1/* 2 * Copyright (c) 2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16/** 17 * @file 18 * @kit UserAuthenticationKit 19 */ 20 21import type { AsyncCallback } from './@ohos.base'; 22 23/** 24 * User authentication 25 * 26 * @namespace userAuth 27 * @syscap SystemCapability.UserIAM.UserAuth.Core 28 * @since 6 29 */ 30/** 31 * User authentication 32 * 33 * @namespace userAuth 34 * @syscap SystemCapability.UserIAM.UserAuth.Core 35 * @atomicservice 36 * @since 12 37 */ 38declare namespace userAuth { 39 /** 40 * The maximum allowable reuse duration is 300000 milliseconds. 41 * 42 * @constant 43 * @syscap SystemCapability.UserIAM.UserAuth.Core 44 * @atomicservice 45 * @since 12 46 */ 47 const MAX_ALLOWABLE_REUSE_DURATION: 300000; 48 49 /** 50 * Enum for authentication result. 51 * 52 * @enum { number } 53 * @syscap SystemCapability.UserIAM.UserAuth.Core 54 * @since 6 55 * @deprecated since 8 56 * @useinstead ohos.userIAM.userAuth.ResultCode 57 */ 58 export enum AuthenticationResult { 59 /** 60 * Indicates that the device does not support authentication. 61 * 62 * @syscap SystemCapability.UserIAM.UserAuth.Core 63 * @since 6 64 * @deprecated since 8 65 */ 66 NO_SUPPORT = -1, 67 68 /** 69 * Indicates that authentication is success. 70 * 71 * @syscap SystemCapability.UserIAM.UserAuth.Core 72 * @since 6 73 * @deprecated since 8 74 */ 75 SUCCESS = 0, 76 77 /** 78 * Indicates the authenticator fails to identify user. 79 * 80 * @syscap SystemCapability.UserIAM.UserAuth.Core 81 * @since 6 82 * @deprecated since 8 83 */ 84 COMPARE_FAILURE = 1, 85 86 /** 87 * Indicates that authentication has been canceled. 88 * 89 * @syscap SystemCapability.UserIAM.UserAuth.Core 90 * @since 6 91 * @deprecated since 8 92 */ 93 CANCELED = 2, 94 95 /** 96 * Indicates that authentication has timed out. 97 * 98 * @syscap SystemCapability.UserIAM.UserAuth.Core 99 * @since 6 100 * @deprecated since 8 101 */ 102 TIMEOUT = 3, 103 104 /** 105 * Indicates a failure to open the camera. 106 * 107 * @syscap SystemCapability.UserIAM.UserAuth.Core 108 * @since 6 109 * @deprecated since 8 110 */ 111 CAMERA_FAIL = 4, 112 113 /** 114 * Indicates that the authentication task is busy. Wait for a few seconds and try again. 115 * 116 * @syscap SystemCapability.UserIAM.UserAuth.Core 117 * @since 6 118 * @deprecated since 8 119 */ 120 BUSY = 5, 121 122 /** 123 * Indicates incorrect parameters. 124 * 125 * @syscap SystemCapability.UserIAM.UserAuth.Core 126 * @since 6 127 * @deprecated since 8 128 */ 129 INVALID_PARAMETERS = 6, 130 131 /** 132 * Indicates that the authenticator is locked. 133 * 134 * @syscap SystemCapability.UserIAM.UserAuth.Core 135 * @since 6 136 * @deprecated since 8 137 */ 138 LOCKED = 7, 139 140 /** 141 * Indicates that the user has not enrolled the authenticator. 142 * 143 * @syscap SystemCapability.UserIAM.UserAuth.Core 144 * @since 6 145 * @deprecated since 8 146 */ 147 NOT_ENROLLED = 8, 148 149 /** 150 * Indicates other errors. 151 * 152 * @syscap SystemCapability.UserIAM.UserAuth.Core 153 * @since 6 154 * @deprecated since 8 155 */ 156 GENERAL_ERROR = 100 157 } 158 159 /** 160 * Auth types 161 * 162 * @typedef { 'ALL' | 'FACE_ONLY' } 163 * @syscap SystemCapability.UserIAM.UserAuth.Core 164 * @since 6 165 * @deprecated since 8 166 */ 167 type AuthType = 'ALL' | 'FACE_ONLY'; 168 169 /** 170 * Secure levels 171 * 172 * @typedef { 'S1' | 'S2' | 'S3' | 'S4' } 173 * @syscap SystemCapability.UserIAM.UserAuth.Core 174 * @since 6 175 * @deprecated since 8 176 */ 177 type SecureLevel = 'S1' | 'S2' | 'S3' | 'S4'; 178 179 /** 180 * Used to initiate authentication. 181 * 182 * @interface Authenticator 183 * @syscap SystemCapability.UserIAM.UserAuth.Core 184 * @since 6 185 * @deprecated since 8 186 */ 187 interface Authenticator { 188 /** 189 * Execute authentication. 190 * 191 * @permission ohos.permission.ACCESS_BIOMETRIC 192 * @param { AuthType } type - Indicates the authentication type. 193 * @param { SecureLevel } level - Indicates the security level. 194 * @param { AsyncCallback<number> } callback - Async callback of execute. 195 * @syscap SystemCapability.UserIAM.UserAuth.Core 196 * @since 6 197 * @deprecated since 8 198 */ 199 execute(type: AuthType, level: SecureLevel, callback: AsyncCallback<number>): void; 200 201 /** 202 * Execute authentication. 203 * 204 * @permission ohos.permission.ACCESS_BIOMETRIC 205 * @param { AuthType } type - Indicates the authentication type. 206 * @param { SecureLevel } level - Indicates the security level. 207 * @returns { Promise<number> } 208 * @syscap SystemCapability.UserIAM.UserAuth.Core 209 * @since 6 210 * @deprecated since 8 211 */ 212 execute(type: AuthType, level: SecureLevel): Promise<number>; 213 } 214 215 /** 216 * Get Authenticator instance. 217 * 218 * @returns { Authenticator } Returns an Authenticator. 219 * @syscap SystemCapability.UserIAM.UserAuth.Core 220 * @since 6 221 * @deprecated since 8 222 */ 223 function getAuthenticator(): Authenticator; 224 225 /** 226 * User authentication. 227 * 228 * @syscap SystemCapability.UserIAM.UserAuth.Core 229 * @since 8 230 * @deprecated since 9 231 * @useinstead ohos.userIAM.userAuth.AuthInstance 232 */ 233 class UserAuth { 234 /** 235 * Constructor to get the UserAuth class instance. 236 * 237 * @syscap SystemCapability.UserIAM.UserAuth.Core 238 * @since 8 239 * @deprecated since 9 240 * @useinstead ohos.userIAM.userAuth.getAuthInstance 241 */ 242 constructor(); 243 244 /** 245 * Get version information. 246 * 247 * @permission ohos.permission.ACCESS_BIOMETRIC 248 * @returns { number } Returns version information. 249 * @syscap SystemCapability.UserIAM.UserAuth.Core 250 * @since 8 251 * @deprecated since 9 252 * @useinstead ohos.userIAM.userAuth.getVersion 253 */ 254 getVersion(): number; 255 256 /** 257 * Check whether the authentication capability is available. 258 * 259 * @permission ohos.permission.ACCESS_BIOMETRIC 260 * @param { UserAuthType } authType - Credential type for authentication. 261 * @param { AuthTrustLevel } authTrustLevel - Trust level of authentication result. 262 * @returns { number } Returns a check result, which is specified by getAvailableStatus, the value of number is related to the ResultCode enum, **201** is 263 * check permission failed. 264 * @syscap SystemCapability.UserIAM.UserAuth.Core 265 * @since 8 266 * @deprecated since 9 267 * @useinstead ohos.userIAM.userAuth.getAvailableStatus 268 */ 269 getAvailableStatus(authType: UserAuthType, authTrustLevel: AuthTrustLevel): number; 270 271 /** 272 * Executes authentication. 273 * 274 * @permission ohos.permission.ACCESS_BIOMETRIC 275 * @param { Uint8Array } challenge - Pass in challenge value. 276 * @param { UserAuthType } authType - Type of authentication. 277 * @param { AuthTrustLevel } authTrustLevel - Trust level of authentication result. 278 * @param { IUserAuthCallback } callback - Return result and acquireInfo through callback, the value of result code is related to the ResultCode enum, 279 * **201** is check permission failed. 