Skip to content

LocalAuthentication macOS xcode14.0 beta1

Israel Soto edited this page Sep 6, 2022 · 3 revisions

#LocalAuthentication.framework https://github.com/xamarin/xamarin-macios/pull/15873

diff -ruN /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAContext+Authorization.h /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAContext+Authorization.h
--- /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAContext+Authorization.h	1969-12-31 19:00:00.000000000 -0500
+++ /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAContext+Authorization.h	2022-05-31 15:04:21.000000000 -0400
@@ -0,0 +1,28 @@
+//
+//  Copyright © 2021 Apple Inc. All rights reserved.
+//
+
+#import <Foundation/Foundation.h>
+#import <LocalAuthentication/LAContext.h>
+
+NS_ASSUME_NONNULL_BEGIN
+
+@class LARight;
+
+/// @brief Extensions on the @c LAContext interface for inter-operability with the Authorization API
+API_AVAILABLE(macos(13.0), ios(16.0)) API_UNAVAILABLE(watchos, tvos)
+@interface LAContext (LARight)
+
+/// @brief Evaluates the given @c LARight using in the current @c LAContext
+/// @param right Right to be evaluated.
+/// @param localizedReason Localized explanation for the authorization. Appears in the UI presented to the user.
+/// @param reply Returns error in case evaluation has failed
+- (void)evaluateRight:(LARight *)right localizedReason:(NSString *)localizedReason reply:(void (^)(NSError *_Nullable))reply;
+
+/// @brief Preflights the given @c LARight using in the current @c LAContext
+/// @param right Right to be evaluated.
+/// @param reply Completion handler. Returns @c nil if the right can be authorized or an error otherwise.
+- (void)checkCanEvaluateRight:(LARight *)right reply:(void (^)(NSError *_Nullable))reply;
+@end
+
+NS_ASSUME_NONNULL_END
diff -ruN /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAContext.h /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAContext.h
--- /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAContext.h	2022-02-23 10:58:16.000000000 -0500
+++ /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAContext.h	2022-05-31 15:04:21.000000000 -0400
@@ -12,7 +12,7 @@
 
 typedef NS_ENUM(NSInteger, LAPolicy)
 {
-    /// Device owner is going to be authenticated using a biometric method (Touch ID).
+    /// Device owner will be authenticated using a biometric method (Touch ID).
     ///
     /// @discussion Biometric authentication is required. If Touch ID is not available, not enrolled
     ///             or locked out, then the evaluation of this policy will fail with LAErrorBiometryNotAvailable,
@@ -31,7 +31,7 @@
     ///             we generaly don't want users to enter their account password at application's request.
     LAPolicyDeviceOwnerAuthenticationWithBiometrics API_AVAILABLE(ios(8.0), macos(10.12.2), watchos(3.0), tvos(10.0)) = kLAPolicyDeviceOwnerAuthenticationWithBiometrics,
 
-    /// Device owner is going to be authenticated by biometry or user password.
+    /// Device owner will be authenticated by biometry or user password.
     ///
     /// @discussion Touch ID or user password authentication is required. If Touch ID is not available,
     ///             not enrolled or locked out, then the user is asked for password right away.
@@ -41,7 +41,7 @@
     ///             not end the authentication. Instead, it switches the authentication mechanism to user password.
     LAPolicyDeviceOwnerAuthentication API_AVAILABLE(ios(9.0), macos(10.11), watchos(3.0), tvos(10.0)) = kLAPolicyDeviceOwnerAuthentication,
     
-    /// Device owner is going to be authenticated by Watch.
+    /// Device owner will be authenticated by Watch.
     ///
     /// @discussion Watch authentication is required. If no nearby paired watch device can be found,
     ///             LAErrorWatchNotAvailable is returned.
@@ -50,7 +50,7 @@
     ///             confirm authentication by double-clicking the side button on their watch.
     LAPolicyDeviceOwnerAuthenticationWithWatch API_AVAILABLE(macos(10.15), macCatalyst(13.0)) API_UNAVAILABLE(ios, watchos, tvos) = kLAPolicyDeviceOwnerAuthenticationWithWatch,
     
-    /// Device owner is going to be authenticated by biometry or Watch.
+    /// Device owner will be authenticated by biometry or Watch.
