objc2_authentication_services/generated/
ASAuthorizationProviderExtensionLoginConfiguration.rs

1//! This file has been automatically generated by `objc2`'s `header-translator`.
2//! DO NOT EDIT
3use core::ffi::*;
4use core::ptr::NonNull;
5use objc2::__framework_prelude::*;
6use objc2_foundation::*;
7#[cfg(feature = "objc2-security")]
8use objc2_security::*;
9
10use crate::*;
11
12extern_class!(
13    /// [Apple's documentation](https://developer.apple.com/documentation/authenticationservices/asauthorizationproviderextensionkerberosmapping?language=objc)
14    #[unsafe(super(NSObject))]
15    #[derive(Debug, PartialEq, Eq, Hash)]
16    pub struct ASAuthorizationProviderExtensionKerberosMapping;
17);
18
19extern_conformance!(
20    unsafe impl NSObjectProtocol for ASAuthorizationProviderExtensionKerberosMapping {}
21);
22
23impl ASAuthorizationProviderExtensionKerberosMapping {
24    extern_methods!(
25        /// The keypath in the response JSON that uses this set of mappings.
26        ///
27        /// If the response tokens from login contain this keypath, then the mapping in this class will be used to create a Kerberos ticket. The expected response is a JSON dictionary with the supplied key names.
28        #[unsafe(method(ticketKeyPath))]
29        #[unsafe(method_family = none)]
30        pub unsafe fn ticketKeyPath(&self) -> Option<Retained<NSString>>;
31
32        /// Setter for [`ticketKeyPath`][Self::ticketKeyPath].
33        #[unsafe(method(setTicketKeyPath:))]
34        #[unsafe(method_family = none)]
35        pub unsafe fn setTicketKeyPath(&self, ticket_key_path: Option<&NSString>);
36
37        /// The key name that contains the base64 encoded kerberos AS-REP string.
38        #[unsafe(method(messageBufferKeyName))]
39        #[unsafe(method_family = none)]
40        pub unsafe fn messageBufferKeyName(&self) -> Option<Retained<NSString>>;
41
42        /// Setter for [`messageBufferKeyName`][Self::messageBufferKeyName].
43        #[unsafe(method(setMessageBufferKeyName:))]
44        #[unsafe(method_family = none)]
45        pub unsafe fn setMessageBufferKeyName(&self, message_buffer_key_name: Option<&NSString>);
46
47        /// The key name that contains the Kerberos Realm string.
48        #[unsafe(method(realmKeyName))]
49        #[unsafe(method_family = none)]
50        pub unsafe fn realmKeyName(&self) -> Option<Retained<NSString>>;
51
52        /// Setter for [`realmKeyName`][Self::realmKeyName].
53        #[unsafe(method(setRealmKeyName:))]
54        #[unsafe(method_family = none)]
55        pub unsafe fn setRealmKeyName(&self, realm_key_name: Option<&NSString>);
56
57        /// The key name that contains the Kerberos service name string.
58        #[unsafe(method(serviceNameKeyName))]
59        #[unsafe(method_family = none)]
60        pub unsafe fn serviceNameKeyName(&self) -> Option<Retained<NSString>>;
61
62        /// Setter for [`serviceNameKeyName`][Self::serviceNameKeyName].
63        #[unsafe(method(setServiceNameKeyName:))]
64        #[unsafe(method_family = none)]
65        pub unsafe fn setServiceNameKeyName(&self, service_name_key_name: Option<&NSString>);
66
67        /// The key name that contains the Kerberos client name string.
68        #[unsafe(method(clientNameKeyName))]
69        #[unsafe(method_family = none)]
70        pub unsafe fn clientNameKeyName(&self) -> Option<Retained<NSString>>;
71
72        /// Setter for [`clientNameKeyName`][Self::clientNameKeyName].
73        #[unsafe(method(setClientNameKeyName:))]
74        #[unsafe(method_family = none)]
75        pub unsafe fn setClientNameKeyName(&self, client_name_key_name: Option<&NSString>);
76
77        /// The key name that contains the Kerberos session key type number.
78        ///
79        /// The value for this key should be the correct encryption type per RFC3962, section 7 for the session key.
80        #[unsafe(method(encryptionKeyTypeKeyName))]
81        #[unsafe(method_family = none)]
82        pub unsafe fn encryptionKeyTypeKeyName(&self) -> Option<Retained<NSString>>;
83
84        /// Setter for [`encryptionKeyTypeKeyName`][Self::encryptionKeyTypeKeyName].
85        #[unsafe(method(setEncryptionKeyTypeKeyName:))]
86        #[unsafe(method_family = none)]
87        pub unsafe fn setEncryptionKeyTypeKeyName(
88            &self,
89            encryption_key_type_key_name: Option<&NSString>,
90        );
91
92        /// The key name that contains the Kerberos session key.
93        #[unsafe(method(sessionKeyKeyName))]
94        #[unsafe(method_family = none)]
95        pub unsafe fn sessionKeyKeyName(&self) -> Option<Retained<NSString>>;
96
97        /// Setter for [`sessionKeyKeyName`][Self::sessionKeyKeyName].
98        #[unsafe(method(setSessionKeyKeyName:))]
99        #[unsafe(method_family = none)]
100        pub unsafe fn setSessionKeyKeyName(&self, session_key_key_name: Option<&NSString>);
101    );
102}
103
104/// Methods declared on superclass `NSObject`.
