script: Initial stubs for Credential Management API (#38839)

Stubs `Credential`, `CredentialContainer`, and `PasswordCredential` and
adds the credentials attribute to navigator.

Testing: WPT
Fixes: Partially #38788

---------

Signed-off-by: Ashwin Naren <arihant2math@gmail.com>

components/config/prefs.rs

@@ -106,6 +106,7 @@ pub struct Preferences {
     pub dom_clipboardevent_enabled: bool,
     pub dom_composition_event_enabled: bool,
     pub dom_cookiestore_enabled: bool,
+    pub dom_credential_management_enabled: bool,
     pub dom_crypto_subtle_enabled: bool,
     pub dom_customelements_enabled: bool,
     pub dom_document_dblclick_timeout: i64,
@@ -285,6 +286,7 @@ impl Preferences {
             dom_clipboardevent_enabled: true,
             dom_composition_event_enabled: false,
             dom_cookiestore_enabled: false,
+            dom_credential_management_enabled: false,
             dom_crypto_subtle_enabled: true,
             dom_customelements_enabled: true,
             dom_document_dblclick_dist: 1,

components/script/dom/credentialmanagement/credential.rs

@@ -0,0 +1,73 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
+use std::rc::Rc;
+
+use dom_struct::dom_struct;
+use script_bindings::realms::{AlreadyInRealm, InRealm};
+use script_bindings::str::{DOMString, USVString};
+
+use crate::dom::bindings::codegen::Bindings::CredentialBinding::CredentialMethods;
+use crate::dom::bindings::codegen::DomTypeHolder::DomTypeHolder;
+use crate::dom::bindings::reflector::{Reflector, reflect_dom_object};
+use crate::dom::bindings::root::DomRoot;
+use crate::dom::globalscope::GlobalScope;
+use crate::dom::promise::Promise;
+use crate::dom::window::Window;
+use crate::script_runtime::CanGc;
+
+#[dom_struct]
+pub(crate) struct Credential {
+    reflector_: Reflector,
+    id: USVString,
+    credential_type: DOMString,
+}
+
+impl Credential {
+    pub(crate) fn new_inherited(id: USVString, credential_type: DOMString) -> Credential {
+        Credential {
+            reflector_: Reflector::new(),
+            id,
+            credential_type,
+        }
+    }
+
+    #[expect(dead_code)]
+    pub(crate) fn new(
+        global: &GlobalScope,
+        id: USVString,
+        credential_type: DOMString,
+        can_gc: CanGc,
+    ) -> DomRoot<Credential> {
+        reflect_dom_object(
+            Box::new(Credential::new_inherited(id, credential_type)),
+            global,
+            can_gc,
+        )
+    }
+}
+
+impl CredentialMethods<DomTypeHolder> for Credential {
+    // https://www.w3.org/TR/credential-management-1/#dom-credential-id
+    fn Id(&self) -> USVString {
+        self.id.clone()
+    }
+
+    // https://www.w3.org/TR/credential-management-1/#dom-credential-type
+    fn Type(&self) -> DOMString {
+        self.credential_type.clone()
+    }
+
+    // https://www.w3.org/TR/credential-management-1/#dom-credential-isconditionalmediationavailable
+    fn IsConditionalMediationAvailable(_global: &Window) -> Rc<Promise> {
+        let in_realm_proof = AlreadyInRealm::assert::<DomTypeHolder>();
+        // FIXME:(arihant2math) return false
+        Promise::new_in_current_realm(InRealm::Already(&in_realm_proof), CanGc::note())
+    }
+
+    // https://www.w3.org/TR/credential-management-1/#dom-credential-willrequestconditionalcreation
+    fn WillRequestConditionalCreation(_global: &Window) -> Rc<Promise> {
+        let in_realm_proof = AlreadyInRealm::assert::<DomTypeHolder>();
+        Promise::new_in_current_realm(InRealm::Already(&in_realm_proof), CanGc::note())
+    }
+}

