Trait CredentialManagementAuthenticator 

pub trait CredentialManagementAuthenticator {
    // Required methods
    fn check_credential_management_support(&self) -> Result<(), WebauthnCError>;
    fn get_credentials_metadata<'life0, 'async_trait>(
        &'life0 mut self,
    ) -> Pin<Box<dyn Future<Output = Result<CredentialStorageMetadata, WebauthnCError>> + Send + 'async_trait>>
       where Self: 'async_trait,
             'life0: 'async_trait;
    fn enumerate_rps<'life0, 'async_trait>(
        &'life0 mut self,
    ) -> Pin<Box<dyn Future<Output = Result<Vec<RelyingPartyCM>, WebauthnCError>> + Send + 'async_trait>>
       where Self: 'async_trait,
             'life0: 'async_trait;
    fn enumerate_credentials_by_hash<'life0, 'async_trait>(
        &'life0 mut self,
        rp_id_hash: SHA256Hash,
    ) -> Pin<Box<dyn Future<Output = Result<Vec<DiscoverableCredential>, WebauthnCError>> + Send + 'async_trait>>
       where Self: 'async_trait,
             'life0: 'async_trait;
    fn enumerate_credentials_by_rpid<'life0, 'life1, 'async_trait>(
        &'life0 mut self,
        rpid: &'life1 str,
    ) -> Pin<Box<dyn Future<Output = Result<Vec<DiscoverableCredential>, WebauthnCError>> + Send + 'async_trait>>
       where Self: 'async_trait,
             'life0: 'async_trait,
             'life1: 'async_trait;
    fn delete_credential<'life0, 'async_trait>(
        &'life0 mut self,
        credential_id: PublicKeyCredentialDescriptorCM,
    ) -> Pin<Box<dyn Future<Output = Result<(), WebauthnCError>> + Send + 'async_trait>>
       where Self: 'async_trait,
             'life0: 'async_trait;
}

Available on (crate features ctap2) and (crate features ctap2-management) only.

CTAP 2.1 and 2.1-PRE discoverable credential management commands.

All methods return WebauthnCError::NotSupported if the authenticator does not support credential management.

See also

• Ctap21Authenticator::update_credential_user()

Required Methods

fn check_credential_management_support(&self) -> Result<(), WebauthnCError>

Checks that the device supports credential management.

Returns WebauthnCError::NotSupported if the token does not support credential management.

fn get_credentials_metadata<'life0, 'async_trait>( &'life0 mut self, ) -> Pin<Box<dyn Future<Output = Result<CredentialStorageMetadata, WebauthnCError>> + Send + 'async_trait>>

where Self: 'async_trait, 'life0: 'async_trait,

Gets metadata about the authenticator’s discoverable credential storage.

See CredentialStorageMetadata for more details.

fn enumerate_rps<'life0, 'async_trait>( &'life0 mut self, ) -> Pin<Box<dyn Future<Output = Result<Vec<RelyingPartyCM>, WebauthnCError>> + Send + 'async_trait>>

where Self: 'async_trait, 'life0: 'async_trait,

Enumerates a list of all relying parties with discoverable credentials stored on this authenticator.

Note

To iterate over all credentials for a relying party, pass the RelyingPartyCM::hash to enumerate_credentials_by_hash.

RelyingPartyCM::id might be truncated by the authenticator.

fn enumerate_credentials_by_hash<'life0, 'async_trait>( &'life0 mut self, rp_id_hash: SHA256Hash, ) -> Pin<Box<dyn Future<Output = Result<Vec<DiscoverableCredential>, WebauthnCError>> + Send + 'async_trait>>

where Self: 'async_trait, 'life0: 'async_trait,

Enumerates all discoverable credentials on the authenticator for a relying party, by the SHA-256 hash of the relying party ID.

Note

This does not provide a “permissions RP ID” with the request, as it only works correctly with authenticators supporting the pinUvAuthToken feature.

fn enumerate_credentials_by_rpid<'life0, 'life1, 'async_trait>( &'life0 mut self, rpid: &'life1 str, ) -> Pin<Box<dyn Future<Output = Result<Vec<DiscoverableCredential>, WebauthnCError>> + Send + 'async_trait>>

where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait,

Enumerates all discoverable credentials on the authenticator for a relying party, by the relying party ID.

Note

This does not provide a “permissions RP ID” with the request, as it only works correctly with authenticators supporting the pinUvAuthToken feature.

fn delete_credential<'life0, 'async_trait>( &'life0 mut self, credential_id: PublicKeyCredentialDescriptorCM, ) -> Pin<Box<dyn Future<Output = Result<(), WebauthnCError>> + Send + 'async_trait>>

where Self: 'async_trait, 'life0: 'async_trait,

Deletes a discoverable credential from the authenticator.

Note

This does not provide a “permissions RP ID” with the request, as it only works correctly with authenticators supporting the pinUvAuthToken feature.

Warning

This does not garbage-collect associated large blob storage.

Implementors

impl<'a, K, T, U, R> CredentialManagementAuthenticator for T

where K: Token, T: CredentialManagementAuthenticatorInfo<U, RequestType = R> + Deref<Target = Ctap20Authenticator<'a, K, U>> + DerefMut<Target = Ctap20Authenticator<'a, K, U>>, U: UiCallback + 'a, R: CredentialManagementRequestTrait,

Implementation of credential management commands for Ctap21Authenticator and Ctap21PreAuthenticator.