• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1/*
2 * Copyright (c) 2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16/**
17 * @file
18 * @kit UserAuthenticationKit
19 */
20
21import type { AsyncCallback } from './@ohos.base';
22
23/**
24 * User authentication
25 *
26 * @namespace userAuth
27 * @syscap SystemCapability.UserIAM.UserAuth.Core
28 * @since 6
29 */
30/**
31 * User authentication
32 *
33 * @namespace userAuth
34 * @syscap SystemCapability.UserIAM.UserAuth.Core
35 * @atomicservice
36 * @since 12
37 */
38declare namespace userAuth {
39  /**
40   * The maximum allowable reuse duration is 300000 milliseconds.
41   *
42   * @constant
43   * @syscap SystemCapability.UserIAM.UserAuth.Core
44   * @atomicservice
45   * @since 12
46   */
47  const MAX_ALLOWABLE_REUSE_DURATION: 300000;
48
49  /**
50   * Enum for authentication result.
51   *
52   * @enum { number }
53   * @syscap SystemCapability.UserIAM.UserAuth.Core
54   * @since 6
55   * @deprecated since 8
56   * @useinstead ohos.userIAM.userAuth.ResultCode
57   */
58  export enum AuthenticationResult {
59    /**
60     * Indicates that the device does not support authentication.
61     *
62     * @syscap SystemCapability.UserIAM.UserAuth.Core
63     * @since 6
64     * @deprecated since 8
65     */
66    NO_SUPPORT = -1,
67
68    /**
69     * Indicates that authentication is success.
70     *
71     * @syscap SystemCapability.UserIAM.UserAuth.Core
72     * @since 6
73     * @deprecated since 8
74     */
75    SUCCESS = 0,
76
77    /**
78     * Indicates the authenticator fails to identify user.
79     *
80     * @syscap SystemCapability.UserIAM.UserAuth.Core
81     * @since 6
82     * @deprecated since 8
83     */
84    COMPARE_FAILURE = 1,
85
86    /**
87     * Indicates that authentication has been canceled.
88     *
89     * @syscap SystemCapability.UserIAM.UserAuth.Core
90     * @since 6
91     * @deprecated since 8
92     */
93    CANCELED = 2,
94
95    /**
96     * Indicates that authentication has timed out.
97     *
98     * @syscap SystemCapability.UserIAM.UserAuth.Core
99     * @since 6
100     * @deprecated since 8
101     */
102    TIMEOUT = 3,
103
104    /**
105     * Indicates a failure to open the camera.
106     *
107     * @syscap SystemCapability.UserIAM.UserAuth.Core
108     * @since 6
109     * @deprecated since 8
110     */
111    CAMERA_FAIL = 4,
112
113    /**
114     * Indicates that the authentication task is busy. Wait for a few seconds and try again.
115     *
116     * @syscap SystemCapability.UserIAM.UserAuth.Core
117     * @since 6
118     * @deprecated since 8
119     */
120    BUSY = 5,
121
122    /**
123     * Indicates incorrect parameters.
124     *
125     * @syscap SystemCapability.UserIAM.UserAuth.Core
126     * @since 6
127     * @deprecated since 8
128     */
129    INVALID_PARAMETERS = 6,
130
131    /**
132     * Indicates that the authenticator is locked.
133     *
134     * @syscap SystemCapability.UserIAM.UserAuth.Core
135     * @since 6
136     * @deprecated since 8
137     */
138    LOCKED = 7,
139
140    /**
141     * Indicates that the user has not enrolled the authenticator.
142     *
143     * @syscap SystemCapability.UserIAM.UserAuth.Core
144     * @since 6
145     * @deprecated since 8
146     */
147    NOT_ENROLLED = 8,
148
149    /**
150     * Indicates other errors.
151     *
152     * @syscap SystemCapability.UserIAM.UserAuth.Core
153     * @since 6
154     * @deprecated since 8
155     */
156    GENERAL_ERROR = 100
157  }
158
159  /**
160   * Auth types
161   *
162   * @typedef { 'ALL' | 'FACE_ONLY' }
163   * @syscap SystemCapability.UserIAM.UserAuth.Core
164   * @since 6
165   * @deprecated since 8
166   */
167  type AuthType = 'ALL' | 'FACE_ONLY';
168
169  /**
170   * Secure levels
171   *
172   * @typedef { 'S1' | 'S2' | 'S3' | 'S4' }
173   * @syscap SystemCapability.UserIAM.UserAuth.Core
174   * @since 6
175   * @deprecated since 8
176   */
177  type SecureLevel = 'S1' | 'S2' | 'S3' | 'S4';
178
179  /**
180   * Used to initiate authentication.
181   *
182   * @interface Authenticator
183   * @syscap SystemCapability.UserIAM.UserAuth.Core
184   * @since 6
185   * @deprecated since 8
186   */
187  interface Authenticator {
188    /**
189     * Execute authentication.
190     *
191     * @permission ohos.permission.ACCESS_BIOMETRIC
192     * @param { AuthType } type - Indicates the authentication type.
193     * @param { SecureLevel } level - Indicates the security level.
194     * @param { AsyncCallback<number> } callback - Async callback of execute.
195     * @syscap SystemCapability.UserIAM.UserAuth.Core
196     * @since 6
197     * @deprecated since 8
198     */
199    execute(type: AuthType, level: SecureLevel, callback: AsyncCallback<number>): void;
200
201    /**
202     * Execute authentication.
203     *
204     * @permission ohos.permission.ACCESS_BIOMETRIC
205     * @param { AuthType } type - Indicates the authentication type.
206     * @param { SecureLevel } level - Indicates the security level.
207     * @returns { Promise<number> }
208     * @syscap SystemCapability.UserIAM.UserAuth.Core
209     * @since 6
210     * @deprecated since 8
211     */
212    execute(type: AuthType, level: SecureLevel): Promise<number>;
213  }
214
215  /**
216   * Get Authenticator instance.
217   *
218   * @returns { Authenticator } Returns an Authenticator.
219   * @syscap SystemCapability.UserIAM.UserAuth.Core
220   * @since 6
221   * @deprecated since 8
222   */
223  function getAuthenticator(): Authenticator;
224
225  /**
226   * User authentication.
227   *
228   * @syscap SystemCapability.UserIAM.UserAuth.Core
229   * @since 8
230   * @deprecated since 9
231   * @useinstead ohos.userIAM.userAuth.AuthInstance
232   */
233  class UserAuth {
234    /**
235     * Constructor to get the UserAuth class instance.
236     *
237     * @syscap SystemCapability.UserIAM.UserAuth.Core
238     * @since 8
239     * @deprecated since 9
240     * @useinstead ohos.userIAM.userAuth.getAuthInstance
241     */
242    constructor();
243
244    /**
245     * Get version information.
246     *
247     * @permission ohos.permission.ACCESS_BIOMETRIC
248     * @returns { number } Returns version information.
249     * @syscap SystemCapability.UserIAM.UserAuth.Core
250     * @since 8
251     * @deprecated since 9
252     * @useinstead ohos.userIAM.userAuth.getVersion
253     */
254    getVersion(): number;
255
256    /**
257     * Check whether the authentication capability is available.
258     *
259     * @permission ohos.permission.ACCESS_BIOMETRIC
260     * @param { UserAuthType } authType - Credential type for authentication.
261     * @param { AuthTrustLevel } authTrustLevel - Trust level of authentication result.
262     * @returns { number } Returns a check result, which is specified by getAvailableStatus, the value of number is related to the ResultCode enum, **201** is
263     * check permission failed.
264     * @syscap SystemCapability.UserIAM.UserAuth.Core
265     * @since 8
266     * @deprecated since 9
267     * @useinstead ohos.userIAM.userAuth.getAvailableStatus
268     */
269    getAvailableStatus(authType: UserAuthType, authTrustLevel: AuthTrustLevel): number;
270
271    /**
272     * Executes authentication.
273     *
274     * @permission ohos.permission.ACCESS_BIOMETRIC
275     * @param { Uint8Array } challenge - Pass in challenge value.
276     * @param { UserAuthType } authType - Type of authentication.
277     * @param { AuthTrustLevel } authTrustLevel - Trust level of authentication result.