components/script/dom/credentialmanagement/credentialscontainer.rs

@@ -0,0 +1,62 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
+use std::rc::Rc;
+
+use dom_struct::dom_struct;
+use script_bindings::codegen::GenericBindings::CredentialsContainerBinding::{
+    CredentialCreationOptions, CredentialRequestOptions,
+};
+use script_bindings::error::{Error, Fallible};
+
+use crate::dom::bindings::codegen::Bindings::CredentialsContainerBinding::CredentialsContainerMethods;
+use crate::dom::bindings::codegen::DomTypeHolder::DomTypeHolder;
+use crate::dom::bindings::reflector::{Reflector, reflect_dom_object};
+use crate::dom::bindings::root::DomRoot;
+use crate::dom::credentialmanagement::credential::Credential;
+use crate::dom::globalscope::GlobalScope;
+use crate::dom::promise::Promise;
+use crate::script_runtime::CanGc;
+
+#[dom_struct]
+pub(crate) struct CredentialsContainer {
+    reflector_: Reflector,
+}
+
+impl CredentialsContainer {
+    pub(crate) fn new_inherited() -> CredentialsContainer {
+        CredentialsContainer {
+            reflector_: Reflector::new(),
+        }
+    }
+
+    pub(crate) fn new(global: &GlobalScope, can_gc: CanGc) -> DomRoot<CredentialsContainer> {
+        reflect_dom_object(
+            Box::new(CredentialsContainer::new_inherited()),
+            global,
+            can_gc,
+        )
+    }
+}
+
+impl CredentialsContainerMethods<DomTypeHolder> for CredentialsContainer {
+    // https://www.w3.org/TR/credential-management-1/#dom-credentialscontainer-get
+    fn Get(&self, _options: &CredentialRequestOptions<DomTypeHolder>) -> Fallible<Rc<Promise>> {
+        Err(Error::NotSupported)
+    }
+
+    // https://www.w3.org/TR/credential-management-1/#dom-credentialscontainer-store
+    fn Store(&self, _credential: &Credential) -> Fallible<Rc<Promise>> {
+        Err(Error::NotSupported)
+    }
+
+    // https://www.w3.org/TR/credential-management-1/#dom-credentialscontainer-create
+    fn Create(&self, _options: &CredentialCreationOptions<DomTypeHolder>) -> Fallible<Rc<Promise>> {
+        Err(Error::NotSupported)
+    }
+
+    // https://www.w3.org/TR/credential-management-1/#dom-credentialscontainer-preventsilentaccess
+    fn PreventSilentAccess(&self) -> Fallible<Rc<Promise>> {
+        Err(Error::NotSupported)
+    }
+}

components/script/dom/credentialmanagement/mod.rs

@@ -0,0 +1,7 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
+
+pub(crate) mod credential;
+pub(crate) mod credentialscontainer;
+pub(crate) mod passwordcredential;