     ///
     /// @discussion Watch or biometric authentication is required. If no nearby paired watch device can be found,
     ///             it behaves as LAPolicyDeviceOwnerAuthenticationWithBiometrics. Similarly, if biometry is
@@ -59,7 +59,11 @@
     ///             Watch authentication dialog looks and behaves similarly to biometric variant. When both
     ///             machanisms are available, user is asked to use biometry and watch authentication will run in
     ///             parallel.
-    LAPolicyDeviceOwnerAuthenticationWithBiometricsOrWatch API_AVAILABLE(macos(10.15), macCatalyst(13.0)) API_UNAVAILABLE(ios, watchos, tvos) = kLAPolicyDeviceOwnerAuthenticationWithBiometricsOrWatch
+    LAPolicyDeviceOwnerAuthenticationWithBiometricsOrWatch API_AVAILABLE(macos(10.15), macCatalyst(13.0)) API_UNAVAILABLE(ios, watchos, tvos) = kLAPolicyDeviceOwnerAuthenticationWithBiometricsOrWatch,
+    
+    /// Device owner will be authenticated by device passcode. The authentication will also succeed if the wrist detection is enabled,
+    /// correct passcode was entered in the past and the watch has been on the wrist ever since.
+    LAPolicyDeviceOwnerAuthenticationWithWristDetection API_AVAILABLE(watchos(9.0)) API_UNAVAILABLE(macos, ios, tvos) = kLAPolicyDeviceOwnerAuthenticationWithWristDetection,
 } API_AVAILABLE(ios(8.0), macos(10.10), watchos(3.0), tvos(10.0));
 
 /// The maximum value for LAContext touchIDAuthenticationAllowableReuseDuration property.
diff -ruN /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAPersistedRight.h /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAPersistedRight.h
--- /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAPersistedRight.h	1969-12-31 19:00:00.000000000 -0500
+++ /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAPersistedRight.h	2022-05-31 15:04:21.000000000 -0400
@@ -0,0 +1,30 @@
+//
+//  Copyright © 2021 Apple Inc. All rights reserved.
+//
+
+#import <Foundation/Foundation.h>
+#import <LocalAuthentication/LARight.h>
+
+NS_ASSUME_NONNULL_BEGIN
+
+@class LASecret, LAPrivateKey;
+
+/// @brief A type of right that, when authorized, grants access to a key and secret
+API_AVAILABLE(macos(13.0), ios(16.0)) API_UNAVAILABLE(watchos, tvos)
+@interface LAPersistedRight: LARight
+
+/// @brief Managed private key
+@property (nonatomic, readonly) LAPrivateKey *key;
+
+/// @brief Generic secret
+/// @discussion This is the generic secret that would have been stored along with the right
+@property (nonatomic, readonly) LASecret *secret;
+
+/// @brief Clients cannot create @c LAPersistedRight instances directly. They can only obtain them from the @c LARightStore .
++ (instancetype)new NS_UNAVAILABLE;
+
+/// @brief Clients cannot create @c LAPersistedRight instances directly. They can only obtain them from the @c LARightStore .
+- (instancetype)init NS_UNAVAILABLE;
+@end
+
+NS_ASSUME_NONNULL_END
diff -ruN /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAPrivateKey.h /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAPrivateKey.h
--- /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAPrivateKey.h	1969-12-31 19:00:00.000000000 -0500
+++ /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAPrivateKey.h	2022-05-31 15:04:21.000000000 -0400
@@ -0,0 +1,61 @@
+//
+//  Copyright © 2021 Apple Inc. All rights reserved.
+//
+
+#import <Foundation/Foundation.h>
+#import <Security/SecKey.h>
+
+NS_ASSUME_NONNULL_BEGIN
+
+@class LAPublicKey;
+
+/// @brief Managed Private Key.
+API_AVAILABLE(macos(13.0), ios(16.0)) API_UNAVAILABLE(watchos, tvos)
+@interface LAPrivateKey: NSObject
+
+/// @brief Offers the public key counterpart of a @c LAPrivateKey instance
+@property (nonatomic, readonly) LAPublicKey *publicKey;
+
+/// @brief Generates a digital signature for the given data.
+/// @param data The data to be signed, typically the digest of the actual data.