278     * @param { IUserAuthCallback } callback - Return result and acquireInfo through callback, the value of result code is related to the ResultCode enum,
279     * **201** is check permission failed.
280     * @returns { Uint8Array } Returns ContextId for cancel.
281     * @syscap SystemCapability.UserIAM.UserAuth.Core
282     * @since 8
283     * @deprecated since 9
284     * @useinstead ohos.userIAM.userAuth.AuthInstance.start
285     */
286    auth(
287      challenge: Uint8Array,
288      authType: UserAuthType,
289      authTrustLevel: AuthTrustLevel,
290      callback: IUserAuthCallback
291    ): Uint8Array;
292
293    /**
294     * Cancel authentication with ContextID.
295     *
296     * @permission ohos.permission.ACCESS_BIOMETRIC
297     * @param { Uint8Array } contextID - Cancel authentication and pass in ContextID.
298     * @returns { number } Returns a number value indicating whether Cancel authentication was successful, the value of number is related to the ResultCode
299     * enum, **201** is check permission failed.
300     * @syscap SystemCapability.UserIAM.UserAuth.Core
301     * @since 8
302     * @deprecated since 9
303     * @useinstead ohos.userIAM.userAuth.AuthInstance.cancel
304     */
305    cancelAuth(contextID: Uint8Array): number;
306  }
307
308  /**
309   * Asynchronous callback of authentication operation.
310   *
311   * @interface IUserAuthCallback
312   * @syscap SystemCapability.UserIAM.UserAuth.Core
313   * @since 8
314   * @deprecated since 9
315   * @useinstead ohos.userIAM.userAuth.AuthEvent
316   */
317  interface IUserAuthCallback {
318    /**
319     * The authentication result code is returned through the callback.
320     * If the authentication is passed, the authentication token is returned in extraInfo,
321     * If the authentication fails, the remaining authentication times are returned in extraInfo,
322     * If the authentication executor is locked, the freezing time is returned in extraInfo.
323     *
324     * @type { function }
325     * @syscap SystemCapability.UserIAM.UserAuth.Core
326     * @since 8
327     * @deprecated since 9
328     * @useinstead ohos.userIAM.userAuth.AuthEvent.callback
329     */
330    onResult: (result: number, extraInfo: AuthResult) => void;
331
332    /**
333     * During an authentication, the TipsCode is returned through the callback.
334     *
335     * @type { ?function }
336     * @syscap SystemCapability.UserIAM.UserAuth.Core
337     * @since 8
338     * @deprecated since 9
339     * @useinstead ohos.userIAM.userAuth.AuthEvent.callback
340     */
341    onAcquireInfo?: (module: number, acquire: number, extraInfo: any) => void;
342  }
343
344  /**
345   * Authentication result: authentication token, remaining authentication times, freezing time.
346   *
347   * @typedef AuthResult
348   * @syscap SystemCapability.UserIAM.UserAuth.Core
349   * @since 8
350   * @deprecated since 9
351   * @useinstead ohos.userIAM.userAuth.AuthResultInfo
352   */
353  interface AuthResult {
354    /**
355     * The authentication result if the authentication is passed.
356     *
357     * @type { ?Uint8Array }
358     * @syscap SystemCapability.UserIAM.UserAuth.Core
359     * @since 8
360     * @deprecated since 9
361     */
362    token?: Uint8Array;
363
364    /**
365     * The remaining authentication times if the authentication fails.
366     *
367     * @type { ?number }
368     * @syscap SystemCapability.UserIAM.UserAuth.Core
369     * @since 8
370     * @deprecated since 9
371     */
372    remainTimes?: number;
373
374    /**
375     * The freezing time if the authentication executor is locked.
376     *
377     * @type { ?number }
378     * @syscap SystemCapability.UserIAM.UserAuth.Core
379     * @since 8
380     * @deprecated since 9
381     */
382    freezingTime?: number;
383  }
384
385  /**
386   * Enum for operation result.
387   *
388   * @enum { number }
389   * @syscap SystemCapability.UserIAM.UserAuth.Core
390   * @since 8
391   * @deprecated since 9
392   * @useinstead ohos.userIAM.userAuth.UserAuthResultCode
393   */
394  enum ResultCode {
395    /**
396     * Indicates that the result is success or ability is supported.
397     *
398     * @syscap SystemCapability.UserIAM.UserAuth.Core
399     * @since 8
400     * @deprecated since 9
401     */
402    SUCCESS = 0,
403
404    /**
405     * Indicates that authentication failed.
406     *
407     * @syscap SystemCapability.UserIAM.UserAuth.Core
408     * @since 8
409     * @deprecated since 9
410     */
411    FAIL = 1,
412
413    /**
414     * Indicates other errors.
415     *
416     * @syscap SystemCapability.UserIAM.UserAuth.Core
417     * @since 8
418     * @deprecated since 9
419     */
420    GENERAL_ERROR = 2,
421
422    /**
423     * Indicates that this operation has been canceled.
424     *
425     * @syscap SystemCapability.UserIAM.UserAuth.Core
426     * @since 8
427     * @deprecated since 9
428     */
429    CANCELED = 3,
430
431    /**
432     * Indicates that this operation has timed out.
433     *
434     * @syscap SystemCapability.UserIAM.UserAuth.Core
435     * @since 8
436     * @deprecated since 9
437     */
438    TIMEOUT = 4,
439
440    /**
441     * Indicates that this authentication type is not supported.
442     *
443     * @syscap SystemCapability.UserIAM.UserAuth.Core
444     * @since 8
445     * @deprecated since 9
446     */
447    TYPE_NOT_SUPPORT = 5,
448
449    /**
450     * Indicates that the authentication trust level is not supported.
451     *
452     * @syscap SystemCapability.UserIAM.UserAuth.Core
453     * @since 8
454     * @deprecated since 9
455     */
456    TRUST_LEVEL_NOT_SUPPORT = 6,
457
458    /**
459     * Indicates that the authentication task is busy. Wait for a few seconds and try again.
460     *
461     * @syscap SystemCapability.UserIAM.UserAuth.Core
462     * @since 8
463     * @deprecated since 9
464     */
465    BUSY = 7,
466
467    /**
468     * Indicates incorrect parameters.
469     *
470     * @syscap SystemCapability.UserIAM.UserAuth.Core
471     * @since 8
472     * @deprecated since 9
473     */
474    INVALID_PARAMETERS = 8,
475
476    /**
477     * Indicates that the authenticator is locked.
478     *
479     * @syscap SystemCapability.UserIAM.UserAuth.Core
480     * @since 8
481     * @deprecated since 9
482     */
483    LOCKED = 9,
484
485    /**
486     * Indicates that the user has not enrolled the authenticator.
487     *
488     * @syscap SystemCapability.UserIAM.UserAuth.Core
489     * @since 8
490     * @deprecated since 9
491     */
492    NOT_ENROLLED = 10
493  }
494
495  /**
496   * The enumeration of prompt codes in the process of face authentication.
497   *
498   * @enum { number }
499   * @syscap SystemCapability.UserIAM.UserAuth.Core
500   * @since 8
501   * @deprecated since 11
502   */
503  enum FaceTips {
504    /**
505     * Indicates that the obtained facial image is too bright due to high illumination.
506     *
507     * @syscap SystemCapability.UserIAM.UserAuth.Core
508     * @since 8
509     * @deprecated since 11
510     */
511    FACE_AUTH_TIP_TOO_BRIGHT = 1,
512
513    /**
514     * Indicates that the obtained facial image is too dark due to low illumination.
515     *
516     * @syscap SystemCapability.UserIAM.UserAuth.Core
517     * @since 8
518     * @deprecated since 11
519     */
520    FACE_AUTH_TIP_TOO_DARK = 2,
521
522    /**
523     * Indicates that the face is too close to the device.
524     *
525     * @syscap SystemCapability.UserIAM.UserAuth.Core
526     * @since 8
527     * @deprecated since 11
528     */
529    FACE_AUTH_TIP_TOO_CLOSE = 3,
530
531    /**
532     * Indicates that the face is too far away from the device.
