Rename authn method registration types and methods (#2165)

* Rename authn method registration types and methods

This PR renames the authn method registration related methods and
types to
* remove the word tentative
* change add / verify to register / confirm

This makes the API v2 align with the decision taken here:
#1581 (comment)

* 🤖 npm run generate auto-update

---------

Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>

src/canister_tests/src/api/internet_identity/api_v2.rs

@@ -160,7 +160,7 @@ pub fn authn_method_remove(
     .map(|(x,)| x)
 }
 
-pub fn tentative_authn_method_registration_mode_enter(
+pub fn authn_method_registration_mode_enter(
     env: &StateMachine,
     canister_id: CanisterId,
     sender: Principal,
@@ -170,13 +170,13 @@ pub fn tentative_authn_method_registration_mode_enter(
         env,
         canister_id,
         sender,
-        "tentative_authn_method_registration_mode_enter",
+        "authn_method_registration_mode_enter",
         (identity_number,),
     )
     .map(|(x,)| x)
 }
 
-pub fn tentative_authn_method_registration_mode_exit(
+pub fn authn_method_registration_mode_exit(
     env: &StateMachine,
     canister_id: CanisterId,
     sender: Principal,
@@ -186,40 +186,40 @@ pub fn tentative_authn_method_registration_mode_exit(
         env,
         canister_id,
         sender,
-        "tentative_authn_method_registration_mode_exit",
+        "authn_method_registration_mode_exit",
         (identity_number,),
     )
     .map(|(x,)| x)
 }
 
-pub fn tentative_authn_method_add(
+pub fn authn_method_register(
     env: &StateMachine,
     canister_id: CanisterId,
     identity_number: IdentityNumber,
     authn_method: &AuthnMethodData,
-) -> Result<Result<TentativeAuthnMethodAddInfo, TentativeAuthnMethodAddError>, CallError> {
+) -> Result<Result<AuthnMethodConfirmationCode, AuthnMethodRegisterError>, CallError> {
     call_candid(
         env,
         canister_id,
-        "tentative_authn_method_add",
+        "authn_method_register",
         (identity_number, authn_method),
     )
     .map(|(x,)| x)
 }
 
-pub fn tentative_authn_method_verify(
+pub fn authn_method_confirm(
     env: &StateMachine,
     canister_id: CanisterId,
     sender: Principal,
     identity_number: IdentityNumber,
-    verification_code: &str,
-) -> Result<Result<(), TentativeAuthnMethodVerificationError>, CallError> {
+    confirmation_code: &str,
+) -> Result<Result<(), AuthnMethodConfirmationError>, CallError> {
     call_candid_as(
         env,
         canister_id,
         sender,
-        "tentative_authn_method_verify",
-        (identity_number, verification_code),
+        "authn_method_confirm",
+        (identity_number, confirmation_code),
     )
     .map(|(x,)| x)
 }