105impl ASAuthorizationProviderExtensionKerberosMapping {
106    extern_methods!(
107        #[unsafe(method(init))]
108        #[unsafe(method_family = init)]
109        pub unsafe fn init(this: Allocated<Self>) -> Retained<Self>;
110
111        #[unsafe(method(new))]
112        #[unsafe(method_family = new)]
113        pub unsafe fn new() -> Retained<Self>;
114    );
115}
116
117/// [Apple's documentation](https://developer.apple.com/documentation/authenticationservices/asauthorizationproviderextensionfederationtype?language=objc)
118// NS_ENUM
119#[repr(transparent)]
120#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord)]
121pub struct ASAuthorizationProviderExtensionFederationType(pub NSInteger);
122impl ASAuthorizationProviderExtensionFederationType {
123    #[doc(alias = "ASAuthorizationProviderExtensionFederationTypeNone")]
124    pub const None: Self = Self(0);
125    #[doc(alias = "ASAuthorizationProviderExtensionFederationTypeWSTrust")]
126    pub const WSTrust: Self = Self(1);
127    #[doc(alias = "ASAuthorizationProviderExtensionFederationTypeDynamicWSTrust")]
128    pub const DynamicWSTrust: Self = Self(2);
129}
130
131unsafe impl Encode for ASAuthorizationProviderExtensionFederationType {
132    const ENCODING: Encoding = NSInteger::ENCODING;
133}
134
135unsafe impl RefEncode for ASAuthorizationProviderExtensionFederationType {
136    const ENCODING_REF: Encoding = Encoding::Pointer(&Self::ENCODING);
137}
138
139/// [Apple's documentation](https://developer.apple.com/documentation/authenticationservices/asauthorizationproviderextensionusersecureenclavekeybiometricpolicy?language=objc)
140// NS_OPTIONS
141#[repr(transparent)]
142#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord)]
143pub struct ASAuthorizationProviderExtensionUserSecureEnclaveKeyBiometricPolicy(pub NSUInteger);
144bitflags::bitflags! {
145    impl ASAuthorizationProviderExtensionUserSecureEnclaveKeyBiometricPolicy: NSUInteger {
146        #[doc(alias = "ASAuthorizationProviderExtensionUserSecureEnclaveKeyBiometricPolicyNone")]
147        const None = 0;
148        #[doc(alias = "ASAuthorizationProviderExtensionUserSecureEnclaveKeyBiometricPolicyTouchIDOrWatchCurrentSet")]
149        const TouchIDOrWatchCurrentSet = 1<<0;
150        #[doc(alias = "ASAuthorizationProviderExtensionUserSecureEnclaveKeyBiometricPolicyTouchIDOrWatchAny")]
151        const TouchIDOrWatchAny = 1<<1;
152        #[doc(alias = "ASAuthorizationProviderExtensionUserSecureEnclaveKeyBiometricPolicyReuseDuringUnlock")]
153        const ReuseDuringUnlock = 1<<2;
154        #[doc(alias = "ASAuthorizationProviderExtensionUserSecureEnclaveKeyBiometricPolicyPasswordFallback")]
155        const PasswordFallback = 1<<3;
156    }
157}
158
159unsafe impl Encode for ASAuthorizationProviderExtensionUserSecureEnclaveKeyBiometricPolicy {
160    const ENCODING: Encoding = NSUInteger::ENCODING;
161}
162
163unsafe impl RefEncode for ASAuthorizationProviderExtensionUserSecureEnclaveKeyBiometricPolicy {
164    const ENCODING_REF: Encoding = Encoding::Pointer(&Self::ENCODING);
165}
166
167/// [Apple's documentation](https://developer.apple.com/documentation/authenticationservices/asauthorizationproviderextensionencryptionalgorithm?language=objc)
168// NS_TYPED_EXTENSIBLE_ENUM
169pub type ASAuthorizationProviderExtensionEncryptionAlgorithm = NSNumber;
170
171extern "C" {
172    /// A encryption algorithm that uses NIST P-256 elliptic curve key agreement, ConcatKDF key derivation
173    /// with a 256-bit digest, and the Advanced Encryption Standard cipher in Galois/Counter Mode with a key length of 256 bits.
174    ///
175    /// See also [Apple's documentation](https://developer.apple.com/documentation/authenticationservices/asauthorizationproviderextensionencryptionalgorithmecdhe_a256gcm?language=objc)
176    pub static ASAuthorizationProviderExtensionEncryptionAlgorithmECDHE_A256GCM:
177        &'static ASAuthorizationProviderExtensionEncryptionAlgorithm;
178}
179
180extern "C" {
181    /// A cipher suite for HPKE that uses NIST P-256 elliptic curve key agreement, SHA-2 key derivation
182    /// with a 256-bit digest, and the Advanced Encryption Standard cipher in Galois/Counter Mode with a key length of 256 bits.
183    ///
184    /// See also [Apple's documentation](https://developer.apple.com/documentation/authenticationservices/asauthorizationproviderextensionencryptionalgorithmhpke_p256_sha256_aes_gcm_256?language=objc)
185    pub static ASAuthorizationProviderExtensionEncryptionAlgorithmHPKE_P256_SHA256_AES_GCM_256:
186        &'static ASAuthorizationProviderExtensionEncryptionAlgorithm;
187}
188
189extern "C" {
190    /// A cipher suite that you use for HPKE using NIST P-384 elliptic curve key agreement, SHA-2 key derivation
191    /// with a 384-bit digest, and the Advanced Encryption Standard cipher in Galois/Counter Mode with a key length of 256 bits.
192    ///
193    /// See also [Apple's documentation](https://developer.apple.com/documentation/authenticationservices/asauthorizationproviderextensionencryptionalgorithmhpke_p384_sha384_aes_gcm_256?language=objc)
194    pub static ASAuthorizationProviderExtensionEncryptionAlgorithmHPKE_P384_SHA384_AES_GCM_256:
195        &'static ASAuthorizationProviderExtensionEncryptionAlgorithm;
196}
197
198extern "C" {
199    /// A cipher suite for HPKE that uses X25519 elliptic curve key agreement, SHA-2 key derivation
200    /// with a 256-bit digest, and the ChaCha20 stream cipher with the Poly1305 message authentication code.
