• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1/*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16/**
17 * @file
18 * @kit UserAuthenticationKit
19 */
20
21import type { AsyncCallback } from './@ohos.base';
22
23/**
24 * User authentication
25 *
26 * @namespace userAuth
27 * @syscap SystemCapability.UserIAM.UserAuth.Core
28 * @since 6
29 */
30/**
31 * User authentication
32 *
33 * @namespace userAuth
34 * @syscap SystemCapability.UserIAM.UserAuth.Core
35 * @atomicservice
36 * @since 12
37 */
38declare namespace userAuth {
39  /**
40   * The maximum allowable reuse duration is 300000 milliseconds.
41   *
42   * @constant
43   * @syscap SystemCapability.UserIAM.UserAuth.Core
44   * @atomicservice
45   * @since 12
46   */
47  const MAX_ALLOWABLE_REUSE_DURATION: 300000;
48
49  /**
50   * Enum for authentication result.
51   *
52   * @enum { number }
53   * @syscap SystemCapability.UserIAM.UserAuth.Core
54   * @since 6
55   * @deprecated since 8
56   * @useinstead ohos.userIAM.userAuth.ResultCode
57   */
58  export enum AuthenticationResult {
59    /**
60     * Indicates that the device does not support authentication.
61     *
62     * @syscap SystemCapability.UserIAM.UserAuth.Core
63     * @since 6
64     * @deprecated since 8
65     */
66    NO_SUPPORT = -1,
67
68    /**
69     * Indicates that authentication is success.
70     *
71     * @syscap SystemCapability.UserIAM.UserAuth.Core
72     * @since 6
73     * @deprecated since 8
74     */
75    SUCCESS = 0,
76
77    /**
78     * Indicates the authenticator fails to identify user.
79     *
80     * @syscap SystemCapability.UserIAM.UserAuth.Core
81     * @since 6
82     * @deprecated since 8
83     */
84    COMPARE_FAILURE = 1,
85
86    /**
87     * Indicates that authentication has been canceled.
88     *
89     * @syscap SystemCapability.UserIAM.UserAuth.Core
90     * @since 6
91     * @deprecated since 8
92     */
93    CANCELED = 2,
94
95    /**
96     * Indicates that authentication has timed out.
97     *
98     * @syscap SystemCapability.UserIAM.UserAuth.Core
99     * @since 6
100     * @deprecated since 8
101     */
102    TIMEOUT = 3,
103
104    /**
105     * Indicates a failure to open the camera.
106     *
107     * @syscap SystemCapability.UserIAM.UserAuth.Core
108     * @since 6
109     * @deprecated since 8
110     */
111    CAMERA_FAIL = 4,
112
113    /**
114     * Indicates that the authentication task is busy. Wait for a few seconds and try again.
115     *
116     * @syscap SystemCapability.UserIAM.UserAuth.Core
117     * @since 6
118     * @deprecated since 8
119     */
120    BUSY = 5,
121
122    /**
123     * Indicates incorrect parameters.
124     *
125     * @syscap SystemCapability.UserIAM.UserAuth.Core
126     * @since 6
127     * @deprecated since 8
128     */
129    INVALID_PARAMETERS = 6,
130
131    /**
132     * Indicates that the authenticator is locked.
133     *
134     * @syscap SystemCapability.UserIAM.UserAuth.Core
135     * @since 6
136     * @deprecated since 8
137     */
138    LOCKED = 7,
139
140    /**
141     * Indicates that the user has not enrolled the authenticator.
142     *
143     * @syscap SystemCapability.UserIAM.UserAuth.Core
144     * @since 6
145     * @deprecated since 8
146     */
147    NOT_ENROLLED = 8,
148
149    /**
150     * Indicates other errors.
151     *
152     * @syscap SystemCapability.UserIAM.UserAuth.Core
153     * @since 6
154     * @deprecated since 8
155     */
156    GENERAL_ERROR = 100
157  }
158
159  /**
160   * Auth types
161   *
162   * @typedef { 'ALL' | 'FACE_ONLY' }
163   * @syscap SystemCapability.UserIAM.UserAuth.Core
164   * @since 6
165   * @deprecated since 8
166   */
167  type AuthType = 'ALL' | 'FACE_ONLY';
168
169  /**
170   * Secure levels
171   *
172   * @typedef { 'S1' | 'S2' | 'S3' | 'S4' }
173   * @syscap SystemCapability.UserIAM.UserAuth.Core
174   * @since 6
175   * @deprecated since 8
176   */
177  type SecureLevel = 'S1' | 'S2' | 'S3' | 'S4';
178
179  /**
180   * Used to initiate authentication.
181   *
182   * @interface Authenticator
183   * @syscap SystemCapability.UserIAM.UserAuth.Core
184   * @since 6
185   * @deprecated since 8
186   */
187  interface Authenticator {
188    /**
189     * Execute authentication.
190     *
191     * @permission ohos.permission.ACCESS_BIOMETRIC
192     * @param { AuthType } type - Indicates the authentication type.
193     * @param { SecureLevel } level - Indicates the security level.
194     * @param { AsyncCallback<number> } callback - Async callback of execute.
195     * @syscap SystemCapability.UserIAM.UserAuth.Core
196     * @since 6
197     * @deprecated since 8
198     */
199    execute(type: AuthType, level: SecureLevel, callback: AsyncCallback<number>): void;
200
201    /**
202     * Execute authentication.
203     *
204     * @permission ohos.permission.ACCESS_BIOMETRIC
205     * @param { AuthType } type - Indicates the authentication type.
206     * @param { SecureLevel } level - Indicates the security level.
207     * @returns { Promise<number> }
208     * @syscap SystemCapability.UserIAM.UserAuth.Core
209     * @since 6
210     * @deprecated since 8
211     */
212    execute(type: AuthType, level: SecureLevel): Promise<number>;
213  }
214
215  /**
216   * Get Authenticator instance.
217   *
218   * @returns { Authenticator } Returns an Authenticator.
219   * @syscap SystemCapability.UserIAM.UserAuth.Core
220   * @since 6
221   * @deprecated since 8
222   */
223  function getAuthenticator(): Authenticator;
224
225  /**
226   * User authentication.
227   *
228   * @syscap SystemCapability.UserIAM.UserAuth.Core
229   * @since 8
230   * @deprecated since 9
231   * @useinstead ohos.userIAM.userAuth.AuthInstance
232   */
233  class UserAuth {
234    /**
235     * Constructor to get the UserAuth class instance.
236     *
237     * @syscap SystemCapability.UserIAM.UserAuth.Core
238     * @since 8
239     * @deprecated since 9
240     * @useinstead ohos.userIAM.userAuth.getAuthInstance
241     */
242    constructor();
243
244    /**
245     * Get version information.
246     *
247     * @permission ohos.permission.ACCESS_BIOMETRIC
248     * @returns { number } Returns version information.
249     * @syscap SystemCapability.UserIAM.UserAuth.Core
250     * @since 8
251     * @deprecated since 9
252     * @useinstead ohos.userIAM.userAuth.getVersion
253     */
254    getVersion(): number;
255
256    /**
257     * Check whether the authentication capability is available.
258     *
259     * @permission ohos.permission.ACCESS_BIOMETRIC
260     * @param { UserAuthType } authType - Credential type for authentication.
261     * @param { AuthTrustLevel } authTrustLevel - Trust level of authentication result.
262     * @returns { number } Returns a check result, which is specified by getAvailableStatus, the value of number is related to the ResultCode enum, **201** is
263     * check permission failed.
264     * @syscap SystemCapability.UserIAM.UserAuth.Core
265     * @since 8
266     * @deprecated since 9
267     * @useinstead ohos.userIAM.userAuth.getAvailableStatus
268     */
269    getAvailableStatus(authType: UserAuthType, authTrustLevel: AuthTrustLevel): number;
270
271    /**
272     * Executes authentication.
273     *
274     * @permission ohos.permission.ACCESS_BIOMETRIC
275     * @param { Uint8Array } challenge - Pass in challenge value.