533     *
534     * @syscap SystemCapability.UserIAM.UserAuth.Core
535     * @since 8
536     * @deprecated since 11
537     */
538    FACE_AUTH_TIP_TOO_FAR = 4,
539
540    /**
541     * Indicates that the device is too high, and that only the upper part of the face is captured.
542     *
543     * @syscap SystemCapability.UserIAM.UserAuth.Core
544     * @since 8
545     * @deprecated since 11
546     */
547    FACE_AUTH_TIP_TOO_HIGH = 5,
548
549    /**
550     * Indicates that the device is too low, and that only the lower part of the face is captured.
551     *
552     * @syscap SystemCapability.UserIAM.UserAuth.Core
553     * @since 8
554     * @deprecated since 11
555     */
556    FACE_AUTH_TIP_TOO_LOW = 6,
557
558    /**
559     * Indicates that the device is deviated to the right, and that only the right part of the face is captured.
560     *
561     * @syscap SystemCapability.UserIAM.UserAuth.Core
562     * @since 8
563     * @deprecated since 11
564     */
565    FACE_AUTH_TIP_TOO_RIGHT = 7,
566
567    /**
568     * Indicates that the device is deviated to the left, and that only the left part of the face is captured.
569     *
570     * @syscap SystemCapability.UserIAM.UserAuth.Core
571     * @since 8
572     * @deprecated since 11
573     */
574    FACE_AUTH_TIP_TOO_LEFT = 8,
575
576    /**
577     * Indicates that the face moves too fast during facial information collection.
578     *
579     * @syscap SystemCapability.UserIAM.UserAuth.Core
580     * @since 8
581     * @deprecated since 11
582     */
583    FACE_AUTH_TIP_TOO_MUCH_MOTION = 9,
584
585    /**
586     * Indicates that the face is not facing the device.
587     *
588     * @syscap SystemCapability.UserIAM.UserAuth.Core
589     * @since 8
590     * @deprecated since 11
591     */
592    FACE_AUTH_TIP_POOR_GAZE = 10,
593
594    /**
595     * Indicates that no face is detected.
596     *
597     * @syscap SystemCapability.UserIAM.UserAuth.Core
598     * @since 8
599     * @deprecated since 11
600     */
601    FACE_AUTH_TIP_NOT_DETECTED = 11
602  }
603
604  /**
605   * The enumeration of prompt codes in the process of fingerprint authentication.
606   *
607   * @enum { number }
608   * @syscap SystemCapability.UserIAM.UserAuth.Core
609   * @since 8
610   * @deprecated since 11
611   */
612  enum FingerprintTips {
613    /**
614     * Indicates that the image acquired is good.
615     *
616     * @syscap SystemCapability.UserIAM.UserAuth.Core
617     * @since 8
618     * @deprecated since 11
619     */
620    FINGERPRINT_AUTH_TIP_GOOD = 0,
621
622    /**
623     * Indicates that the fingerprint image is too noisy due to suspected or detected dirt on sensor.
624     *
625     * @syscap SystemCapability.UserIAM.UserAuth.Core
626     * @since 8
627     * @deprecated since 11
628     */
629    FINGERPRINT_AUTH_TIP_DIRTY = 1,
630
631    /**
632     * Indicates that the fingerprint image is too noisy to process due to a detected condition.
633     *
634     * @syscap SystemCapability.UserIAM.UserAuth.Core
635     * @since 8
636     * @deprecated since 11
637     */
638    FINGERPRINT_AUTH_TIP_INSUFFICIENT = 2,
639
640    /**
641     * Indicates that only a partial fingerprint image is detected.
642     *
643     * @syscap SystemCapability.UserIAM.UserAuth.Core
644     * @since 8
645     * @deprecated since 11
646     */
647    FINGERPRINT_AUTH_TIP_PARTIAL = 3,
648
649    /**
650     * Indicates that the fingerprint image is incomplete due to quick motion.
651     *
652     * @syscap SystemCapability.UserIAM.UserAuth.Core
653     * @since 8
654     * @deprecated since 11
655     */
656    FINGERPRINT_AUTH_TIP_TOO_FAST = 4,
657
658    /**
659     * Indicates that the fingerprint image is unreadable due to lack of motion.
660     *
661     * @syscap SystemCapability.UserIAM.UserAuth.Core
662     * @since 8
663     * @deprecated since 11
664     */
665    FINGERPRINT_AUTH_TIP_TOO_SLOW = 5
666  }
667
668  /**
669   * Credential type for authentication.
670   *
671   * @enum { number }
672   * @syscap SystemCapability.UserIAM.UserAuth.Core
673   * @since 8
674   */
675  /**
676   * Credential type for authentication.
677   *
678   * @enum { number }
679   * @syscap SystemCapability.UserIAM.UserAuth.Core
680   * @atomicservice
681   * @since 12
682   */
683  enum UserAuthType {
684    /**
685     * Authentication type pin.
686     *
687     * @syscap SystemCapability.UserIAM.UserAuth.Core
688     * @since 10
689     */
690    /**
691     * Authentication type pin.
692     *
693     * @syscap SystemCapability.UserIAM.UserAuth.Core
694     * @atomicservice
695     * @since 12
696     */
697    PIN = 1,
698
699    /**
700     * Authentication type face.
701     *
702     * @syscap SystemCapability.UserIAM.UserAuth.Core
703     * @since 8
704     */
705    /**
706     * Authentication type face.
707     *
708     * @syscap SystemCapability.UserIAM.UserAuth.Core
709     * @atomicservice
710     * @since 12
711     */
712    FACE = 2,
713
714    /**
715     * Authentication type fingerprint.
716     *
717     * @syscap SystemCapability.UserIAM.UserAuth.Core
718     * @since 8
719     */
720    /**
721     * Authentication type fingerprint.
722     *
723     * @syscap SystemCapability.UserIAM.UserAuth.Core
724     * @atomicservice
725     * @since 12
726     */
727    FINGERPRINT = 4,
728
729    /**
730     * Authentication type private pin.
731     *
732     * @syscap SystemCapability.UserIAM.UserAuth.Core
733     * @systemapi Hide this for inner system use.
734     * @since 14
735     */
736    PRIVATE_PIN = 16
737  }
738
739  /**
740   * Trust level of authentication results.
741   *
742   * @enum { number }
743   * @syscap SystemCapability.UserIAM.UserAuth.Core
744   * @since 8
745   */
746  /**
747   * Trust level of authentication results.
748   *
749   * @enum { number }
750   * @syscap SystemCapability.UserIAM.UserAuth.Core
751   * @atomicservice
752   * @since 12
753   */
754  enum AuthTrustLevel {
755    /**
756     * Authentication result trusted level 1.
757     *
758     * @syscap SystemCapability.UserIAM.UserAuth.Core
759     * @since 8
760     */
761    /**
762     * Authentication result trusted level 1.
763     *
764     * @syscap SystemCapability.UserIAM.UserAuth.Core
765     * @atomicservice
766     * @since 12
767     */
768    ATL1 = 10000,
769
770    /**
771     * Authentication result trusted level 2.
772     *
773     * @syscap SystemCapability.UserIAM.UserAuth.Core
774     * @since 8
775     */
776    /**
777     * Authentication result trusted level 2.
778     *
779     * @syscap SystemCapability.UserIAM.UserAuth.Core
780     * @atomicservice
781     * @since 12
782     */
783    ATL2 = 20000,
784
785    /**
786     * Authentication result trusted level 3.
787     *
788     * @syscap SystemCapability.UserIAM.UserAuth.Core
789     * @since 8
790     */
791    /**
792     * Authentication result trusted level 3.
793     *
794     * @syscap SystemCapability.UserIAM.UserAuth.Core
795     * @atomicservice
796     * @since 12
797     */
798    ATL3 = 30000,
799
800    /**
801     * Authentication result trusted level 4.
802     *
803     * @syscap SystemCapability.UserIAM.UserAuth.Core
804     * @since 8
805     */
806    /**
807     * Authentication result trusted level 4.
808     *
809     * @syscap SystemCapability.UserIAM.UserAuth.Core
810     * @atomicservice
811     * @since 12
812     */
813    ATL4 = 40000
814  }
815
816  /**
817   * Authentication events.
