Package ch.nevis.mobile.sdk.api.operation

Enum Class FidoErrorCode

java.lang.Object
java.lang.Enum<FidoErrorCode>
ch.nevis.mobile.sdk.api.operation.FidoErrorCode
All Implemented Interfaces:
Serializable, Comparable<FidoErrorCode>, Constable
public enum FidoErrorCode extends Enum<FidoErrorCode>
Collection error codes based on the FIDO UAF client error codes.

  • Enum Constant Details

    • NO_ERROR

      public static final FidoErrorCode NO_ERROR
      The operation completed with no error condition encountered.

    • WAIT_USER_ACTION

      public static final FidoErrorCode WAIT_USER_ACTION
      Waiting on user action to proceed. For example, selecting an authenticator in the FIDO UAF client user interface, performing user verification, or completing an enrollment step with an authenticator.

    • INSECURE_TRANSPORT

      public static final FidoErrorCode INSECURE_TRANSPORT
      window.location.protocol is not "https" or the DOM contains insecure mixed content.

    • USER_CANCELED

      public static final FidoErrorCode USER_CANCELED
      The user declined any necessary part of the interaction to complete the registration.

      This occurs when the user explicitly cancels the operation, for example by dismissing the authenticator selection or account selection screen. When using the biometric or the device passcode authenticator, this can occur if the application is brought to the background.

    • UNSUPPORTED_VERSION

      public static final FidoErrorCode UNSUPPORTED_VERSION
      The UAFMessage does not specify a protocol version supported by this FIDO UAF Client.

    • NO_SUITABLE_AUTHENTICATOR

      public static final FidoErrorCode NO_SUITABLE_AUTHENTICATOR
      No authenticator matching the authenticator policy specified in the UAFMessage is available to service the request, or the user declined to consent to the use of a suitable authenticator.

      This can occur when no registered authenticator satisfies the server policy, when the user selects an authenticator that is already registered (during registration) or not compliant with the policy, when the server rejects the authenticator as unacceptable or revoked, or (in the case of out-of-band authentication with multiple eligible accounts) when no AccountSelector is provided.

    • PROTOCOL_ERROR

      public static final FidoErrorCode PROTOCOL_ERROR
      A violation of the UAF protocol occurred. The interaction may have timed out; the origin associated with the message may not match the origin of the calling DOM context, or the protocol message may be malformed or tampered with.

      This typically occurs when the server response is malformed, empty, or cannot be parsed, when the UAF request in the server response is missing or has an unexpected operation type, or when the server returns a 400 Bad Request response.

    • UNTRUSTED_FACET_ID

      public static final FidoErrorCode UNTRUSTED_FACET_ID
      The client declined to process the operation because the caller's calculated facet identifier was not found in the trusted list for the application identifier specified in the request message.

      This error occurs typically when there is a misconfiguration of the server: the facets defined by the FIDO UAF server do not match the configuration of the application.

    • KEY_DISAPPEARED_PERMANENTLY

      public static final FidoErrorCode KEY_DISAPPEARED_PERMANENTLY
      The UAuth key disappeared from the authenticator and cannot be restored.

      This is a non-recoverable error: the existing credentials are not valid anymore. They should be removed from the server and a new authenticator must be registered to authenticate again.

    • AUTHENTICATOR_ACCESS_DENIED

      public static final FidoErrorCode AUTHENTICATOR_ACCESS_DENIED
      The authenticator denied access to the resulting request.

    • INVALID_TRANSACTION_CONTENT

      public static final FidoErrorCode INVALID_TRANSACTION_CONTENT
      Transaction content cannot be rendered, e.g. format doesn't fit authenticator's need.

      This occurs during a transaction confirmation operation when the hash of the transaction content provided by the server does not match the expected value, or when the hash is absent. This typically indicates a server-side misconfiguration.

    • USER_NOT_RESPONSIVE

      public static final FidoErrorCode USER_NOT_RESPONSIVE
      The user took too long to follow an instruction, e.g. didn't swipe the finger within the accepted time.

      This occurs when the user does not complete the required interaction within the configured inactivity timeout—for example, by not selecting an authenticator or account in time. It can also occur when the server returns a timeout response.

    • INSUFFICIENT_AUTHENTICATOR_RESOURCES

      public static final FidoErrorCode INSUFFICIENT_AUTHENTICATOR_RESOURCES
      Insufficient resources in the authenticator to perform the requested task.

      This can occur, for example, when there is a hardware issue with the biometric sensor during biometric authentication.

    • USER_LOCKOUT

      public static final FidoErrorCode USER_LOCKOUT
      The operation failed because the user is locked out and the authenticator cannot automatically trigger an action to change that. For example, an authenticator could allow the user to enter an alternative password to re-enable the use of fingerprints after too many failed finger verification attempts. This error will be reported if such method either does not exist or the ASM / authenticator cannot automatically trigger it.

      This occurs after too many failed authentication attempts: for biometric authenticators, after exceeding the maximum number of failed attempts allowed by the OS (both temporary and permanent lockout); for PIN and password authenticators, after entering the wrong credential too many times.

    • USER_NOT_ENROLLED

      public static final FidoErrorCode USER_NOT_ENROLLED
      The operation failed because the user is not enrolled to the authenticator and the authenticator cannot automatically trigger user enrollment.

      This occurs when the user selects a biometric authenticator but has no biometrics enrolled on the device, or when the user selects a device passcode authenticator but no screen lock is configured on the device.

    • UNKNOWN

      public static final FidoErrorCode UNKNOWN
      An error condition not described by the above-listed codes.

      This is a catch-all for unexpected errors that do not map to any of the other codes, such as unexpected internal errors or failures reading device information.

  • Method Details

    • values

      public static FidoErrorCode[] values()
      Returns an array containing the constants of this enum class, in the order they are declared.
      Returns:
      an array containing the constants of this enum class, in the order they are declared

    • valueOf

      public static FidoErrorCode valueOf(String name)
      Returns the enum constant of this class with the specified name. The string must match exactly an identifier used to declare an enum constant in this class. (Extraneous whitespace characters are not permitted.)
      Parameters:
      name - the name of the enum constant to be returned.
      Returns:
      the enum constant with the specified name
      Throws:
      IllegalArgumentException - if this enum class has no constant with the specified name
      NullPointerException - if the argument is null

    • description

      @NonNull public String description()
      Returns a description of the error.

      NOTE: Displaying the error description directly to the end user is not recommended. It is advisable to handle errors in a more appropriate manner, such as providing translations for all supported languages and simplifying the error message to ensure it is understandable and actionable for the end-users.

      Returns:
      a description of the error

    • code

      public int code()
      Returns the code associated with this error.
      Returns:
      the code associated with this error