276     * @param { UserAuthType } authType - Type of authentication.
277     * @param { AuthTrustLevel } authTrustLevel - Trust level of authentication result.
278     * @param { IUserAuthCallback } callback - Return result and acquireInfo through callback, the value of result code is related to the ResultCode enum,
279     * **201** is check permission failed.
280     * @returns { Uint8Array } Returns ContextId for cancel.
281     * @syscap SystemCapability.UserIAM.UserAuth.Core
282     * @since 8
283     * @deprecated since 9
284     * @useinstead ohos.userIAM.userAuth.AuthInstance.start
285     */
286    auth(
287      challenge: Uint8Array,
288      authType: UserAuthType,
289      authTrustLevel: AuthTrustLevel,
290      callback: IUserAuthCallback
291    ): Uint8Array;
292
293    /**
294     * Cancel authentication with ContextID.
295     *
296     * @permission ohos.permission.ACCESS_BIOMETRIC
297     * @param { Uint8Array } contextID - Cancel authentication and pass in ContextID.
298     * @returns { number } Returns a number value indicating whether Cancel authentication was successful, the value of number is related to the ResultCode
299     * enum, **201** is check permission failed.
300     * @syscap SystemCapability.UserIAM.UserAuth.Core
301     * @since 8
302     * @deprecated since 9
303     * @useinstead ohos.userIAM.userAuth.AuthInstance.cancel
304     */
305    cancelAuth(contextID: Uint8Array): number;
306  }
307
308  /**
309   * Asynchronous callback of authentication operation.
310   *
311   * @interface IUserAuthCallback
312   * @syscap SystemCapability.UserIAM.UserAuth.Core
313   * @since 8
314   * @deprecated since 9
315   * @useinstead ohos.userIAM.userAuth.AuthEvent
316   */
317  interface IUserAuthCallback {
318    /**
319     * The authentication result code is returned through the callback.
320     * If the authentication is passed, the authentication token is returned in extraInfo,
321     * If the authentication fails, the remaining authentication times are returned in extraInfo,
322     * If the authentication executor is locked, the freezing time is returned in extraInfo.
323     *
324     * @type { function }
325     * @syscap SystemCapability.UserIAM.UserAuth.Core
326     * @since 8
327     * @deprecated since 9
328     * @useinstead ohos.userIAM.userAuth.AuthEvent.callback
329     */
330    onResult: (result: number, extraInfo: AuthResult) => void;
331
332    /**
333     * During an authentication, the TipsCode is returned through the callback.
334     *
335     * @type { ?function }
336     * @syscap SystemCapability.UserIAM.UserAuth.Core
337     * @since 8
338     * @deprecated since 9
339     * @useinstead ohos.userIAM.userAuth.AuthEvent.callback
340     */
341    onAcquireInfo?: (module: number, acquire: number, extraInfo: any) => void;
342  }
343
344  /**
345   * Authentication result: authentication token, remaining authentication times, freezing time.
346   *
347   * @typedef AuthResult
348   * @syscap SystemCapability.UserIAM.UserAuth.Core
349   * @since 8
350   * @deprecated since 9
351   * @useinstead ohos.userIAM.userAuth.AuthResultInfo
352   */
353  interface AuthResult {
354    /**
355     * The authentication result if the authentication is passed.
356     *
357     * @type { ?Uint8Array }
358     * @syscap SystemCapability.UserIAM.UserAuth.Core
359     * @since 8
360     * @deprecated since 9
361     */
362    token?: Uint8Array;
363
364    /**
365     * The remaining authentication times if the authentication fails.
366     *
367     * @type { ?number }
368     * @syscap SystemCapability.UserIAM.UserAuth.Core
369     * @since 8
370     * @deprecated since 9
371     */
372    remainTimes?: number;
373
374    /**
375     * The freezing time if the authentication executor is locked.
376     *
377     * @type { ?number }
378     * @syscap SystemCapability.UserIAM.UserAuth.Core
379     * @since 8
380     * @deprecated since 9
381     */
382    freezingTime?: number;
383  }
384
385  /**
386   * Enum for operation result.
387   *
388   * @enum { number }
389   * @syscap SystemCapability.UserIAM.UserAuth.Core
390   * @since 8
391   * @deprecated since 9
392   * @useinstead ohos.userIAM.userAuth.UserAuthResultCode
393   */
394  enum ResultCode {
395    /**
396     * Indicates that the result is success or ability is supported.
397     *
398     * @syscap SystemCapability.UserIAM.UserAuth.Core
399     * @since 8
400     * @deprecated since 9
401     */
402    SUCCESS = 0,
403
404    /**
405     * Indicates that authentication failed.
406     *
407     * @syscap SystemCapability.UserIAM.UserAuth.Core
408     * @since 8
409     * @deprecated since 9
410     */
411    FAIL = 1,
412
413    /**
414     * Indicates other errors.
415     *
416     * @syscap SystemCapability.UserIAM.UserAuth.Core
417     * @since 8
418     * @deprecated since 9
419     */
420    GENERAL_ERROR = 2,
421
422    /**
423     * Indicates that this operation has been canceled.
424     *
425     * @syscap SystemCapability.UserIAM.UserAuth.Core
426     * @since 8
427     * @deprecated since 9
428     */
429    CANCELED = 3,
430
431    /**
432     * Indicates that this operation has timed out.
433     *
434     * @syscap SystemCapability.UserIAM.UserAuth.Core
435     * @since 8
436     * @deprecated since 9
437     */
438    TIMEOUT = 4,
439
440    /**
441     * Indicates that this authentication type is not supported.
442     *
443     * @syscap SystemCapability.UserIAM.UserAuth.Core
444     * @since 8
445     * @deprecated since 9
446     */
447    TYPE_NOT_SUPPORT = 5,
448
449    /**
450     * Indicates that the authentication trust level is not supported.
451     *
452     * @syscap SystemCapability.UserIAM.UserAuth.Core
453     * @since 8
454     * @deprecated since 9
455     */
456    TRUST_LEVEL_NOT_SUPPORT = 6,
457
458    /**
459     * Indicates that the authentication task is busy. Wait for a few seconds and try again.
460     *
461     * @syscap SystemCapability.UserIAM.UserAuth.Core
462     * @since 8
463     * @deprecated since 9
464     */
465    BUSY = 7,
466
467    /**
468     * Indicates incorrect parameters.
469     *
470     * @syscap SystemCapability.UserIAM.UserAuth.Core
471     * @since 8
472     * @deprecated since 9
473     */
474    INVALID_PARAMETERS = 8,
475
476    /**
477     * Indicates that the authenticator is locked.
478     *
479     * @syscap SystemCapability.UserIAM.UserAuth.Core
480     * @since 8
481     * @deprecated since 9
482     */
483    LOCKED = 9,
484
485    /**
486     * Indicates that the user has not enrolled the authenticator.
487     *
488     * @syscap SystemCapability.UserIAM.UserAuth.Core
489     * @since 8
490     * @deprecated since 9
491     */
492    NOT_ENROLLED = 10
493  }
494
495  /**
496   * The enumeration of prompt codes in the process of face authentication.
497   *
498   * @enum { number }
499   * @syscap SystemCapability.UserIAM.UserAuth.Core
500   * @since 8
501   * @deprecated since 11
502   */
503  enum FaceTips {
504    /**
505     * Indicates that the obtained facial image is too bright due to high illumination.
506     *
507     * @syscap SystemCapability.UserIAM.UserAuth.Core
508     * @since 8
509     * @deprecated since 11
510     */
511    FACE_AUTH_TIP_TOO_BRIGHT = 1,
512
513    /**
514     * Indicates that the obtained facial image is too dark due to low illumination.
515     *
516     * @syscap SystemCapability.UserIAM.UserAuth.Core
517     * @since 8
518     * @deprecated since 11
519     */
520    FACE_AUTH_TIP_TOO_DARK = 2,
521
522    /**
523     * Indicates that the face is too close to the device.