201    ///
202    /// See also [Apple's documentation](https://developer.apple.com/documentation/authenticationservices/asauthorizationproviderextensionencryptionalgorithmhpke_curve25519_sha256_chachapoly?language=objc)
203    pub static ASAuthorizationProviderExtensionEncryptionAlgorithmHPKE_Curve25519_SHA256_ChachaPoly:
204        &'static ASAuthorizationProviderExtensionEncryptionAlgorithm;
205}
206
207/// [Apple's documentation](https://developer.apple.com/documentation/authenticationservices/asauthorizationproviderextensionsigningalgorithm?language=objc)
208// NS_TYPED_EXTENSIBLE_ENUM
209pub type ASAuthorizationProviderExtensionSigningAlgorithm = NSNumber;
210
211extern "C" {
212    /// [Apple's documentation](https://developer.apple.com/documentation/authenticationservices/asauthorizationproviderextensionsigningalgorithmes256?language=objc)
213    pub static ASAuthorizationProviderExtensionSigningAlgorithmES256:
214        &'static ASAuthorizationProviderExtensionSigningAlgorithm;
215}
216
217extern "C" {
218    /// [Apple's documentation](https://developer.apple.com/documentation/authenticationservices/asauthorizationproviderextensionsigningalgorithmes384?language=objc)
219    pub static ASAuthorizationProviderExtensionSigningAlgorithmES384:
220        &'static ASAuthorizationProviderExtensionSigningAlgorithm;
221}
222
223extern "C" {
224    /// [Apple's documentation](https://developer.apple.com/documentation/authenticationservices/asauthorizationproviderextensionsigningalgorithmed25519?language=objc)
225    pub static ASAuthorizationProviderExtensionSigningAlgorithmEd25519:
226        &'static ASAuthorizationProviderExtensionSigningAlgorithm;
227}
228
229extern_class!(
230    /// [Apple's documentation](https://developer.apple.com/documentation/authenticationservices/asauthorizationproviderextensionloginconfiguration?language=objc)
231    #[unsafe(super(NSObject))]
232    #[derive(Debug, PartialEq, Eq, Hash)]
233    pub struct ASAuthorizationProviderExtensionLoginConfiguration;
234);
235
236extern_conformance!(
237    unsafe impl NSObjectProtocol for ASAuthorizationProviderExtensionLoginConfiguration {}
238);
239
240impl ASAuthorizationProviderExtensionLoginConfiguration {
241    extern_methods!(
242        #[unsafe(method(new))]
243        #[unsafe(method_family = new)]
244        pub unsafe fn new() -> Retained<Self>;
245
246        #[unsafe(method(init))]
247        #[unsafe(method_family = init)]
248        pub unsafe fn init(this: Allocated<Self>) -> Retained<Self>;
249
250        /// Initializes an ASAuthorizationProviderExtensionLoginConfiguration class with the required values.
251        ///
252        /// Parameter `clientID`: The client_id for the Apple platform SSO login at the identity provider.
253        ///
254        /// Parameter `issuer`: The issuer for the requests, used to validate responses.
255        ///
256        /// Parameter `tokenEndpointURL`: The token endpoint at the idP for login.
257        ///
258        /// Parameter `jwksEndpointURL`: The JWKS URL at the idP for validating tokens.
259        ///
260        /// Parameter `audience`: The audience used for signed assertions.  This should be the tenent at the idP.
261        ///
262        /// Returns: An instance of a ASAuthorizationProviderExtensionLoginConfiguration.
263        #[unsafe(method(initWithClientID:issuer:tokenEndpointURL:jwksEndpointURL:audience:))]
264        #[unsafe(method_family = init)]
265        pub unsafe fn initWithClientID_issuer_tokenEndpointURL_jwksEndpointURL_audience(
266            this: Allocated<Self>,
267            client_id: &NSString,
268            issuer: &NSString,
269            token_endpoint_url: &NSURL,
270            jwks_endpoint_url: &NSURL,
271            audience: Option<&NSString>,
272        ) -> Retained<Self>;
273
274        #[cfg(feature = "block2")]
275        /// Creates a login configuration using the OpenID configuration.
276        ///
277        /// Parameter `openIDConfigurationURL`: The base URL to load the .well-known/openid-configuration.
278        ///
279        /// Parameter `clientID`: The client_id for the Apple platform SSO login at the identity provider.
280        ///
281        /// Parameter `issuer`: The issuer for the requests, used to validate responses.
282        ///
283        /// Parameter `completion`: The completion called when it is complete or the error.
284        #[unsafe(method(configurationWithOpenIDConfigurationURL:clientID:issuer:completion:))]
285        #[unsafe(method_family = none)]
286        pub unsafe fn configurationWithOpenIDConfigurationURL_clientID_issuer_completion(
287            open_id_configuration_url: &NSURL,
288            client_id: &NSString,
289            issuer: Option<&NSString>,
290            completion: &block2::DynBlock<
291                dyn Fn(*mut ASAuthorizationProviderExtensionLoginConfiguration, *mut NSError),
292            >,
293        );
294
295        /// Predicate string used to identify invalid credential errors.
296        ///
297        /// If there is an HTTP 400 or HTTP 401 error when authenticating, this predicate will be used on the response body JSON to determine if the error is due to an invalid password or something else.  If nil, then only an HTTP 401 will be used for an invalid credential.
298        #[unsafe(method(invalidCredentialPredicate))]
299        #[unsafe(method_family = none)]
300        pub unsafe fn invalidCredentialPredicate(&self) -> Option<Retained<NSString>>;
301
302        /// Setter for [`invalidCredentialPredicate`][Self::invalidCredentialPredicate].
303        #[unsafe(method(setInvalidCredentialPredicate:))]
304        #[unsafe(method_family = none)]
305        pub unsafe fn setInvalidCredentialPredicate(
306            &self,
307            invalid_credential_predicate: Option<&NSString>,
308        );
309
310        /// The display name for the account.  Used for notifications and login prompts.
311        #[unsafe(method(accountDisplayName))]
312        #[unsafe(method_family = none)]
313        pub unsafe fn accountDisplayName(&self) -> Option<Retained<NSString>>;
314
315        /// Setter for [`accountDisplayName`][Self::accountDisplayName].
316        #[unsafe(method(setAccountDisplayName:))]
317        #[unsafe(method_family = none)]
318        pub unsafe fn setAccountDisplayName(&self, account_display_name: Option<&NSString>);
319
320        /// The login client_id.
321        #[unsafe(method(clientID))]
322        #[unsafe(method_family = none)]
323        pub unsafe fn clientID(&self) -> Retained<NSString>;
324
325        /// The issuer for validation.
326        #[unsafe(method(issuer))]
327        #[unsafe(method_family = none)]
328        pub unsafe fn issuer(&self) -> Retained<NSString>;
329
330        /// The audience for validation and requests.
331        #[unsafe(method(audience))]
332        #[unsafe(method_family = none)]
333        pub unsafe fn audience(&self) -> Retained<NSString>;
334
335        /// Setter for [`audience`][Self::audience].
336        #[unsafe(method(setAudience:))]
337        #[unsafe(method_family = none)]
338        pub unsafe fn setAudience(&self, audience: &NSString);
339
340        /// Token Endpoint URL for login request.
341        #[unsafe(method(tokenEndpointURL))]
342        #[unsafe(method_family = none)]
343        pub unsafe fn tokenEndpointURL(&self) -> Retained<NSURL>;
344
345        /// Setter for [`tokenEndpointURL`][Self::tokenEndpointURL].
346        #[unsafe(method(setTokenEndpointURL:))]
347        #[unsafe(method_family = none)]
348        pub unsafe fn setTokenEndpointURL(&self, token_endpoint_url: &NSURL);
349
350        /// JWKS Endpoint URL for keys.