818   *
819   * @typedef { 'result' | 'tip' }
820   * @syscap SystemCapability.UserIAM.UserAuth.Core
821   * @since 9
822   * @deprecated since 11
823   */
824  type AuthEventKey = 'result' | 'tip';
825
826  /**
827   * Return information of Authentication events.
828   *
829   * @typedef { AuthResultInfo | TipInfo }
830   * @syscap SystemCapability.UserIAM.UserAuth.Core
831   * @since 9
832   * @deprecated since 11
833   * @useinstead ohos.userIAM.userAuth.UserAuthResult
834   */
835  type EventInfo = AuthResultInfo | TipInfo;
836
837  /**
838   * Asynchronous callback of authentication event.
839   *
840   * @interface AuthEvent
841   * @syscap SystemCapability.UserIAM.UserAuth.Core
842   * @since 9
843   * @deprecated since 11
844   * @useinstead ohos.userIAM.userAuth.IAuthCallback
845   */
846  interface AuthEvent {
847    /**
848     * The authentication event callback.
849     *
850     * @param { EventInfo } result - Event info.
851     * @syscap SystemCapability.UserIAM.UserAuth.Core
852     * @since 9
853     * @deprecated since 11
854     * @useinstead ohos.userIAM.userAuth.IAuthCallback.onResult
855     */
856    callback(result: EventInfo): void;
857  }
858
859  /**
860   * Authentication result information.
861   *
862   * @typedef AuthResultInfo
863   * @syscap SystemCapability.UserIAM.UserAuth.Core
864   * @since 9
865   * @deprecated since 11
866   */
867  interface AuthResultInfo {
868    /**
869     * The authentication result.
870     *
871     * @type { number }
872     * @syscap SystemCapability.UserIAM.UserAuth.Core
873     * @since 9
874     * @deprecated since 11
875     */
876    result: number;
877
878    /**
879     * The authentication token if the authentication is passed.
880     *
881     * @type { ?Uint8Array }
882     * @syscap SystemCapability.UserIAM.UserAuth.Core
883     * @since 9
884     * @deprecated since 11
885     */
886    token?: Uint8Array;
887
888    /**
889     * The remaining authentication attempts if the authentication fails.
890     *
891     * @type { ?number }
892     * @syscap SystemCapability.UserIAM.UserAuth.Core
893     * @since 9
894     * @deprecated since 11
895     */
896    remainAttempts?: number;
897
898    /**
899     * The lockout duration if the authentication executor is locked.
900     *
901     * @type { ?number }
902     * @syscap SystemCapability.UserIAM.UserAuth.Core
903     * @since 9
904     * @deprecated since 11
905     */
906    lockoutDuration?: number;
907  }
908
909  /**
910   * Authentication tip info.
911   *
912   * @typedef TipInfo
913   * @syscap SystemCapability.UserIAM.UserAuth.Core
914   * @since 9
915   * @deprecated since 11
916   */
917  interface TipInfo {
918    /**
919     * The authentication module of sending tip information.
920     *
921     * @type { number }
922     * @syscap SystemCapability.UserIAM.UserAuth.Core
923     * @since 9
924     * @deprecated since 11
925     */
926    module: number;
927
928    /**
929     * Tip information, used to prompt the business to perform some operations.
930     *
931     * @type { number }
932     * @syscap SystemCapability.UserIAM.UserAuth.Core
933     * @since 9
934     * @deprecated since 11
935     */
936    tip: number;
937  }
938
939  /**
940   * Authentication instance, used to initiate a complete authentication.
941   *
942   * @interface AuthInstance
943   * @syscap SystemCapability.UserIAM.UserAuth.Core
944   * @since 9
945   * @deprecated since 10
946   * @useinstead ohos.userIAM.userAuth.UserAuthInstance
947   */
948  interface AuthInstance {
949    /**
950     * Turn on authentication event listening.
951     *
952     * @throws { BusinessError } 401 - Incorrect parameters.
953     * @throws { BusinessError } 12500002 - General operation error.
954     * @syscap SystemCapability.UserIAM.UserAuth.Core
955     * @since 9
956     * @deprecated since 10
957     */
958    on: (name: AuthEventKey, callback: AuthEvent) => void;
959
960    /**
961     * Turn off authentication event listening.
962     *
963     * @throws { BusinessError } 401 - Incorrect parameters.
964     * @throws { BusinessError } 12500002 - General operation error.
965     * @syscap SystemCapability.UserIAM.UserAuth.Core
966     * @since 9
967     * @deprecated since 10
968     */
969    off: (name: AuthEventKey) => void;
970
971    /**
972     * Start this authentication, an instance can only perform authentication once.
973     *
974     * @permission ohos.permission.ACCESS_BIOMETRIC
975     * @type { function }
976     * @throws { BusinessError } 201 - Permission verification failed.
977     * @throws { BusinessError } 401 - Incorrect parameters.
978     * @throws { BusinessError } 12500001 - Authentication failed.
979     * @throws { BusinessError } 12500002 - General operation error.
980     * @throws { BusinessError } 12500003 - The operation is canceled.
981     * @throws { BusinessError } 12500004 - The operation is time-out.
982     * @throws { BusinessError } 12500005 - The authentication type is not supported.
983     * @throws { BusinessError } 12500006 - The authentication trust level is not supported.
984     * @throws { BusinessError } 12500007 - The authentication task is busy.
985     * @throws { BusinessError } 12500009 - The authenticator is locked.
986     * @throws { BusinessError } 12500010 - The type of credential has not been enrolled.
987     * @syscap SystemCapability.UserIAM.UserAuth.Core
988     * @since 9
989     * @deprecated since 10
990     */
991    start: () => void;
992
993    /**
994     * Cancel this authentication.
995     *
996     * @permission ohos.permission.ACCESS_BIOMETRIC
997     * @type { function }
998     * @throws { BusinessError } 201 - Permission verification failed.
999     * @throws { BusinessError } 401 - Incorrect parameters.
1000     * @throws { BusinessError } 12500002 - General operation error.
1001     * @syscap SystemCapability.UserIAM.UserAuth.Core
1002     * @since 9
1003     * @deprecated since 10
1004     */
1005    cancel: () => void;
1006  }
1007
1008  /**
1009   * Check whether the authentication capability is available.
1010   *
1011   * @permission ohos.permission.ACCESS_BIOMETRIC
1012   * @param { UserAuthType } authType - Credential type for authentication.
1013   * @param { AuthTrustLevel } authTrustLevel - Trust level of authentication result.
1014   * @throws { BusinessError } 201 - Permission verification failed.
1015   * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1016   * <br>1. Mandatory parameters are left unspecified.
1017   * @throws { BusinessError } 12500002 - General operation error.
1018   * @throws { BusinessError } 12500005 - The authentication type is not supported.
1019   * @throws { BusinessError } 12500006 - The authentication trust level is not supported.
1020   * @throws { BusinessError } 12500010 - The type of credential has not been enrolled.
1021   * @syscap SystemCapability.UserIAM.UserAuth.Core
1022   * @since 9
1023   */
1024  /**
1025   * Check whether the authentication capability is available.
1026   *
1027   * @permission ohos.permission.ACCESS_BIOMETRIC
1028   * @param { UserAuthType } authType - Credential type for authentication.
1029   * @param { AuthTrustLevel } authTrustLevel - Trust level of authentication result.
1030   * @throws { BusinessError } 201 - Permission verification failed.
1031   * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1032   * <br>1. Mandatory parameters are left unspecified.
1033   * @throws { BusinessError } 12500002 - General operation error.
1034   * @throws { BusinessError } 12500005 - The authentication type is not supported.
1035   * @throws { BusinessError } 12500006 - The authentication trust level is not supported.
1036   * @throws { BusinessError } 12500010 - The type of credential has not been enrolled.
1037   * @throws { BusinessError } 12500013 - Operation failed because of PIN expired.
1038   * @syscap SystemCapability.UserIAM.UserAuth.Core
1039   * @atomicservice
1040   * @since 12
1041   */
1042  function getAvailableStatus(authType: UserAuthType, authTrustLevel: AuthTrustLevel): void;
1043
1044  /**
1045   * Enrolled state.