280 * @returns { Uint8Array } Returns ContextId for cancel. 281 * @syscap SystemCapability.UserIAM.UserAuth.Core 282 * @since 8 283 * @deprecated since 9 284 * @useinstead ohos.userIAM.userAuth.AuthInstance.start 285 */ 286 auth( 287 challenge: Uint8Array, 288 authType: UserAuthType, 289 authTrustLevel: AuthTrustLevel, 290 callback: IUserAuthCallback 291 ): Uint8Array; 292 293 /** 294 * Cancel authentication with ContextID. 295 * 296 * @permission ohos.permission.ACCESS_BIOMETRIC 297 * @param { Uint8Array } contextID - Cancel authentication and pass in ContextID. 298 * @returns { number } Returns a number value indicating whether Cancel authentication was successful, the value of number is related to the ResultCode 299 * enum, **201** is check permission failed. 300 * @syscap SystemCapability.UserIAM.UserAuth.Core 301 * @since 8 302 * @deprecated since 9 303 * @useinstead ohos.userIAM.userAuth.AuthInstance.cancel 304 */ 305 cancelAuth(contextID: Uint8Array): number; 306 } 307 308 /** 309 * Asynchronous callback of authentication operation. 310 * 311 * @interface IUserAuthCallback 312 * @syscap SystemCapability.UserIAM.UserAuth.Core 313 * @since 8 314 * @deprecated since 9 315 * @useinstead ohos.userIAM.userAuth.AuthEvent 316 */ 317 interface IUserAuthCallback { 318 /** 319 * The authentication result code is returned through the callback. 320 * If the authentication is passed, the authentication token is returned in extraInfo, 321 * If the authentication fails, the remaining authentication times are returned in extraInfo, 322 * If the authentication executor is locked, the freezing time is returned in extraInfo. 323 * 324 * @type { function } 325 * @syscap SystemCapability.UserIAM.UserAuth.Core 326 * @since 8 327 * @deprecated since 9 328 * @useinstead ohos.userIAM.userAuth.AuthEvent.callback 329 */ 330 onResult: (result: number, extraInfo: AuthResult) => void; 331 332 /** 333 * During an authentication, the TipsCode is returned through the callback. 334 * 335 * @type { ?function } 336 * @syscap SystemCapability.UserIAM.UserAuth.Core 337 * @since 8 338 * @deprecated since 9 339 * @useinstead ohos.userIAM.userAuth.AuthEvent.callback 340 */ 341 onAcquireInfo?: (module: number, acquire: number, extraInfo: any) => void; 342 } 343 344 /** 345 * Authentication result: authentication token, remaining authentication times, freezing time. 346 * 347 * @typedef AuthResult 348 * @syscap SystemCapability.UserIAM.UserAuth.Core 349 * @since 8 350 * @deprecated since 9 351 * @useinstead ohos.userIAM.userAuth.AuthResultInfo 352 */ 353 interface AuthResult { 354 /** 355 * The authentication result if the authentication is passed. 356 * 357 * @type { ?Uint8Array } 358 * @syscap SystemCapability.UserIAM.UserAuth.Core 359 * @since 8 360 * @deprecated since 9 361 */ 362 token?: Uint8Array; 363 364 /** 365 * The remaining authentication times if the authentication fails. 366 * 367 * @type { ?number } 368 * @syscap SystemCapability.UserIAM.UserAuth.Core 369 * @since 8 370 * @deprecated since 9 371 */ 372 remainTimes?: number; 373 374 /** 375 * The freezing time if the authentication executor is locked. 376 * 377 * @type { ?number } 378 * @syscap SystemCapability.UserIAM.UserAuth.Core 379 * @since 8 380 * @deprecated since 9 381 */ 382 freezingTime?: number; 383 } 384 385 /** 386 * Enum for operation result. 387 * 388 * @enum { number } 389 * @syscap SystemCapability.UserIAM.UserAuth.Core 390 * @since 8 391 * @deprecated since 9 392 * @useinstead ohos.userIAM.userAuth.UserAuthResultCode 393 */ 394 enum ResultCode { 395 /** 396 * Indicates that the result is success or ability is supported. 397 * 398 * @syscap SystemCapability.UserIAM.UserAuth.Core 399 * @since 8 400 * @deprecated since 9 401 */ 402 SUCCESS = 0, 403 404 /** 405 * Indicates that authentication failed. 406 * 407 * @syscap SystemCapability.UserIAM.UserAuth.Core 408 * @since 8 409 * @deprecated since 9 410 */ 411 FAIL = 1, 412 413 /** 414 * Indicates other errors. 415 * 416 * @syscap SystemCapability.UserIAM.UserAuth.Core 417 * @since 8 418 * @deprecated since 9 419 */ 420 GENERAL_ERROR = 2, 421 422 /** 423 * Indicates that this operation has been canceled. 424 * 425 * @syscap SystemCapability.UserIAM.UserAuth.Core 426 * @since 8 427 * @deprecated since 9 428 */ 429 CANCELED = 3, 430 431 /** 432 * Indicates that this operation has timed out. 433 * 434 * @syscap SystemCapability.UserIAM.UserAuth.Core 435 * @since 8 436 * @deprecated since 9 437 */ 438 TIMEOUT = 4, 439 440 /** 441 * Indicates that this authentication type is not supported. 442 * 443 * @syscap SystemCapability.UserIAM.UserAuth.Core 444 * @since 8 445 * @deprecated since 9 446 */ 447 TYPE_NOT_SUPPORT = 5, 448 449 /** 450 * Indicates that the authentication trust level is not supported. 451 * 452 * @syscap SystemCapability.UserIAM.UserAuth.Core 453 * @since 8 454 * @deprecated since 9 455 */ 456 TRUST_LEVEL_NOT_SUPPORT = 6, 457 458 /** 459 * Indicates that the authentication task is busy. Wait for a few seconds and try again. 460 * 461 * @syscap SystemCapability.UserIAM.UserAuth.Core 462 * @since 8 463 * @deprecated since 9 464 */ 465 BUSY = 7, 466 467 /** 468 * Indicates incorrect parameters. 469 * 470 * @syscap SystemCapability.UserIAM.UserAuth.Core 471 * @since 8 472 * @deprecated since 9 473 */ 474 INVALID_PARAMETERS = 8, 475 476 /** 477 * Indicates that the authenticator is locked. 478 * 479 * @syscap SystemCapability.UserIAM.UserAuth.Core 480 * @since 8 481 * @deprecated since 9 482 */ 483 LOCKED = 9, 484 485 /** 486 * Indicates that the user has not enrolled the authenticator. 487 * 488 * @syscap SystemCapability.UserIAM.UserAuth.Core 489 * @since 8 490 * @deprecated since 9 491 */ 492 NOT_ENROLLED = 10 493 } 494 495 /** 496 * The enumeration of prompt codes in the process of face authentication. 497 * 498 * @enum { number } 499 * @syscap SystemCapability.UserIAM.UserAuth.Core 500 * @since 8 501 * @deprecated since 11 502 */ 503 enum FaceTips { 504 /** 505 * Indicates that the obtained facial image is too bright due to high illumination. 506 * 507 * @syscap SystemCapability.UserIAM.UserAuth.Core 508 * @since 8 509 * @deprecated since 11 510 */ 511 FACE_AUTH_TIP_TOO_BRIGHT = 1, 512 513 /** 514 * Indicates that the obtained facial image is too dark due to low illumination. 515 * 516 * @syscap SystemCapability.UserIAM.UserAuth.Core 517 * @since 8 518 * @deprecated since 11 519 */ 520 FACE_AUTH_TIP_TOO_DARK = 2, 521 522 /** 523 * Indicates that the face is too close to the device. 524 * 525 * @syscap SystemCapability.UserIAM.UserAuth.Core 526 * @since 8 527 * @deprecated since 11 528 */ 529 FACE_AUTH_TIP_TOO_CLOSE = 3, 530 531 /** 532 * Indicates that the face is too far away from the device. 533 * 534 * @syscap SystemCapability.UserIAM.UserAuth.Core 535 * @since 8 536 * @deprecated since 11 537 */ 538 FACE_AUTH_TIP_TOO_FAR = 4, 539 540 /** 541 * Indicates that the device is too high, and that only the upper part of the face is captured. 