-
Notifications
You must be signed in to change notification settings - Fork 77
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Specify the continuation API #662
Conversation
way. | ||
1. Wait for one of the following conditions: | ||
* The user closes the browsing context: return failure. | ||
* {{IdentityProvider}}.{{IdentityProvider/close}} is called in the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should this actually be a reject()
if the completion mechanism is resolve()
— borrowing naming from Promises?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah yeah, that sounds nicer to me too!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That or something like abort(reason?: string)
and finish(token: string, accountId?: string)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IdentityProvider.close already exists (added to support logging in), so we either need to make it do something or make a decision it should not do something in this context.
IdentityProvider.reject makes sense to me but I'd prefer waiting until we have the error API (#498) because that's what adds the error code and URL to the returned credential. We have no place to put the reason until then.
(for what it's worth, we also have no IDP feedback on an API like reject)
I'm glad to see this idea being implemented! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Minor nit
Discussed at 8 October meeting [minutes to be linked] |
@@ -1251,7 +1267,8 @@ To <dfn>fetch an identity assertion</dfn> given a {{USVString}} | |||
|
|||
<xmp class="idl"> | |||
dictionary IdentityProviderToken { | |||
required USVString token; | |||
USVString token; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you put some thought on how/whether we should think about forwards compatibility?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will address that in a later PR
FWIW, I believe the IdP needs to have the option to request user interaction during token creation, for example when the RP has requested a higher level of authentication assurance (step-up authentication). Therefore, I consider this API essential. |
spec/index.bs
Outdated
1. If |tokenPair| is failure, set |credential| to failure and return. | ||
1. Let |tokenString| be the first entry of |tokenPair|. | ||
1. If the second entry of |tokenPair| is not null, set |accountId| to that second entry. | ||
1. Wait for |tokenString| to be set if necessary. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If necessary? This is not clear. I think we wait until either credential
is set to failure or tokentString
is set. In the former, we return here (note that the return in the inner algorithm does not also automatically return from here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should be fixed now.
I also rebased. PTAL!
Note: discussed during https://github.com/fedidcg/meetings/blob/main/2024/2024-11-12-notes.md |
SHA: 344458d Reason: push, by npm1 Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
SHA: 344458d Reason: push, by pull[bot] Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Bug: w3c-fedid/custom-requests#1
Preview | Diff