src/frontend/generated/internet_identity_idl.js

@@ -110,10 +110,24 @@ export const idlFactory = ({ IDL }) => {
     'authn_method' : AuthnMethod,
   });
   const AuthnMethodAddError = IDL.Variant({ 'InvalidMetadata' : IDL.Text });
+  const AuthnMethodConfirmationError = IDL.Variant({
+    'RegistrationModeOff' : IDL.Null,
+    'NoAuthnMethodToConfirm' : IDL.Null,
+    'WrongCode' : IDL.Record({ 'retries_left' : IDL.Nat8 }),
+  });
   const AuthnMethodMetadataReplaceError = IDL.Variant({
     'AuthnMethodNotFound' : IDL.Null,
     'InvalidMetadata' : IDL.Text,
   });
+  const AuthnMethodConfirmationCode = IDL.Record({
+    'confirmation_code' : IDL.Text,
+    'expiration' : Timestamp,
+  });
+  const AuthnMethodRegisterError = IDL.Variant({
+    'RegistrationModeOff' : IDL.Null,
+    'RegistrationAlreadyInProgress' : IDL.Null,
+    'InvalidMetadata' : IDL.Text,
+  });
   const AuthnMethodReplaceError = IDL.Variant({
     'AuthnMethodNotFound' : IDL.Null,
     'InvalidMetadata' : IDL.Text,
@@ -283,20 +297,6 @@ export const idlFactory = ({ IDL }) => {
     'archive_info' : ArchiveInfo,
     'canister_creation_cycles_cost' : IDL.Nat64,
   });
-  const TentativeAuthnMethodAddInfo = IDL.Record({
-    'expiration' : Timestamp,
-    'verification_code' : IDL.Text,
-  });
-  const TentativeAuthnMethodAddError = IDL.Variant({
-    'RegistrationModeOff' : IDL.Null,
-    'VerificationAlreadyInProgress' : IDL.Null,
-    'InvalidMetadata' : IDL.Text,
-  });
-  const TentativeAuthnMethodVerificationError = IDL.Variant({
-    'NoAuthnMethodToVerify' : IDL.Null,
-    'RegistrationModeOff' : IDL.Null,
-    'WrongCode' : IDL.Record({ 'retries_left' : IDL.Nat8 }),
-  });
   const VerifyTentativeDeviceResponse = IDL.Variant({
     'device_registration_mode_off' : IDL.Null,
     'verified' : IDL.Null,
@@ -316,6 +316,16 @@ export const idlFactory = ({ IDL }) => {
         [IDL.Variant({ 'Ok' : IDL.Null, 'Err' : AuthnMethodAddError })],
         [],
       ),
+    'authn_method_confirm' : IDL.Func(
+        [IdentityNumber, IDL.Text],
+        [
+          IDL.Variant({
+            'Ok' : IDL.Null,
+            'Err' : AuthnMethodConfirmationError,
+          }),
+        ],
+        [],
+      ),
     'authn_method_metadata_replace' : IDL.Func(
         [IdentityNumber, PublicKey, MetadataMapV2],
         [
@@ -326,6 +336,31 @@ export const idlFactory = ({ IDL }) => {
         ],
         [],
       ),
+    'authn_method_register' : IDL.Func(
+        [IdentityNumber, AuthnMethodData],
+        [
+          IDL.Variant({
+            'Ok' : AuthnMethodConfirmationCode,
+            'Err' : AuthnMethodRegisterError,
+          }),
+        ],
+        [],
+      ),
+    'authn_method_registration_mode_enter' : IDL.Func(
+        [IdentityNumber],
+        [
+          IDL.Variant({
+            'Ok' : IDL.Record({ 'expiration' : Timestamp }),
+            'Err' : IDL.Null,
+          }),
+        ],
+        [],
+      ),
+    'authn_method_registration_mode_exit' : IDL.Func(
+        [IdentityNumber],
+        [IDL.Variant({ 'Ok' : IDL.Null, 'Err' : IDL.Null })],
+        [],
+      ),
     'authn_method_remove' : IDL.Func(
         [IdentityNumber, PublicKey],
         [IDL.Variant({ 'Ok' : IDL.Null, 'Err' : IDL.Null })],
@@ -419,41 +454,6 @@ export const idlFactory = ({ IDL }) => {
     'remove' : IDL.Func([UserNumber, DeviceKey], [], []),
     'replace' : IDL.Func([UserNumber, DeviceKey, DeviceData], [], []),
     'stats' : IDL.Func([], [InternetIdentityStats], ['query']),
-    'tentative_authn_method_add' : IDL.Func(
-        [IdentityNumber, AuthnMethodData],
-        [
-          IDL.Variant({
-            'Ok' : TentativeAuthnMethodAddInfo,
-            'Err' : TentativeAuthnMethodAddError,
-          }),
-        ],
-        [],
-      ),
-    'tentative_authn_method_registration_mode_enter' : IDL.Func(
-        [IdentityNumber],
-        [
-          IDL.Variant({
-            'Ok' : IDL.Record({ 'expiration' : Timestamp }),
-            'Err' : IDL.Null,
-          }),
-        ],
-        [],
-      ),
-    'tentative_authn_method_registration_mode_exit' : IDL.Func(
-        [IdentityNumber],
-        [IDL.Variant({ 'Ok' : IDL.Null, 'Err' : IDL.Null })],
-        [],
-      ),
-    'tentative_authn_method_verify' : IDL.Func(
-        [IdentityNumber, IDL.Text],
-        [
-          IDL.Variant({
-            'Ok' : IDL.Null,
-            'Err' : TentativeAuthnMethodVerificationError,
-          }),
-        ],
-        [],
-      ),
     'update' : IDL.Func([UserNumber, DeviceKey, DeviceData], [], []),
     'verify_tentative_device' : IDL.Func(
         [UserNumber, IDL.Text],

