linux-credentials · AlfioEmanueleFresta · Feb 19, 2026 · Feb 18, 2026
diff --git a/libwebauthn/src/ops/webauthn/get_assertion.rs b/libwebauthn/src/ops/webauthn/get_assertion.rs
@@ -18,7 +18,7 @@ use crate::{
                 AuthenticatorAssertionResponseJSON, HMACGetSecretOutputJSON, LargeBlobOutputJSON,
                 PRFOutputJSON, PRFValuesJSON, ResponseSerializationError, WebAuthnIDLResponse,
             },
-            Base64UrlString, FromInnerModel, JsonError,
+            Base64UrlString, FromIdlModel, JsonError,
         },
         Operation, WebAuthnIDL,
     },
@@ -95,7 +95,7 @@ pub enum GetAssertionRequestParsingError {
 
 impl WebAuthnIDL<GetAssertionRequestParsingError> for GetAssertionRequest {
     type Error = GetAssertionRequestParsingError;
-    type InnerModel = PublicKeyCredentialRequestOptionsJSON;
+    type IdlModel = PublicKeyCredentialRequestOptionsJSON;
 }
 
 /** dictionary PublicKeyCredentialRequestOptionsJSON {
@@ -108,10 +108,10 @@ impl WebAuthnIDL<GetAssertionRequestParsingError> for GetAssertionRequest {
     AuthenticationExtensionsClientInputsJSON                extensions;
 }; */
 
-impl FromInnerModel<PublicKeyCredentialRequestOptionsJSON, GetAssertionRequestParsingError>
+impl FromIdlModel<PublicKeyCredentialRequestOptionsJSON, GetAssertionRequestParsingError>
     for GetAssertionRequest
 {
-    fn from_inner_model(
+    fn from_idl_model(
         rpid: &RelyingPartyId,
         inner: PublicKeyCredentialRequestOptionsJSON,
     ) -> Result<Self, GetAssertionRequestParsingError> {
@@ -401,13 +401,13 @@ pub struct Assertion {
 }
 
 impl WebAuthnIDLResponse for Assertion {
-    type InnerModel = AuthenticationResponseJSON;
+    type IdlModel = AuthenticationResponseJSON;
     type Context = GetAssertionRequest;
 
-    fn to_inner_model(
+    fn to_idl_model(
         &self,
         request: &Self::Context,
-    ) -> Result<Self::InnerModel, ResponseSerializationError> {
+    ) -> Result<Self::IdlModel, ResponseSerializationError> {
         // Get credential ID - either from credential_id field or from authenticator_data
         let credential_id_bytes = self
             .credential_id
@@ -808,10 +808,10 @@ mod tests {
     }
 
     #[test]
-    fn test_assertion_to_inner_model() {
+    fn test_assertion_to_idl_model() {
         let assertion = create_test_assertion();
         let request = create_test_request();
-        let model = assertion.to_inner_model(&request).unwrap();
+        let model = assertion.to_idl_model(&request).unwrap();
 
         // Verify the credential ID
         assert_eq!(model.raw_id.0, vec![0x01, 0x02, 0x03, 0x04]);
@@ -833,7 +833,7 @@ mod tests {
         ));
 
         let request = create_test_request();
-        let model = assertion.to_inner_model(&request).unwrap();
+        let model = assertion.to_idl_model(&request).unwrap();
 
         // Verify user handle is present
         assert!(model.response.user_handle.is_some());
@@ -858,7 +858,7 @@ mod tests {
         });
 
         let request = create_test_request();
-        let model = assertion.to_inner_model(&request).unwrap();
+        let model = assertion.to_idl_model(&request).unwrap();
 
         // Verify extension outputs - PRF should be set with correct values
         let prf = model.client_extension_results.prf.as_ref().unwrap();

diff --git a/libwebauthn/src/ops/webauthn/idl/mod.rs b/libwebauthn/src/ops/webauthn/idl/mod.rs
@@ -23,25 +23,25 @@ pub type JsonError = serde_json::Error;
 pub trait WebAuthnIDL<E>: Sized
 where
     E: std::error::Error, // Validation error type.
-    Self: FromInnerModel<Self::InnerModel, E>,
+    Self: FromIdlModel<Self::IdlModel, E>,
 {
     /// An error type that can be returned when deserializing from JSON, including
     /// JSON parsing errors and any additional validation errors.
     type Error: std::error::Error + From<JsonError> + From<E>;
 
     /// The JSON model that this IDL can deserialize from.
-    type InnerModel: DeserializeOwned;
+    type IdlModel: DeserializeOwned;
 
     fn from_json(rpid: &RelyingPartyId, json: &str) -> Result<Self, Self::Error> {
-        let inner_model: Self::InnerModel = serde_json::from_str(json)?;
-        Self::from_inner_model(rpid, inner_model).map_err(From::from)
+        let idl_model: Self::IdlModel = serde_json::from_str(json)?;
+        Self::from_idl_model(rpid, idl_model).map_err(From::from)
     }
 }
 