351        #[unsafe(method(jwksEndpointURL))]
352        #[unsafe(method_family = none)]
353        pub unsafe fn jwksEndpointURL(&self) -> Retained<NSURL>;
354
355        /// Setter for [`jwksEndpointURL`][Self::jwksEndpointURL].
356        #[unsafe(method(setJwksEndpointURL:))]
357        #[unsafe(method_family = none)]
358        pub unsafe fn setJwksEndpointURL(&self, jwks_endpoint_url: &NSURL);
359
360        /// The root certificates to use for trust evaluation of jwks keys.
361        ///
362        /// if set, certificates will be required in jwks responses and evaluated using the supplied certificates.  If the jwks certificates are missing or fail trust evaluation the login will fail.
363        #[unsafe(method(jwksTrustedRootCertificates))]
364        #[unsafe(method_family = none)]
365        pub unsafe fn jwksTrustedRootCertificates(&self) -> Retained<NSArray>;
366
367        /// Setter for [`jwksTrustedRootCertificates`][Self::jwksTrustedRootCertificates].
368        #[unsafe(method(setJwksTrustedRootCertificates:))]
369        #[unsafe(method_family = none)]
370        pub unsafe fn setJwksTrustedRootCertificates(
371            &self,
372            jwks_trusted_root_certificates: &NSArray,
373        );
374
375        /// The device context for storing device meta data.
376        #[unsafe(method(deviceContext))]
377        #[unsafe(method_family = none)]
378        pub unsafe fn deviceContext(&self) -> Option<Retained<NSData>>;
379
380        /// Setter for [`deviceContext`][Self::deviceContext].
381        #[unsafe(method(setDeviceContext:))]
382        #[unsafe(method_family = none)]
383        pub unsafe fn setDeviceContext(&self, device_context: Option<&NSData>);
384
385        /// The biometric policy for User Secure Enclave Key authentication.
386        #[unsafe(method(userSecureEnclaveKeyBiometricPolicy))]
387        #[unsafe(method_family = none)]
388        pub unsafe fn userSecureEnclaveKeyBiometricPolicy(
389            &self,
390        ) -> ASAuthorizationProviderExtensionUserSecureEnclaveKeyBiometricPolicy;
391
392        /// Setter for [`userSecureEnclaveKeyBiometricPolicy`][Self::userSecureEnclaveKeyBiometricPolicy].
393        #[unsafe(method(setUserSecureEnclaveKeyBiometricPolicy:))]
394        #[unsafe(method_family = none)]
395        pub unsafe fn setUserSecureEnclaveKeyBiometricPolicy(
396            &self,
397            user_secure_enclave_key_biometric_policy: ASAuthorizationProviderExtensionUserSecureEnclaveKeyBiometricPolicy,
398        );
399
400        /// Nonce Endpoint URL, defaults to token tokenEndpointURL.
401        #[unsafe(method(nonceEndpointURL))]
402        #[unsafe(method_family = none)]
403        pub unsafe fn nonceEndpointURL(&self) -> Retained<NSURL>;
404
405        /// Setter for [`nonceEndpointURL`][Self::nonceEndpointURL].
406        #[unsafe(method(setNonceEndpointURL:))]
407        #[unsafe(method_family = none)]
408        pub unsafe fn setNonceEndpointURL(&self, nonce_endpoint_url: &NSURL);
409
410        /// The keypath in the nonce response that contains the nonce value.
411        #[unsafe(method(nonceResponseKeypath))]
412        #[unsafe(method_family = none)]
413        pub unsafe fn nonceResponseKeypath(&self) -> Retained<NSString>;
414
415        /// Setter for [`nonceResponseKeypath`][Self::nonceResponseKeypath].
416        #[unsafe(method(setNonceResponseKeypath:))]
417        #[unsafe(method_family = none)]
418        pub unsafe fn setNonceResponseKeypath(&self, nonce_response_keypath: &NSString);
419
420        /// The name of the server nonce claim when included in authentication requests.
421        #[unsafe(method(serverNonceClaimName))]
422        #[unsafe(method_family = none)]
423        pub unsafe fn serverNonceClaimName(&self) -> Retained<NSString>;
424
425        /// Setter for [`serverNonceClaimName`][Self::serverNonceClaimName].
426        #[unsafe(method(setServerNonceClaimName:))]
427        #[unsafe(method_family = none)]
428        pub unsafe fn setServerNonceClaimName(&self, server_nonce_claim_name: &NSString);
429
430        /// Custom values added to the server nonce POST request body.
431        #[unsafe(method(customNonceRequestValues))]
432        #[unsafe(method_family = none)]
433        pub unsafe fn customNonceRequestValues(&self) -> Retained<NSArray<NSURLQueryItem>>;
434
435        /// Setter for [`customNonceRequestValues`][Self::customNonceRequestValues].
436        #[unsafe(method(setCustomNonceRequestValues:))]
437        #[unsafe(method_family = none)]
438        pub unsafe fn setCustomNonceRequestValues(
439            &self,
440            custom_nonce_request_values: &NSArray<NSURLQueryItem>,
441        );
442
443        /// Sets custom claims to be added to the embedded assertion request header.
444        ///
445        /// Parameter `claims`: The claims to be added. It must serialize as valid JSON to be accepted.
446        ///
447        /// Parameter `error`: Nil or an NSError indicating why the claims were rejected.
448        ///
449        /// Returns: YES when successful and NO when claims are rejected.
450        #[unsafe(method(setCustomAssertionRequestHeaderClaims:returningError:_))]
451        #[unsafe(method_family = none)]
452        pub unsafe fn setCustomAssertionRequestHeaderClaims_returningError(
453            &self,
454            claims: &NSDictionary<NSString, AnyObject>,
455        ) -> Result<(), Retained<NSError>>;
456
457        /// Sets custom claims to be added to the embedded assertion request body.
458        ///
459        /// Parameter `claims`: The claims to be added. It must serialize as valid JSON to be accepted.
460        ///
461        /// Parameter `error`: Nil or an NSError indicating why the claims were rejected.
462        ///
463        /// Returns: YES when successful and NO when claims are rejected.
464        #[unsafe(method(setCustomAssertionRequestBodyClaims:returningError:_))]
465        #[unsafe(method_family = none)]
466        pub unsafe fn setCustomAssertionRequestBodyClaims_returningError(
467            &self,
468            claims: &NSDictionary<NSString, AnyObject>,
469        ) -> Result<(), Retained<NSError>>;
470
471        /// Additional login scopes.