542 * 543 * @syscap SystemCapability.UserIAM.UserAuth.Core 544 * @since 8 545 * @deprecated since 11 546 */ 547 FACE_AUTH_TIP_TOO_HIGH = 5, 548 549 /** 550 * Indicates that the device is too low, and that only the lower part of the face is captured. 551 * 552 * @syscap SystemCapability.UserIAM.UserAuth.Core 553 * @since 8 554 * @deprecated since 11 555 */ 556 FACE_AUTH_TIP_TOO_LOW = 6, 557 558 /** 559 * Indicates that the device is deviated to the right, and that only the right part of the face is captured. 560 * 561 * @syscap SystemCapability.UserIAM.UserAuth.Core 562 * @since 8 563 * @deprecated since 11 564 */ 565 FACE_AUTH_TIP_TOO_RIGHT = 7, 566 567 /** 568 * Indicates that the device is deviated to the left, and that only the left part of the face is captured. 569 * 570 * @syscap SystemCapability.UserIAM.UserAuth.Core 571 * @since 8 572 * @deprecated since 11 573 */ 574 FACE_AUTH_TIP_TOO_LEFT = 8, 575 576 /** 577 * Indicates that the face moves too fast during facial information collection. 578 * 579 * @syscap SystemCapability.UserIAM.UserAuth.Core 580 * @since 8 581 * @deprecated since 11 582 */ 583 FACE_AUTH_TIP_TOO_MUCH_MOTION = 9, 584 585 /** 586 * Indicates that the face is not facing the device. 587 * 588 * @syscap SystemCapability.UserIAM.UserAuth.Core 589 * @since 8 590 * @deprecated since 11 591 */ 592 FACE_AUTH_TIP_POOR_GAZE = 10, 593 594 /** 595 * Indicates that no face is detected. 596 * 597 * @syscap SystemCapability.UserIAM.UserAuth.Core 598 * @since 8 599 * @deprecated since 11 600 */ 601 FACE_AUTH_TIP_NOT_DETECTED = 11 602 } 603 604 /** 605 * The enumeration of prompt codes in the process of fingerprint authentication. 606 * 607 * @enum { number } 608 * @syscap SystemCapability.UserIAM.UserAuth.Core 609 * @since 8 610 * @deprecated since 11 611 */ 612 enum FingerprintTips { 613 /** 614 * Indicates that the image acquired is good. 615 * 616 * @syscap SystemCapability.UserIAM.UserAuth.Core 617 * @since 8 618 * @deprecated since 11 619 */ 620 FINGERPRINT_AUTH_TIP_GOOD = 0, 621 622 /** 623 * Indicates that the fingerprint image is too noisy due to suspected or detected dirt on sensor. 624 * 625 * @syscap SystemCapability.UserIAM.UserAuth.Core 626 * @since 8 627 * @deprecated since 11 628 */ 629 FINGERPRINT_AUTH_TIP_DIRTY = 1, 630 631 /** 632 * Indicates that the fingerprint image is too noisy to process due to a detected condition. 633 * 634 * @syscap SystemCapability.UserIAM.UserAuth.Core 635 * @since 8 636 * @deprecated since 11 637 */ 638 FINGERPRINT_AUTH_TIP_INSUFFICIENT = 2, 639 640 /** 641 * Indicates that only a partial fingerprint image is detected. 642 * 643 * @syscap SystemCapability.UserIAM.UserAuth.Core 644 * @since 8 645 * @deprecated since 11 646 */ 647 FINGERPRINT_AUTH_TIP_PARTIAL = 3, 648 649 /** 650 * Indicates that the fingerprint image is incomplete due to quick motion. 651 * 652 * @syscap SystemCapability.UserIAM.UserAuth.Core 653 * @since 8 654 * @deprecated since 11 655 */ 656 FINGERPRINT_AUTH_TIP_TOO_FAST = 4, 657 658 /** 659 * Indicates that the fingerprint image is unreadable due to lack of motion. 660 * 661 * @syscap SystemCapability.UserIAM.UserAuth.Core 662 * @since 8 663 * @deprecated since 11 664 */ 665 FINGERPRINT_AUTH_TIP_TOO_SLOW = 5 666 } 667 668 /** 669 * Credential type for authentication. 670 * 671 * @enum { number } 672 * @syscap SystemCapability.UserIAM.UserAuth.Core 673 * @since 8 674 */ 675 /** 676 * Credential type for authentication. 677 * 678 * @enum { number } 679 * @syscap SystemCapability.UserIAM.UserAuth.Core 680 * @atomicservice 681 * @since 12 682 */ 683 enum UserAuthType { 684 /** 685 * Authentication type pin. 686 * 687 * @syscap SystemCapability.UserIAM.UserAuth.Core 688 * @since 10 689 */ 690 /** 691 * Authentication type pin. 692 * 693 * @syscap SystemCapability.UserIAM.UserAuth.Core 694 * @atomicservice 695 * @since 12 696 */ 697 PIN = 1, 698 699 /** 700 * Authentication type face. 701 * 702 * @syscap SystemCapability.UserIAM.UserAuth.Core 703 * @since 8 704 */ 705 /** 706 * Authentication type face. 707 * 708 * @syscap SystemCapability.UserIAM.UserAuth.Core 709 * @atomicservice 710 * @since 12 711 */ 712 FACE = 2, 713 714 /** 715 * Authentication type fingerprint. 716 * 717 * @syscap SystemCapability.UserIAM.UserAuth.Core 718 * @since 8 719 */ 720 /** 721 * Authentication type fingerprint. 722 * 723 * @syscap SystemCapability.UserIAM.UserAuth.Core 724 * @atomicservice 725 * @since 12 726 */ 727 FINGERPRINT = 4 728 } 729 730 /** 731 * Trust level of authentication results. 732 * 733 * @enum { number } 734 * @syscap SystemCapability.UserIAM.UserAuth.Core 735 * @since 8 736 */ 737 /** 738 * Trust level of authentication results. 739 * 740 * @enum { number } 741 * @syscap SystemCapability.UserIAM.UserAuth.Core 742 * @atomicservice 743 * @since 12 744 */ 745 enum AuthTrustLevel { 746 /** 747 * Authentication result trusted level 1. 748 * 749 * @syscap SystemCapability.UserIAM.UserAuth.Core 750 * @since 8 751 */ 752 /** 753 * Authentication result trusted level 1. 754 * 755 * @syscap SystemCapability.UserIAM.UserAuth.Core 756 * @atomicservice 757 * @since 12 758 */ 759 ATL1 = 10000, 760 761 /** 762 * Authentication result trusted level 2. 763 * 764 * @syscap SystemCapability.UserIAM.UserAuth.Core 765 * @since 8 766 */ 767 /** 768 * Authentication result trusted level 2. 769 * 770 * @syscap SystemCapability.UserIAM.UserAuth.Core 771 * @atomicservice 772 * @since 12 773 */ 774 ATL2 = 20000, 775 776 /** 777 * Authentication result trusted level 3. 778 * 779 * @syscap SystemCapability.UserIAM.UserAuth.Core 780 * @since 8 781 */ 782 /** 783 * Authentication result trusted level 3. 784 * 785 * @syscap SystemCapability.UserIAM.UserAuth.Core 786 * @atomicservice 787 * @since 12 788 */ 789 ATL3 = 30000, 790 791 /** 792 * Authentication result trusted level 4. 793 * 794 * @syscap SystemCapability.UserIAM.UserAuth.Core 795 * @since 8 796 */ 797 /** 798 * Authentication result trusted level 4. 799 * 800 * @syscap SystemCapability.UserIAM.UserAuth.Core 801 * @atomicservice 802 * @since 12 803 */ 804 ATL4 = 40000 805 } 806 807 /** 808 * Authentication events. 809 * 810 * @typedef { 'result' | 'tip' } 811 * @syscap SystemCapability.UserIAM.UserAuth.Core 812 * @since 9 813 * @deprecated since 11 814 */ 815 type AuthEventKey = 'result' | 'tip'; 816 817 /** 818 * Return information of Authentication events. 819 * 820 * @typedef { AuthResultInfo | TipInfo } 821 * @syscap SystemCapability.UserIAM.UserAuth.Core 822 * @since 9 823 * @deprecated since 11 824 * @useinstead ohos.userIAM.userAuth.UserAuthResult 825 */ 826 type EventInfo = AuthResultInfo | TipInfo; 827 828 /** 829 * Asynchronous callback of authentication event. 830 * 831 * @interface AuthEvent 832 * @syscap SystemCapability.UserIAM.UserAuth.Core 833 * @since 9 834 * @deprecated since 11 835 * @useinstead ohos.userIAM.userAuth.IAuthCallback 836 */ 837 interface AuthEvent { 838 /** 839 * The authentication event callback. 