524     *
525     * @syscap SystemCapability.UserIAM.UserAuth.Core
526     * @since 8
527     * @deprecated since 11
528     */
529    FACE_AUTH_TIP_TOO_CLOSE = 3,
530
531    /**
532     * Indicates that the face is too far away from the device.
533     *
534     * @syscap SystemCapability.UserIAM.UserAuth.Core
535     * @since 8
536     * @deprecated since 11
537     */
538    FACE_AUTH_TIP_TOO_FAR = 4,
539
540    /**
541     * Indicates that the device is too high, and that only the upper part of the face is captured.
542     *
543     * @syscap SystemCapability.UserIAM.UserAuth.Core
544     * @since 8
545     * @deprecated since 11
546     */
547    FACE_AUTH_TIP_TOO_HIGH = 5,
548
549    /**
550     * Indicates that the device is too low, and that only the lower part of the face is captured.
551     *
552     * @syscap SystemCapability.UserIAM.UserAuth.Core
553     * @since 8
554     * @deprecated since 11
555     */
556    FACE_AUTH_TIP_TOO_LOW = 6,
557
558    /**
559     * Indicates that the device is deviated to the right, and that only the right part of the face is captured.
560     *
561     * @syscap SystemCapability.UserIAM.UserAuth.Core
562     * @since 8
563     * @deprecated since 11
564     */
565    FACE_AUTH_TIP_TOO_RIGHT = 7,
566
567    /**
568     * Indicates that the device is deviated to the left, and that only the left part of the face is captured.
569     *
570     * @syscap SystemCapability.UserIAM.UserAuth.Core
571     * @since 8
572     * @deprecated since 11
573     */
574    FACE_AUTH_TIP_TOO_LEFT = 8,
575
576    /**
577     * Indicates that the face moves too fast during facial information collection.
578     *
579     * @syscap SystemCapability.UserIAM.UserAuth.Core
580     * @since 8
581     * @deprecated since 11
582     */
583    FACE_AUTH_TIP_TOO_MUCH_MOTION = 9,
584
585    /**
586     * Indicates that the face is not facing the device.
587     *
588     * @syscap SystemCapability.UserIAM.UserAuth.Core
589     * @since 8
590     * @deprecated since 11
591     */
592    FACE_AUTH_TIP_POOR_GAZE = 10,
593
594    /**
595     * Indicates that no face is detected.
596     *
597     * @syscap SystemCapability.UserIAM.UserAuth.Core
598     * @since 8
599     * @deprecated since 11
600     */
601    FACE_AUTH_TIP_NOT_DETECTED = 11
602  }
603
604  /**
605   * The enumeration of prompt codes in the process of fingerprint authentication.
606   *
607   * @enum { number }
608   * @syscap SystemCapability.UserIAM.UserAuth.Core
609   * @since 8
610   * @deprecated since 11
611   */
612  enum FingerprintTips {
613    /**
614     * Indicates that the image acquired is good.
615     *
616     * @syscap SystemCapability.UserIAM.UserAuth.Core
617     * @since 8
618     * @deprecated since 11
619     */
620    FINGERPRINT_AUTH_TIP_GOOD = 0,
621
622    /**
623     * Indicates that the fingerprint image is too noisy due to suspected or detected dirt on sensor.
624     *
625     * @syscap SystemCapability.UserIAM.UserAuth.Core
626     * @since 8
627     * @deprecated since 11
628     */
629    FINGERPRINT_AUTH_TIP_DIRTY = 1,
630
631    /**
632     * Indicates that the fingerprint image is too noisy to process due to a detected condition.
633     *
634     * @syscap SystemCapability.UserIAM.UserAuth.Core
635     * @since 8
636     * @deprecated since 11
637     */
638    FINGERPRINT_AUTH_TIP_INSUFFICIENT = 2,
639
640    /**
641     * Indicates that only a partial fingerprint image is detected.
642     *
643     * @syscap SystemCapability.UserIAM.UserAuth.Core
644     * @since 8
645     * @deprecated since 11
646     */
647    FINGERPRINT_AUTH_TIP_PARTIAL = 3,
648
649    /**
650     * Indicates that the fingerprint image is incomplete due to quick motion.
651     *
652     * @syscap SystemCapability.UserIAM.UserAuth.Core
653     * @since 8
654     * @deprecated since 11
655     */
656    FINGERPRINT_AUTH_TIP_TOO_FAST = 4,
657
658    /**
659     * Indicates that the fingerprint image is unreadable due to lack of motion.
660     *
661     * @syscap SystemCapability.UserIAM.UserAuth.Core
662     * @since 8
663     * @deprecated since 11
664     */
665    FINGERPRINT_AUTH_TIP_TOO_SLOW = 5
666  }
667
668  /**
669   * Credential type for authentication.
670   *
671   * @enum { number }
672   * @syscap SystemCapability.UserIAM.UserAuth.Core
673   * @since 8
674   */
675  /**
676   * Credential type for authentication.
677   *
678   * @enum { number }
679   * @syscap SystemCapability.UserIAM.UserAuth.Core
680   * @atomicservice
681   * @since 12
682   */
683  enum UserAuthType {
684    /**
685     * Authentication type pin.
686     *
687     * @syscap SystemCapability.UserIAM.UserAuth.Core
688     * @since 10
689     */
690    /**
691     * Authentication type pin.
692     *
693     * @syscap SystemCapability.UserIAM.UserAuth.Core
694     * @atomicservice
695     * @since 12
696     */
697    PIN = 1,
698
699    /**
700     * Authentication type face.
701     *
702     * @syscap SystemCapability.UserIAM.UserAuth.Core
703     * @since 8
704     */
705    /**
706     * Authentication type face.
707     *
708     * @syscap SystemCapability.UserIAM.UserAuth.Core
709     * @atomicservice
710     * @since 12
711     */
712    FACE = 2,
713
714    /**
715     * Authentication type fingerprint.
716     *
717     * @syscap SystemCapability.UserIAM.UserAuth.Core
718     * @since 8
719     */
720    /**
721     * Authentication type fingerprint.
722     *
723     * @syscap SystemCapability.UserIAM.UserAuth.Core
724     * @atomicservice
725     * @since 12
726     */
727    FINGERPRINT = 4
728  }
729
730  /**
731   * Trust level of authentication results.
732   *
733   * @enum { number }
734   * @syscap SystemCapability.UserIAM.UserAuth.Core
735   * @since 8
736   */
737  /**
738   * Trust level of authentication results.
739   *
740   * @enum { number }
741   * @syscap SystemCapability.UserIAM.UserAuth.Core
742   * @atomicservice
743   * @since 12
744   */
745  enum AuthTrustLevel {
746    /**
747     * Authentication result trusted level 1.
748     *
749     * @syscap SystemCapability.UserIAM.UserAuth.Core
750     * @since 8
751     */
752    /**
753     * Authentication result trusted level 1.
754     *
755     * @syscap SystemCapability.UserIAM.UserAuth.Core
756     * @atomicservice
757     * @since 12
758     */
759    ATL1 = 10000,
760
761    /**
762     * Authentication result trusted level 2.
763     *
764     * @syscap SystemCapability.UserIAM.UserAuth.Core
765     * @since 8
766     */
767    /**
768     * Authentication result trusted level 2.
769     *
770     * @syscap SystemCapability.UserIAM.UserAuth.Core
771     * @atomicservice
772     * @since 12
773     */
774    ATL2 = 20000,
775
776    /**
777     * Authentication result trusted level 3.
778     *
779     * @syscap SystemCapability.UserIAM.UserAuth.Core
780     * @since 8
781     */
782    /**
783     * Authentication result trusted level 3.
784     *
785     * @syscap SystemCapability.UserIAM.UserAuth.Core
786     * @atomicservice
787     * @since 12
788     */
789    ATL3 = 30000,
790
791    /**
792     * Authentication result trusted level 4.
793     *
794     * @syscap SystemCapability.UserIAM.UserAuth.Core
795     * @since 8
796     */
797    /**
798     * Authentication result trusted level 4.
