Struct PublicKeyCredentialCreationOptions 

pub struct PublicKeyCredentialCreationOptions {
    pub rp: PublicKeyCredentialRpEntity,
    pub user: PublicKeyCredentialUserEntity,
    pub challenge: Bytes,
    pub pub_key_cred_params: Vec<PublicKeyCredentialParameters>,
    pub timeout: Option<u32>,
    pub exclude_credentials: Option<Vec<PublicKeyCredentialDescriptor>>,
    pub authenticator_selection: Option<AuthenticatorSelectionCriteria>,
    pub hints: Option<Vec<PublicKeyCredentialHints>>,
    pub attestation: AttestationConveyancePreference,
    pub attestation_formats: Option<Vec<AttestationStatementFormatIdentifiers>>,
    pub extensions: Option<AuthenticationExtensionsClientInputs>,
}

This defines the request for creating a PublicKeyCredential.

https://w3c.github.io/webauthn/#dictdef-publickeycredentialcreationoptions

Fields

rp: PublicKeyCredentialRpEntity

This member contains a name and an identifier for the Relying Party responsible for the request.

user: PublicKeyCredentialUserEntity

This member contains names and an identifier for the user account performing the registration.

The value’s PublicKeyCredentialUserEntity::id can be returned as the AuthenticatorAssertionResponse::user_handle in some future authentication ceremonies. It is also used to overwrite existing discoverable credentials that have the same PublicKeyCredentialRpEntity::id and PublicKeyCredentialUserEntity::id on the same authenticator.

challenge: Bytes

This member specifies a challenge that the authenticator signs, along with other data, when producing an AttestedCredentialData for the newly created credential.

See the Cryptographic Challenges security consideration.

pub_key_cred_params: Vec<PublicKeyCredentialParameters>

This member lists the key types and signature algorithms the Relying Party supports, ordered from most preferred to least preferred. The client and authenticator make a best-effort to create a credential of the most preferred type possible. If none of the listed types can be created, the create() operation MUST fail.

Relying Parties that wish to support a wide range of authenticators SHOULD include at least the following COSEAlgorithmIdentifier values:

• Ed25519
• ES256
• RS256

Additional signature algorithms can be included as needed.

timeout: Option<u32>

This OPTIONAL member specifies a time, in milliseconds, that the Relying Party is willing to wait for the call to complete. This is treated as a hint, and MAY be overridden by the client.

exclude_credentials: Option<Vec<PublicKeyCredentialDescriptor>>

The Relying Party SHOULD use this OPTIONAL member to list any existing credentials mapped to this user account (as identified by PublicKeyCredentialUserEntity::id). This ensures that the new credential is not created on an authenticator that already contains a credential mapped to this user account. If it would be, the client is requested to instead guide the user to use a different authenticator, or return an error if that fails.

authenticator_selection: Option<AuthenticatorSelectionCriteria>

The Relying Party MAY use this OPTIONAL member to specify capabilities and settings that the authenticator MUST or SHOULD satisfy to participate in the create() operation.

For more information see AuthenticatorSelectionCriteria.

hints: Option<Vec<PublicKeyCredentialHints>>

This OPTIONAL member contains zero or more elements from PublicKeyCredentialHints` to guide the user agent in interacting with the user.

This field ignores unknown hint values at deserialization.

attestation: AttestationConveyancePreference

The Relying Party MAY use this OPTIONAL member to specify a preference regarding attestation conveyance. Its value SHOULD be a member of AttestationConveyancePreference. Client platforms MUST ignore unknown values, treating an unknown value as if the member does not exist, therefore acting as the default value.

The default value is AttestationConveyancePreference::None

attestation_formats: Option<Vec<AttestationStatementFormatIdentifiers>>

The Relying Party MAY use this OPTIONAL member to specify a preference regarding the attestation statement format used by the authenticator. Values SHOULD be taken from the IANA “WebAuthn Attestation Statement Format Identifiers” registry IANA-WebAuthn-Registries established by RFC8809. Values are ordered from most preferable to least preferable. This parameter is advisory and the authenticator MAY use an attestation statement not enumerated in this parameter.

The default value is the empty list, which indicates no preference.

extensions: Option<AuthenticationExtensionsClientInputs>

The Relying Party MAY use this OPTIONAL member to provide client extension inputs requesting additional processing by the client and authenticator. For example, the Relying Party may request that the client returns additional information about the credential that was created.

Trait Implementations

impl Debug for PublicKeyCredentialCreationOptions

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for PublicKeyCredentialCreationOptions

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Serialize for PublicKeyCredentialCreationOptions

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.