PublicKeyCredential

Secure context
This feature is available only in secure contexts (HTTPS), in some or all supporting browsers .

PublicKeyCredential interface provides information about a public key / private key pair, which is a credential for logging in to a service using an un-phishable and data-breach resistant asymmetric key pair instead of a password. It inherits from Credential , and was created by the Web 身份验证 API extension to the 证书管理 API . Other interfaces that inherit from Credential are PasswordCredential and FederatedCredential .

注意: This API is restricted to top-level contexts. Use from within an <iframe> element will not have any effect.

特性

PublicKeyCredential.type 只读 Secure context
Inherited from Credential . Always set to public-key for PublicKeyCredential 实例。
PublicKeyCredential.id 只读 Secure context
Inherited from Credential and overridden to be the base64url encoding of PublicKeyCredential.rawId .
PublicKeyCredential.rawId 只读 Secure context
An ArrayBuffer that holds the globally unique identifier for this PublicKeyCredential . This identifier can be used to look up credentials for future calls to CredentialsContainer.get .
PublicKeyCredential.response 只读 Secure context
An instance of an AuthenticatorResponse object. It is either of type AuthenticatorAttestationResponse PublicKeyCredential was the results of a navigator.credentials.create() call, or of type AuthenticatorAssertionResponse PublicKeyCredential was the result of a navigator.credentials.get() 调用。

方法

PublicKeyCredential.getClientExtensionResults() Secure context
If any extensions were requested, this method will return the results of processing those extensions.
PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable() Secure context
A static method returning a Promise which resolves to true if an authenticator bound to the platform is capable of verifying the user. With the current state of implementation, this method only resolves to true when Windows Hello is available on the system.

范例

Creating a new instance of PublicKeyCredential

Here, we use navigator.credentials.create() to generate a new credential.

var publicKey = {
  challenge: /* from the server */,
  rp: {
    name: "Example CORP",
    id  : "login.example.com"
  },
  user: {
    id: new Uint8Array(16),
    name: "jdoe@example.com",
    displayName: "John Doe"
  },
  pubKeyCredParams: [
    {
      type: "public-key",
      alg: -7
    }
  ]
};
navigator.credentials.create({ publicKey })
  .then(function (newCredentialInfo) {
    var response = newCredentialInfo.response;
    var clientExtensionsResults = newCredentialInfo.getClientExtensionResults();
  }).catch(function (err) {
     console.error(err);
  });
					

Getting an existing instance of PublicKeyCredential

Here, we fetch an existing credential from an authenticator, using navigator.credentials.get() .

var options = {
  challenge: new Uint8Array([/* bytes sent from the server */])
};
navigator.credentials.get({ "publicKey": options })
    .then(function (credentialInfoAssertion) {
    // send assertion response back to the server
    // to proceed with the control of the credential
}).catch(function (err) {
     console.error(err);
});
					

规范

规范 状态 Comment
Web Authentication: An API for accessing Public Key Credentials Level 1
The definition of 'PublicKeyCredential interface' in that specification.
Recommendation 初始定义。

浏览器兼容性

更新 GitHub 上的兼容性数据
Desktop Mobile
Chrome Edge Firefox Internet Explorer Opera Safari Android webview Chrome for Android Firefox for Android Opera for Android Safari on iOS Samsung Internet
PublicKeyCredential Chrome 67
67
65
Disabled
Only supports USB U2F tokens.
Disabled From version 65: this feature is behind the Web 身份验证 API preference (needs to be set to Enabled ). To change preferences in Chrome, visit chrome://flags.
Edge 18 Firefox 60
60
Only supports USB U2F tokens.
IE No Opera No Safari 13 WebView Android 70 Chrome Android 70 Firefox Android 60
60
Only supports USB U2F tokens.
Opera Android No Safari iOS 13.3 Samsung Internet Android No
getClientExtensionResults Chrome 67
67
65
Disabled
Only supports USB U2F tokens.
Disabled From version 65: this feature is behind the Web 身份验证 API preference (needs to be set to Enabled ). To change preferences in Chrome, visit chrome://flags.
Edge 18 Firefox 60
60
Only supports USB U2F tokens.
IE No Opera No Safari 13 WebView Android 70 Chrome Android 70 Firefox Android 60
60
Only supports USB U2F tokens.
Opera Android No Safari iOS 13.3 Samsung Internet Android No
isUserVerifyingPlatformAuthenticatorAvailable Chrome 67
67
65
Disabled
Only supports USB U2F tokens.
Disabled From version 65: this feature is behind the Web 身份验证 API preference (needs to be set to Enabled ). To change preferences in Chrome, visit chrome://flags.
Edge 18 Firefox 60
60
Only supports USB U2F tokens.
IE No Opera No Safari 13 WebView Android 70 Chrome Android 70 Firefox Android 60
60
Only supports USB U2F tokens.
Opera Android No Safari iOS 13.3 Samsung Internet Android No
rawId Chrome 67
67
65
Disabled
Only supports USB U2F tokens.
Disabled From version 65: this feature is behind the Web 身份验证 API preference (needs to be set to Enabled ). To change preferences in Chrome, visit chrome://flags.
Edge 18 Firefox 60
60
Only supports USB U2F tokens.
IE No Opera No Safari 13 WebView Android 70 Chrome Android 70 Firefox Android 60
60
Only supports USB U2F tokens.
Opera Android No Safari iOS 13.3 Samsung Internet Android No
response Chrome 67
67
65
Disabled
Only supports USB U2F tokens.
Disabled From version 65: this feature is behind the Web 身份验证 API preference (needs to be set to Enabled ). To change preferences in Chrome, visit chrome://flags.
Edge 18 Firefox 60
60
Only supports USB U2F tokens.
IE No Opera No Safari 13 WebView Android 70 Chrome Android 70 Firefox Android 60
60
Only supports USB U2F tokens.
Opera Android No Safari iOS 13.3 Samsung Internet Android No

图例

完整支持
完整支持
不支持
不支持
见实现注意事项。
用户必须明确启用此特征。
用户必须明确启用此特征。

另请参阅