840 * 841 * @param { EventInfo } result - Event info. 842 * @syscap SystemCapability.UserIAM.UserAuth.Core 843 * @since 9 844 * @deprecated since 11 845 * @useinstead ohos.userIAM.userAuth.IAuthCallback.onResult 846 */ 847 callback(result: EventInfo): void; 848 } 849 850 /** 851 * Authentication result information. 852 * 853 * @typedef AuthResultInfo 854 * @syscap SystemCapability.UserIAM.UserAuth.Core 855 * @since 9 856 * @deprecated since 11 857 */ 858 interface AuthResultInfo { 859 /** 860 * The authentication result. 861 * 862 * @type { number } 863 * @syscap SystemCapability.UserIAM.UserAuth.Core 864 * @since 9 865 * @deprecated since 11 866 */ 867 result: number; 868 869 /** 870 * The authentication token if the authentication is passed. 871 * 872 * @type { ?Uint8Array } 873 * @syscap SystemCapability.UserIAM.UserAuth.Core 874 * @since 9 875 * @deprecated since 11 876 */ 877 token?: Uint8Array; 878 879 /** 880 * The remaining authentication attempts if the authentication fails. 881 * 882 * @type { ?number } 883 * @syscap SystemCapability.UserIAM.UserAuth.Core 884 * @since 9 885 * @deprecated since 11 886 */ 887 remainAttempts?: number; 888 889 /** 890 * The lockout duration if the authentication executor is locked. 891 * 892 * @type { ?number } 893 * @syscap SystemCapability.UserIAM.UserAuth.Core 894 * @since 9 895 * @deprecated since 11 896 */ 897 lockoutDuration?: number; 898 } 899 900 /** 901 * Authentication tip info. 902 * 903 * @typedef TipInfo 904 * @syscap SystemCapability.UserIAM.UserAuth.Core 905 * @since 9 906 * @deprecated since 11 907 */ 908 interface TipInfo { 909 /** 910 * The authentication module of sending tip information. 911 * 912 * @type { number } 913 * @syscap SystemCapability.UserIAM.UserAuth.Core 914 * @since 9 915 * @deprecated since 11 916 */ 917 module: number; 918 919 /** 920 * Tip information, used to prompt the business to perform some operations. 921 * 922 * @type { number } 923 * @syscap SystemCapability.UserIAM.UserAuth.Core 924 * @since 9 925 * @deprecated since 11 926 */ 927 tip: number; 928 } 929 930 /** 931 * Authentication instance, used to initiate a complete authentication. 932 * 933 * @interface AuthInstance 934 * @syscap SystemCapability.UserIAM.UserAuth.Core 935 * @since 9 936 * @deprecated since 10 937 * @useinstead ohos.userIAM.userAuth.UserAuthInstance 938 */ 939 interface AuthInstance { 940 /** 941 * Turn on authentication event listening. 942 * 943 * @throws { BusinessError } 401 - Incorrect parameters. 944 * @throws { BusinessError } 12500002 - General operation error. 945 * @syscap SystemCapability.UserIAM.UserAuth.Core 946 * @since 9 947 * @deprecated since 10 948 */ 949 on: (name: AuthEventKey, callback: AuthEvent) => void; 950 951 /** 952 * Turn off authentication event listening. 953 * 954 * @throws { BusinessError } 401 - Incorrect parameters. 955 * @throws { BusinessError } 12500002 - General operation error. 956 * @syscap SystemCapability.UserIAM.UserAuth.Core 957 * @since 9 958 * @deprecated since 10 959 */ 960 off: (name: AuthEventKey) => void; 961 962 /** 963 * Start this authentication, an instance can only perform authentication once. 964 * 965 * @permission ohos.permission.ACCESS_BIOMETRIC 966 * @type { function } 967 * @throws { BusinessError } 201 - Permission verification failed. 968 * @throws { BusinessError } 401 - Incorrect parameters. 969 * @throws { BusinessError } 12500001 - Authentication failed. 970 * @throws { BusinessError } 12500002 - General operation error. 971 * @throws { BusinessError } 12500003 - The operation is canceled. 972 * @throws { BusinessError } 12500004 - The operation is time-out. 973 * @throws { BusinessError } 12500005 - The authentication type is not supported. 974 * @throws { BusinessError } 12500006 - The authentication trust level is not supported. 975 * @throws { BusinessError } 12500007 - The authentication task is busy. 976 * @throws { BusinessError } 12500009 - The authenticator is locked. 977 * @throws { BusinessError } 12500010 - The type of credential has not been enrolled. 978 * @syscap SystemCapability.UserIAM.UserAuth.Core 979 * @since 9 980 * @deprecated since 10 981 */ 982 start: () => void; 983 984 /** 985 * Cancel this authentication. 986 * 987 * @permission ohos.permission.ACCESS_BIOMETRIC 988 * @type { function } 989 * @throws { BusinessError } 201 - Permission verification failed. 990 * @throws { BusinessError } 401 - Incorrect parameters. 991 * @throws { BusinessError } 12500002 - General operation error. 992 * @syscap SystemCapability.UserIAM.UserAuth.Core 993 * @since 9 994 * @deprecated since 10 995 */ 996 cancel: () => void; 997 } 998 999 /** 1000 * Check whether the authentication capability is available. 1001 * 1002 * @permission ohos.permission.ACCESS_BIOMETRIC 1003 * @param { UserAuthType } authType - Credential type for authentication. 1004 * @param { AuthTrustLevel } authTrustLevel - Trust level of authentication result. 1005 * @throws { BusinessError } 201 - Permission verification failed. 1006 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1007 * <br>1. Mandatory parameters are left unspecified. 1008 * @throws { BusinessError } 12500002 - General operation error. 1009 * @throws { BusinessError } 12500005 - The authentication type is not supported. 1010 * @throws { BusinessError } 12500006 - The authentication trust level is not supported. 1011 * @throws { BusinessError } 12500010 - The type of credential has not been enrolled. 1012 * @syscap SystemCapability.UserIAM.UserAuth.Core 1013 * @since 9 1014 */ 1015 /** 1016 * Check whether the authentication capability is available. 1017 * 1018 * @permission ohos.permission.ACCESS_BIOMETRIC 1019 * @param { UserAuthType } authType - Credential type for authentication. 1020 * @param { AuthTrustLevel } authTrustLevel - Trust level of authentication result. 1021 * @throws { BusinessError } 201 - Permission verification failed. 1022 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1023 * <br>1. Mandatory parameters are left unspecified. 1024 * @throws { BusinessError } 12500002 - General operation error. 1025 * @throws { BusinessError } 12500005 - The authentication type is not supported. 1026 * @throws { BusinessError } 12500006 - The authentication trust level is not supported. 1027 * @throws { BusinessError } 12500010 - The type of credential has not been enrolled. 1028 * @throws { BusinessError } 12500013 - Operation failed because of PIN expired. 1029 * @syscap SystemCapability.UserIAM.UserAuth.Core 1030 * @atomicservice 1031 * @since 12 1032 */ 1033 function getAvailableStatus(authType: UserAuthType, authTrustLevel: AuthTrustLevel): void; 1034 1035 /** 1036 * Enrolled state. 1037 * 1038 * @typedef EnrolledState 1039 * @syscap SystemCapability.UserIAM.UserAuth.Core 1040 * @atomicservice 1041 * @since 12 1042 */ 1043 interface EnrolledState { 1044 /** 1045 * The credential digest. 1046 * 1047 * @type { number } 1048 * @syscap SystemCapability.UserIAM.UserAuth.Core 1049 * @atomicservice 1050 * @since 12 1051 */ 1052 credentialDigest: number; 1053 1054 /** 1055 * The credential count. 