| // Copyright 2019 The Fuchsia Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| library fuchsia.identity.account; |
| |
| /// A high level assessment of the degree to which the account owner is |
| /// authenticated and consequently which resources are available for the |
| /// account. The detailed definitions of these states and the transistions |
| /// between them depend on product-specific policy. Some states may not apply |
| /// for some products. |
| type AuthStateSummary = flexible enum { |
| /// All encrypted storage for the account is locked. No account resources |
| /// will be available until after authentication using a storage unlock |
| /// authentication mechanism. |
| STORAGE_LOCKED = 1; |
| |
| /// Some encrypted storage for the account is unlocked but local interaction |
| /// with the account will not allowed until after authentication. Some |
| /// account resources may be available in this state. |
| INTERACTION_LOCKED = 2; |
| |
| /// All encrypted storage for the account is unlocked. Local interaction |
| /// is allowed. |
| UNLOCKED = 3; |
| |
| /// All encrypted storage for the account is unlocked. Local interaction |
| /// is allowed, and the account owner has recently been authenticated. |
| RECENTLY_AUTHENTICATED = 4; |
| }; |
| |
| /// An assessment of the current presence and engagement of an account owner, |
| /// under the provided scenario, including the system's confidence in that |
| /// assessment and its timeliness. |
| type AuthState = table { |
| /// A high level assessment of the degree to which the account owner is |
| /// authenticated. |
| 1: summary AuthStateSummary; |
| |
| // TODO(fxbug.dev/101929): Add additional fields to express timeliness and |
| // confidence. Potentially re-add presence and/or engagement. |
| }; |
| |
| /// An expression of the types of changes to an auth state that should be |
| /// reported over listener interfaces. By default no changes will be reported. |
| type AuthChangeGranularity = table { |
| /// If true, any changes in the `AuthStateSummary` enumeration will be |
| /// reported. |
| 1: summary_changes bool; |
| }; |