+/// @param algorithm A  @c SecKeyAlgorithm suitable for generating signatures with this key – e.g: @c kSecKeyAlgorithmECDSASignatureMessageX962SHA256
+/// @param handler Completion handler with the signature of given data or an error on failure.
+- (void)signData:(NSData *)data secKeyAlgorithm:(SecKeyAlgorithm)algorithm completion:(void (^)(NSData *_Nullable, NSError *_Nullable))handler NS_SWIFT_NAME(sign(_:algorithm:completion:));
+
+/// @brief Checks if the the provided algorithm can be used for signing data
+/// @param algorithm Cryptographic algorithm
+/// @return @c YES in case the key supports the provided algorithm with the specified operation.
+- (BOOL)canSignUsingSecKeyAlgorithm:(SecKeyAlgorithm)algorithm NS_SWIFT_NAME(canSign(using:));
+
+/// @brief Decrypts the given ciphertext
+/// @param data The data to decrypt. The length and format of the data must conform to chosen algorithm,
+/// typically be less or equal to the value returned by SecKeyGetBlockSize().
+/// @param algorithm A @c SecKeyAlgorithm suitable for decrypting data with this key –e.g: @c kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA256AESGCM
+/// @param handler Completion handler with plaintext or an error on failure.
+- (void)decryptData:(NSData *)data secKeyAlgorithm:(SecKeyAlgorithm)algorithm completion:(void (^)(NSData *_Nullable, NSError *_Nullable))handler NS_SWIFT_NAME(decrypt(_:algorithm:completion:));
+
+/// @brief Checks if the the provided algorithm can be used for decryption
+/// @param algorithm Cryptographic algorithm
+/// @return @c YES in case the key supports the provided algorithm with the specified operation.
+- (BOOL)canDecryptUsingSecKeyAlgorithm:(SecKeyAlgorithm)algorithm NS_SWIFT_NAME(canDecrypt(using:));
+
+/// @brief Performs a Diffie-Hellman style key exchange operation
+/// @param publicKey Remote party's public key.
+/// @param algorithm A @c SecKeyAlgorithm suitable for performing a key exchange with this key –e.g: @c kSecKeyAlgorithmECDHKeyExchangeCofactorX963SHA256
+/// @param parameters Dictionary with parameters, see @c SecKeyKeyExchangeParameter constants.  Used algorithm determines the set of required and optional parameters to be used.
+/// @param handler Completion handler with the result of the key exchange or an error on failure.
+- (void)exchangeKeysWithPublicKey:(NSData *)publicKey secKeyAlgorithm:(SecKeyAlgorithm)algorithm secKeyParameters:(NSDictionary *)parameters completion:(void (^)(NSData *_Nullable, NSError *_Nullable))handler NS_SWIFT_NAME(exchangeKeys(publicKey:algorithm:parameters:completion:));
+
+/// @brief Checks if the the provided algorithm can be used for performing key exchanges
+/// @param algorithm Cryptographic algorithm
+/// @return @c YES in case the key supports the provided algorithm with the specified operation.
+- (BOOL)canExchangeKeysUsingSecKeyAlgorithm:(SecKeyAlgorithm)algorithm NS_SWIFT_NAME(canExchangeKeys(using:));
+
+/// @brief Clients cannot create @c LAPrivateKey instances directly. They typically obtain them from a @c LAPersistedRight instance.
++ (instancetype)new NS_UNAVAILABLE;
+
+/// @brief Clients cannot create @c LAPrivateKey instances directly. They typically obtain them from a @c LAPersistedRight instance.
+- (instancetype)init NS_UNAVAILABLE;
+@end
+
+NS_ASSUME_NONNULL_END
diff -ruN /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAPublicDefines.h /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAPublicDefines.h
--- /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAPublicDefines.h	2022-02-12 07:51:34.000000000 -0500
+++ /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAPublicDefines.h	2022-05-21 08:52:20.000000000 -0400
@@ -13,6 +13,7 @@
 #define kLAPolicyDeviceOwnerAuthentication                      2
 #define kLAPolicyDeviceOwnerAuthenticationWithWatch             3
 #define kLAPolicyDeviceOwnerAuthenticationWithBiometricsOrWatch 4
+#define kLAPolicyDeviceOwnerAuthenticationWithWristDetection    5
 
 // Credential types
 #define kLACredentialTypeApplicationPassword                0
diff -ruN /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAPublicKey.h /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAPublicKey.h
--- /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAPublicKey.h	1969-12-31 19:00:00.000000000 -0500
+++ /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LAPublicKey.h	2022-05-31 15:04:22.000000000 -0400
@@ -0,0 +1,52 @@
+//
+//  Copyright © 2021 Apple Inc. All rights reserved.
