensionContext cancelRequestWithError:]`, like for standard registration requests.
/// However, this request is not allowed to show UI and `ASExtensionErrorCodeUserInteractionRequired` will be treated
/// like any other error. The intent of this API is to provide a method of performing a background registration only where easy and
/// convenient, so no blocking UI or error should ever be shown.
///
/// To indicate support for this feature, add `SupportsConditionalPasskeyRegistration` under the
/// `ASCredentialProviderExtensionCapabilities` dictionary.
///
/// Info.plist
/// ├─ NSExtension
/// ├─ NSExtensionAttributes
/// ├─ ASCredentialProviderExtensionCapabilities
/// ├─ SupportsConditionalPasskeyRegistration => true
#[unsafe(method(performPasskeyRegistrationWithoutUserInteractionIfPossible:))]
#[unsafe(method_family = none)]
pub unsafe fn performPasskeyRegistrationWithoutUserInteractionIfPossible(
&self,
registration_request: &ASPasskeyCredentialRequest,
);
/// Receive report when a relying party indicates that a passkey's user name was updated.
///
/// This method will be called for handling passkey updates when a relying party reports an update using the `ASCredentialUpdater` API.
/// This update should be handled in the background, so no blocking UI or error should ever be shown.
///
/// - Parameter relyingParty: Relying party (website) that the crendential is saved for.
/// - Parameter userHandle: User identifier.
/// - Parameter newName: The new user name for the credential.
///
/// To indicate support for this feature, add `SupportsCredentialUpdate` under the
/// `ASCredentialProviderExtensionCapabilities` dictionary.
///
/// Info.plist
/// ├─ NSExtension
/// ├─ NSExtensionAttributes
/// ├─ ASCredentialProviderExtensionCapabilities
/// ├─ SupportsCredentialUpdate => true
#[unsafe(method(reportPublicKeyCredentialUpdateForRelyingParty:userHandle:newName:))]
#[unsafe(method_family = none)]
pub unsafe fn reportPublicKeyCredentialUpdateForRelyingParty_userHandle_newName(
&self,
relying_party: &NSString,
user_handle: &NSData,
new_name: &NSString,
);
/// Receive report when a relying party indicates an invalid passkey credential.
///
/// This method will be called for handling passkey updates when a relying party reports the credential is no longer valid using the `ASCredentialUpdater` API.
/// You may hide or remove this credential.
/// This update should be handled in the background, so no blocking UI or error should ever be shown.
///
/// - Parameter relyingParty: Relying party (website) that the crendential is saved for.
/// - Parameter credentialID: An identifier that uniquely identifies the passkey.
///
/// To indicate support for this feature, add `SupportsCredentialUpdate` under the
/// `ASCredentialProviderExtensionCapabilities` dictionary.
///
/// Info.plist
/// ├─ NSExtension
/// ├─ NSExtensionAttributes
/// ├─ ASCredentialProviderExtensionCapabilities
/// ├─ SupportsCredentialUpdate => true
#[unsafe(method(reportUnknownPublicKeyCredentialForRelyingParty:credentialID:))]
#[unsafe(method_family = none)]
pub unsafe fn reportUnknownPublicKeyCredentialForRelyingParty_credentialID(
&self,
relying_party: &NSString,
credential_id: &NSData,
);
/// Receive report when relying party sends a snapshot of all the accepted credentials for an account.
///
/// This method will be called for handling passkey updates when a relying party sends a list of accepted credentials using the `ASCredentialUpdater` API.
/// You may hide or remove any credential not present in the accepted credentials list.
/// This update should be handled in the background, so no blocking UI or error should ever be shown.
///
/// - Parameter relyingParty: Relying party (website) that the crendential is saved for.
/// - Parameter userHandle: User identifier.
/// - Parameter acceptedCredentialIDs: An array of identifiers that uniquely identifies the accepted credentials.
///
/// To indicate support for this feature, add `SupportsCredentialUpdate` under the
/// `ASCredentialProviderExtensionCapabilities` dictionary.
///
/// Info.plist
/// ├─ NSExtension
/// ├─ NSExtensionAttributes
/// ├─ ASCredentialProviderExtensionCapabilities
/// ├─ SupportsCredentialUpdate => true
#[unsafe(method(reportAllAcceptedPublicKeyCredentialsForRelyingParty:userHandle:acceptedCredentialIDs:))]
#[unsafe(method_family = none)]
pub unsafe fn reportAllAcceptedPublicKeyCredentialsForRelyingParty_userHandle_acceptedCredentialIDs(
&self,
relying_party: &NSString,
user_handle: &NSData,
accepted_credential_i_ds: &NSArray<NSData>,
);
/// Receive report when relying party indicates a password credential is no longer needed for a given user name.
///
/// This method will be called for handling password credential updates when a relying party indicates a password is no longer needed using the `ASCredentialUpdater` API.
/// You may hide or remove the credential.
/// This update should be handled in the background, so no blocking UI or error should ever be shown.
///
/// - Parameter domain: The website domain that the credential is saved for.
/// - Parameter userName: The account user name.
///
/// To indicate support for this feature, add `SupportsCredentialUpdate` under the
/// `ASCredentialProviderExtensionCapabilities` dictionary.
///
/// Info.plist
/// ├─ NSExtension
/// ├─ NSExtensionAttributes
/// ├─ ASCredentialProviderExtensionCapabilities
/// ├─ SupportsCredentialUpdate => true
#[unsafe(method(reportUnusedPasswordCredentialForDomain:userName:))]
#[unsafe(method_family = none)]
pub unsafe fn reportUnusedPasswordCredentialForDomain_userName(
&self,
domain: &NSString,
user_name: &NSString,
);
);
}
/// Methods declared on superclass `NSViewController`.
#[cfg(target_os = "macos")]
impl ASCredentialProviderViewController {
extern_methods!(
#[unsafe(method(initWithNibName:bundle:))]
#[unsafe(method_family = init)]
pub unsafe fn initWithNibName_bundle(
this: Allocated<Self>,
nib_name_or_nil: Option<&NSNibName>,
nib_bundle_or_nil: Option<&NSBundle>,
) -> Retained<Self>;
/// # Safety
///
/// `coder` possibly has further requirements.
#[unsafe(method(initWithCoder:))]
#[unsafe(method_family = init)]
pub unsafe fn initWithCoder(
this: Allocated<Self>,
coder: &NSCoder,
) -> Option<Retained<Self>>;
);
}
/// Methods declared on superclass `NSResponder`.
#[cfg(target_os = "macos")]
impl ASCredentialProviderViewController {
extern_methods!(
#[unsafe(method(init))]
#[unsafe(method_family = init)]
pub unsafe fn init(this: Allocated<Self>) -> Retained<Self>;
);
}
/// Methods declared on superclass `NSObject`.
#[cfg(target_os = "macos")]
impl ASCredentialProviderViewController {
extern_methods!(
#[unsafe(method(new))]
#[unsafe(method_family = new)]
pub unsafe fn new(mtm: MainThreadMarker) -> Retained<Self>;
);
}