-pub trait FromInnerModel<T, E>: Sized
+pub trait FromIdlModel<T, E>: Sized
 where
     T: DeserializeOwned,
     E: std::error::Error,
 {
-    fn from_inner_model(rpid: &RelyingPartyId, inner: T) -> Result<Self, E>;
+    fn from_idl_model(rpid: &RelyingPartyId, model: T) -> Result<Self, E>;
 }
diff --git a/libwebauthn/src/ops/webauthn/idl/response.rs b/libwebauthn/src/ops/webauthn/idl/response.rs
@@ -47,27 +47,27 @@ pub enum ResponseSerializationError {
 /// Trait for WebAuthn response types that can be serialized to JSON.
 ///
 /// This is the inverse of `WebAuthnIDL` - it converts WebAuthn response models
-/// to JSON-serializable intermediate models, which can then be serialized to JSON.
+/// to JSON-serializable IDL models, which can then be serialized to JSON.
 pub trait WebAuthnIDLResponse: Sized {
-    /// The JSON-serializable intermediate model type.
-    type InnerModel: Serialize;
+    /// The JSON-serializable IDL model type.
+    type IdlModel: Serialize;
 
     /// Context required for serialization (e.g., client data JSON).
     type Context;
 
-    /// Converts this response to a JSON-serializable intermediate model.
-    fn to_inner_model(
+    /// Converts this response to a JSON-serializable IDL model.
+    fn to_idl_model(
         &self,
         ctx: &Self::Context,
-    ) -> Result<Self::InnerModel, ResponseSerializationError>;
+    ) -> Result<Self::IdlModel, ResponseSerializationError>;
 
     /// Serializes this response to a JSON string.
     fn to_json(
         &self,
         ctx: &Self::Context,
         format: JsonFormat,
     ) -> Result<String, ResponseSerializationError> {
-        let model = self.to_inner_model(ctx)?;
+        let model = self.to_idl_model(ctx)?;
         match format {
             JsonFormat::Minified => Ok(serde_json::to_string(&model)?),
             JsonFormat::Prettified => Ok(serde_json::to_string_pretty(&model)?),

diff --git a/libwebauthn/src/ops/webauthn/make_credential.rs b/libwebauthn/src/ops/webauthn/make_credential.rs
@@ -17,7 +17,7 @@ use crate::{
                 CredentialPropertiesOutputJSON, LargeBlobOutputJSON, PRFOutputJSON,
                 RegistrationResponseJSON, ResponseSerializationError, WebAuthnIDLResponse,
             },
-            Base64UrlString, FromInnerModel, JsonError, WebAuthnIDL,
+            Base64UrlString, FromIdlModel, JsonError, WebAuthnIDL,
         },
         Operation, RelyingPartyId,
     },
@@ -57,13 +57,13 @@ struct AttestationObject<'a> {
 }
 
 impl WebAuthnIDLResponse for MakeCredentialResponse {
-    type InnerModel = RegistrationResponseJSON;
+    type IdlModel = RegistrationResponseJSON;
     type Context = MakeCredentialRequest;
 
-    fn to_inner_model(
+    fn to_idl_model(
         &self,
         request: &Self::Context,
-    ) -> Result<Self::InnerModel, ResponseSerializationError> {
+    ) -> Result<Self::IdlModel, ResponseSerializationError> {
         // Get credential ID from attested credential data
         let credential_id_bytes = self
             .authenticator_data
@@ -361,10 +361,10 @@ impl MakeCredentialRequest {
     }
 }
 
-impl FromInnerModel<PublicKeyCredentialCreationOptionsJSON, MakeCredentialRequestParsingError>
+impl FromIdlModel<PublicKeyCredentialCreationOptionsJSON, MakeCredentialRequestParsingError>
     for MakeCredentialRequest
 {
-    fn from_inner_model(
+    fn from_idl_model(
         rpid: &RelyingPartyId,
         inner: PublicKeyCredentialCreationOptionsJSON,
     ) -> Result<Self, MakeCredentialRequestParsingError> {
@@ -441,7 +441,7 @@ pub enum MakeCredentialRequestParsingError {
 
 impl WebAuthnIDL<MakeCredentialRequestParsingError> for MakeCredentialRequest {
     type Error = MakeCredentialRequestParsingError;
-    type InnerModel = PublicKeyCredentialCreationOptionsJSON;
+    type IdlModel = PublicKeyCredentialCreationOptionsJSON;
 }
 
 #[derive(Debug, Clone, Deserialize, PartialEq)]
@@ -962,10 +962,10 @@ mod tests {
     }
 
     #[test]
-    fn test_response_to_inner_model() {
+    fn test_response_to_idl_model() {
         let response = create_test_response();
         let request = create_test_request();
-        let model = response.to_inner_model(&request).unwrap();
+        let model = response.to_idl_model(&request).unwrap();
 
         // Verify the credential ID
         assert_eq!(model.raw_id.0, vec![0x01, 0x02, 0x03, 0x04]);
@@ -983,7 +983,7 @@ mod tests {
     fn test_response_attestation_object_format() {
         let response = create_test_response();
         let request = create_test_request();
-        let model = response.to_inner_model(&request).unwrap();
+        let model = response.to_idl_model(&request).unwrap();
 
         // Decode the attestation object
         let attestation_bytes = model.response.attestation_object.0;
@@ -1027,7 +1027,7 @@ mod tests {
         };
 
         let request = create_test_request();
-        let model = response.to_inner_model(&request).unwrap();
+        let model = response.to_idl_model(&request).unwrap();
 
         // Verify cred_props extension
         let cred_props = model.client_extension_results.cred_props.as_ref().unwrap();