799     *
800     * @syscap SystemCapability.UserIAM.UserAuth.Core
801     * @atomicservice
802     * @since 12
803     */
804    ATL4 = 40000
805  }
806
807  /**
808   * Authentication events.
809   *
810   * @typedef { 'result' | 'tip' }
811   * @syscap SystemCapability.UserIAM.UserAuth.Core
812   * @since 9
813   * @deprecated since 11
814   */
815  type AuthEventKey = 'result' | 'tip';
816
817  /**
818   * Return information of Authentication events.
819   *
820   * @typedef { AuthResultInfo | TipInfo }
821   * @syscap SystemCapability.UserIAM.UserAuth.Core
822   * @since 9
823   * @deprecated since 11
824   * @useinstead ohos.userIAM.userAuth.UserAuthResult
825   */
826  type EventInfo = AuthResultInfo | TipInfo;
827
828  /**
829   * Asynchronous callback of authentication event.
830   *
831   * @interface AuthEvent
832   * @syscap SystemCapability.UserIAM.UserAuth.Core
833   * @since 9
834   * @deprecated since 11
835   * @useinstead ohos.userIAM.userAuth.IAuthCallback
836   */
837  interface AuthEvent {
838    /**
839     * The authentication event callback.
840     *
841     * @param { EventInfo } result - Event info.
842     * @syscap SystemCapability.UserIAM.UserAuth.Core
843     * @since 9
844     * @deprecated since 11
845     * @useinstead ohos.userIAM.userAuth.IAuthCallback.onResult
846     */
847    callback(result: EventInfo): void;
848  }
849
850  /**
851   * Authentication result information.
852   *
853   * @typedef AuthResultInfo
854   * @syscap SystemCapability.UserIAM.UserAuth.Core
855   * @since 9
856   * @deprecated since 11
857   */
858  interface AuthResultInfo {
859    /**
860     * The authentication result.
861     *
862     * @type { number }
863     * @syscap SystemCapability.UserIAM.UserAuth.Core
864     * @since 9
865     * @deprecated since 11
866     */
867    result: number;
868
869    /**
870     * The authentication token if the authentication is passed.
871     *
872     * @type { ?Uint8Array }
873     * @syscap SystemCapability.UserIAM.UserAuth.Core
874     * @since 9
875     * @deprecated since 11
876     */
877    token?: Uint8Array;
878
879    /**
880     * The remaining authentication attempts if the authentication fails.
881     *
882     * @type { ?number }
883     * @syscap SystemCapability.UserIAM.UserAuth.Core
884     * @since 9
885     * @deprecated since 11
886     */
887    remainAttempts?: number;
888
889    /**
890     * The lockout duration if the authentication executor is locked.
891     *
892     * @type { ?number }
893     * @syscap SystemCapability.UserIAM.UserAuth.Core
894     * @since 9
895     * @deprecated since 11
896     */
897    lockoutDuration?: number;
898  }
899
900  /**
901   * Authentication tip info.
902   *
903   * @typedef TipInfo
904   * @syscap SystemCapability.UserIAM.UserAuth.Core
905   * @since 9
906   * @deprecated since 11
907   */
908  interface TipInfo {
909    /**
910     * The authentication module of sending tip information.
911     *
912     * @type { number }
913     * @syscap SystemCapability.UserIAM.UserAuth.Core
914     * @since 9
915     * @deprecated since 11
916     */
917    module: number;
918
919    /**
920     * Tip information, used to prompt the business to perform some operations.
921     *
922     * @type { number }
923     * @syscap SystemCapability.UserIAM.UserAuth.Core
924     * @since 9
925     * @deprecated since 11
926     */
927    tip: number;
928  }
929
930  /**
931   * Authentication instance, used to initiate a complete authentication.
932   *
933   * @interface AuthInstance
934   * @syscap SystemCapability.UserIAM.UserAuth.Core
935   * @since 9
936   * @deprecated since 10
937   * @useinstead ohos.userIAM.userAuth.UserAuthInstance
938   */
939  interface AuthInstance {
940    /**
941     * Turn on authentication event listening.
942     *
943     * @throws { BusinessError } 401 - Incorrect parameters.
944     * @throws { BusinessError } 12500002 - General operation error.
945     * @syscap SystemCapability.UserIAM.UserAuth.Core
946     * @since 9
947     * @deprecated since 10
948     */
949    on: (name: AuthEventKey, callback: AuthEvent) => void;
950
951    /**
952     * Turn off authentication event listening.
953     *
954     * @throws { BusinessError } 401 - Incorrect parameters.
955     * @throws { BusinessError } 12500002 - General operation error.
956     * @syscap SystemCapability.UserIAM.UserAuth.Core
957     * @since 9
958     * @deprecated since 10
959     */
960    off: (name: AuthEventKey) => void;
961
962    /**
963     * Start this authentication, an instance can only perform authentication once.
964     *
965     * @permission ohos.permission.ACCESS_BIOMETRIC
966     * @type { function }
967     * @throws { BusinessError } 201 - Permission verification failed.
968     * @throws { BusinessError } 401 - Incorrect parameters.
969     * @throws { BusinessError } 12500001 - Authentication failed.
970     * @throws { BusinessError } 12500002 - General operation error.
971     * @throws { BusinessError } 12500003 - The operation is canceled.
972     * @throws { BusinessError } 12500004 - The operation is time-out.
973     * @throws { BusinessError } 12500005 - The authentication type is not supported.
974     * @throws { BusinessError } 12500006 - The authentication trust level is not supported.
975     * @throws { BusinessError } 12500007 - The authentication task is busy.
976     * @throws { BusinessError } 12500009 - The authenticator is locked.
977     * @throws { BusinessError } 12500010 - The type of credential has not been enrolled.
978     * @syscap SystemCapability.UserIAM.UserAuth.Core
979     * @since 9
980     * @deprecated since 10
981     */
982    start: () => void;
983
984    /**
985     * Cancel this authentication.
986     *
987     * @permission ohos.permission.ACCESS_BIOMETRIC
988     * @type { function }
989     * @throws { BusinessError } 201 - Permission verification failed.
990     * @throws { BusinessError } 401 - Incorrect parameters.
991     * @throws { BusinessError } 12500002 - General operation error.
992     * @syscap SystemCapability.UserIAM.UserAuth.Core
993     * @since 9
994     * @deprecated since 10
995     */
996    cancel: () => void;
997  }
998
999  /**
1000   * Check whether the authentication capability is available.
1001   *
1002   * @permission ohos.permission.ACCESS_BIOMETRIC
1003   * @param { UserAuthType } authType - Credential type for authentication.
1004   * @param { AuthTrustLevel } authTrustLevel - Trust level of authentication result.
1005   * @throws { BusinessError } 201 - Permission verification failed.
1006   * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1007   * <br>1. Mandatory parameters are left unspecified.
1008   * @throws { BusinessError } 12500002 - General operation error.
1009   * @throws { BusinessError } 12500005 - The authentication type is not supported.
1010   * @throws { BusinessError } 12500006 - The authentication trust level is not supported.
1011   * @throws { BusinessError } 12500010 - The type of credential has not been enrolled.
1012   * @syscap SystemCapability.UserIAM.UserAuth.Core
1013   * @since 9
1014   */
1015  /**
1016   * Check whether the authentication capability is available.
1017   *
1018   * @permission ohos.permission.ACCESS_BIOMETRIC
1019   * @param { UserAuthType } authType - Credential type for authentication.
1020   * @param { AuthTrustLevel } authTrustLevel - Trust level of authentication result.
1021   * @throws { BusinessError } 201 - Permission verification failed.
1022   * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1023   * <br>1. Mandatory parameters are left unspecified.
1024   * @throws { BusinessError } 12500002 - General operation error.
1025   * @throws { BusinessError } 12500005 - The authentication type is not supported.
1026   * @throws { BusinessError } 12500006 - The authentication trust level is not supported.
1027   * @throws { BusinessError } 12500010 - The type of credential has not been enrolled.
1028   * @throws { BusinessError } 12500013 - Operation failed because of PIN expired.