1056 * 1057 * @type { number } 1058 * @syscap SystemCapability.UserIAM.UserAuth.Core 1059 * @atomicservice 1060 * @since 12 1061 */ 1062 credentialCount: number; 1063 } 1064 1065 /** 1066 * Get the state of enrolled credentials which varies as credentials change. 1067 * 1068 * @permission ohos.permission.ACCESS_BIOMETRIC 1069 * @param { UserAuthType } authType - Credential type for authentication. 1070 * @returns { EnrolledState } Returns the enrolled state. 1071 * @throws { BusinessError } 201 - Permission verification failed. 1072 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1073 * <br>1. Mandatory parameters are left unspecified. 1074 * @throws { BusinessError } 12500002 - General operation error. 1075 * @throws { BusinessError } 12500005 - The authentication type is not supported. 1076 * @throws { BusinessError } 12500010 - The type of credential has not been enrolled. 1077 * @syscap SystemCapability.UserIAM.UserAuth.Core 1078 * @atomicservice 1079 * @since 12 1080 */ 1081 function getEnrolledState(authType: UserAuthType): EnrolledState; 1082 1083 /** 1084 * Get Authentication instance. 1085 * 1086 * @param { Uint8Array } challenge - Pass in challenge value. 1087 * @param { UserAuthType } authType - Credential type for authentication. 1088 * @param { AuthTrustLevel } authTrustLevel - Trust level of authentication result. 1089 * @returns { AuthInstance } Returns an authentication instance. 1090 * @throws { BusinessError } 401 - Incorrect parameters. 1091 * @throws { BusinessError } 12500002 - General operation error. 1092 * @throws { BusinessError } 12500005 - The authentication type is not supported. 1093 * @throws { BusinessError } 12500006 - The authentication trust level is not supported. 1094 * @syscap SystemCapability.UserIAM.UserAuth.Core 1095 * @since 9 1096 * @deprecated since 10 1097 * @useinstead ohos.userIAM.userAuth.getUserAuthInstance 1098 */ 1099 function getAuthInstance(challenge: Uint8Array, authType: UserAuthType, authTrustLevel: AuthTrustLevel): AuthInstance; 1100 1101 /** 1102 * Window mode type for user authentication widget. 1103 * 1104 * @enum { number } 1105 * @syscap SystemCapability.UserIAM.UserAuth.Core 1106 * @systemapi Hide this for inner system use. 1107 * @since 10 1108 */ 1109 enum WindowModeType { 1110 /** 1111 * Window mode type is dialog box. 1112 * 1113 * @syscap SystemCapability.UserIAM.UserAuth.Core 1114 * @systemapi Hide this for inner system use. 1115 * @since 10 1116 */ 1117 DIALOG_BOX = 1, 1118 1119 /** 1120 * Window mode type is full screen. 1121 * 1122 * @syscap SystemCapability.UserIAM.UserAuth.Core 1123 * @systemapi Hide this for inner system use. 1124 * @since 10 1125 */ 1126 FULLSCREEN = 2 1127 } 1128 1129 /** 1130 * The mode for reusing unlock authentication result. 1131 * 1132 * @enum { number } 1133 * @syscap SystemCapability.UserIAM.UserAuth.Core 1134 * @atomicservice 1135 * @since 12 1136 */ 1137 enum ReuseMode { 1138 /** 1139 * Authentication type relevant.The unlock authentication result can be reused only when the result is within 1140 * valid duration as well as it comes from one of specified UserAuthTypes of the AuthParam. 1141 * 1142 * @syscap SystemCapability.UserIAM.UserAuth.Core 1143 * @atomicservice 1144 * @since 12 1145 */ 1146 AUTH_TYPE_RELEVANT = 1, 1147 1148 /** 1149 * Authentication type irrelevant.The unlock authentication result can be reused as long as the result is within 1150 * valid duration. 1151 * 1152 * @syscap SystemCapability.UserIAM.UserAuth.Core 1153 * @atomicservice 1154 * @since 12 1155 */ 1156 AUTH_TYPE_IRRELEVANT = 2 1157 } 1158 1159 /** 1160 * Reuse unlock authentication result. 1161 * 1162 * @typedef ReuseUnlockResult 1163 * @syscap SystemCapability.UserIAM.UserAuth.Core 1164 * @atomicservice 1165 * @since 12 1166 */ 1167 interface ReuseUnlockResult { 1168 /** 1169 * The mode for reusing unlock authentication result. 1170 * 1171 * @type { ReuseMode } 1172 * @syscap SystemCapability.UserIAM.UserAuth.Core 1173 * @atomicservice 1174 * @since 12 1175 */ 1176 reuseMode: ReuseMode; 1177 1178 /** 1179 * The allowable reuse duration.The value of the duration should be between 0 and MAX_ALLOWABLE_REUSE_DURATION. 1180 * 1181 * @type { number } 1182 * @syscap SystemCapability.UserIAM.UserAuth.Core 1183 * @atomicservice 1184 * @since 12 1185 */ 1186 reuseDuration: number; 1187 } 1188 1189 /** 1190 * Auth parameter. 1191 * 1192 * @typedef AuthParam 1193 * @syscap SystemCapability.UserIAM.UserAuth.Core 1194 * @since 10 1195 */ 1196 /** 1197 * Auth parameter. 1198 * 1199 * @typedef AuthParam 1200 * @syscap SystemCapability.UserIAM.UserAuth.Core 1201 * @atomicservice 1202 * @since 12 1203 */ 1204 interface AuthParam { 1205 /** 1206 * Pass in challenge value. 1207 * 1208 * @type { Uint8Array } 1209 * @syscap SystemCapability.UserIAM.UserAuth.Core 1210 * @since 10 1211 */ 1212 /** 1213 * Pass in challenge value. 1214 * 1215 * @type { Uint8Array } 1216 * @syscap SystemCapability.UserIAM.UserAuth.Core 1217 * @atomicservice 1218 * @since 12 1219 */ 1220 challenge: Uint8Array; 1221 1222 /** 1223 * Credential type for authentication. 1224 * 1225 * @type { UserAuthType[] } 1226 * @syscap SystemCapability.UserIAM.UserAuth.Core 1227 * @since 10 1228 */ 1229 /** 1230 * Credential type for authentication. 1231 * 1232 * @type { UserAuthType[] } 1233 * @syscap SystemCapability.UserIAM.UserAuth.Core 1234 * @atomicservice 1235 * @since 12 1236 */ 1237 authType: UserAuthType[]; 1238 1239 /** 1240 * Trust level of authentication result. 1241 * 1242 * @type { AuthTrustLevel } 1243 * @syscap SystemCapability.UserIAM.UserAuth.Core 1244 * @since 10 1245 */ 1246 /** 1247 * Trust level of authentication result. 1248 * 1249 * @type { AuthTrustLevel } 1250 * @syscap SystemCapability.UserIAM.UserAuth.Core 1251 * @atomicservice 1252 * @since 12 1253 */ 1254 authTrustLevel: AuthTrustLevel; 1255 1256 /** 1257 * Reuse unlock authentication result. 1258 * 1259 * @type { ?ReuseUnlockResult } 1260 * @syscap SystemCapability.UserIAM.UserAuth.Core 1261 * @atomicservice 1262 * @since 12 1263 */ 1264 reuseUnlockResult?: ReuseUnlockResult; 1265 } 1266 1267 /** 1268 * Auth widget parameter. 1269 * 1270 * @typedef WidgetParam 1271 * @syscap SystemCapability.UserIAM.UserAuth.Core 1272 * @since 10 1273 */ 1274 /** 1275 * Auth widget parameter. 1276 * 1277 * @typedef WidgetParam 1278 * @syscap SystemCapability.UserIAM.UserAuth.Core 1279 * @atomicservice 1280 * @since 12 1281 */ 1282 interface WidgetParam { 1283 /** 1284 * Title of widget. 1285 * 1286 * @type { string } 1287 * @syscap SystemCapability.UserIAM.UserAuth.Core 1288 * @since 10 1289 */ 1290 /** 1291 * Title of widget. 1292 * 1293 * @type { string } 1294 * @syscap SystemCapability.UserIAM.UserAuth.Core 1295 * @atomicservice 1296 * @since 12 1297 */ 1298 title: string; 1299 1300 /** 1301 * The description text of navigation button. 