1046   *
1047   * @typedef EnrolledState
1048   * @syscap SystemCapability.UserIAM.UserAuth.Core
1049   * @atomicservice
1050   * @since 12
1051   */
1052  interface EnrolledState {
1053    /**
1054     * The credential digest.
1055     *
1056     * @type { number }
1057     * @syscap SystemCapability.UserIAM.UserAuth.Core
1058     * @atomicservice
1059     * @since 12
1060     */
1061    credentialDigest: number;
1062
1063    /**
1064     * The credential count.
1065     *
1066     * @type { number }
1067     * @syscap SystemCapability.UserIAM.UserAuth.Core
1068     * @atomicservice
1069     * @since 12
1070     */
1071    credentialCount: number;
1072  }
1073
1074  /**
1075   * Get the state of enrolled credentials which varies as credentials change.
1076   *
1077   * @permission ohos.permission.ACCESS_BIOMETRIC
1078   * @param { UserAuthType } authType - Credential type for authentication.
1079   * @returns { EnrolledState } Returns the enrolled state.
1080   * @throws { BusinessError } 201 - Permission verification failed.
1081   * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1082   * <br>1. Mandatory parameters are left unspecified.
1083   * @throws { BusinessError } 12500002 - General operation error.
1084   * @throws { BusinessError } 12500005 - The authentication type is not supported.
1085   * @throws { BusinessError } 12500010 - The type of credential has not been enrolled.
1086   * @syscap SystemCapability.UserIAM.UserAuth.Core
1087   * @atomicservice
1088   * @since 12
1089   */
1090  function getEnrolledState(authType: UserAuthType): EnrolledState;
1091
1092  /**
1093   * Get Authentication instance.
1094   *
1095   * @param { Uint8Array } challenge - Pass in challenge value.
1096   * @param { UserAuthType } authType - Credential type for authentication.
1097   * @param { AuthTrustLevel } authTrustLevel - Trust level of authentication result.
1098   * @returns { AuthInstance } Returns an authentication instance.
1099   * @throws { BusinessError } 401 - Incorrect parameters.
1100   * @throws { BusinessError } 12500002 - General operation error.
1101   * @throws { BusinessError } 12500005 - The authentication type is not supported.
1102   * @throws { BusinessError } 12500006 - The authentication trust level is not supported.
1103   * @syscap SystemCapability.UserIAM.UserAuth.Core
1104   * @since 9
1105   * @deprecated since 10
1106   * @useinstead ohos.userIAM.userAuth.getUserAuthInstance
1107   */
1108  function getAuthInstance(challenge: Uint8Array, authType: UserAuthType, authTrustLevel: AuthTrustLevel): AuthInstance;
1109
1110  /**
1111   * Window mode type for user authentication widget.
1112   *
1113   * @enum { number }
1114   * @syscap SystemCapability.UserIAM.UserAuth.Core
1115   * @systemapi Hide this for inner system use.
1116   * @since 10
1117   */
1118  enum WindowModeType {
1119    /**
1120     * Window mode type is dialog box.
1121     *
1122     * @syscap SystemCapability.UserIAM.UserAuth.Core
1123     * @systemapi Hide this for inner system use.
1124     * @since 10
1125     */
1126    DIALOG_BOX = 1,
1127
1128    /**
1129     * Window mode type is full screen.
1130     *
1131     * @syscap SystemCapability.UserIAM.UserAuth.Core
1132     * @systemapi Hide this for inner system use.
1133     * @since 10
1134     */
1135    FULLSCREEN = 2
1136  }
1137
1138  /**
1139   * The mode for reusing unlock authentication result.
1140   *
1141   * @enum { number }
1142   * @syscap SystemCapability.UserIAM.UserAuth.Core
1143   * @atomicservice
1144   * @since 12
1145   */
1146  enum ReuseMode {
1147    /**
1148     * Authentication type relevant.The unlock authentication result can be reused only when the result is within
1149     * valid duration as well as it comes from one of specified UserAuthTypes of the AuthParam.
1150     *
1151     * @syscap SystemCapability.UserIAM.UserAuth.Core
1152     * @atomicservice
1153     * @since 12
1154     */
1155    AUTH_TYPE_RELEVANT = 1,
1156
1157    /**
1158     * Authentication type irrelevant.The unlock authentication result can be reused as long as the result is within
1159     * valid duration.
1160     *
1161     * @syscap SystemCapability.UserIAM.UserAuth.Core
1162     * @atomicservice
1163     * @since 12
1164     */
1165    AUTH_TYPE_IRRELEVANT = 2,
1166
1167    /**
1168     * Caller irrelevant authentication type relevant.The latest authentication result (not only unlock authentication
1169     * result) can be reused only when the result is within valid duration as well as it comes from one of specified
1170     * UserAuthTypes of the AuthParam.
1171     *
1172     * @syscap SystemCapability.UserIAM.UserAuth.Core
1173     * @atomicservice
1174     * @since 14
1175     */
1176    CALLER_IRRELEVANT_AUTH_TYPE_RELEVANT = 3,
1177
1178    /**
1179     * Caller irrelevant authentication type irrelevant.The latest authentication result (not only unlock
1180     * authentication result) can be reused as long as the result is within valid duration.
1181     *
1182     * @syscap SystemCapability.UserIAM.UserAuth.Core
1183     * @atomicservice
1184     * @since 14
1185     */
1186    CALLER_IRRELEVANT_AUTH_TYPE_IRRELEVANT = 4
1187  }
1188
1189  /**
1190   * Reuse unlock authentication result.
1191   *
1192   * @typedef ReuseUnlockResult
1193   * @syscap SystemCapability.UserIAM.UserAuth.Core
1194   * @atomicservice
1195   * @since 12
1196   */
1197  interface ReuseUnlockResult {
1198    /**
1199     * The mode for reusing unlock authentication result.
1200     *
1201     * @type { ReuseMode }
1202     * @syscap SystemCapability.UserIAM.UserAuth.Core
1203     * @atomicservice
1204     * @since 12
1205     */
1206    reuseMode: ReuseMode;
1207
1208    /**
1209     * The allowable reuse duration.The value of the duration should be between 0 and MAX_ALLOWABLE_REUSE_DURATION.
1210     *
1211     * @type { number }
1212     * @syscap SystemCapability.UserIAM.UserAuth.Core
1213     * @atomicservice
1214     * @since 12
1215     */
1216    reuseDuration: number;
1217  }
1218
1219  /**
1220   * Auth parameter.
1221   *
1222   * @typedef AuthParam
1223   * @syscap SystemCapability.UserIAM.UserAuth.Core
1224   * @since 10
1225   */
1226  /**
1227   * Auth parameter.
1228   *
1229   * @typedef AuthParam
1230   * @syscap SystemCapability.UserIAM.UserAuth.Core
1231   * @atomicservice
1232   * @since 12
1233   */
1234  interface AuthParam {
1235    /**
1236     * Pass in challenge value.
1237     *
1238     * @type { Uint8Array }
1239     * @syscap SystemCapability.UserIAM.UserAuth.Core
1240     * @since 10
1241     */
1242    /**
1243     * Pass in challenge value.
1244     *
1245     * @type { Uint8Array }
1246     * @syscap SystemCapability.UserIAM.UserAuth.Core
1247     * @atomicservice
1248     * @since 12
1249     */
1250    challenge: Uint8Array;
1251
1252    /**
1253     * Credential type for authentication.
1254     *
1255     * @type { UserAuthType[] }
1256     * @syscap SystemCapability.UserIAM.UserAuth.Core
1257     * @since 10
1258     */
1259    /**
1260     * Credential type for authentication.
1261     *
1262     * @type { UserAuthType[] }
1263     * @syscap SystemCapability.UserIAM.UserAuth.Core
1264     * @atomicservice
1265     * @since 12
1266     */
1267    authType: UserAuthType[];
1268
1269    /**
1270     * Trust level of authentication result.
1271     *
1272     * @type { AuthTrustLevel }
1273     * @syscap SystemCapability.UserIAM.UserAuth.Core
1274     * @since 10
1275     */
1276    /**
1277     * Trust level of authentication result.