+//
+
+#import <Foundation/Foundation.h>
+#import <Security/SecKey.h>
+
+NS_ASSUME_NONNULL_BEGIN
+
+/// @brief The public part of an asymmetric key pair
+API_AVAILABLE(macos(13.0), ios(16.0)) API_UNAVAILABLE(watchos, tvos)
+@interface LAPublicKey: NSObject
+
+/// @brief Exports public key bytes.
+/// @param handler Completion handler with the raw bytes of the public key or an error on failure
+- (void)exportBytesWithCompletion:(void (^)(NSData *_Nullable, NSError *_Nullable))handler NS_SWIFT_ASYNC_NAME(getter:bytes());
+
+/// @brief Encrypts the given data
+/// @param data The data to encrypt.
+/// @param algorithm A @c SecKeyAlgorithm suitable for encrypting with this key –e.g: @c kSecKeyAlgorithmECIESEncryptionStandardVariableIVX963SHA256AESGCM .
+/// @param handler Completion handler with the ciphertext or an error on failure.
+- (void)encryptData:(NSData *)data secKeyAlgorithm:(SecKeyAlgorithm)algorithm completion:(void (^)(NSData *_Nullable, NSError *_Nullable))handler NS_SWIFT_NAME(encrypt(_:algorithm:completion:));
+
+/// @brief Checks if the the provided algorithm can be used for encryption with the key.
+/// @param algorithm Cryptographic algorithm
+/// @return @c YES in case the key supports the provided algorithm with the specified operation.
+- (BOOL)canEncryptUsingSecKeyAlgorithm:(SecKeyAlgorithm)algorithm NS_SWIFT_NAME(canEncrypt(using:));
+
+/// @brief Verifies a digital signature for the given data.
+/// @param signedData The signed data.
+/// @param signature The signature of the given data.
+/// @param algorithm One of @c SecKeyAlgorithm suitable for verifying signatures with this key –e.g: @c kSecKeyAlgorithmECDSASignatureMessageX962SHA256
+/// @param handler Completion hadnler with the signature of given data or an error on failure.
+- (void)verifyData:(NSData *)signedData signature:(NSData *)signature secKeyAlgorithm:(SecKeyAlgorithm)algorithm completion:(void (^)(NSError *_Nullable))handler
+#pragma push_macro("verify")
+#undef verify
+NS_SWIFT_NAME(verify(_:signature:algorithm:completion:));
+#pragma pop_macro("verify")
+
+/// @brief Checks if the the provided algorithm can be used for verifying signatures with the key.
+/// @param algorithm Cryptographic algorithm
+/// @return @c YES in case the key supports the provided algorithm with the specified operation.
+- (BOOL)canVerifyUsingSecKeyAlgorithm:(SecKeyAlgorithm)algorithm NS_SWIFT_NAME(canVerify(using:));
+
+/// @brief Clients cannot create @c LAPublicKey instances directly. They can only obtain them from a related @c LAPrivateKey instance
++ (instancetype)new NS_UNAVAILABLE;
+
+/// @brief Clients cannot create @c LAPublicKey instances directly. They can only obtain them from a related @c LAPrivateKey instance
+- (instancetype)init NS_UNAVAILABLE;
+@end
+
+NS_ASSUME_NONNULL_END
diff -ruN /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LARequirement.h /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LARequirement.h
--- /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LARequirement.h	1969-12-31 19:00:00.000000000 -0500
+++ /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LARequirement.h	2022-05-31 15:04:21.000000000 -0400
@@ -0,0 +1,58 @@
+//
+//  Copyright © 2021 Apple Inc. All rights reserved.