components/script/dom/credentialmanagement/passwordcredential.rs

@@ -0,0 +1,98 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
+
+use dom_struct::dom_struct;
+use js::gc::HandleObject;
+use script_bindings::codegen::GenericBindings::PasswordCredentialBinding::PasswordCredentialData;
+use script_bindings::error::{Error, Fallible};
+use script_bindings::str::USVString;
+
+use crate::dom::bindings::codegen::Bindings::PasswordCredentialBinding::PasswordCredentialMethods;
+use crate::dom::bindings::codegen::DomTypeHolder::DomTypeHolder;
+use crate::dom::bindings::reflector::{reflect_dom_object, reflect_dom_object_with_proto};
+use crate::dom::bindings::root::DomRoot;
+use crate::dom::credentialmanagement::credential::Credential;
+use crate::dom::globalscope::GlobalScope;
+use crate::dom::htmlformelement::HTMLFormElement;
+use crate::dom::window::Window;
+use crate::script_runtime::CanGc;
+
+#[dom_struct]
+pub(crate) struct PasswordCredential {
+    credential: Credential,
+    origin: USVString,
+    password: USVString,
+}
+
+impl PasswordCredential {
+    fn new_inherited(id: USVString, origin: USVString, password: USVString) -> PasswordCredential {
+        PasswordCredential {
+            credential: Credential::new_inherited(id, "password".into()),
+            origin,
+            password,
+        }
+    }
+
+    #[expect(dead_code)]
+    pub(crate) fn new(
+        global: &GlobalScope,
+        id: USVString,
+        origin: USVString,
+        password: USVString,
+        can_gc: CanGc,
+    ) -> DomRoot<PasswordCredential> {
+        reflect_dom_object(
+            Box::new(PasswordCredential::new_inherited(id, origin, password)),
+            global,
+            can_gc,
+        )
+    }
+
+    pub(crate) fn new_with_proto(
+        global: &GlobalScope,
+        proto: Option<HandleObject>,
+        id: USVString,
+        origin: USVString,
+        password: USVString,
+        can_gc: CanGc,
+    ) -> DomRoot<PasswordCredential> {
+        reflect_dom_object_with_proto(
+            Box::new(PasswordCredential::new_inherited(id, origin, password)),
+            global,
+            proto,
+            can_gc,
+        )
+    }
+}
+
+impl PasswordCredentialMethods<DomTypeHolder> for PasswordCredential {
+    fn Password(&self) -> USVString {
+        self.password.clone()
+    }
+
+    fn Constructor(
+        _global: &Window,
+        _proto: Option<HandleObject>,
+        _can_gc: CanGc,
+        _form: &HTMLFormElement,
+    ) -> Fallible<DomRoot<PasswordCredential>> {
+        Err(Error::NotSupported)
+    }
+
+    fn Constructor_(
+        global: &Window,
+        proto: Option<HandleObject>,
+        can_gc: CanGc,
+        data: &PasswordCredentialData,
+    ) -> Fallible<DomRoot<PasswordCredential>> {
+        Ok(Self::new_with_proto(
+            global.as_global_scope(),
+            proto,
+            data.parent.id.clone(),
+            data.origin.clone(),
+            data.password.clone(),
+            can_gc,
+        ))
+    }
+}

components/script/dom/mod.rs

@@ -245,6 +245,8 @@ pub(crate) mod console;
 pub(crate) mod cookiestore;
 pub(crate) mod countqueuingstrategy;
 mod create;
+pub(crate) mod credentialmanagement;
+pub(crate) use self::credentialmanagement::*;
 pub(crate) mod crypto;
 pub(crate) mod cryptokey;
 pub(crate) mod csp;

components/script/dom/navigator.rs

@@ -34,6 +34,7 @@ use crate::dom::bindings::utils::to_frozen_array;
 #[cfg(feature = "bluetooth")]
 use crate::dom::bluetooth::Bluetooth;
 use crate::dom::clipboard::Clipboard;
+use crate::dom::credentialmanagement::credentialscontainer::CredentialsContainer;
 use crate::dom::csp::{GlobalCspReporting, Violation};
 use crate::dom::gamepad::Gamepad;
 use crate::dom::gamepad::gamepadevent::GamepadEventType;
@@ -66,6 +67,7 @@ pub(crate) struct Navigator {
     reflector_: Reflector,
     #[cfg(feature = "bluetooth")]
     bluetooth: MutNullableDom<Bluetooth>,
+    credentials: MutNullableDom<CredentialsContainer>,
     plugins: MutNullableDom<PluginArray>,
     mime_types: MutNullableDom<MimeTypeArray>,
     service_worker: MutNullableDom<ServiceWorkerContainer>,
@@ -90,6 +92,7 @@ impl Navigator {
             reflector_: Reflector::new(),
             #[cfg(feature = "bluetooth")]
             bluetooth: Default::default(),
+            credentials: Default::default(),
             plugins: Default::default(),
             mime_types: Default::default(),
             service_worker: Default::default(),
@@ -229,6 +232,12 @@ impl NavigatorMethods<crate::DomTypeHolder> for Navigator {
             .or_init(|| Bluetooth::new(&self.global(), CanGc::note()))
     }
 