src/frontend/generated/internet_identity_types.d.ts

@@ -30,6 +30,13 @@ export interface ArchiveInfo {
 export type AuthnMethod = { 'PubKey' : PublicKeyAuthn } |
   { 'WebAuthn' : WebAuthn };
 export type AuthnMethodAddError = { 'InvalidMetadata' : string };
+export interface AuthnMethodConfirmationCode {
+  'confirmation_code' : string,
+  'expiration' : Timestamp,
+}
+export type AuthnMethodConfirmationError = { 'RegistrationModeOff' : null } |
+  { 'NoAuthnMethodToConfirm' : null } |
+  { 'WrongCode' : { 'retries_left' : number } };
 export interface AuthnMethodData {
   'security_settings' : AuthnMethodSecuritySettings,
   'metadata' : MetadataMapV2,
@@ -42,6 +49,9 @@ export type AuthnMethodProtection = { 'Protected' : null } |
   { 'Unprotected' : null };
 export type AuthnMethodPurpose = { 'Recovery' : null } |
   { 'Authentication' : null };
+export type AuthnMethodRegisterError = { 'RegistrationModeOff' : null } |
+  { 'RegistrationAlreadyInProgress' : null } |
+  { 'InvalidMetadata' : string };
 export interface AuthnMethodRegistrationInfo {
   'expiration' : Timestamp,
   'authn_method' : [] | [AuthnMethodData],
@@ -230,18 +240,6 @@ export interface StreamingCallbackHttpResponse {
 export type StreamingStrategy = {
     'Callback' : { 'token' : Token, 'callback' : [Principal, string] }
   };
-export type TentativeAuthnMethodAddError = { 'RegistrationModeOff' : null } |
-  { 'VerificationAlreadyInProgress' : null } |
-  { 'InvalidMetadata' : string };
-export interface TentativeAuthnMethodAddInfo {
-  'expiration' : Timestamp,
-  'verification_code' : string,
-}
-export type TentativeAuthnMethodVerificationError = {
-    'NoAuthnMethodToVerify' : null
-  } |
-  { 'RegistrationModeOff' : null } |
-  { 'WrongCode' : { 'retries_left' : number } };
 export type Timestamp = bigint;
 export type Token = {};
 export type UserKey = PublicKey;
@@ -272,11 +270,31 @@ export interface _SERVICE {
     { 'Ok' : null } |
       { 'Err' : AuthnMethodAddError }
   >,
+  'authn_method_confirm' : ActorMethod<
+    [IdentityNumber, string],
+    { 'Ok' : null } |
+      { 'Err' : AuthnMethodConfirmationError }
+  >,
   'authn_method_metadata_replace' : ActorMethod<
     [IdentityNumber, PublicKey, MetadataMapV2],
     { 'Ok' : null } |
       { 'Err' : AuthnMethodMetadataReplaceError }
   >,
+  'authn_method_register' : ActorMethod<
+    [IdentityNumber, AuthnMethodData],
+    { 'Ok' : AuthnMethodConfirmationCode } |
+      { 'Err' : AuthnMethodRegisterError }
+  >,
+  'authn_method_registration_mode_enter' : ActorMethod<
+    [IdentityNumber],
+    { 'Ok' : { 'expiration' : Timestamp } } |
+      { 'Err' : null }
+  >,
+  'authn_method_registration_mode_exit' : ActorMethod<
+    [IdentityNumber],
+    { 'Ok' : null } |
+      { 'Err' : null }
+  >,
   'authn_method_remove' : ActorMethod<
     [IdentityNumber, PublicKey],
     { 'Ok' : null } |
@@ -350,26 +368,6 @@ export interface _SERVICE {
   'remove' : ActorMethod<[UserNumber, DeviceKey], undefined>,
   'replace' : ActorMethod<[UserNumber, DeviceKey, DeviceData], undefined>,
   'stats' : ActorMethod<[], InternetIdentityStats>,
-  'tentative_authn_method_add' : ActorMethod<
-    [IdentityNumber, AuthnMethodData],
-    { 'Ok' : TentativeAuthnMethodAddInfo } |
-      { 'Err' : TentativeAuthnMethodAddError }
-  >,
-  'tentative_authn_method_registration_mode_enter' : ActorMethod<
-    [IdentityNumber],
-    { 'Ok' : { 'expiration' : Timestamp } } |
-      { 'Err' : null }
-  >,
-  'tentative_authn_method_registration_mode_exit' : ActorMethod<
-    [IdentityNumber],
-    { 'Ok' : null } |
-      { 'Err' : null }
-  >,
-  'tentative_authn_method_verify' : ActorMethod<
-    [IdentityNumber, string],
-    { 'Ok' : null } |
-      { 'Err' : TentativeAuthnMethodVerificationError }
-  >,
   'update' : ActorMethod<[UserNumber, DeviceKey, DeviceData], undefined>,
   'verify_tentative_device' : ActorMethod<
     [UserNumber, string],

src/internet_identity/internet_identity.did

@@ -367,29 +367,29 @@ type AuthnMethodRegistrationInfo = record {
     expiration: Timestamp;
 };
 