1278     *
1279     * @type { AuthTrustLevel }
1280     * @syscap SystemCapability.UserIAM.UserAuth.Core
1281     * @atomicservice
1282     * @since 12
1283     */
1284    authTrustLevel: AuthTrustLevel;
1285
1286    /**
1287     * Reuse unlock authentication result.
1288     *
1289     * @type { ?ReuseUnlockResult }
1290     * @syscap SystemCapability.UserIAM.UserAuth.Core
1291     * @atomicservice
1292     * @since 12
1293     */
1294    reuseUnlockResult?: ReuseUnlockResult;
1295  }
1296
1297  /**
1298   * Auth widget parameter.
1299   *
1300   * @typedef WidgetParam
1301   * @syscap SystemCapability.UserIAM.UserAuth.Core
1302   * @since 10
1303   */
1304  /**
1305   * Auth widget parameter.
1306   *
1307   * @typedef WidgetParam
1308   * @syscap SystemCapability.UserIAM.UserAuth.Core
1309   * @atomicservice
1310   * @since 12
1311   */
1312  interface WidgetParam {
1313    /**
1314     * Title of widget.
1315     *
1316     * @type { string }
1317     * @syscap SystemCapability.UserIAM.UserAuth.Core
1318     * @since 10
1319     */
1320    /**
1321     * Title of widget.
1322     *
1323     * @type { string }
1324     * @syscap SystemCapability.UserIAM.UserAuth.Core
1325     * @atomicservice
1326     * @since 12
1327     */
1328    title: string;
1329
1330    /**
1331     * The description text of navigation button.
1332     *
1333     * @type { ?string }
1334     * @syscap SystemCapability.UserIAM.UserAuth.Core
1335     * @since 10
1336     */
1337    /**
1338     * The description text of navigation button.
1339     *
1340     * @type { ?string }
1341     * @syscap SystemCapability.UserIAM.UserAuth.Core
1342     * @atomicservice
1343     * @since 12
1344     */
1345    navigationButtonText?: string;
1346
1347    /**
1348     * Display type of widget.
1349     *
1350     * @type { ?WindowModeType }
1351     * @default WindowModeType.DIALOG_BOX
1352     * @syscap SystemCapability.UserIAM.UserAuth.Core
1353     * @systemapi Hide this for inner system use.
1354     * @since 10
1355     */
1356    windowMode?: WindowModeType;
1357  }
1358
1359  /**
1360   * Authentication result: authentication token, credential type for authentication succeed.
1361   *
1362   * @typedef UserAuthResult
1363   * @syscap SystemCapability.UserIAM.UserAuth.Core
1364   * @since 10
1365   */
1366  /**
1367   * Authentication result: authentication token, credential type for authentication succeed.
1368   *
1369   * @typedef UserAuthResult
1370   * @syscap SystemCapability.UserIAM.UserAuth.Core
1371   * @atomicservice
1372   * @since 12
1373   */
1374  interface UserAuthResult {
1375    /**
1376     * The authentication result.
1377     *
1378     * @type { number }
1379     * @syscap SystemCapability.UserIAM.UserAuth.Core
1380     * @since 10
1381     */
1382    /**
1383     * The authentication result.
1384     *
1385     * @type { number }
1386     * @syscap SystemCapability.UserIAM.UserAuth.Core
1387     * @atomicservice
1388     * @since 12
1389     */
1390    result: number;
1391
1392    /**
1393     * The authentication result if the authentication is passed.
1394     *
1395     * @type { ?Uint8Array }
1396     * @syscap SystemCapability.UserIAM.UserAuth.Core
1397     * @since 10
1398     */
1399    /**
1400     * The authentication result if the authentication is passed.
1401     *
1402     * @type { ?Uint8Array }
1403     * @syscap SystemCapability.UserIAM.UserAuth.Core
1404     * @atomicservice
1405     * @since 12
1406     */
1407    token?: Uint8Array;
1408
1409    /**
1410     * Credential type for authentication succeed.
1411     *
1412     * @type { ?UserAuthType }
1413     * @syscap SystemCapability.UserIAM.UserAuth.Core
1414     * @since 10
1415     */
1416    /**
1417     * Credential type for authentication succeed.
1418     *
1419     * @type { ?UserAuthType }
1420     * @syscap SystemCapability.UserIAM.UserAuth.Core
1421     * @atomicservice
1422     * @since 12
1423     */
1424    authType?: UserAuthType;
1425
1426    /**
1427     * The enrolled state for authentication succeed. EnrolledState would be returned when the authentication has
1428     * passed.
1429     *
1430     * @type { ?EnrolledState }
1431     * @syscap SystemCapability.UserIAM.UserAuth.Core
1432     * @atomicservice
1433     * @since 12
1434     */
1435    enrolledState?: EnrolledState;
1436  }
1437
1438  /**
1439   * Asynchronous callback of authentication operation.
1440   *
1441   * @interface IAuthCallback
1442   * @syscap SystemCapability.UserIAM.UserAuth.Core
1443   * @since 10
1444   */
1445  /**
1446   * Asynchronous callback of authentication operation.
1447   *
1448   * @interface IAuthCallback
1449   * @syscap SystemCapability.UserIAM.UserAuth.Core
1450   * @atomicservice
1451   * @since 12
1452   */
1453  interface IAuthCallback {
1454    /**
1455     * The authentication result code is returned through the callback.
1456     * If the authentication is passed, the authentication token is returned in extraInfo.
1457     *
1458     * @param { UserAuthResult } result - Authentication result information.
1459     * @syscap SystemCapability.UserIAM.UserAuth.Core
1460     * @since 10
1461     */
1462    /**
1463     * The authentication result code is returned through the callback.
1464     * If the authentication is passed, the authentication token is returned in extraInfo.
1465     *
1466     * @param { UserAuthResult } result - Authentication result information.
1467     * @syscap SystemCapability.UserIAM.UserAuth.Core
1468     * @atomicservice
1469     * @since 12
1470     */
1471    onResult(result: UserAuthResult): void;
1472  }
1473
1474  /**
1475   * User authentication instance, used to initiate a complete authentication.
1476   *
1477   * @interface UserAuthInstance
1478   * @syscap SystemCapability.UserIAM.UserAuth.Core
1479   * @since 10
1480   */
1481  /**
1482   * User authentication instance, used to initiate a complete authentication.
1483   *
1484   * @interface UserAuthInstance
1485   * @syscap SystemCapability.UserIAM.UserAuth.Core
1486   * @atomicservice
1487   * @since 12
1488   */
1489  interface UserAuthInstance {
1490    /**
1491     * Turn on widget authentication result event listening.
1492     *
1493     * @param { 'result' } type - Indicates the type of event.
1494     * @param { IAuthCallback } callback - Indicates the listener.
1495     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1496     * <br>1. Mandatory parameters are left unspecified.
1497     * <br>2. Incorrect parameter types.
1498     * <br>3. Parameter verification failed.
1499     * @throws { BusinessError } 12500002 - General operation error.
1500     * @syscap SystemCapability.UserIAM.UserAuth.Core
1501     * @since 10
1502     */
1503    /**
1504     * Turn on widget authentication result event listening.
1505     *
1506     * @param { 'result' } type - Indicates the type of event.
1507     * @param { IAuthCallback } callback - Indicates the listener.
1508     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1509     * <br>1. Mandatory parameters are left unspecified.
1510     * <br>2. Incorrect parameter types.
1511     * <br>3. Parameter verification failed.
1512     * @throws { BusinessError } 12500002 - General operation error.
1513     * @syscap SystemCapability.UserIAM.UserAuth.Core
1514     * @atomicservice
1515     * @since 12
1516     */
1517    on(type: 'result', callback: IAuthCallback): void;
1518
1519    /**
1520     * Turn off widget authentication result event listening.
1521     *
1522     * @param { 'result' } type - Indicates the type of event.
1523     * @param { IAuthCallback } callback - Indicates the listener.
1524     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1525     * <br>1. Mandatory parameters are left unspecified.
1526     * <br>2. Incorrect parameter types.
1527     * <br>3. Parameter verification failed.
1528     * @throws { BusinessError } 12500002 - General operation error.
1529     * @syscap SystemCapability.UserIAM.UserAuth.Core
1530     * @since 10
1531     */
1532    /**
1533     * Turn off widget authentication result event listening.
