credential_exchange_format/
credential_scope.rs

1use serde::{Deserialize, Serialize};
2
3use crate::{B64Url, Uri};
4
5/// This is an object that describes an appropriate context in which the [Item][crate::Item]'s
6/// [crate::Item::credentials] can to be used.
7#[derive(Clone, Debug, Serialize, Deserialize)]
8#[serde(rename_all = "camelCase")]
9pub struct CredentialScope {
10    /// This member holds strings which SHOULD follow the Uniform Resource Identifier (URI) syntax
11    /// as defined in [RFC3986](https://www.rfc-editor.org/rfc/rfc3986).
12    pub urls: Vec<Uri>,
13    /// This member defines the android apps that have been validated to be appropriate for the
14    /// credentials to be used.
15    pub android_apps: Vec<AndroidAppIdCredential>,
16}
17
18/// An [AndroidAppIdCredential] contains the information required to verify and identify an
19/// [Android](https://www.android.com/) application for automatically filling other credentials
20/// associated to the same [Item][crate::Item] as this one.
21#[derive(Clone, Debug, Serialize, Deserialize)]
22#[serde(rename_all = "camelCase")]
23pub struct AndroidAppIdCredential {
24    /// The application identifier. A non-normative example of an application identifier is
25    /// `"com.example.myapp"`.
26    pub bundle_id: String,
27    /// The fingerprint of the public certificate used to sign the android application. This member
28    /// is OPTIONAL but is highly recommended to be stored for validation during an autofill
29    /// operation.
30    #[serde(default, skip_serializing_if = "Option::is_none")]
31    pub certificate: Option<AndroidAppCertificateFingerprint>,
32    /// The [human-palatable](https://www.w3.org/TR/webauthn-3/#human-palatability) name for the
33    /// application, this can be fetched from the android system when associating the app to an
34    /// item. It is highly recommended for providers to store this name.
35    #[serde(default, skip_serializing_if = "Option::is_none")]
36    pub name: Option<String>,
37}
38
39#[derive(Clone, Debug, Serialize, Deserialize)]
40#[serde(rename_all = "camelCase")]
41pub struct AndroidAppCertificateFingerprint {
42    /// This is the hash of the application's public certificate using the hashing algorithm
43    /// defined in [AndroidAppCertificateFingerprint::hash_alg]. The bytes of the hash are
44    /// then encoded into base64url directly.
45    pub fingerprint: B64Url,
46    /// The algorithm used to hash the [AndroidAppCertificateFingerprint::fingerprint]. This SHOULD
47    /// be of value [AndroidAppHashAlgorithm].
48    pub hash_alg: AndroidAppHashAlgorithm,
49}
50
51#[derive(Clone, Debug, Serialize, Deserialize)]
52#[serde(rename_all = "lowercase")]
53#[non_exhaustive]
54pub enum AndroidAppHashAlgorithm {
55    Sha256,
56    Sha1,
57    #[serde(untagged)]
58    Other(String),
59}