1029   * @syscap SystemCapability.UserIAM.UserAuth.Core
1030   * @atomicservice
1031   * @since 12
1032   */
1033  function getAvailableStatus(authType: UserAuthType, authTrustLevel: AuthTrustLevel): void;
1034
1035  /**
1036   * Enrolled state.
1037   *
1038   * @typedef EnrolledState
1039   * @syscap SystemCapability.UserIAM.UserAuth.Core
1040   * @atomicservice
1041   * @since 12
1042   */
1043  interface EnrolledState {
1044    /**
1045     * The credential digest.
1046     *
1047     * @type { number }
1048     * @syscap SystemCapability.UserIAM.UserAuth.Core
1049     * @atomicservice
1050     * @since 12
1051     */
1052    credentialDigest: number;
1053
1054    /**
1055     * The credential count.
1056     *
1057     * @type { number }
1058     * @syscap SystemCapability.UserIAM.UserAuth.Core
1059     * @atomicservice
1060     * @since 12
1061     */
1062    credentialCount: number;
1063  }
1064
1065  /**
1066   * Get the state of enrolled credentials which varies as credentials change.
1067   *
1068   * @permission ohos.permission.ACCESS_BIOMETRIC
1069   * @param { UserAuthType } authType - Credential type for authentication.
1070   * @returns { EnrolledState } Returns the enrolled state.
1071   * @throws { BusinessError } 201 - Permission verification failed.
1072   * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1073   * <br>1. Mandatory parameters are left unspecified.
1074   * @throws { BusinessError } 12500002 - General operation error.
1075   * @throws { BusinessError } 12500005 - The authentication type is not supported.
1076   * @throws { BusinessError } 12500010 - The type of credential has not been enrolled.
1077   * @syscap SystemCapability.UserIAM.UserAuth.Core
1078   * @atomicservice
1079   * @since 12
1080   */
1081  function getEnrolledState(authType: UserAuthType): EnrolledState;
1082
1083  /**
1084   * Get Authentication instance.
1085   *
1086   * @param { Uint8Array } challenge - Pass in challenge value.
1087   * @param { UserAuthType } authType - Credential type for authentication.
1088   * @param { AuthTrustLevel } authTrustLevel - Trust level of authentication result.
1089   * @returns { AuthInstance } Returns an authentication instance.
1090   * @throws { BusinessError } 401 - Incorrect parameters.
1091   * @throws { BusinessError } 12500002 - General operation error.
1092   * @throws { BusinessError } 12500005 - The authentication type is not supported.
1093   * @throws { BusinessError } 12500006 - The authentication trust level is not supported.
1094   * @syscap SystemCapability.UserIAM.UserAuth.Core
1095   * @since 9
1096   * @deprecated since 10
1097   * @useinstead ohos.userIAM.userAuth.getUserAuthInstance
1098   */
1099  function getAuthInstance(challenge: Uint8Array, authType: UserAuthType, authTrustLevel: AuthTrustLevel): AuthInstance;
1100
1101  /**
1102   * Window mode type for user authentication widget.
1103   *
1104   * @enum { number }
1105   * @syscap SystemCapability.UserIAM.UserAuth.Core
1106   * @systemapi Hide this for inner system use.
1107   * @since 10
1108   */
1109  enum WindowModeType {
1110    /**
1111     * Window mode type is dialog box.
1112     *
1113     * @syscap SystemCapability.UserIAM.UserAuth.Core
1114     * @systemapi Hide this for inner system use.
1115     * @since 10
1116     */
1117    DIALOG_BOX = 1,
1118
1119    /**
1120     * Window mode type is full screen.
1121     *
1122     * @syscap SystemCapability.UserIAM.UserAuth.Core
1123     * @systemapi Hide this for inner system use.
1124     * @since 10
1125     */
1126    FULLSCREEN = 2
1127  }
1128
1129  /**
1130   * The mode for reusing unlock authentication result.
1131   *
1132   * @enum { number }
1133   * @syscap SystemCapability.UserIAM.UserAuth.Core
1134   * @atomicservice
1135   * @since 12
1136   */
1137  enum ReuseMode {
1138    /**
1139     * Authentication type relevant.The unlock authentication result can be reused only when the result is within
1140     * valid duration as well as it comes from one of specified UserAuthTypes of the AuthParam.
1141     *
1142     * @syscap SystemCapability.UserIAM.UserAuth.Core
1143     * @atomicservice
1144     * @since 12
1145     */
1146    AUTH_TYPE_RELEVANT = 1,
1147
1148    /**
1149     * Authentication type irrelevant.The unlock authentication result can be reused as long as the result is within
1150     * valid duration.
1151     *
1152     * @syscap SystemCapability.UserIAM.UserAuth.Core
1153     * @atomicservice
1154     * @since 12
1155     */
1156    AUTH_TYPE_IRRELEVANT = 2
1157  }
1158
1159  /**
1160   * Reuse unlock authentication result.
1161   *
1162   * @typedef ReuseUnlockResult
1163   * @syscap SystemCapability.UserIAM.UserAuth.Core
1164   * @atomicservice
1165   * @since 12
1166   */
1167  interface ReuseUnlockResult {
1168    /**
1169     * The mode for reusing unlock authentication result.
1170     *
1171     * @type { ReuseMode }
1172     * @syscap SystemCapability.UserIAM.UserAuth.Core
1173     * @atomicservice
1174     * @since 12
1175     */
1176    reuseMode: ReuseMode;
1177
1178    /**
1179     * The allowable reuse duration.The value of the duration should be between 0 and MAX_ALLOWABLE_REUSE_DURATION.
1180     *
1181     * @type { number }
1182     * @syscap SystemCapability.UserIAM.UserAuth.Core
1183     * @atomicservice
1184     * @since 12
1185     */
1186    reuseDuration: number;
1187  }
1188
1189  /**
1190   * Auth parameter.
1191   *
1192   * @typedef AuthParam
1193   * @syscap SystemCapability.UserIAM.UserAuth.Core
1194   * @since 10
1195   */
1196  /**
1197   * Auth parameter.
1198   *
1199   * @typedef AuthParam
1200   * @syscap SystemCapability.UserIAM.UserAuth.Core
1201   * @atomicservice
1202   * @since 12
1203   */
1204  interface AuthParam {
1205    /**
1206     * Pass in challenge value.
1207     *
1208     * @type { Uint8Array }
1209     * @syscap SystemCapability.UserIAM.UserAuth.Core
1210     * @since 10
1211     */
1212    /**
1213     * Pass in challenge value.
1214     *
1215     * @type { Uint8Array }
1216     * @syscap SystemCapability.UserIAM.UserAuth.Core
1217     * @atomicservice
1218     * @since 12
1219     */
1220    challenge: Uint8Array;
1221
1222    /**
1223     * Credential type for authentication.
1224     *
1225     * @type { UserAuthType[] }
1226     * @syscap SystemCapability.UserIAM.UserAuth.Core
1227     * @since 10
1228     */
1229    /**
1230     * Credential type for authentication.
1231     *
1232     * @type { UserAuthType[] }
1233     * @syscap SystemCapability.UserIAM.UserAuth.Core
1234     * @atomicservice
1235     * @since 12
1236     */
1237    authType: UserAuthType[];
1238
1239    /**
1240     * Trust level of authentication result.
1241     *
1242     * @type { AuthTrustLevel }
1243     * @syscap SystemCapability.UserIAM.UserAuth.Core
1244     * @since 10
1245     */
1246    /**
1247     * Trust level of authentication result.
1248     *
1249     * @type { AuthTrustLevel }
1250     * @syscap SystemCapability.UserIAM.UserAuth.Core
1251     * @atomicservice
1252     * @since 12
1253     */
1254    authTrustLevel: AuthTrustLevel;
1255
1256    /**
1257     * Reuse unlock authentication result.
1258     *
1259     * @type { ?ReuseUnlockResult }
1260     * @syscap SystemCapability.UserIAM.UserAuth.Core
1261     * @atomicservice
1262     * @since 12
1263     */
1264    reuseUnlockResult?: ReuseUnlockResult;
1265  }
1266
1267  /**
1268   * Auth widget parameter.