1534     *
1535     * @param { 'result' } type - Indicates the type of event.
1536     * @param { IAuthCallback } callback - Indicates the listener.
1537     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1538     * <br>1. Mandatory parameters are left unspecified.
1539     * <br>2. Incorrect parameter types.
1540     * <br>3. Parameter verification failed.
1541     * @throws { BusinessError } 12500002 - General operation error.
1542     * @syscap SystemCapability.UserIAM.UserAuth.Core
1543     * @atomicservice
1544     * @since 12
1545     */
1546    off(type: 'result', callback?: IAuthCallback): void;
1547
1548    /**
1549     * Start this authentication, an instance can only perform authentication once.
1550     *
1551     * @permission ohos.permission.ACCESS_BIOMETRIC
1552     * @throws { BusinessError } 201 - Permission verification failed.
1553     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1554     * <br>1. Incorrect parameter types.
1555     * @throws { BusinessError } 12500001 - Authentication failed.
1556     * @throws { BusinessError } 12500002 - General operation error.
1557     * @throws { BusinessError } 12500003 - Authentication canceled.
1558     * @throws { BusinessError } 12500004 - Authentication timeout.
1559     * @throws { BusinessError } 12500005 - The authentication type is not supported.
1560     * @throws { BusinessError } 12500006 - The authentication trust level is not supported.
1561     * @throws { BusinessError } 12500007 - Authentication service is busy.
1562     * @throws { BusinessError } 12500009 - Authentication is locked out.
1563     * @throws { BusinessError } 12500010 - The type of credential has not been enrolled.
1564     * @throws { BusinessError } 12500011 - Switched to the custom authentication process.
1565     * @syscap SystemCapability.UserIAM.UserAuth.Core
1566     * @since 10
1567     */
1568    /**
1569     * Start this authentication, an instance can only perform authentication once.
1570     *
1571     * @permission ohos.permission.ACCESS_BIOMETRIC
1572     * @throws { BusinessError } 201 - Permission verification failed.
1573     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1574     * <br>1. Incorrect parameter types.
1575     * @throws { BusinessError } 12500001 - Authentication failed.
1576     * @throws { BusinessError } 12500002 - General operation error.
1577     * @throws { BusinessError } 12500003 - Authentication canceled.
1578     * @throws { BusinessError } 12500004 - Authentication timeout.
1579     * @throws { BusinessError } 12500005 - The authentication type is not supported.
1580     * @throws { BusinessError } 12500006 - The authentication trust level is not supported.
1581     * @throws { BusinessError } 12500007 - Authentication service is busy.
1582     * @throws { BusinessError } 12500009 - Authentication is locked out.
1583     * @throws { BusinessError } 12500010 - The type of credential has not been enrolled.
1584     * @throws { BusinessError } 12500011 - Switched to the custom authentication process.
1585     * @throws { BusinessError } 12500013 - Operation failed because of PIN expired.
1586     * @syscap SystemCapability.UserIAM.UserAuth.Core
1587     * @atomicservice
1588     * @since 12
1589     */
1590    start(): void;
1591
1592    /**
1593     * Cancel this authentication.
1594     *
1595     * @permission ohos.permission.ACCESS_BIOMETRIC
1596     * @throws { BusinessError } 201 - Permission verification failed.
1597     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1598     * <br>1. Incorrect parameter types.
1599     * @throws { BusinessError } 12500002 - General operation error.
1600     * @syscap SystemCapability.UserIAM.UserAuth.Core
1601     * @since 10
1602     */
1603    /**
1604     * Cancel this authentication.
1605     *
1606     * @permission ohos.permission.ACCESS_BIOMETRIC
1607     * @throws { BusinessError } 201 - Permission verification failed.
1608     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1609     * <br>1. Incorrect parameter types.
1610     * @throws { BusinessError } 12500002 - General operation error.
1611     * @syscap SystemCapability.UserIAM.UserAuth.Core
1612     * @atomicservice
1613     * @since 12
1614     */
1615    cancel(): void;
1616  }
1617
1618  /**
1619   * Get user authentication instance with widget.
1620   *
1621   * @param { AuthParam } authParam - Auth parameter.
1622   * @param { WidgetParam } widgetParam - Widget parameter.
1623   * @returns { UserAuthInstance } Returns an authentication instance with widget.
1624   * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1625   * <br>1. Mandatory parameters are left unspecified.
1626   * <br>2. Incorrect parameter types.
1627   * <br>3. Parameter verification failed.
1628   * @throws { BusinessError } 12500002 - General operation error.
1629   * @throws { BusinessError } 12500005 - The authentication type is not supported.
1630   * @throws { BusinessError } 12500006 - The authentication trust level is not supported.
1631   * @syscap SystemCapability.UserIAM.UserAuth.Core
1632   * @since 10
1633   */
1634  /**
1635   * Get user authentication instance with widget.
1636   *
1637   * @param { AuthParam } authParam - Auth parameter.
1638   * @param { WidgetParam } widgetParam - Widget parameter.
1639   * @returns { UserAuthInstance } Returns an authentication instance with widget.
1640   * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1641   * <br>1. Mandatory parameters are left unspecified.
1642   * <br>2. Incorrect parameter types.
1643   * <br>3. Parameter verification failed.
1644   * @throws { BusinessError } 12500002 - General operation error.
1645   * @throws { BusinessError } 12500005 - The authentication type is not supported.
1646   * @throws { BusinessError } 12500006 - The authentication trust level is not supported.
1647   * @syscap SystemCapability.UserIAM.UserAuth.Core
1648   * @atomicservice
1649   * @since 12
1650   */
1651  function getUserAuthInstance(authParam: AuthParam, widgetParam: WidgetParam): UserAuthInstance;
1652
1653  /**
1654   * Notice type for user authentication.
1655   *
1656   * @enum { number }
1657   * @syscap SystemCapability.UserIAM.UserAuth.Core
1658   * @systemapi Hide this for inner system use.
1659   * @since 10
1660   */
1661  enum NoticeType {
1662    /**
1663     * Notice from widget.
1664     *
1665     * @syscap SystemCapability.UserIAM.UserAuth.Core
1666     * @systemapi Hide this for inner system use.
1667     * @since 10
1668     */
1669    WIDGET_NOTICE = 1
1670  }
1671
1672  /**
1673   * Send notice to user authentication.
1674   *
1675   * @permission ohos.permission.SUPPORT_USER_AUTH
1676   * @param { NoticeType } noticeType - Notice type for user authentication.
1677   * @param { string } eventData - The event data from widget.
1678   * @throws { BusinessError } 201 - Permission verification failed.
1679   * @throws { BusinessError } 202 - The caller is not a system application.
1680   * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1681   * <br>1. Mandatory parameters are left unspecified.
1682   * <br>2. Incorrect parameter types.
1683   * <br>3. Parameter verification failed.
1684   * @throws { BusinessError } 12500002 - General operation error.
1685   * @syscap SystemCapability.UserIAM.UserAuth.Core
1686   * @systemapi Hide this for inner system use.
1687   * @since 10
1688   */
1689  function sendNotice(noticeType: NoticeType, eventData: string): void;
1690
1691  /**
1692   * Enum for operation result.
1693   *
1694   * @enum { number }
1695   * @syscap SystemCapability.UserIAM.UserAuth.Core
1696   * @since 9
1697   */
1698  /**
1699   * Enum for operation result.
1700   *
1701   * @enum { number }
1702   * @syscap SystemCapability.UserIAM.UserAuth.Core
1703   * @atomicservice
1704   * @since 12
1705   */
1706  enum UserAuthResultCode {
1707    /**
1708     * Indicates that the result is success or ability is supported.
1709     *
1710     * @syscap SystemCapability.UserIAM.UserAuth.Core
1711     * @since 9
1712     */
1713    /**
1714     * Indicates that the result is success or ability is supported.
1715     *
1716     * @syscap SystemCapability.UserIAM.UserAuth.Core
1717     * @atomicservice
1718     * @since 12
1719     */
1720    SUCCESS = 12500000,
1721
1722    /**
1723     * Indicates that the authentication result is failed.
