Enum webauthn_rs::proto::UserVerificationPolicy[][src]

pub enum UserVerificationPolicy {
    Required,
    Preferred_DO_NOT_USE,
    Discouraged,
}
Expand description

Defines the User Authenticator Verification policy. This is documented https://w3c.github.io/webauthn/#enumdef-userverificationrequirement, and each variant lists it’s effects.

To be clear, Verification means that the Authenticator perform extra or supplementary interaction with the user to verify who they are. An example of this is Apple Touch Id required a fingerprint to be verified, or a yubico device requiring a pin in addition to a touch event.

An example of a non-verified interaction is a yubico device with no pin where touch is the only interaction - we only verify a user is present, but we don’t have extra details to the legitimacy of that user.

As UserVerificationPolicy is only used in credential registration, this stores the verification state of the credential in the persisted credential. These persisted credentials define which UserVerificationPolicy is issued during authentications.

Variants

Required

Require User Verification bit to be set, and fail the registration or authentication if false. If the authenticator is not able to perform verification, it may not be usable with this policy.

Preferred_DO_NOT_USE

Prefer User Verification bit to be set if possible - if not the credential will be considered “unverified”. We STRONGLY DISCOURAGE you from using this value, as it can easily lead to inconistent states and unclear verification policies around credentials. You should use either Required or Discouraged to clearly request your requirements.

Discouraged

Request that no verification is performed, and fail if it is. This is intended to minimise user interaction in workflows, but is potentially a security risk to use.

Trait Implementations

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

Formats the value using the given formatter. Read more

Returns the “default value” for a type. Read more

Deserialize this value from the given Serde deserializer. Read more

This method tests for self and other values to be equal, and is used by ==. Read more

This method tests for !=.

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Performs the conversion.

Performs the conversion.

The resulting type after obtaining ownership.

Creates owned data from borrowed data, usually by cloning. Read more

🔬 This is a nightly-only experimental API. (toowned_clone_into)

recently added

Uses borrowed data to replace owned data, usually by cloning. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.