安全上下文
此特征只可用于
安全上下文
(HTTPS),在某些或所有
支持浏览器
.
extensions
, an optional property of the
PublicKeyCredentialRequestOptions
dictionary, is an object providing the client extensions and their input values.
Extensions are values requesting additional processing by the client and by the authenticator. For instance, extensions may be used for:
注意:
An analogous option exists for the creation operation (
navigators.credentials.create()
), see
PublicKeyCredentialCreationOptions.extensions
.
extensions = publicKeyCredentialRequestOptions.extensions
An object with various keys and values.
Here is the current (as of March 2019) list of potential extensions which may be used during the registration operation.
Warning!
As of June 2020, only
appid
支持通过
Chrome
and
Edge
. Firefox does not seem to
support any extension
. Also Chrome doesn't plan to support any other extension in
future
| Extension identifier | 类型 | 描述 |
|---|---|---|
appid
|
USVString
|
FIDO appID. An appID which was used with legacy FIDO JS APIs to identify the current relying party. |
txAuthSimple
|
USVString
|
Simple transaction authorization. This text is displayed on a prompt of the authenticator before verifying the user or testing their presence. The client outputs a
USVString
which is the text as it was displayed (line breaks may have been added).
|
txAuthGeneric
|
An object with two properties:
|
Generic transaction authorization. This is used to display an image or some non-textual content on the authenticator before verifying the user or testing their presence. The
contentType
gives the
MIME 类型
of the resource to be displayed while
content
gives its actual content. The client outputs the hash of the content which was displayed (hashing with the same algorithm which is used for the signature).
|
uvi
|
布尔 |
User verification index. If
true
, the client outputs an
ArrayBuffer
which contains a value uniquely identifying a user verification data record. In other words, this may be used server side to check if the current operation is based on the same biometric data that the previous authentication.
|
loc
|
布尔 |
Location. If
true
, the client outputs a
坐标
object representing the geolocation of the authenticator.
|
uvm
|
布尔 |
User verification method. If
true
, the client outputs an array of arrays with 3 values containing information about how the user was verified (e.g. fingerprint, pin, pattern), how the key is protected, how the matcher (tool used for the authentication operation) is protected.
|
注意: Extensions are optional and different browsers may recognize different extensions. All extensions are optional for the client to process them: if a browser does not know a given extension, that will not cause any failure, the extension simply will not be processed.
var options = {
extensions: {
uvm: true,
loc: false,
txAuthSimple: "Could you please verify yourself?"
},
challenge: new Uint8Array([/* bytes sent from the server */])
};
navigator.credentials.get({ "publicKey": options })
.then(function (credentialInfoAssertion) {
// send assertion response back to the server
// to proceed with the control of the credential
}).catch(function (err) {
console.error(err);
});
| 规范 | 状态 | 注释 |
|---|---|---|
|
Web Authentication: An API for accessing Public Key Credentials Level 1
The definition of 'extensions' in that specification. |
推荐 | 初始定义。 |
| 桌面 | 移动 | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
extensions
|
Chrome 67 | Edge ≤79 | Firefox 60 | IE ? | Opera Yes | Safari 13 | WebView Android 67 | Chrome Android 67 | Firefox Android ? | Opera Android Yes | Safari iOS 13.3 | Samsung Internet Android No |
完整支持
不支持
兼容性未知
实验。期望将来行为有所改变。
PublicKeyCredential.getClientExtensionResults()
PublicKeyCredentialCreationOptions.extensions
, the analogous option property used when creating a credential
PublicKeyCredentialRequestOptions
allowCredentials
challenge
extensions
rpId
timeout
userVerification