1302 * 1303 * @type { ?string } 1304 * @syscap SystemCapability.UserIAM.UserAuth.Core 1305 * @since 10 1306 */ 1307 /** 1308 * The description text of navigation button. 1309 * 1310 * @type { ?string } 1311 * @syscap SystemCapability.UserIAM.UserAuth.Core 1312 * @atomicservice 1313 * @since 12 1314 */ 1315 navigationButtonText?: string; 1316 1317 /** 1318 * Display type of widget. 1319 * 1320 * @type { ?WindowModeType } 1321 * @default WindowModeType.DIALOG_BOX 1322 * @syscap SystemCapability.UserIAM.UserAuth.Core 1323 * @systemapi Hide this for inner system use. 1324 * @since 10 1325 */ 1326 windowMode?: WindowModeType; 1327 } 1328 1329 /** 1330 * Authentication result: authentication token, credential type for authentication succeed. 1331 * 1332 * @typedef UserAuthResult 1333 * @syscap SystemCapability.UserIAM.UserAuth.Core 1334 * @since 10 1335 */ 1336 /** 1337 * Authentication result: authentication token, credential type for authentication succeed. 1338 * 1339 * @typedef UserAuthResult 1340 * @syscap SystemCapability.UserIAM.UserAuth.Core 1341 * @atomicservice 1342 * @since 12 1343 */ 1344 interface UserAuthResult { 1345 /** 1346 * The authentication result. 1347 * 1348 * @type { number } 1349 * @syscap SystemCapability.UserIAM.UserAuth.Core 1350 * @since 10 1351 */ 1352 /** 1353 * The authentication result. 1354 * 1355 * @type { number } 1356 * @syscap SystemCapability.UserIAM.UserAuth.Core 1357 * @atomicservice 1358 * @since 12 1359 */ 1360 result: number; 1361 1362 /** 1363 * The authentication result if the authentication is passed. 1364 * 1365 * @type { ?Uint8Array } 1366 * @syscap SystemCapability.UserIAM.UserAuth.Core 1367 * @since 10 1368 */ 1369 /** 1370 * The authentication result if the authentication is passed. 1371 * 1372 * @type { ?Uint8Array } 1373 * @syscap SystemCapability.UserIAM.UserAuth.Core 1374 * @atomicservice 1375 * @since 12 1376 */ 1377 token?: Uint8Array; 1378 1379 /** 1380 * Credential type for authentication succeed. 1381 * 1382 * @type { ?UserAuthType } 1383 * @syscap SystemCapability.UserIAM.UserAuth.Core 1384 * @since 10 1385 */ 1386 /** 1387 * Credential type for authentication succeed. 1388 * 1389 * @type { ?UserAuthType } 1390 * @syscap SystemCapability.UserIAM.UserAuth.Core 1391 * @atomicservice 1392 * @since 12 1393 */ 1394 authType?: UserAuthType; 1395 1396 /** 1397 * The enrolled state for authentication succeed. EnrolledState would be returned when the authentication has 1398 * passed. 1399 * 1400 * @type { ?EnrolledState } 1401 * @syscap SystemCapability.UserIAM.UserAuth.Core 1402 * @atomicservice 1403 * @since 12 1404 */ 1405 enrolledState?: EnrolledState; 1406 } 1407 1408 /** 1409 * Asynchronous callback of authentication operation. 1410 * 1411 * @interface IAuthCallback 1412 * @syscap SystemCapability.UserIAM.UserAuth.Core 1413 * @since 10 1414 */ 1415 /** 1416 * Asynchronous callback of authentication operation. 1417 * 1418 * @interface IAuthCallback 1419 * @syscap SystemCapability.UserIAM.UserAuth.Core 1420 * @atomicservice 1421 * @since 12 1422 */ 1423 interface IAuthCallback { 1424 /** 1425 * The authentication result code is returned through the callback. 1426 * If the authentication is passed, the authentication token is returned in extraInfo. 1427 * 1428 * @param { UserAuthResult } result - Authentication result information. 1429 * @syscap SystemCapability.UserIAM.UserAuth.Core 1430 * @since 10 1431 */ 1432 /** 1433 * The authentication result code is returned through the callback. 1434 * If the authentication is passed, the authentication token is returned in extraInfo. 1435 * 1436 * @param { UserAuthResult } result - Authentication result information. 1437 * @syscap SystemCapability.UserIAM.UserAuth.Core 1438 * @atomicservice 1439 * @since 12 1440 */ 1441 onResult(result: UserAuthResult): void; 1442 } 1443 1444 /** 1445 * User authentication instance, used to initiate a complete authentication. 1446 * 1447 * @interface UserAuthInstance 1448 * @syscap SystemCapability.UserIAM.UserAuth.Core 1449 * @since 10 1450 */ 1451 /** 1452 * User authentication instance, used to initiate a complete authentication. 1453 * 1454 * @interface UserAuthInstance 1455 * @syscap SystemCapability.UserIAM.UserAuth.Core 1456 * @atomicservice 1457 * @since 12 1458 */ 1459 interface UserAuthInstance { 1460 /** 1461 * Turn on widget authentication result event listening. 1462 * 1463 * @param { 'result' } type - Indicates the type of event. 1464 * @param { IAuthCallback } callback - Indicates the listener. 1465 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1466 * <br>1. Mandatory parameters are left unspecified. 1467 * <br>2. Incorrect parameter types. 1468 * <br>3. Parameter verification failed. 1469 * @throws { BusinessError } 12500002 - General operation error. 1470 * @syscap SystemCapability.UserIAM.UserAuth.Core 1471 * @since 10 1472 */ 1473 /** 1474 * Turn on widget authentication result event listening. 1475 * 1476 * @param { 'result' } type - Indicates the type of event. 1477 * @param { IAuthCallback } callback - Indicates the listener. 1478 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1479 * <br>1. Mandatory parameters are left unspecified. 1480 * <br>2. Incorrect parameter types. 1481 * <br>3. Parameter verification failed. 1482 * @throws { BusinessError } 12500002 - General operation error. 1483 * @syscap SystemCapability.UserIAM.UserAuth.Core 1484 * @atomicservice 1485 * @since 12 1486 */ 1487 on(type: 'result', callback: IAuthCallback): void; 1488 1489 /** 1490 * Turn off widget authentication result event listening. 1491 * 1492 * @param { 'result' } type - Indicates the type of event. 1493 * @param { IAuthCallback } callback - Indicates the listener. 1494 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1495 * <br>1. Mandatory parameters are left unspecified. 1496 * <br>2. Incorrect parameter types. 1497 * <br>3. Parameter verification failed. 1498 * @throws { BusinessError } 12500002 - General operation error. 1499 * @syscap SystemCapability.UserIAM.UserAuth.Core 1500 * @since 10 1501 */ 1502 /** 1503 * Turn off widget authentication result event listening. 1504 * 1505 * @param { 'result' } type - Indicates the type of event. 1506 * @param { IAuthCallback } callback - Indicates the listener. 1507 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1508 * <br>1. Mandatory parameters are left unspecified. 1509 * <br>2. Incorrect parameter types. 1510 * <br>3. Parameter verification failed. 1511 * @throws { BusinessError } 12500002 - General operation error. 1512 * @syscap SystemCapability.UserIAM.UserAuth.Core 1513 * @atomicservice 1514 * @since 12 1515 */ 1516 off(type: 'result', callback?: IAuthCallback): void; 1517 1518 /** 1519 * Start this authentication, an instance can only perform authentication once. 1520 * 1521 * @permission ohos.permission.ACCESS_BIOMETRIC 1522 * @throws { BusinessError } 201 - Permission verification failed. 1523 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1524 * <br>1. Incorrect parameter types. 