472        #[unsafe(method(additionalScopes))]
473        #[unsafe(method_family = none)]
474        pub unsafe fn additionalScopes(&self) -> Retained<NSString>;
475
476        /// Setter for [`additionalScopes`][Self::additionalScopes].
477        #[unsafe(method(setAdditionalScopes:))]
478        #[unsafe(method_family = none)]
479        pub unsafe fn setAdditionalScopes(&self, additional_scopes: &NSString);
480
481        /// Additional authorization scopes.
482        #[unsafe(method(additionalAuthorizationScopes))]
483        #[unsafe(method_family = none)]
484        pub unsafe fn additionalAuthorizationScopes(&self) -> Option<Retained<NSString>>;
485
486        /// Setter for [`additionalAuthorizationScopes`][Self::additionalAuthorizationScopes].
487        #[unsafe(method(setAdditionalAuthorizationScopes:))]
488        #[unsafe(method_family = none)]
489        pub unsafe fn setAdditionalAuthorizationScopes(
490            &self,
491            additional_authorization_scopes: Option<&NSString>,
492        );
493
494        /// If true and there is a refresh token for the user in the SSO tokens, it will be included in the login request.
495        #[unsafe(method(includePreviousRefreshTokenInLoginRequest))]
496        #[unsafe(method_family = none)]
497        pub unsafe fn includePreviousRefreshTokenInLoginRequest(&self) -> bool;
498
499        /// Setter for [`includePreviousRefreshTokenInLoginRequest`][Self::includePreviousRefreshTokenInLoginRequest].
500        #[unsafe(method(setIncludePreviousRefreshTokenInLoginRequest:))]
501        #[unsafe(method_family = none)]
502        pub unsafe fn setIncludePreviousRefreshTokenInLoginRequest(
503            &self,
504            include_previous_refresh_token_in_login_request: bool,
505        );
506
507        /// The claim name for the previous SSO token value in the login request.
508        #[unsafe(method(previousRefreshTokenClaimName))]
509        #[unsafe(method_family = none)]
510        pub unsafe fn previousRefreshTokenClaimName(&self) -> Retained<NSString>;
511
512        /// Setter for [`previousRefreshTokenClaimName`][Self::previousRefreshTokenClaimName].
513        #[unsafe(method(setPreviousRefreshTokenClaimName:))]
514        #[unsafe(method_family = none)]
515        pub unsafe fn setPreviousRefreshTokenClaimName(
516            &self,
517            previous_refresh_token_claim_name: &NSString,
518        );
519
520        /// The request parameter name for the JWT.  The default is "assertion".
521        #[unsafe(method(customRequestJWTParameterName))]
522        #[unsafe(method_family = none)]
523        pub unsafe fn customRequestJWTParameterName(&self) -> Option<Retained<NSString>>;
524
525        /// Setter for [`customRequestJWTParameterName`][Self::customRequestJWTParameterName].
526        #[unsafe(method(setCustomRequestJWTParameterName:))]
527        #[unsafe(method_family = none)]
528        pub unsafe fn setCustomRequestJWTParameterName(
529            &self,
530            custom_request_jwt_parameter_name: Option<&NSString>,
531        );
532
533        /// Custom values added to the login POST request body.
534        #[unsafe(method(customLoginRequestValues))]
535        #[unsafe(method_family = none)]
536        pub unsafe fn customLoginRequestValues(&self) -> Retained<NSArray<NSURLQueryItem>>;
537
538        /// Setter for [`customLoginRequestValues`][Self::customLoginRequestValues].
539        #[unsafe(method(setCustomLoginRequestValues:))]
540        #[unsafe(method_family = none)]
541        pub unsafe fn setCustomLoginRequestValues(
542            &self,
543            custom_login_request_values: &NSArray<NSURLQueryItem>,
544        );
545
546        /// Sets custom claims to be added to the login request header.
547        ///
548        /// Parameter `claims`: The claims to be added. It must serialize as valid JSON to be accepted.
549        ///
550        /// Parameter `error`: Nil or an NSError indicating why the claims were rejected.
551        ///
552        /// Returns: YES when successful and NO when claims are rejected.
553        #[unsafe(method(setCustomLoginRequestHeaderClaims:returningError:_))]
554        #[unsafe(method_family = none)]
555        pub unsafe fn setCustomLoginRequestHeaderClaims_returningError(
556            &self,
557            claims: &NSDictionary<NSString, AnyObject>,
558        ) -> Result<(), Retained<NSError>>;
559
560        /// Sets custom claims to be added to the login request body.
561        ///
562        /// Parameter `claims`: The claims to be added. It must serialize as valid JSON to be accepted.
563        ///
564        /// Parameter `error`: Nil or an NSError indicating why the claims were rejected.
565        ///
566        /// Returns: YES when successful and NO when claims are rejected.
567        #[unsafe(method(setCustomLoginRequestBodyClaims:returningError:_))]
568        #[unsafe(method_family = none)]
569        pub unsafe fn setCustomLoginRequestBodyClaims_returningError(
570            &self,
571            claims: &NSDictionary<NSString, AnyObject>,
572        ) -> Result<(), Retained<NSError>>;
573
574        /// The claim name for the user unique identifier in the id token. Defaults to "sub".
575        #[unsafe(method(uniqueIdentifierClaimName))]
576        #[unsafe(method_family = none)]
577        pub unsafe fn uniqueIdentifierClaimName(&self) -> Option<Retained<NSString>>;
578
579        /// Setter for [`uniqueIdentifierClaimName`][Self::uniqueIdentifierClaimName].
580        #[unsafe(method(setUniqueIdentifierClaimName:))]
581        #[unsafe(method_family = none)]
582        pub unsafe fn setUniqueIdentifierClaimName(
583            &self,
584            unique_identifier_claim_name: Option<&NSString>,
585        );
586
587        /// The claim name for group membership request.
588        #[unsafe(method(groupRequestClaimName))]
589        #[unsafe(method_family = none)]
590        pub unsafe fn groupRequestClaimName(&self) -> Option<Retained<NSString>>;
591
592        /// Setter for [`groupRequestClaimName`][Self::groupRequestClaimName].
593        #[unsafe(method(setGroupRequestClaimName:))]
594        #[unsafe(method_family = none)]
595        pub unsafe fn setGroupRequestClaimName(&self, group_request_claim_name: Option<&NSString>);
596
597        /// The claim name for group responses in the id_token.
