Enum webauthn_rs::proto::UserVerificationPolicy [−][src]
pub enum UserVerificationPolicy {
Required,
Preferred_DO_NOT_USE,
Discouraged,
}
Expand description
Defines the User Authenticator Verification policy. This is documented https://w3c.github.io/webauthn/#enumdef-userverificationrequirement, and each variant lists it’s effects.
To be clear, Verification means that the Authenticator perform extra or supplementary interaction with the user to verify who they are. An example of this is Apple Touch Id required a fingerprint to be verified, or a yubico device requiring a pin in addition to a touch event.
An example of a non-verified interaction is a yubico device with no pin where touch is the only interaction - we only verify a user is present, but we don’t have extra details to the legitimacy of that user.
As UserVerificationPolicy is only used in credential registration, this stores the verification state of the credential in the persisted credential. These persisted credentials define which UserVerificationPolicy is issued during authentications.
Variants
Require User Verification bit to be set, and fail the registration or authentication if false. If the authenticator is not able to perform verification, it may not be usable with this policy.
Prefer User Verification bit to be set if possible - if not the credential will
be considered “unverified”. We STRONGLY DISCOURAGE you from using this value, as
it can easily lead to inconistent states and unclear verification policies around
credentials. You should use either Required
or Discouraged
to clearly
request your requirements.
Request that no verification is performed, and fail if it is. This is intended to minimise user interaction in workflows, but is potentially a security risk to use.
Trait Implementations
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
Auto Trait Implementations
impl RefUnwindSafe for UserVerificationPolicy
impl Send for UserVerificationPolicy
impl Sync for UserVerificationPolicy
impl Unpin for UserVerificationPolicy
impl UnwindSafe for UserVerificationPolicy
Blanket Implementations
Mutably borrows from an owned value. Read more