1269   *
1270   * @typedef WidgetParam
1271   * @syscap SystemCapability.UserIAM.UserAuth.Core
1272   * @since 10
1273   */
1274  /**
1275   * Auth widget parameter.
1276   *
1277   * @typedef WidgetParam
1278   * @syscap SystemCapability.UserIAM.UserAuth.Core
1279   * @atomicservice
1280   * @since 12
1281   */
1282  interface WidgetParam {
1283    /**
1284     * Title of widget.
1285     *
1286     * @type { string }
1287     * @syscap SystemCapability.UserIAM.UserAuth.Core
1288     * @since 10
1289     */
1290    /**
1291     * Title of widget.
1292     *
1293     * @type { string }
1294     * @syscap SystemCapability.UserIAM.UserAuth.Core
1295     * @atomicservice
1296     * @since 12
1297     */
1298    title: string;
1299
1300    /**
1301     * The description text of navigation button.
1302     *
1303     * @type { ?string }
1304     * @syscap SystemCapability.UserIAM.UserAuth.Core
1305     * @since 10
1306     */
1307    /**
1308     * The description text of navigation button.
1309     *
1310     * @type { ?string }
1311     * @syscap SystemCapability.UserIAM.UserAuth.Core
1312     * @atomicservice
1313     * @since 12
1314     */
1315    navigationButtonText?: string;
1316
1317    /**
1318     * Display type of widget.
1319     *
1320     * @type { ?WindowModeType }
1321     * @default WindowModeType.DIALOG_BOX
1322     * @syscap SystemCapability.UserIAM.UserAuth.Core
1323     * @systemapi Hide this for inner system use.
1324     * @since 10
1325     */
1326    windowMode?: WindowModeType;
1327  }
1328
1329  /**
1330   * Authentication result: authentication token, credential type for authentication succeed.
1331   *
1332   * @typedef UserAuthResult
1333   * @syscap SystemCapability.UserIAM.UserAuth.Core
1334   * @since 10
1335   */
1336  /**
1337   * Authentication result: authentication token, credential type for authentication succeed.
1338   *
1339   * @typedef UserAuthResult
1340   * @syscap SystemCapability.UserIAM.UserAuth.Core
1341   * @atomicservice
1342   * @since 12
1343   */
1344  interface UserAuthResult {
1345    /**
1346     * The authentication result.
1347     *
1348     * @type { number }
1349     * @syscap SystemCapability.UserIAM.UserAuth.Core
1350     * @since 10
1351     */
1352    /**
1353     * The authentication result.
1354     *
1355     * @type { number }
1356     * @syscap SystemCapability.UserIAM.UserAuth.Core
1357     * @atomicservice
1358     * @since 12
1359     */
1360    result: number;
1361
1362    /**
1363     * The authentication result if the authentication is passed.
1364     *
1365     * @type { ?Uint8Array }
1366     * @syscap SystemCapability.UserIAM.UserAuth.Core
1367     * @since 10
1368     */
1369    /**
1370     * The authentication result if the authentication is passed.
1371     *
1372     * @type { ?Uint8Array }
1373     * @syscap SystemCapability.UserIAM.UserAuth.Core
1374     * @atomicservice
1375     * @since 12
1376     */
1377    token?: Uint8Array;
1378
1379    /**
1380     * Credential type for authentication succeed.
1381     *
1382     * @type { ?UserAuthType }
1383     * @syscap SystemCapability.UserIAM.UserAuth.Core
1384     * @since 10
1385     */
1386    /**
1387     * Credential type for authentication succeed.
1388     *
1389     * @type { ?UserAuthType }
1390     * @syscap SystemCapability.UserIAM.UserAuth.Core
1391     * @atomicservice
1392     * @since 12
1393     */
1394    authType?: UserAuthType;
1395
1396    /**
1397     * The enrolled state for authentication succeed. EnrolledState would be returned when the authentication has
1398     * passed.
1399     *
1400     * @type { ?EnrolledState }
1401     * @syscap SystemCapability.UserIAM.UserAuth.Core
1402     * @atomicservice
1403     * @since 12
1404     */
1405    enrolledState?: EnrolledState;
1406  }
1407
1408  /**
1409   * Asynchronous callback of authentication operation.
1410   *
1411   * @interface IAuthCallback
1412   * @syscap SystemCapability.UserIAM.UserAuth.Core
1413   * @since 10
1414   */
1415  /**
1416   * Asynchronous callback of authentication operation.
1417   *
1418   * @interface IAuthCallback
1419   * @syscap SystemCapability.UserIAM.UserAuth.Core
1420   * @atomicservice
1421   * @since 12
1422   */
1423  interface IAuthCallback {
1424    /**
1425     * The authentication result code is returned through the callback.
1426     * If the authentication is passed, the authentication token is returned in extraInfo.
1427     *
1428     * @param { UserAuthResult } result - Authentication result information.
1429     * @syscap SystemCapability.UserIAM.UserAuth.Core
1430     * @since 10
1431     */
1432    /**
1433     * The authentication result code is returned through the callback.
1434     * If the authentication is passed, the authentication token is returned in extraInfo.
1435     *
1436     * @param { UserAuthResult } result - Authentication result information.
1437     * @syscap SystemCapability.UserIAM.UserAuth.Core
1438     * @atomicservice
1439     * @since 12
1440     */
1441    onResult(result: UserAuthResult): void;
1442  }
1443
1444  /**
1445   * User authentication instance, used to initiate a complete authentication.
1446   *
1447   * @interface UserAuthInstance
1448   * @syscap SystemCapability.UserIAM.UserAuth.Core
1449   * @since 10
1450   */
1451  /**
1452   * User authentication instance, used to initiate a complete authentication.
1453   *
1454   * @interface UserAuthInstance
1455   * @syscap SystemCapability.UserIAM.UserAuth.Core
1456   * @atomicservice
1457   * @since 12
1458   */
1459  interface UserAuthInstance {
1460    /**
1461     * Turn on widget authentication result event listening.
1462     *
1463     * @param { 'result' } type - Indicates the type of event.
1464     * @param { IAuthCallback } callback - Indicates the listener.
1465     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1466     * <br>1. Mandatory parameters are left unspecified.
1467     * <br>2. Incorrect parameter types.
1468     * <br>3. Parameter verification failed.
1469     * @throws { BusinessError } 12500002 - General operation error.
1470     * @syscap SystemCapability.UserIAM.UserAuth.Core
1471     * @since 10
1472     */
1473    /**
1474     * Turn on widget authentication result event listening.
1475     *
1476     * @param { 'result' } type - Indicates the type of event.
1477     * @param { IAuthCallback } callback - Indicates the listener.
1478     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1479     * <br>1. Mandatory parameters are left unspecified.
1480     * <br>2. Incorrect parameter types.
1481     * <br>3. Parameter verification failed.
1482     * @throws { BusinessError } 12500002 - General operation error.
1483     * @syscap SystemCapability.UserIAM.UserAuth.Core
1484     * @atomicservice
1485     * @since 12
1486     */
1487    on(type: 'result', callback: IAuthCallback): void;
1488
1489    /**
1490     * Turn off widget authentication result event listening.
1491     *
1492     * @param { 'result' } type - Indicates the type of event.
1493     * @param { IAuthCallback } callback - Indicates the listener.
1494     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1495     * <br>1. Mandatory parameters are left unspecified.
1496     * <br>2. Incorrect parameter types.
1497     * <br>3. Parameter verification failed.
1498     * @throws { BusinessError } 12500002 - General operation error.
1499     * @syscap SystemCapability.UserIAM.UserAuth.Core
1500     * @since 10
1501     */
1502    /**
1503     * Turn off widget authentication result event listening.
1504     *
1505     * @param { 'result' } type - Indicates the type of event.
1506     * @param { IAuthCallback } callback - Indicates the listener.
1507     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1508     * <br>1. Mandatory parameters are left unspecified.