598        #[unsafe(method(groupResponseClaimName))]
599        #[unsafe(method_family = none)]
600        pub unsafe fn groupResponseClaimName(&self) -> Option<Retained<NSString>>;
601
602        /// Setter for [`groupResponseClaimName`][Self::groupResponseClaimName].
603        #[unsafe(method(setGroupResponseClaimName:))]
604        #[unsafe(method_family = none)]
605        pub unsafe fn setGroupResponseClaimName(
606            &self,
607            group_response_claim_name: Option<&NSString>,
608        );
609
610        /// The Kerberos ticket mappings to use.
611        #[unsafe(method(kerberosTicketMappings))]
612        #[unsafe(method_family = none)]
613        pub unsafe fn kerberosTicketMappings(
614            &self,
615        ) -> Retained<NSArray<ASAuthorizationProviderExtensionKerberosMapping>>;
616
617        /// Setter for [`kerberosTicketMappings`][Self::kerberosTicketMappings].
618        #[unsafe(method(setKerberosTicketMappings:))]
619        #[unsafe(method_family = none)]
620        pub unsafe fn setKerberosTicketMappings(
621            &self,
622            kerberos_ticket_mappings: &NSArray<ASAuthorizationProviderExtensionKerberosMapping>,
623        );
624
625        /// Token Refresh Endpoint URL for login request.  Defaults to the tokenEndpointURL.
626        #[unsafe(method(refreshEndpointURL))]
627        #[unsafe(method_family = none)]
628        pub unsafe fn refreshEndpointURL(&self) -> Option<Retained<NSURL>>;
629
630        /// Setter for [`refreshEndpointURL`][Self::refreshEndpointURL].
631        #[unsafe(method(setRefreshEndpointURL:))]
632        #[unsafe(method_family = none)]
633        pub unsafe fn setRefreshEndpointURL(&self, refresh_endpoint_url: Option<&NSURL>);
634
635        /// Custom values added to the refresh POST request body.
636        #[unsafe(method(customRefreshRequestValues))]
637        #[unsafe(method_family = none)]
638        pub unsafe fn customRefreshRequestValues(&self) -> Retained<NSArray<NSURLQueryItem>>;
639
640        /// Setter for [`customRefreshRequestValues`][Self::customRefreshRequestValues].
641        #[unsafe(method(setCustomRefreshRequestValues:))]
642        #[unsafe(method_family = none)]
643        pub unsafe fn setCustomRefreshRequestValues(
644            &self,
645            custom_refresh_request_values: &NSArray<NSURLQueryItem>,
646        );
647
648        /// Sets custom claims to be added to the refresh request header.
649        ///
650        /// Parameter `claims`: The claims to be added. It must serialize as valid JSON to be accepted.
651        ///
652        /// Parameter `error`: Nil or an NSError indicating why the claims were rejected.
653        ///
654        /// Returns: YES when successful and NO when claims are rejected.
655        #[unsafe(method(setCustomRefreshRequestHeaderClaims:returningError:_))]
656        #[unsafe(method_family = none)]
657        pub unsafe fn setCustomRefreshRequestHeaderClaims_returningError(
658            &self,
659            claims: &NSDictionary<NSString, AnyObject>,
660        ) -> Result<(), Retained<NSError>>;
661
662        /// Sets custom claims to be added to the refresh request bode.
663        ///
664        /// Parameter `claims`: The claims to be added. It must serialize as valid JSON to be accepted.
665        ///
666        /// Parameter `error`: Nil or an NSError indicating why the claims were rejected.
667        ///
668        /// Returns: YES when successful and NO when claims are rejected.
669        #[unsafe(method(setCustomRefreshRequestBodyClaims:returningError:_))]
670        #[unsafe(method_family = none)]
671        pub unsafe fn setCustomRefreshRequestBodyClaims_returningError(
672            &self,
673            claims: &NSDictionary<NSString, AnyObject>,
674        ) -> Result<(), Retained<NSError>>;
675
676        /// The federation method to use.
677        #[unsafe(method(federationType))]
678        #[unsafe(method_family = none)]
679        pub unsafe fn federationType(&self) -> ASAuthorizationProviderExtensionFederationType;
680
681        /// Setter for [`federationType`][Self::federationType].
682        #[unsafe(method(setFederationType:))]
683        #[unsafe(method_family = none)]
684        pub unsafe fn setFederationType(
685            &self,
686            federation_type: ASAuthorizationProviderExtensionFederationType,
687        );
688
689        /// The URN to request when performing a federated login.
690        #[unsafe(method(federationRequestURN))]
691        #[unsafe(method_family = none)]
692        pub unsafe fn federationRequestURN(&self) -> Option<Retained<NSString>>;
693
694        /// Setter for [`federationRequestURN`][Self::federationRequestURN].
695        #[unsafe(method(setFederationRequestURN:))]
696        #[unsafe(method_family = none)]
697        pub unsafe fn setFederationRequestURN(&self, federation_request_urn: Option<&NSString>);
698
699        /// The federation MEX URL to use.  This can be overwritten when using dynamic federation.
700        #[unsafe(method(federationMEXURL))]
701        #[unsafe(method_family = none)]
702        pub unsafe fn federationMEXURL(&self) -> Option<Retained<NSURL>>;
703
704        /// Setter for [`federationMEXURL`][Self::federationMEXURL].
705        #[unsafe(method(setFederationMEXURL:))]
706        #[unsafe(method_family = none)]
707        pub unsafe fn setFederationMEXURL(&self, federation_mexurl: Option<&NSURL>);
708
709        /// The URL to use when performing dynamic federation.
710        #[unsafe(method(federationUserPreauthenticationURL))]
711        #[unsafe(method_family = none)]
712        pub unsafe fn federationUserPreauthenticationURL(&self) -> Option<Retained<NSURL>>;
713
714        /// Setter for [`federationUserPreauthenticationURL`][Self::federationUserPreauthenticationURL].
715        #[unsafe(method(setFederationUserPreauthenticationURL:))]
716        #[unsafe(method_family = none)]
717        pub unsafe fn setFederationUserPreauthenticationURL(
718            &self,
719            federation_user_preauthentication_url: Option<&NSURL>,
720        );
721
722        /// The claim in the preauthentication response that contains the MEX URL.
723        #[unsafe(method(federationMEXURLKeypath))]
724        #[unsafe(method_family = none)]
725        pub unsafe fn federationMEXURLKeypath(&self) -> Option<Retained<NSString>>;
726
727        /// Setter for [`federationMEXURLKeypath`][Self::federationMEXURLKeypath].
