View on GitHub
Install in Dash
AppleWebAuthnProvider
@available(iOS 16.0, macOS 13.0, *)
public final class AppleWebAuthnProvider : NSObject, WebAuthnProvider, @unchecked SendableApple-platform WebAuthnProvider backed by ASAuthorizationPlatformPublicKeyCredentialProvider.
Provides passkey registration (secp256r1 key creation via Touch ID / Face ID) and
assertion (passkey signing) for iOS 16+ and macOS 13+. Returns
WebAuthnRegistrationResult and WebAuthnAuthenticationResult respectively.
On macOS set presentationContextProvider before calling register or authenticate;
the system requires a host window reference. iOS handles presentation automatically.
The host application must declare an Associated Domains entitlement
(webcredentials:<rpId>) and publish a matching AASA file.
See docs/smart-accounts/webauthn-ios.md for setup details.
Example:
let provider = try AppleWebAuthnProvider(
rpId: "wallet.example.com",
rpName: "Example Smart Wallet"
)
let registration = try await provider.register(
challenge: challenge32Bytes,
userId: userIdBytes,
userName: "user@example.com"
)
-
Default operation timeout in milliseconds (60 seconds), used when no explicit
timeoutis supplied to the initializer or factory.Declaration
Swift
public static let defaultTimeoutMs: Int64 -
WebAuthn Relying Party identifier. Must match an
Associated Domainsentitlement entry in the host application.Declaration
Swift
public let rpId: String -
Human-readable Relying Party name displayed during passkey prompts.
Declaration
Swift
public let rpName: String -
Operation timeout in milliseconds. Applied to both
registerandauthenticate; when exceeded, the call throwsWebAuthnException.RegistrationFailedorWebAuthnException.AuthenticationFailedrespectively.Declaration
Swift
public let timeout: Int64 -
Optional presentation context provider for the underlying
ASAuthorizationController.On macOS,
ASAuthorizationControllerrequires a context provider to supply the window in which to display the passkey UI. Without it the system fails the request with ASAuthorizationError code 1004. On iOS the system handles presentation automatically and this property may remainnil.The provider holds a strong reference; assign before invoking
registerorauthenticate. This property is not guarded bydelegateLock, so mutating it concurrently with an in-flight call is undefined behavior.Declaration
Swift
public var presentationContextProvider: ASAuthorizationControllerPresentationContextProviding? -
Initializes a new
AppleWebAuthnProvider.Throws
SmartAccountConfigurationException.InvalidConfigwhen any input fails validation.Declaration
Swift
public init( rpId: String, rpName: String, timeout: Int64 = AppleWebAuthnProvider.defaultTimeoutMs ) throwsParameters
rpIdWebAuthn Relying Party identifier. Must be non-blank.
rpNameHuman-readable RP name shown during passkey prompts. Must be non-blank.
timeoutOperation timeout in milliseconds. Must be strictly positive. Defaults to
defaultTimeoutMs(60000). -
Throwing convenience factory equivalent to
init(rpId:rpName:timeout:).Throws
SmartAccountConfigurationException.InvalidConfigfor invalid inputs.Declaration
Swift
public static func create( rpId: String, rpName: String, timeout: Int64 = AppleWebAuthnProvider.defaultTimeoutMs ) throws -> AppleWebAuthnProviderParameters
rpIdWebAuthn Relying Party identifier.
rpNameHuman-readable RP name.
timeoutOperation timeout in milliseconds. Defaults to
defaultTimeoutMs.Return Value
A new configured
AppleWebAuthnProvider. -
register(challenge:AsynchronoususerId: userName: ) Declaration
Swift
public func register( challenge: Data, userId: Data, userName: String ) async throws -> WebAuthnRegistrationResult -
authenticate(challenge:AsynchronousallowCredentials: ) Declaration
Swift
public func authenticate( challenge: Data, allowCredentials: [WebAuthnAllowCredential]? ) async throws -> WebAuthnAuthenticationResult