1509     * <br>2. Incorrect parameter types.
1510     * <br>3. Parameter verification failed.
1511     * @throws { BusinessError } 12500002 - General operation error.
1512     * @syscap SystemCapability.UserIAM.UserAuth.Core
1513     * @atomicservice
1514     * @since 12
1515     */
1516    off(type: 'result', callback?: IAuthCallback): void;
1517
1518    /**
1519     * Start this authentication, an instance can only perform authentication once.
1520     *
1521     * @permission ohos.permission.ACCESS_BIOMETRIC
1522     * @throws { BusinessError } 201 - Permission verification failed.
1523     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1524     * <br>1. Incorrect parameter types.
1525     * @throws { BusinessError } 12500001 - Authentication failed.
1526     * @throws { BusinessError } 12500002 - General operation error.
1527     * @throws { BusinessError } 12500003 - Authentication canceled.
1528     * @throws { BusinessError } 12500004 - Authentication timeout.
1529     * @throws { BusinessError } 12500005 - The authentication type is not supported.
1530     * @throws { BusinessError } 12500006 - The authentication trust level is not supported.
1531     * @throws { BusinessError } 12500007 - Authentication service is busy.
1532     * @throws { BusinessError } 12500009 - Authentication is locked out.
1533     * @throws { BusinessError } 12500010 - The type of credential has not been enrolled.
1534     * @throws { BusinessError } 12500011 - Switched to the custom authentication process.
1535     * @syscap SystemCapability.UserIAM.UserAuth.Core
1536     * @since 10
1537     */
1538    /**
1539     * Start this authentication, an instance can only perform authentication once.
1540     *
1541     * @permission ohos.permission.ACCESS_BIOMETRIC
1542     * @throws { BusinessError } 201 - Permission verification failed.
1543     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1544     * <br>1. Incorrect parameter types.
1545     * @throws { BusinessError } 12500001 - Authentication failed.
1546     * @throws { BusinessError } 12500002 - General operation error.
1547     * @throws { BusinessError } 12500003 - Authentication canceled.
1548     * @throws { BusinessError } 12500004 - Authentication timeout.
1549     * @throws { BusinessError } 12500005 - The authentication type is not supported.
1550     * @throws { BusinessError } 12500006 - The authentication trust level is not supported.
1551     * @throws { BusinessError } 12500007 - Authentication service is busy.
1552     * @throws { BusinessError } 12500009 - Authentication is locked out.
1553     * @throws { BusinessError } 12500010 - The type of credential has not been enrolled.
1554     * @throws { BusinessError } 12500011 - Switched to the custom authentication process.
1555     * @throws { BusinessError } 12500013 - Operation failed because of PIN expired.
1556     * @syscap SystemCapability.UserIAM.UserAuth.Core
1557     * @atomicservice
1558     * @since 12
1559     */
1560    start(): void;
1561
1562    /**
1563     * Cancel this authentication.
1564     *
1565     * @permission ohos.permission.ACCESS_BIOMETRIC
1566     * @throws { BusinessError } 201 - Permission verification failed.
1567     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1568     * <br>1. Incorrect parameter types.
1569     * @throws { BusinessError } 12500002 - General operation error.
1570     * @syscap SystemCapability.UserIAM.UserAuth.Core
1571     * @since 10
1572     */
1573    /**
1574     * Cancel this authentication.
1575     *
1576     * @permission ohos.permission.ACCESS_BIOMETRIC
1577     * @throws { BusinessError } 201 - Permission verification failed.
1578     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1579     * <br>1. Incorrect parameter types.
1580     * @throws { BusinessError } 12500002 - General operation error.
1581     * @syscap SystemCapability.UserIAM.UserAuth.Core
1582     * @atomicservice
1583     * @since 12
1584     */
1585    cancel(): void;
1586  }
1587
1588  /**
1589   * Get user authentication instance with widget.
1590   *
1591   * @param { AuthParam } authParam - Auth parameter.
1592   * @param { WidgetParam } widgetParam - Widget parameter.
1593   * @returns { UserAuthInstance } Returns an authentication instance with widget.
1594   * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1595   * <br>1. Mandatory parameters are left unspecified.
1596   * <br>2. Incorrect parameter types.
1597   * <br>3. Parameter verification failed.
1598   * @throws { BusinessError } 12500002 - General operation error.
1599   * @throws { BusinessError } 12500005 - The authentication type is not supported.
1600   * @throws { BusinessError } 12500006 - The authentication trust level is not supported.
1601   * @syscap SystemCapability.UserIAM.UserAuth.Core
1602   * @since 10
1603   */
1604  /**
1605   * Get user authentication instance with widget.
1606   *
1607   * @param { AuthParam } authParam - Auth parameter.
1608   * @param { WidgetParam } widgetParam - Widget parameter.
1609   * @returns { UserAuthInstance } Returns an authentication instance with widget.
1610   * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1611   * <br>1. Mandatory parameters are left unspecified.
1612   * <br>2. Incorrect parameter types.
1613   * <br>3. Parameter verification failed.
1614   * @throws { BusinessError } 12500002 - General operation error.
1615   * @throws { BusinessError } 12500005 - The authentication type is not supported.
1616   * @throws { BusinessError } 12500006 - The authentication trust level is not supported.
1617   * @syscap SystemCapability.UserIAM.UserAuth.Core
1618   * @atomicservice
1619   * @since 12
1620   */
1621  function getUserAuthInstance(authParam: AuthParam, widgetParam: WidgetParam): UserAuthInstance;
1622
1623  /**
1624   * Notice type for user authentication.
1625   *
1626   * @enum { number }
1627   * @syscap SystemCapability.UserIAM.UserAuth.Core
1628   * @systemapi Hide this for inner system use.
1629   * @since 10
1630   */
1631  enum NoticeType {
1632    /**
1633     * Notice from widget.
1634     *
1635     * @syscap SystemCapability.UserIAM.UserAuth.Core
1636     * @systemapi Hide this for inner system use.
1637     * @since 10
1638     */
1639    WIDGET_NOTICE = 1
1640  }
1641
1642  /**
1643   * Send notice to user authentication.
1644   *
1645   * @permission ohos.permission.SUPPORT_USER_AUTH
1646   * @param { NoticeType } noticeType - Notice type for user authentication.
1647   * @param { string } eventData - The event data from widget.
1648   * @throws { BusinessError } 201 - Permission verification failed.
1649   * @throws { BusinessError } 202 - The caller is not a system application.
1650   * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1651   * <br>1. Mandatory parameters are left unspecified.
1652   * <br>2. Incorrect parameter types.
1653   * <br>3. Parameter verification failed.
1654   * @throws { BusinessError } 12500002 - General operation error.
1655   * @syscap SystemCapability.UserIAM.UserAuth.Core
1656   * @systemapi Hide this for inner system use.
1657   * @since 10
1658   */
1659  function sendNotice(noticeType: NoticeType, eventData: string): void;
1660
1661  /**
1662   * Enum for operation result.
1663   *
1664   * @enum { number }
1665   * @syscap SystemCapability.UserIAM.UserAuth.Core
1666   * @since 9
1667   */
1668  /**
1669   * Enum for operation result.
1670   *
1671   * @enum { number }
1672   * @syscap SystemCapability.UserIAM.UserAuth.Core
1673   * @atomicservice
1674   * @since 12
1675   */
1676  enum UserAuthResultCode {
1677    /**
1678     * Indicates that the result is success or ability is supported.
1679     *
1680     * @syscap SystemCapability.UserIAM.UserAuth.Core
1681     * @since 9
1682     */
1683    /**
1684     * Indicates that the result is success or ability is supported.
1685     *
1686     * @syscap SystemCapability.UserIAM.UserAuth.Core
1687     * @atomicservice
1688     * @since 12
1689     */
1690    SUCCESS = 12500000,
1691
1692    /**
1693     * Indicates that the authentication result is failed.
1694     *
1695     * @syscap SystemCapability.UserIAM.UserAuth.Core
1696     * @since 9
1697     */
1698    /**
1699     * Indicates that the authentication result is failed.