1525 * @throws { BusinessError } 12500001 - Authentication failed. 1526 * @throws { BusinessError } 12500002 - General operation error. 1527 * @throws { BusinessError } 12500003 - Authentication canceled. 1528 * @throws { BusinessError } 12500004 - Authentication timeout. 1529 * @throws { BusinessError } 12500005 - The authentication type is not supported. 1530 * @throws { BusinessError } 12500006 - The authentication trust level is not supported. 1531 * @throws { BusinessError } 12500007 - Authentication service is busy. 1532 * @throws { BusinessError } 12500009 - Authentication is locked out. 1533 * @throws { BusinessError } 12500010 - The type of credential has not been enrolled. 1534 * @throws { BusinessError } 12500011 - Switched to the custom authentication process. 1535 * @syscap SystemCapability.UserIAM.UserAuth.Core 1536 * @since 10 1537 */ 1538 /** 1539 * Start this authentication, an instance can only perform authentication once. 1540 * 1541 * @permission ohos.permission.ACCESS_BIOMETRIC 1542 * @throws { BusinessError } 201 - Permission verification failed. 1543 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1544 * <br>1. Incorrect parameter types. 1545 * @throws { BusinessError } 12500001 - Authentication failed. 1546 * @throws { BusinessError } 12500002 - General operation error. 1547 * @throws { BusinessError } 12500003 - Authentication canceled. 1548 * @throws { BusinessError } 12500004 - Authentication timeout. 1549 * @throws { BusinessError } 12500005 - The authentication type is not supported. 1550 * @throws { BusinessError } 12500006 - The authentication trust level is not supported. 1551 * @throws { BusinessError } 12500007 - Authentication service is busy. 1552 * @throws { BusinessError } 12500009 - Authentication is locked out. 1553 * @throws { BusinessError } 12500010 - The type of credential has not been enrolled. 1554 * @throws { BusinessError } 12500011 - Switched to the custom authentication process. 1555 * @throws { BusinessError } 12500013 - Operation failed because of PIN expired. 1556 * @syscap SystemCapability.UserIAM.UserAuth.Core 1557 * @atomicservice 1558 * @since 12 1559 */ 1560 start(): void; 1561 1562 /** 1563 * Cancel this authentication. 1564 * 1565 * @permission ohos.permission.ACCESS_BIOMETRIC 1566 * @throws { BusinessError } 201 - Permission verification failed. 1567 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1568 * <br>1. Incorrect parameter types. 1569 * @throws { BusinessError } 12500002 - General operation error. 1570 * @syscap SystemCapability.UserIAM.UserAuth.Core 1571 * @since 10 1572 */ 1573 /** 1574 * Cancel this authentication. 1575 * 1576 * @permission ohos.permission.ACCESS_BIOMETRIC 1577 * @throws { BusinessError } 201 - Permission verification failed. 1578 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1579 * <br>1. Incorrect parameter types. 1580 * @throws { BusinessError } 12500002 - General operation error. 1581 * @syscap SystemCapability.UserIAM.UserAuth.Core 1582 * @atomicservice 1583 * @since 12 1584 */ 1585 cancel(): void; 1586 } 1587 1588 /** 1589 * Get user authentication instance with widget. 1590 * 1591 * @param { AuthParam } authParam - Auth parameter. 1592 * @param { WidgetParam } widgetParam - Widget parameter. 1593 * @returns { UserAuthInstance } Returns an authentication instance with widget. 1594 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1595 * <br>1. Mandatory parameters are left unspecified. 1596 * <br>2. Incorrect parameter types. 1597 * <br>3. Parameter verification failed. 1598 * @throws { BusinessError } 12500002 - General operation error. 1599 * @throws { BusinessError } 12500005 - The authentication type is not supported. 1600 * @throws { BusinessError } 12500006 - The authentication trust level is not supported. 1601 * @syscap SystemCapability.UserIAM.UserAuth.Core 1602 * @since 10 1603 */ 1604 /** 1605 * Get user authentication instance with widget. 1606 * 1607 * @param { AuthParam } authParam - Auth parameter. 1608 * @param { WidgetParam } widgetParam - Widget parameter. 1609 * @returns { UserAuthInstance } Returns an authentication instance with widget. 1610 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1611 * <br>1. Mandatory parameters are left unspecified. 1612 * <br>2. Incorrect parameter types. 1613 * <br>3. Parameter verification failed. 1614 * @throws { BusinessError } 12500002 - General operation error. 1615 * @throws { BusinessError } 12500005 - The authentication type is not supported. 1616 * @throws { BusinessError } 12500006 - The authentication trust level is not supported. 1617 * @syscap SystemCapability.UserIAM.UserAuth.Core 1618 * @atomicservice 1619 * @since 12 1620 */ 1621 function getUserAuthInstance(authParam: AuthParam, widgetParam: WidgetParam): UserAuthInstance; 1622 1623 /** 1624 * Notice type for user authentication. 1625 * 1626 * @enum { number } 1627 * @syscap SystemCapability.UserIAM.UserAuth.Core 1628 * @systemapi Hide this for inner system use. 1629 * @since 10 1630 */ 1631 enum NoticeType { 1632 /** 1633 * Notice from widget. 1634 * 1635 * @syscap SystemCapability.UserIAM.UserAuth.Core 1636 * @systemapi Hide this for inner system use. 1637 * @since 10 1638 */ 1639 WIDGET_NOTICE = 1 1640 } 1641 1642 /** 1643 * Send notice to user authentication. 1644 * 1645 * @permission ohos.permission.SUPPORT_USER_AUTH 1646 * @param { NoticeType } noticeType - Notice type for user authentication. 1647 * @param { string } eventData - The event data from widget. 1648 * @throws { BusinessError } 201 - Permission verification failed. 1649 * @throws { BusinessError } 202 - The caller is not a system application. 1650 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1651 * <br>1. Mandatory parameters are left unspecified. 1652 * <br>2. Incorrect parameter types. 1653 * <br>3. Parameter verification failed. 1654 * @throws { BusinessError } 12500002 - General operation error. 1655 * @syscap SystemCapability.UserIAM.UserAuth.Core 1656 * @systemapi Hide this for inner system use. 1657 * @since 10 1658 */ 1659 function sendNotice(noticeType: NoticeType, eventData: string): void; 1660 1661 /** 1662 * Enum for operation result. 1663 * 1664 * @enum { number } 1665 * @syscap SystemCapability.UserIAM.UserAuth.Core 1666 * @since 9 1667 */ 1668 /** 1669 * Enum for operation result. 1670 * 1671 * @enum { number } 1672 * @syscap SystemCapability.UserIAM.UserAuth.Core 1673 * @atomicservice 1674 * @since 12 1675 */ 1676 enum UserAuthResultCode { 1677 /** 1678 * Indicates that the result is success or ability is supported. 1679 * 1680 * @syscap SystemCapability.UserIAM.UserAuth.Core 1681 * @since 9 1682 */ 1683 /** 1684 * Indicates that the result is success or ability is supported. 1685 * 1686 * @syscap SystemCapability.UserIAM.UserAuth.Core 1687 * @atomicservice 1688 * @since 12 1689 */ 1690 SUCCESS = 12500000, 1691 1692 /** 1693 * Indicates that the authentication result is failed. 