1724     *
1725     * @syscap SystemCapability.UserIAM.UserAuth.Core
1726     * @since 9
1727     */
1728    /**
1729     * Indicates that the authentication result is failed.
1730     *
1731     * @syscap SystemCapability.UserIAM.UserAuth.Core
1732     * @atomicservice
1733     * @since 12
1734     */
1735    FAIL = 12500001,
1736
1737    /**
1738     * Indicates other errors.
1739     *
1740     * @syscap SystemCapability.UserIAM.UserAuth.Core
1741     * @since 9
1742     */
1743    /**
1744     * Indicates other errors.
1745     *
1746     * @syscap SystemCapability.UserIAM.UserAuth.Core
1747     * @atomicservice
1748     * @since 12
1749     */
1750    GENERAL_ERROR = 12500002,
1751
1752    /**
1753     * Indicates that this operation is canceled.
1754     *
1755     * @syscap SystemCapability.UserIAM.UserAuth.Core
1756     * @since 9
1757     */
1758    /**
1759     * Indicates that this operation is canceled.
1760     *
1761     * @syscap SystemCapability.UserIAM.UserAuth.Core
1762     * @atomicservice
1763     * @since 12
1764     */
1765    CANCELED = 12500003,
1766
1767    /**
1768     * Indicates that this operation is time-out.
1769     *
1770     * @syscap SystemCapability.UserIAM.UserAuth.Core
1771     * @since 9
1772     */
1773    /**
1774     * Indicates that this operation is time-out.
1775     *
1776     * @syscap SystemCapability.UserIAM.UserAuth.Core
1777     * @atomicservice
1778     * @since 12
1779     */
1780    TIMEOUT = 12500004,
1781
1782    /**
1783     * Indicates that this authentication type is not supported.
1784     *
1785     * @syscap SystemCapability.UserIAM.UserAuth.Core
1786     * @since 9
1787     */
1788    /**
1789     * Indicates that this authentication type is not supported.
1790     *
1791     * @syscap SystemCapability.UserIAM.UserAuth.Core
1792     * @atomicservice
1793     * @since 12
1794     */
1795    TYPE_NOT_SUPPORT = 12500005,
1796
1797    /**
1798     * Indicates that the authentication trust level is not supported.
1799     *
1800     * @syscap SystemCapability.UserIAM.UserAuth.Core
1801     * @since 9
1802     */
1803    /**
1804     * Indicates that the authentication trust level is not supported.
1805     *
1806     * @syscap SystemCapability.UserIAM.UserAuth.Core
1807     * @atomicservice
1808     * @since 12
1809     */
1810    TRUST_LEVEL_NOT_SUPPORT = 12500006,
1811
1812    /**
1813     * Indicates that the authentication task is busy. Wait for a few seconds and try again.
1814     *
1815     * @syscap SystemCapability.UserIAM.UserAuth.Core
1816     * @since 9
1817     */
1818    /**
1819     * Indicates that the authentication task is busy. Wait for a few seconds and try again.
1820     *
1821     * @syscap SystemCapability.UserIAM.UserAuth.Core
1822     * @atomicservice
1823     * @since 12
1824     */
1825    BUSY = 12500007,
1826
1827    /**
1828     * Indicates that the authenticator is locked.
1829     *
1830     * @syscap SystemCapability.UserIAM.UserAuth.Core
1831     * @since 9
1832     */
1833    /**
1834     * Indicates that the authenticator is locked.
1835     *
1836     * @syscap SystemCapability.UserIAM.UserAuth.Core
1837     * @atomicservice
1838     * @since 12
1839     */
1840    LOCKED = 12500009,
1841
1842    /**
1843     * Indicates that the user has not enrolled the authenticator.
1844     *
1845     * @syscap SystemCapability.UserIAM.UserAuth.Core
1846     * @since 9
1847     */
1848    /**
1849     * Indicates that the user has not enrolled the authenticator.
1850     *
1851     * @syscap SystemCapability.UserIAM.UserAuth.Core
1852     * @atomicservice
1853     * @since 12
1854     */
1855    NOT_ENROLLED = 12500010,
1856
1857    /**
1858     * Indicates that this operation is canceled from widget's navigation button.
1859     *
1860     * @syscap SystemCapability.UserIAM.UserAuth.Core
1861     * @since 10
1862     */
1863    /**
1864     * Indicates that this operation is canceled from widget's navigation button.
1865     *
1866     * @syscap SystemCapability.UserIAM.UserAuth.Core
1867     * @atomicservice
1868     * @since 12
1869     */
1870    CANCELED_FROM_WIDGET = 12500011,
1871
1872    /**
1873     * Indicates that current operation failed because of PIN expired.
1874     *
1875     * @syscap SystemCapability.UserIAM.UserAuth.Core
1876     * @atomicservice
1877     * @since 12
1878     */
1879    PIN_EXPIRED = 12500013
1880  }
1881
1882  /**
1883   * User authentication widget's manager, used to manage widget's client.
1884   *
1885   * @interface UserAuthWidgetMgr
1886   * @syscap SystemCapability.UserIAM.UserAuth.Core
1887   * @systemapi Hide this for inner system use.
1888   * @since 10
1889   */
1890  interface UserAuthWidgetMgr {
1891    /**
1892     * Turn on authentication widget command event listening.
1893     *
1894     * @param { 'command' } type - Indicates the type of event.
1895     * @param { IAuthWidgetCallback } callback - Indicates the listener.
1896     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1897     * <br>1. Mandatory parameters are left unspecified.
1898     * <br>2. Incorrect parameter types.
1899     * <br>3. Parameter verification failed.
1900     * @throws { BusinessError } 12500002 - General operation error.
1901     * @syscap SystemCapability.UserIAM.UserAuth.Core
1902     * @systemapi Hide this for inner system use.
1903     * @since 10
1904     */
1905    on(type: 'command', callback: IAuthWidgetCallback): void;
1906
1907    /**
1908     * Turn off authentication widget command event listening.
1909     *
1910     * @param { 'command' } type - Indicates the type of event.
1911     * @param { IAuthWidgetCallback } callback - Indicates the listener.
1912     * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1913     * <br>1. Mandatory parameters are left unspecified.
1914     * <br>2. Incorrect parameter types.
1915     * <br>3. Parameter verification failed.
1916     * @throws { BusinessError } 12500002 - General operation error.
1917     * @syscap SystemCapability.UserIAM.UserAuth.Core
1918     * @systemapi Hide this for inner system use.
1919     * @since 10
1920     */
1921    off(type: 'command', callback?: IAuthWidgetCallback): void;
1922  }
1923
1924  /**
1925   * Get authentication instance with widget.
1926   *
1927   * @permission ohos.permission.SUPPORT_USER_AUTH
1928   * @param { number } version - The version of widget.
1929   * @returns { UserAuthWidgetMgr } Returns an authentication manager.
1930   * @throws { BusinessError } 201 - Permission verification failed.
1931   * @throws { BusinessError } 202 - The caller is not a system application.
1932   * @throws { BusinessError } 401 - Incorrect parameters. Possible causes:
1933   * <br>1. Mandatory parameters are left unspecified.
1934   * <br>2. Incorrect parameter types.
1935   * @throws { BusinessError } 12500002 - General operation error.
1936   * @syscap SystemCapability.UserIAM.UserAuth.Core
1937   * @systemapi Hide this for inner system use.
1938   * @since 10
1939   */
1940  function getUserAuthWidgetMgr(version: number): UserAuthWidgetMgr;
1941
1942  /**
1943   * Asynchronous callback of authentication widget operation.
1944   *
1945   * @interface IAuthWidgetCallback
1946   * @syscap SystemCapability.UserIAM.UserAuth.Core
1947   * @systemapi Hide this for inner system use.
1948   * @since 10
1949   */
1950  interface IAuthWidgetCallback {
1951    /**
1952     * The command data for authentication with widget is sent through the callback.
1953     *
1954     * @param { string } cmdData - The command data for authentication with widget.
1955     * @syscap SystemCapability.UserIAM.UserAuth.Core
1956     * @systemapi Hide this for inner system use.
1957     * @since 10
1958     */
1959    sendCommand(cmdData: string): void;
1960  }
1961}
1962
1963export default userAuth;
1964