1700     *
1701     * @syscap SystemCapability.UserIAM.UserAuth.Core
1702     * @atomicservice
1703     * @since 12
1704     */
1705    FAIL = 12500001,
1706
1707    /**
1708     * Indicates other errors.
1709     *
1710     * @syscap SystemCapability.UserIAM.UserAuth.Core
1711     * @since 9
1712     */
1713    /**
1714     * Indicates other errors.
1715     *
1716     * @syscap SystemCapability.UserIAM.UserAuth.Core
1717     * @atomicservice
1718     * @since 12
1719     */
1720    GENERAL_ERROR = 12500002,
1721
1722    /**
1723     * Indicates that this operation is canceled.
1724     *
1725     * @syscap SystemCapability.UserIAM.UserAuth.Core
1726     * @since 9
1727     */
1728    /**
1729     * Indicates that this operation is canceled.
1730     *
1731     * @syscap SystemCapability.UserIAM.UserAuth.Core
1732     * @atomicservice
1733     * @since 12
1734     */
1735    CANCELED = 12500003,
1736
1737    /**
1738     * Indicates that this operation is time-out.
1739     *
1740     * @syscap SystemCapability.UserIAM.UserAuth.Core
1741     * @since 9
1742     */
1743    /**
1744     * Indicates that this operation is time-out.
1745     *
1746     * @syscap SystemCapability.UserIAM.UserAuth.Core
1747     * @atomicservice
1748     * @since 12
1749     */
1750    TIMEOUT = 12500004,
1751
1752    /**
1753     * Indicates that this authentication type is not supported.
1754     *
1755     * @syscap SystemCapability.UserIAM.UserAuth.Core
1756     * @since 9
1757     */
1758    /**
1759     * Indicates that this authentication type is not supported.
1760     *
1761     * @syscap SystemCapability.UserIAM.UserAuth.Core
1762     * @atomicservice
1763     * @since 12
1764     */
1765    TYPE_NOT_SUPPORT = 12500005,
1766
1767    /**
1768     * Indicates that the authentication trust level is not supported.
1769     *
1770     * @syscap SystemCapability.UserIAM.UserAuth.Core
1771     * @since 9
1772     */
1773    /**
1774     * Indicates that the authentication trust level is not supported.
1775     *
1776     * @syscap SystemCapability.UserIAM.UserAuth.Core
1777     * @atomicservice
1778     * @since 12
1779     */
1780    TRUST_LEVEL_NOT_SUPPORT = 12500006,
1781
1782    /**
1783     * Indicates that the authentication task is busy. Wait for a few seconds and try again.
1784     *
1785     * @syscap SystemCapability.UserIAM.UserAuth.Core
1786     * @since 9
1787     */
1788    /**
1789     * Indicates that the authentication task is busy. Wait for a few seconds and try again.
1790     *
1791     * @syscap SystemCapability.UserIAM.UserAuth.Core
1792     * @atomicservice
1793     * @since 12
1794     */
1795    BUSY = 12500007,
1796
1797    /**
1798     * Indicates that the authenticator is locked.
1799     *
1800     * @syscap SystemCapability.UserIAM.UserAuth.Core
1801     * @since 9
1802     */
1803    /**
1804     * Indicates that the authenticator is locked.
1805     *
1806     * @syscap SystemCapability.UserIAM.UserAuth.Core
1807     * @atomicservice
1808     * @since 12
1809     */
1810    LOCKED = 12500009,
1811
1812    /**
1813     * Indicates that the user has not enrolled the authenticator.
1814     *
1815     * @syscap SystemCapability.UserIAM.UserAuth.Core
1816     * @since 9
1817     */
1818    /**
1819     * Indicates that the user has not enrolled the authenticator.
1820     *
1821     * @syscap SystemCapability.UserIAM.UserAuth.Core
1822     * @atomicservice
1823     * @since 12
1824     */
1825    NOT_ENROLLED = 12500010,
1826
1827    /**
1828     * Indicates that this operation is canceled from widget's navigation button.
1829     *
1830     * @syscap SystemCapability.UserIAM.UserAuth.Core
1831     * @since 10
1832     */
1833    /**
1834     * Indicates that this operation is canceled from widget's navigation button.
1835     *
1836     * @syscap SystemCapability.UserIAM.UserAuth.Core
1837     * @atomicservice
1838     * @since 12
1839     */
1840    CANCELED_FROM_WIDGET = 12500011,
1841
1842    /**
1843     * Indicates that current operation failed because of PIN expired.
1844     *
1845     * @syscap SystemCapability.UserIAM.UserAuth.Core
1846     * @atomicservice
1847     * @since 12
1848     */
1849    PIN_EXPIRED = 12500013
1850  }
1851
1852  /**
1853   * User authentication widget's manager, used to manage widget's client.
1854   *
1855   * @interface UserAuthWidgetMgr
1856   * @syscap SystemCapability.UserIAM.UserAuth.Core
1857   * @systemapi Hide this for inner system use.
1858   * @since 10
1859   */
1860  interface UserAuthWidgetMgr {
1861    /**
1862     * Turn on authentication widget command event listening.
1863     *
1864     * @param { 'command' } type - Indicates the type of event.
1865     * @param { IAuthWidgetCallback } callback - Indicates the listener.
1866     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1867     * <br>1. Mandatory parameters are left unspecified.
1868     * <br>2. Incorrect parameter types.
1869     * <br>3. Parameter verification failed.
1870     * @throws { BusinessError } 12500002 - General operation error.
1871     * @syscap SystemCapability.UserIAM.UserAuth.Core
1872     * @systemapi Hide this for inner system use.
1873     * @since 10
1874     */
1875    on(type: 'command', callback: IAuthWidgetCallback): void;
1876
1877    /**
1878     * Turn off authentication widget command event listening.
1879     *
1880     * @param { 'command' } type - Indicates the type of event.
1881     * @param { IAuthWidgetCallback } callback - Indicates the listener.
1882     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1883     * <br>1. Mandatory parameters are left unspecified.
1884     * <br>2. Incorrect parameter types.
1885     * <br>3. Parameter verification failed.
1886     * @throws { BusinessError } 12500002 - General operation error.
1887     * @syscap SystemCapability.UserIAM.UserAuth.Core
1888     * @systemapi Hide this for inner system use.
1889     * @since 10
1890     */
1891    off(type: 'command', callback?: IAuthWidgetCallback): void;
1892  }
1893
1894  /**
1895   * Get authentication instance with widget.
1896   *
1897   * @permission ohos.permission.SUPPORT_USER_AUTH
1898   * @param { number } version - The version of widget.
1899   * @returns { UserAuthWidgetMgr } Returns an authentication manager.
1900   * @throws { BusinessError } 201 - Permission verification failed.
1901   * @throws { BusinessError } 202 - The caller is not a system application.
1902   * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1903   * <br>1. Mandatory parameters are left unspecified.
1904   * <br>2. Incorrect parameter types.
1905   * @throws { BusinessError } 12500002 - General operation error.
1906   * @syscap SystemCapability.UserIAM.UserAuth.Core
1907   * @systemapi Hide this for inner system use.
1908   * @since 10
1909   */
1910  function getUserAuthWidgetMgr(version: number): UserAuthWidgetMgr;
1911
1912  /**
1913   * Asynchronous callback of authentication widget operation.
1914   *
1915   * @interface IAuthWidgetCallback
1916   * @syscap SystemCapability.UserIAM.UserAuth.Core
1917   * @systemapi Hide this for inner system use.
1918   * @since 10
1919   */
1920  interface IAuthWidgetCallback {
1921    /**
1922     * The command data for authentication with widget is sent through the callback.
1923     *
1924     * @param { string } cmdData - The command data for authentication with widget.
1925     * @syscap SystemCapability.UserIAM.UserAuth.Core
1926     * @systemapi Hide this for inner system use.
1927     * @since 10
1928     */
1929    sendCommand(cmdData: string): void;
1930  }
1931}
1932
1933export default userAuth;
1934