1694 * 1695 * @syscap SystemCapability.UserIAM.UserAuth.Core 1696 * @since 9 1697 */ 1698 /** 1699 * Indicates that the authentication result is failed. 1700 * 1701 * @syscap SystemCapability.UserIAM.UserAuth.Core 1702 * @atomicservice 1703 * @since 12 1704 */ 1705 FAIL = 12500001, 1706 1707 /** 1708 * Indicates other errors. 1709 * 1710 * @syscap SystemCapability.UserIAM.UserAuth.Core 1711 * @since 9 1712 */ 1713 /** 1714 * Indicates other errors. 1715 * 1716 * @syscap SystemCapability.UserIAM.UserAuth.Core 1717 * @atomicservice 1718 * @since 12 1719 */ 1720 GENERAL_ERROR = 12500002, 1721 1722 /** 1723 * Indicates that this operation is canceled. 1724 * 1725 * @syscap SystemCapability.UserIAM.UserAuth.Core 1726 * @since 9 1727 */ 1728 /** 1729 * Indicates that this operation is canceled. 1730 * 1731 * @syscap SystemCapability.UserIAM.UserAuth.Core 1732 * @atomicservice 1733 * @since 12 1734 */ 1735 CANCELED = 12500003, 1736 1737 /** 1738 * Indicates that this operation is time-out. 1739 * 1740 * @syscap SystemCapability.UserIAM.UserAuth.Core 1741 * @since 9 1742 */ 1743 /** 1744 * Indicates that this operation is time-out. 1745 * 1746 * @syscap SystemCapability.UserIAM.UserAuth.Core 1747 * @atomicservice 1748 * @since 12 1749 */ 1750 TIMEOUT = 12500004, 1751 1752 /** 1753 * Indicates that this authentication type is not supported. 1754 * 1755 * @syscap SystemCapability.UserIAM.UserAuth.Core 1756 * @since 9 1757 */ 1758 /** 1759 * Indicates that this authentication type is not supported. 1760 * 1761 * @syscap SystemCapability.UserIAM.UserAuth.Core 1762 * @atomicservice 1763 * @since 12 1764 */ 1765 TYPE_NOT_SUPPORT = 12500005, 1766 1767 /** 1768 * Indicates that the authentication trust level is not supported. 1769 * 1770 * @syscap SystemCapability.UserIAM.UserAuth.Core 1771 * @since 9 1772 */ 1773 /** 1774 * Indicates that the authentication trust level is not supported. 1775 * 1776 * @syscap SystemCapability.UserIAM.UserAuth.Core 1777 * @atomicservice 1778 * @since 12 1779 */ 1780 TRUST_LEVEL_NOT_SUPPORT = 12500006, 1781 1782 /** 1783 * Indicates that the authentication task is busy. Wait for a few seconds and try again. 1784 * 1785 * @syscap SystemCapability.UserIAM.UserAuth.Core 1786 * @since 9 1787 */ 1788 /** 1789 * Indicates that the authentication task is busy. Wait for a few seconds and try again. 1790 * 1791 * @syscap SystemCapability.UserIAM.UserAuth.Core 1792 * @atomicservice 1793 * @since 12 1794 */ 1795 BUSY = 12500007, 1796 1797 /** 1798 * Indicates that the authenticator is locked. 1799 * 1800 * @syscap SystemCapability.UserIAM.UserAuth.Core 1801 * @since 9 1802 */ 1803 /** 1804 * Indicates that the authenticator is locked. 1805 * 1806 * @syscap SystemCapability.UserIAM.UserAuth.Core 1807 * @atomicservice 1808 * @since 12 1809 */ 1810 LOCKED = 12500009, 1811 1812 /** 1813 * Indicates that the user has not enrolled the authenticator. 1814 * 1815 * @syscap SystemCapability.UserIAM.UserAuth.Core 1816 * @since 9 1817 */ 1818 /** 1819 * Indicates that the user has not enrolled the authenticator. 1820 * 1821 * @syscap SystemCapability.UserIAM.UserAuth.Core 1822 * @atomicservice 1823 * @since 12 1824 */ 1825 NOT_ENROLLED = 12500010, 1826 1827 /** 1828 * Indicates that this operation is canceled from widget's navigation button. 1829 * 1830 * @syscap SystemCapability.UserIAM.UserAuth.Core 1831 * @since 10 1832 */ 1833 /** 1834 * Indicates that this operation is canceled from widget's navigation button. 1835 * 1836 * @syscap SystemCapability.UserIAM.UserAuth.Core 1837 * @atomicservice 1838 * @since 12 1839 */ 1840 CANCELED_FROM_WIDGET = 12500011, 1841 1842 /** 1843 * Indicates that current operation failed because of PIN expired. 1844 * 1845 * @syscap SystemCapability.UserIAM.UserAuth.Core 1846 * @atomicservice 1847 * @since 12 1848 */ 1849 PIN_EXPIRED = 12500013 1850 } 1851 1852 /** 1853 * User authentication widget's manager, used to manage widget's client. 1854 * 1855 * @interface UserAuthWidgetMgr 1856 * @syscap SystemCapability.UserIAM.UserAuth.Core 1857 * @systemapi Hide this for inner system use. 1858 * @since 10 1859 */ 1860 interface UserAuthWidgetMgr { 1861 /** 1862 * Turn on authentication widget command event listening. 1863 * 1864 * @param { 'command' } type - Indicates the type of event. 1865 * @param { IAuthWidgetCallback } callback - Indicates the listener. 1866 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1867 * <br>1. Mandatory parameters are left unspecified. 1868 * <br>2. Incorrect parameter types. 1869 * <br>3. Parameter verification failed. 1870 * @throws { BusinessError } 12500002 - General operation error. 1871 * @syscap SystemCapability.UserIAM.UserAuth.Core 1872 * @systemapi Hide this for inner system use. 1873 * @since 10 1874 */ 1875 on(type: 'command', callback: IAuthWidgetCallback): void; 1876 1877 /** 1878 * Turn off authentication widget command event listening. 1879 * 1880 * @param { 'command' } type - Indicates the type of event. 1881 * @param { IAuthWidgetCallback } callback - Indicates the listener. 1882 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1883 * <br>1. Mandatory parameters are left unspecified. 1884 * <br>2. Incorrect parameter types. 1885 * <br>3. Parameter verification failed. 1886 * @throws { BusinessError } 12500002 - General operation error. 1887 * @syscap SystemCapability.UserIAM.UserAuth.Core 1888 * @systemapi Hide this for inner system use. 1889 * @since 10 1890 */ 1891 off(type: 'command', callback?: IAuthWidgetCallback): void; 1892 } 1893 1894 /** 1895 * Get authentication instance with widget. 1896 * 1897 * @permission ohos.permission.SUPPORT_USER_AUTH 1898 * @param { number } version - The version of widget. 1899 * @returns { UserAuthWidgetMgr } Returns an authentication manager. 1900 * @throws { BusinessError } 201 - Permission verification failed. 1901 * @throws { BusinessError } 202 - The caller is not a system application. 1902 * @throws { BusinessError } 401 - Incorrect parameters. Possible causes: 1903 * <br>1. Mandatory parameters are left unspecified. 1904 * <br>2. Incorrect parameter types. 1905 * @throws { BusinessError } 12500002 - General operation error. 1906 * @syscap SystemCapability.UserIAM.UserAuth.Core 1907 * @systemapi Hide this for inner system use. 1908 * @since 10 1909 */ 1910 function getUserAuthWidgetMgr(version: number): UserAuthWidgetMgr; 1911 1912 /** 1913 * Asynchronous callback of authentication widget operation. 1914 * 1915 * @interface IAuthWidgetCallback 1916 * @syscap SystemCapability.UserIAM.UserAuth.Core 1917 * @systemapi Hide this for inner system use. 1918 * @since 10 1919 */ 1920 interface IAuthWidgetCallback { 1921 /** 1922 * The command data for authentication with widget is sent through the callback. 1923 * 1924 * @param { string } cmdData - The command data for authentication with widget. 1925 * @syscap SystemCapability.UserIAM.UserAuth.Core 1926 * @systemapi Hide this for inner system use. 1927 * @since 10 1928 */ 1929 sendCommand(cmdData: string): void; 1930 } 1931} 1932 1933export default userAuth; 1934