+//
+
+#import <Foundation/Foundation.h>
+
+NS_ASSUME_NONNULL_BEGIN
+
+@class LABiometryFallbackRequirement, LAExtendedRequirement;
+
+#pragma mark -
+
+API_AVAILABLE(macos(13.0), ios(16.0)) API_UNAVAILABLE(watchos, tvos)
+/// @brief Builds requirements that can be used for protecting a @c LARight
+@interface LAAuthenticationRequirement: NSObject
+
+/// @brief Requires user authentication
+/// @return @c LAAuthenticationRequirement instance
+@property (class, readonly) LAAuthenticationRequirement *defaultRequirement;
+
+/// @brief Requires biometric authentication
+/// @discussion The authorization will fail if:
+/// @li • Biometry is not available in the current device
+/// @li • There are no biometric enrollments
+/// @return @c LAAuthenticationRequirement instance
+@property (class, readonly) LAAuthenticationRequirement *biometryRequirement;
+
+/// @brief Requires user authentication with the current biometric set
+/// @discussion The authorization will fail if:
+/// @li • Biometry is not available in the current device
+/// @li • There are no biometric enrollments
+/// @li • There is a change in the enrollment database -e.g a new TouchID finger is enrolled.
+/// @return @c LAAuthenticationRequirement instance
+@property (class, readonly) LAAuthenticationRequirement *biometryCurrentSetRequirement;
+
+/// @brief Requires biometric authentication or the given fallback method.
+/// @param fallback Fallback used in case biometry authentication fails, is not available or
+/// not preferred by the user.
+/// @return @c LAAuthenticationRequirement instance
++ (instancetype)biometryRequirementWithFallback:(LABiometryFallbackRequirement *)fallback NS_SWIFT_NAME(biometry(fallback:));
+@end
+
+#pragma mark -
+
+API_AVAILABLE(macos(13.0), ios(16.0)) API_UNAVAILABLE(watchos, tvos)
+/// @brief Builds authentication requirements that can be used as fallbacks for  biometric authentication
+@interface LABiometryFallbackRequirement: NSObject
+
+/// @brief Use default biometric fallback
+/// @return @c LABiometryFallbackRequirement instance
+@property (class, readonly) LABiometryFallbackRequirement *defaultRequirement;
+
+/// @brief Requires authorization using the device passcode
+/// @return @c LABiometryFallbackRequirement instance
+@property (class, readonly) LABiometryFallbackRequirement *devicePasscodeRequirement;
+@end
+
+NS_ASSUME_NONNULL_END
diff -ruN /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LARight.h /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LARight.h
--- /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LARight.h	1969-12-31 19:00:00.000000000 -0500
+++ /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LARight.h	2022-05-31 14:52:59.000000000 -0400
@@ -0,0 +1,90 @@
+//
+//  Copyright © 2021 Apple Inc. All rights reserved.
+//
+
+#import <Foundation/Foundation.h>
+
+NS_ASSUME_NONNULL_BEGIN
+
+@class LAAuthenticationRequirement;
+@protocol LARightDelegate;
+
+#pragma mark -
+
+/// @brief Each of the different states of a right
+typedef NS_ENUM(NSInteger, LARightState) {
+    /// @brief Right has not been evaluated yet.
+    /// @discussion This is the initial state of @c LARight and changes when @c authorize method is called.
+    LARightStateUnknown = 0,
+
+    /// @brief Requirements are currently being evaluated.
+    /// @discussion This happens after calling @c authorize method but before the user has granted the right.
+    LARightStateAuthorizing = 1,
+
+    /// @brief Authorization was granted
+    /// @discussion This can be achieved by succesful authorization.
+    LARightStateAuthorized = 2,
+
+    /// @brief Authorization was rejected.
+    /// @discussion This can be caused by several reasons. For example requirements were not satisified or user rejects to authorize.
+    LARightStateNotAuthorized = 3,
+} NS_SWIFT_NAME(LARight.State) API_AVAILABLE(macos(13.0), ios(16.0)) API_UNAVAILABLE(watchos, tvos);
+
+#pragma mark -
+
+API_AVAILABLE(macos(13.0), ios(16.0)) API_UNAVAILABLE(watchos, tvos)
+/// @brief Groups a set of requirements that need to be satisfied in order to grant access to certain resource or operation
+@interface LARight: NSObject
+
+#pragma mark - Properties
+
+/// @brief Provides the current authorization state of the @c LARight instance
+@property (nonatomic, readonly) LARightState state;
+
+/// @brief An application-supplied integer that can be used to identify right intances. The default value is @c 0.