728        #[unsafe(method(setFederationMEXURLKeypath:))]
729        #[unsafe(method_family = none)]
730        pub unsafe fn setFederationMEXURLKeypath(
731            &self,
732            federation_mexurl_keypath: Option<&NSString>,
733        );
734
735        /// The predicate to apply to the preauthentication response to perform federation or not.
736        #[unsafe(method(federationPredicate))]
737        #[unsafe(method_family = none)]
738        pub unsafe fn federationPredicate(&self) -> Option<Retained<NSString>>;
739
740        /// Setter for [`federationPredicate`][Self::federationPredicate].
741        #[unsafe(method(setFederationPredicate:))]
742        #[unsafe(method_family = none)]
743        pub unsafe fn setFederationPredicate(&self, federation_predicate: Option<&NSString>);
744
745        /// The custom query string values to add when making the preauthenticaion request.
746        #[unsafe(method(customFederationUserPreauthenticationRequestValues))]
747        #[unsafe(method_family = none)]
748        pub unsafe fn customFederationUserPreauthenticationRequestValues(
749            &self,
750        ) -> Retained<NSArray<NSURLQueryItem>>;
751
752        /// Setter for [`customFederationUserPreauthenticationRequestValues`][Self::customFederationUserPreauthenticationRequestValues].
753        #[unsafe(method(setCustomFederationUserPreauthenticationRequestValues:))]
754        #[unsafe(method_family = none)]
755        pub unsafe fn setCustomFederationUserPreauthenticationRequestValues(
756            &self,
757            custom_federation_user_preauthentication_request_values: &NSArray<NSURLQueryItem>,
758        );
759
760        #[cfg(feature = "objc2-security")]
761        /// The public key to use for encrypting the embedded login assertion.
762        ///
763        /// Only applies to password authentication.  If set, the password will encrypted in an embedded assertion instead of the login request itself.
764        #[unsafe(method(loginRequestEncryptionPublicKey))]
765        #[unsafe(method_family = none)]
766        pub unsafe fn loginRequestEncryptionPublicKey(&self) -> Option<Retained<SecKey>>;
767
768        #[cfg(feature = "objc2-security")]
769        /// Setter for [`loginRequestEncryptionPublicKey`][Self::loginRequestEncryptionPublicKey].
770        #[unsafe(method(setLoginRequestEncryptionPublicKey:))]
771        #[unsafe(method_family = none)]
772        pub unsafe fn setLoginRequestEncryptionPublicKey(
773            &self,
774            login_request_encryption_public_key: Option<&SecKey>,
775        );
776
777        /// The APV prefix used for encrypted embedded login assertions.
778        #[unsafe(method(loginRequestEncryptionAPVPrefix))]
779        #[unsafe(method_family = none)]
780        pub unsafe fn loginRequestEncryptionAPVPrefix(&self) -> Option<Retained<NSData>>;
781
782        /// Setter for [`loginRequestEncryptionAPVPrefix`][Self::loginRequestEncryptionAPVPrefix].
783        #[unsafe(method(setLoginRequestEncryptionAPVPrefix:))]
784        #[unsafe(method_family = none)]
785        pub unsafe fn setLoginRequestEncryptionAPVPrefix(
786            &self,
787            login_request_encryption_apv_prefix: Option<&NSData>,
788        );
789
790        /// The encryption algorithm to use for the embedded login assertion.
791        #[unsafe(method(loginRequestEncryptionAlgorithm))]
792        #[unsafe(method_family = none)]
793        pub unsafe fn loginRequestEncryptionAlgorithm(
794            &self,
795        ) -> Retained<ASAuthorizationProviderExtensionEncryptionAlgorithm>;
796
797        /// Setter for [`loginRequestEncryptionAlgorithm`][Self::loginRequestEncryptionAlgorithm].
798        #[unsafe(method(setLoginRequestEncryptionAlgorithm:))]
799        #[unsafe(method_family = none)]
800        pub unsafe fn setLoginRequestEncryptionAlgorithm(
801            &self,
802            login_request_encryption_algorithm: &ASAuthorizationProviderExtensionEncryptionAlgorithm,
803        );
804
805        /// The PreSharedKey to be used for HKPE for embedded login assertions. Setting this value will change the mode to PSK if the loginRequestHPKEPreSharedKeyID is also set. Must be at least 32 bytes.
806        #[unsafe(method(loginRequestHPKEPreSharedKey))]
807        #[unsafe(method_family = none)]
808        pub unsafe fn loginRequestHPKEPreSharedKey(&self) -> Option<Retained<NSData>>;
809
810        /// Setter for [`loginRequestHPKEPreSharedKey`][Self::loginRequestHPKEPreSharedKey].
811        #[unsafe(method(setLoginRequestHPKEPreSharedKey:))]
812        #[unsafe(method_family = none)]
813        pub unsafe fn setLoginRequestHPKEPreSharedKey(
814            &self,
815            login_request_hpke_pre_shared_key: Option<&NSData>,
816        );
817
818        /// The PreSharedKey Id to be used for HPKE PSK for embedded login assertions.  This is required if the loginRequestHPKEPreSharedKey is set.
819        #[unsafe(method(loginRequestHPKEPreSharedKeyID))]
820        #[unsafe(method_family = none)]
821        pub unsafe fn loginRequestHPKEPreSharedKeyID(&self) -> Option<Retained<NSData>>;
822
823        /// Setter for [`loginRequestHPKEPreSharedKeyID`][Self::loginRequestHPKEPreSharedKeyID].
824        #[unsafe(method(setLoginRequestHPKEPreSharedKeyID:))]
825        #[unsafe(method_family = none)]
826        pub unsafe fn setLoginRequestHPKEPreSharedKeyID(
827            &self,
828            login_request_hpke_pre_shared_key_id: Option<&NSData>,
829        );
830
831        /// The url endpoint for key service, defaults to token tokenEndpointURL.
832        #[unsafe(method(keyEndpointURL))]
833        #[unsafe(method_family = none)]
834        pub unsafe fn keyEndpointURL(&self) -> Option<Retained<NSURL>>;
835
836        /// Setter for [`keyEndpointURL`][Self::keyEndpointURL].
837        #[unsafe(method(setKeyEndpointURL:))]
838        #[unsafe(method_family = none)]
839        pub unsafe fn setKeyEndpointURL(&self, key_endpoint_url: Option<&NSURL>);
840
841        /// Custom values added to the key exchange POST request body.
