diff -r 000000000000 -r 6474c204b198 security/manager/ssl/public/nsIProtectedAuthThread.idl
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/security/manager/ssl/public/nsIProtectedAuthThread.idl	Wed Dec 31 06:09:35 2014 +0100
@@ -0,0 +1,46 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nsISupports.idl"
+#include "nsIObserver.idl"
+#include "nsIPKCS11Slot.idl"
+
+/**
+ * nsIProtectedAuthThread
+ *  This is used to communicate with the thread login on to 
+ *  a token with CKF_PROTECTED_AUTHENTICATION_PATH set.
+ */
+[scriptable, uuid(4bb27cb7-8984-4cee-8ce7-9b014c3d091b)]
+interface nsIProtectedAuthThread : nsISupports
+{
+  /**
+   * login - run the thread
+   *   A user interface implementing this interface needs to
+   *   call this method as soon as the message to the user is
+   *   displayed. This will trigger login operation. No user 
+   *   cancellation is possible during login operation.
+   *
+   *   When the login is done, the observe method of @observer will
+   *   be called on the UI thread with a topic of "login-finished"
+   *   and null data and subject.
+   */
+  void login(in nsIObserver observer);
+
+  /**
+   * The PKCS11 slot
+   */
+  readonly attribute nsIPKCS11Slot slot;
+
+  /**
+   * Gets token to be logged in name.
+   */
+  AString getTokenName();
+};
+
+%{ C++
+// {45334489-3D30-47c6-920B-0A55A313AEBF}
+#define NS_PROTECTEDAUTHTHREAD_CID \
+{ 0x45334489, 0x3d30, 0x47c6, { 0x92, 0x0b, 0x0a, 0x55, 0xa3, 0x13, 0xae, 0xbf } }
+#define NS_PROTECTEDAUTHTHREAD_CONTRACTID "@mozilla.org/security/protectedauththread;1"
+%}