+@property (nonatomic) NSInteger tag;
+
+#pragma mark - Initialization
+
+/// @brief Constructs a right using default authorization requirements
+/// @discussion For authorizing a right with default requirements a user will be asked to authenticate using biometry or the device passcode.
+/// @return @c LARight instance
+- (instancetype)init;
+
+/// @brief Constructs a right that will be granted only when the given @c LAAuthenticationRequirement is statisfied.
+/// @param requirement Requirement that needs to be satisfied to authorize the right
+/// @return @c LARight instance
+- (instancetype)initWithRequirement:(LAAuthenticationRequirement *)requirement;
+
+#pragma mark - Auth operations
+
+/// @brief Tries to authorize the right.
+/// @param localizedReason Localized explanation for the authorization. Appears in the UI presented to the user.
+/// @param handler Completion handler called after the authorization finishes. Returns an error when the authorization fails.
+- (void)authorizeWithLocalizedReason:(NSString *)localizedReason completion:(void (^)(NSError *_Nullable error))handler NS_SWIFT_NAME(authorize(localizedReason:completion:));
+
+/// @brief Checks whether the client can eventually be granted the right.
+/// @param handler Completion handler. Returns @c nil if the right can be authorized or an error otherwise.
+- (void)checkCanAuthorizeWithCompletion:(void (^)(NSError *_Nullable error))handler;
+
+/// @brief Invalidates a previously authorized right.
+/// @param handler Completion handler called after the right is deauthorized.
+- (void)deauthorizeWithCompletion:(void (^)(void))handler;
+
+@end
+
+#pragma mark -
+
+/// @brief This notification is sent when a right has been authorized
+/// @discussion The related @c LARight instance is the @c object associated with the @c NSNotification instance delivered to observers
+API_AVAILABLE(macos(13.0), ios(16.0)) API_UNAVAILABLE(watchos, tvos)
+NS_SWIFT_NAME(LARight.didBecomeAuthorizedNotification)
+extern NSNotificationName const LARightDidBecomeAuthorizedNotification;
+
+/// @brief This notification is sent when a right has been deauthorized.
+/// @discussion The related @c LARight instance is the @c object associated with the @c NSNotification instance delivered to observers
+API_AVAILABLE(macos(13.0), ios(16.0)) API_UNAVAILABLE(watchos, tvos)
+NS_SWIFT_NAME(LARight.didBecomeUnathorizedNotification)
+extern NSNotificationName const LARightDidBecomeUnauthorizedNotification;
+
+NS_ASSUME_NONNULL_END
diff -ruN /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LARightStore.h /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LARightStore.h
--- /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LARightStore.h	1969-12-31 19:00:00.000000000 -0500
+++ /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LARightStore.h	2022-05-31 15:04:21.000000000 -0400
@@ -0,0 +1,57 @@
+//
+//  Copyright © 2021 Apple Inc. All rights reserved.
+//
+
+#import <Foundation/Foundation.h>
+
+NS_ASSUME_NONNULL_BEGIN
+
+@class LAPersistedRight, LARight, LASecret;
+
+/// @brief Persistent storage for @c LARight instances.
+API_AVAILABLE(macos(13.0), ios(16.0)) API_UNAVAILABLE(watchos, tvos)
+@interface LARightStore: NSObject
+
+/// @brief Shared instance of @c LARightStore.
+@property (class, readonly) LARightStore *sharedStore;
+
+/// @brief Fetches a right stored under the given identifier.
+/// @param identifier Identifier associated with a previously stored right.
+/// @param handler Completion handler with the fetched right or an error on failure.
+- (void)rightForIdentifier:(NSString *)identifier completion:(void (^)(LAPersistedRight *_Nullable, NSError *_Nullable))handler;
+
+/// @brief Persists a right for later usage.
+/// @param right @c LARight instance to store.
+/// @param identifier Identifier to be associated with the right. Useful for later retrieval.
+/// @param handler Completion handler with the persisted right or an error on failure.
+- (void)saveRight:(LARight *)right identifier:(NSString *)identifier completion:(void (^)(LAPersistedRight *_Nullable, NSError *_Nullable))handler NS_SWIFT_NAME(saveRight(_:identifier:completion:));
+
+/// @brief Persists a right for later usage.