842        #[unsafe(method(customKeyExchangeRequestValues))]
843        #[unsafe(method_family = none)]
844        pub unsafe fn customKeyExchangeRequestValues(&self) -> Retained<NSArray<NSURLQueryItem>>;
845
846        /// Setter for [`customKeyExchangeRequestValues`][Self::customKeyExchangeRequestValues].
847        #[unsafe(method(setCustomKeyExchangeRequestValues:))]
848        #[unsafe(method_family = none)]
849        pub unsafe fn setCustomKeyExchangeRequestValues(
850            &self,
851            custom_key_exchange_request_values: &NSArray<NSURLQueryItem>,
852        );
853
854        /// Sets custom claims to be added to the key exchange request header.
855        ///
856        /// Parameter `claims`: The claims to be added. It must serialize as valid JSON to be accepted.
857        ///
858        /// Parameter `error`: Nil or an NSError indicating why the claims were rejected.
859        ///
860        /// Returns: YES when successful and NO when claims are rejected.
861        #[unsafe(method(setCustomKeyExchangeRequestHeaderClaims:returningError:_))]
862        #[unsafe(method_family = none)]
863        pub unsafe fn setCustomKeyExchangeRequestHeaderClaims_returningError(
864            &self,
865            claims: &NSDictionary<NSString, AnyObject>,
866        ) -> Result<(), Retained<NSError>>;
867
868        /// Sets custom claims to be added to the key exchange request body.
869        ///
870        /// Parameter `claims`: The claims to be added. It must serialize as valid JSON to be accepted.
871        ///
872        /// Parameter `error`: Nil or an NSError indicating why the claims were rejected.
873        ///
874        /// Returns: YES when successful and NO when claims are rejected.
875        #[unsafe(method(setCustomKeyExchangeRequestBodyClaims:returningError:_))]
876        #[unsafe(method_family = none)]
877        pub unsafe fn setCustomKeyExchangeRequestBodyClaims_returningError(
878            &self,
879            claims: &NSDictionary<NSString, AnyObject>,
880        ) -> Result<(), Retained<NSError>>;
881
882        /// Custom values added to the key request POST request body.
883        #[unsafe(method(customKeyRequestValues))]
884        #[unsafe(method_family = none)]
885        pub unsafe fn customKeyRequestValues(&self) -> Retained<NSArray<NSURLQueryItem>>;
886
887        /// Setter for [`customKeyRequestValues`][Self::customKeyRequestValues].
888        #[unsafe(method(setCustomKeyRequestValues:))]
889        #[unsafe(method_family = none)]
890        pub unsafe fn setCustomKeyRequestValues(
891            &self,
892            custom_key_request_values: &NSArray<NSURLQueryItem>,
893        );
894
895        /// Sets custom claims to be added to the key request header.
896        ///
897        /// Parameter `claims`: The claims to be added. It must serialize as valid JSON to be accepted.
898        ///
899        /// Parameter `error`: Nil or an NSError indicating why the claims were rejected.
900        ///
901        /// Returns: YES when successful and NO when claims are rejected.
902        #[unsafe(method(setCustomKeyRequestHeaderClaims:returningError:_))]
903        #[unsafe(method_family = none)]
904        pub unsafe fn setCustomKeyRequestHeaderClaims_returningError(
905            &self,
906            claims: &NSDictionary<NSString, AnyObject>,
907        ) -> Result<(), Retained<NSError>>;
908
909        /// Sets custom claims to be added to the key request body.
910        ///
911        /// Parameter `claims`: The claims to be added. It must serialize as valid JSON to be accepted.
912        ///
913        /// Parameter `error`: Nil or an NSError indicating why the claims were rejected.
914        ///
915        /// Returns: YES when successful and NO when claims are rejected.
916        #[unsafe(method(setCustomKeyRequestBodyClaims:returningError:_))]
917        #[unsafe(method_family = none)]
918        pub unsafe fn setCustomKeyRequestBodyClaims_returningError(
919            &self,
920            claims: &NSDictionary<NSString, AnyObject>,
921        ) -> Result<(), Retained<NSError>>;
922
923        /// The PreSharedKey to be used for HKPE. Setting this value will change the mode to PSK or AuthPSK if the hpkeAuthPublicKey is also set. Must be at least 32 bytes.
924        #[unsafe(method(hpkePreSharedKey))]
925        #[unsafe(method_family = none)]
926        pub unsafe fn hpkePreSharedKey(&self) -> Option<Retained<NSData>>;
927
928        /// Setter for [`hpkePreSharedKey`][Self::hpkePreSharedKey].
929        #[unsafe(method(setHpkePreSharedKey:))]
930        #[unsafe(method_family = none)]
931        pub unsafe fn setHpkePreSharedKey(&self, hpke_pre_shared_key: Option<&NSData>);
932
933        /// The PreSharedKey Id to be used for HPKE PSK or AuthPSK mode.  This is requred if the hpkePreSharedKey is set.
934        #[unsafe(method(hpkePreSharedKeyID))]
935        #[unsafe(method_family = none)]
936        pub unsafe fn hpkePreSharedKeyID(&self) -> Option<Retained<NSData>>;
937
938        /// Setter for [`hpkePreSharedKeyID`][Self::hpkePreSharedKeyID].
939        #[unsafe(method(setHpkePreSharedKeyID:))]
940        #[unsafe(method_family = none)]
941        pub unsafe fn setHpkePreSharedKeyID(&self, hpke_pre_shared_key_id: Option<&NSData>);
942
943        #[cfg(feature = "objc2-security")]
944        /// The Authentication public key to be used for HPKE.  Setting this value with changet the mode to Auth or AuthPSK if the hpkePreSharedKey is also set.  This public key is used to authenticate HPKE responses.
945        #[unsafe(method(hpkeAuthPublicKey))]
946        #[unsafe(method_family = none)]
947        pub unsafe fn hpkeAuthPublicKey(&self) -> Option<Retained<SecKey>>;
948
949        #[cfg(feature = "objc2-security")]
950        /// Setter for [`hpkeAuthPublicKey`][Self::hpkeAuthPublicKey].
951        #[unsafe(method(setHpkeAuthPublicKey:))]
952        #[unsafe(method_family = none)]
953        pub unsafe fn setHpkeAuthPublicKey(&self, hpke_auth_public_key: Option<&SecKey>);
954    );
955}