Patch #1 of multiple. Add webauth .mojom and initial usage of makeCredential.

components/webauth/authenticator.mojom

Index: components/webauth/authenticator.mojom
diff --git a/components/webauth/authenticator.mojom b/components/webauth/authenticator.mojom
new file mode 100644
index 0000000000000000000000000000000000000000..b9d9bbb37295b375f6293400d68bd99c03a806db
--- /dev/null
+++ b/components/webauth/authenticator.mojom
@@ -0,0 +1,55 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+[JavaPackage="org.chromium.webauth.mojom"]
+module webauth.mojom;
+
+struct ScopedCredentialInfo {

[dcheng, 2017/04/20 13:04:44]

Nit: please add some more comments to these structs, pointers to specs, and what
(if any formatting) is present in things like string or byte array fields. Are
all the byte arrays / string fields things that take arbitrary input?

[kpaulhamus, 2017/04/22 01:04:44]

Comments added.
Yeah, the byte arrays are all blobs, and the string fields take arbitrary input.
There's no formatting that the browser needs to understand here.

[dcheng, 2017/04/24 12:25:26]

Is there any limit on the size of fields here? Any chance they're fixed size?

(I'm assuming not, but figured I may as well ask)

+  array<uint8> client_data;
+  array<uint8> attestation;
+};
+
+struct RelyingPartyAccount {
+  string rp_display_name;

[dcheng, 2017/04/20 13:04:43]

It's not clear what the difference between rp_display_name and display_name is
here. In general, abbreviations are also discouraged.

[kpaulhamus, 2017/04/22 01:04:44]

I've added comments for RelyingPartyAccount in one of the downstream CLs (#3).
I'll un-abbreviate rp.

+  string display_name;
+  string id;
+  string name;
+  string image_url;

[dcheng, 2017/04/20 13:04:43]

Nit: url.mojom.Url

[kpaulhamus, 2017/04/22 01:04:44]

This is coming in a follow-up CL

+};
+
+struct ScopedCredentialParameters {
+  ScopedCredentialType type;
+  // TODO(kpaulhamus): add AlgorithmIdentifier algorithm;
+};
+
+struct ScopedCredentialOptions {
+  int32 timeout_seconds;
+  string rp_id;

[dcheng, 2017/04/20 13:04:43]

Ditto: it's not clear what rp_ stands for here

[kpaulhamus, 2017/04/22 01:04:44]

Ok, I'll unabbreviate same as above.

+  array<ScopedCredentialDescriptor> exclude_list;
+  // TODO(kpaulhamus): add Extensions
+};
+
+enum ScopedCredentialType {
+  SCOPEDCRED,
+};
+
+struct ScopedCredentialDescriptor {
+  ScopedCredentialType type;
+  array<uint8> id;
+  array<Transport> transports;
+};
+
+enum Transport {
+  USB,
+  NFC,
+  BLE,
+};
+
+interface Authenticator {
+  makeCredential(RelyingPartyAccount account_information,
+                 array<ScopedCredentialParameters> crypto_parameters,
+                 array<uint8> attestation_challenge,
+                 ScopedCredentialOptions? options)
+      => (array<ScopedCredentialInfo> scoped_credentials);
+};