-type TentativeAuthnMethodAddInfo = record {
-    verification_code: text;
+type AuthnMethodConfirmationCode = record {
+    confirmation_code: text;
     expiration: Timestamp;
 };
 
-type TentativeAuthnMethodAddError = variant {
+type AuthnMethodRegisterError = variant {
     // Authentication method registration mode is off, either due to timeout or because it was never enabled.
     RegistrationModeOff;
-    // There is another authentication method already added tentatively that needs to be verified first.
-    VerificationAlreadyInProgress;
+    // There is another authentication method already registered that needs to be confirmed first.
+    RegistrationAlreadyInProgress;
     // The metadata of the provided authentication method contains invalid entries.
     InvalidMetadata: text;
 };
 
-type TentativeAuthnMethodVerificationError = variant {
-    // Wrong verification code entered. Retry with correct code.
+type AuthnMethodConfirmationError = variant {
+    // Wrong confirmation code entered. Retry with correct code.
     WrongCode: record {
         retries_left: nat8
     };
     // Authentication method registration mode is off, either due to timeout or because it was never enabled.
     RegistrationModeOff;
-    // There is no tentative authentication method to be verified.
-    NoAuthnMethodToVerify;
+    // There is no registered authentication method to be confirmed.
+    NoAuthnMethodToConfirm;
 };
 
 type IdentityAuthnInfo = record {
@@ -571,25 +571,25 @@ service : (opt InternetIdentityInit) -> {
     authn_method_remove: (IdentityNumber, PublicKey) -> (variant {Ok; Err;});
 
     // Enters the authentication method registration mode for the identity.
-    // In this mode, a new authentication method can be added tentatively, which then needs to be
-    // verified before it can be used for authentication on this identity.
+    // In this mode, a new authentication method can be registered, which then needs to be
+    // confirmed before it can be used for authentication on this identity.
     // The registration mode is automatically exited after the returned expiration timestamp.
     // Requires authentication.
-    tentative_authn_method_registration_mode_enter : (IdentityNumber) -> (variant {Ok: record { expiration: Timestamp; }; Err;});
+    authn_method_registration_mode_enter : (IdentityNumber) -> (variant {Ok: record { expiration: Timestamp; }; Err;});
 
     // Exits the authentication method registration mode for the identity.
     // Requires authentication.
-    tentative_authn_method_registration_mode_exit : (IdentityNumber) -> (variant {Ok; Err;});
+    authn_method_registration_mode_exit : (IdentityNumber) -> (variant {Ok; Err;});
 
-    // Tentatively adds a new authentication method to the identity.
-    // This authentication method needs to be verified before it can be used for authentication on this identity.
-    tentative_authn_method_add: (IdentityNumber, AuthnMethodData) -> (variant {Ok: TentativeAuthnMethodAddInfo; Err: TentativeAuthnMethodAddError;});
+    // Registers a new authentication method to the identity.
+    // This authentication method needs to be confirmed before it can be used for authentication on this identity.
+    authn_method_register: (IdentityNumber, AuthnMethodData) -> (variant {Ok: AuthnMethodConfirmationCode; Err: AuthnMethodRegisterError;});
 
-    // Verifies a previously added tentative authentication method.
-    // On successful verification, the tentative authentication method is permanently added to the identity and can
+    // Confirms a previously registered authentication method.
+    // On successful confirmation, the authentication method is permanently added to the identity and can
     // subsequently be used for authentication for that identity.
     // Requires authentication.
-    tentative_authn_method_verify: (IdentityNumber, verification_code: text) -> (variant {Ok; Err: TentativeAuthnMethodVerificationError;});
+    authn_method_confirm: (IdentityNumber, confirmation_code: text) -> (variant {Ok; Err: AuthnMethodConfirmationError;});
 
     // Attribute Sharing MVP API
     // The methods below are used to generate ID-alias credentials during attribute sharing flow.