+/// @param right @c LARight instance to store.
+/// @param identifier Identifier to be associated with the right. Useful for later retrieval.
+/// @param secret Secret data to be associated with the provided right.
+/// @param handler Completion handler with the persisted right or an error on failure.
+- (void)saveRight:(LARight *)right identifier:(NSString *)identifier secret:(NSData *)secret completion:(void (^)(LAPersistedRight *_Nullable, NSError *_Nullable))handler NS_SWIFT_NAME(saveRight(_:identifier:secret:completion:));
+
+/// @brief Removes a right from the persistent storage along with its associated resources.
+/// @param right @c LAPersistedRight instance to remove.
+/// @param handler Completion handler with an error on failure.
+- (void)removeRight:(LAPersistedRight *)right completion:(void (^)(NSError *_Nullable error))handler NS_SWIFT_NAME(removeRight(_:completion:));
+
+/// @brief Removes right with provided identifier from persistant storage.
+/// @param identifier Identifier of @c LAPersistedRight instance to remove.
+/// @param handler Completion handler with an error on failure.
+- (void)removeRightForIdentifier:(NSString *)identifier completion:(void (^)(NSError *_Nullable error))handler NS_SWIFT_NAME(removeRight(forIdentifier:completion:));
+
+/// @brief Removes all rights stored by the client
+/// @param handler Completion handler with an error on failure.
+- (void)removeAllRightsWithCompletion:(void (^)(NSError *_Nullable error))handler;
+
+/// @brief Clients should rely on the @c shared instance instead
++ (instancetype)new NS_UNAVAILABLE;
+
+/// @brief Clients should rely on the @c shared instance instead
+- (instancetype)init NS_UNAVAILABLE;
+@end
+
+NS_ASSUME_NONNULL_END
diff -ruN /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LASecret.h /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LASecret.h
--- /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LASecret.h	1969-12-31 19:00:00.000000000 -0500
+++ /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LASecret.h	2022-05-31 15:04:21.000000000 -0400
@@ -0,0 +1,24 @@
+//
+//  Copyright © 2021 Apple Inc. All rights reserved.
+//
+
+#import <Foundation/Foundation.h>
+
+NS_ASSUME_NONNULL_BEGIN
+
+/// @brief Generic secret
+API_AVAILABLE(macos(13.0), ios(16.0)) API_UNAVAILABLE(watchos, tvos)
+@interface LASecret: NSObject
+
+/// @brief Fetch stored data if any
+/// @param handler Completion handler invoked with a generic secret stored along with the right or an error if no secret is found or the fetch operation fails.
+- (void)loadDataWithCompletion:(void (^)(NSData *_Nullable, NSError *_Nullable))handler NS_SWIFT_ASYNC_NAME(getter:rawData());
+
+/// @brief Clients cannot create @c LASecret instances directly. They typically obtain them from a @c LAPersistedRight instance.
++ (instancetype)new NS_UNAVAILABLE;
+
+/// @brief Clients cannot create @c LASecret instances directly. They typically obtain them from a @c LAPersistedRight instance.
+- (instancetype)init NS_UNAVAILABLE;
+@end
+
+NS_ASSUME_NONNULL_END
diff -ruN /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LocalAuthentication.h /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LocalAuthentication.h
--- /Applications/Xcode_13.3.0.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LocalAuthentication.h	2022-02-12 07:51:34.000000000 -0500
+++ /Applications/Xcode_14.0.0-beta.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/System/Library/Frameworks/LocalAuthentication.framework/Headers/LocalAuthentication.h	2022-05-21 08:52:20.000000000 -0400
@@ -9,3 +9,11 @@
 #import <LocalAuthentication/LAContext.h>
 #import <LocalAuthentication/LAError.h>
 #import <LocalAuthentication/LAPublicDefines.h>
+#import <LocalAuthentication/LAContext+Authorization.h>
+#import <LocalAuthentication/LAPersistedRight.h>
+#import <LocalAuthentication/LAPrivateKey.h>
+#import <LocalAuthentication/LAPublicKey.h>
+#import <LocalAuthentication/LARequirement.h>
+#import <LocalAuthentication/LARight.h>
+#import <LocalAuthentication/LARightStore.h>
+#import <LocalAuthentication/LASecret.h>
Clone this wiki locally