+    // https://www.w3.org/TR/credential-management-1/#framework-credential-management
+    fn Credentials(&self) -> DomRoot<CredentialsContainer> {
+        self.credentials
+            .or_init(|| CredentialsContainer::new(&self.global(), CanGc::note()))
+    }
+
     // https://html.spec.whatwg.org/multipage/#navigatorlanguage
     fn Language(&self) -> DOMString {
         navigatorinfo::Language()

components/script_bindings/webidls/Credential.webidl

@@ -0,0 +1,16 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
+/*
+ * The origin of this IDL file is
+ * https://www.w3.org/TR/credential-management-1/#the-credential-interface
+ */
+
+// https://www.w3.org/TR/credential-management-1/#credential
+[Pref="dom_credential_management_enabled", Exposed=Window, SecureContext]
+interface Credential {
+  readonly attribute USVString id;
+  readonly attribute DOMString type;
+  static Promise<boolean> isConditionalMediationAvailable();
+  static Promise<undefined> willRequestConditionalCreation();
+};

components/script_bindings/webidls/CredentialsContainer.webidl

@@ -0,0 +1,52 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
+/*
+ * The origin of this IDL file is
+ * https://www.w3.org/TR/credential-management-1/#framework-credential-management
+ */
+
+// https://www.w3.org/TR/credential-management-1/#framework-credential-management
+partial interface Navigator {
+  [SecureContext, SameObject, Pref="dom_credential_management_enabled"] readonly attribute CredentialsContainer credentials;
+};
+
+// https://www.w3.org/TR/credential-management-1/#credentialscontainer
+[Pref="dom_credential_management_enabled", Exposed=Window, SecureContext]
+interface CredentialsContainer {
+  [Throws] Promise<Credential?> get(optional CredentialRequestOptions options = {});
+  [Throws] Promise<undefined> store(Credential credential);
+  [Throws] Promise<Credential?> create(optional CredentialCreationOptions options = {});
+  [Throws] Promise<undefined> preventSilentAccess();
+};
+
+// https://www.w3.org/TR/credential-management-1/#credentialrequestoptions-dictionary
+dictionary CredentialRequestOptions {
+  CredentialMediationRequirement mediation = "optional";
+  AbortSignal signal;
+   // FIXME: This should be part of a partial dictionary, but that is not implemented yet
+   // From PasswordCredential.webidl
+   boolean password = false;
+};
+
+// https://www.w3.org/TR/credential-management-1/#dictdef-credentialcreationoptions
+dictionary CredentialCreationOptions {
+  CredentialMediationRequirement mediation = "optional";
+  AbortSignal signal;
+  // FIXME: This should be part of a partial dictionary, but that is not implemented yet
+  // From PasswordCredential.webidl
+  PasswordCredentialInit password;
+};
+
+// https://www.w3.org/TR/credential-management-1/#dictdef-credentialdata
+dictionary CredentialData {
+  required USVString id;
+};
+
+// https://www.w3.org/TR/credential-management-1/#enumdef-credentialmediationrequirement
+enum CredentialMediationRequirement {
+  "silent",
+  "optional",
+  "conditional",
+  "required"
+};

components/script_bindings/webidls/PasswordCredential.webidl

@@ -0,0 +1,25 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
+/*
+ * The origin of this IDL file is
+ * https://www.w3.org/TR/credential-management-1/#passwordcredential-interface
+ */
+
+// https://www.w3.org/TR/credential-management-1/#passwordcredential-interface
+[Pref="dom_credential_management_enabled", Exposed=Window, SecureContext]
+interface PasswordCredential : Credential {
+  [Throws] constructor(HTMLFormElement form);
+  [Throws] constructor(PasswordCredentialData data);
+  readonly attribute USVString password;
+};
+
+// https://www.w3.org/TR/credential-management-1/#dictdef-passwordcredentialdata
+dictionary PasswordCredentialData : CredentialData {
+  USVString name;
+  USVString iconURL;
+  required USVString origin;
+  required USVString password;
+};
+
+typedef (PasswordCredentialData or HTMLFormElement) PasswordCredentialInit;

python/tidy/tidy.py

@@ -114,6 +114,7 @@ WEBIDL_STANDARDS = [
     b"//dev.w3.org/fxtf",
     b"//dvcs.w3.org/hg",
     b"//www.w3.org/TR/trusted-types/",
+    b"//www.w3.org/TR/credential-management",
     b"//dom.spec.whatwg.org",
     b"//drafts.csswg.org",
     b"//drafts.css-houdini.org",