Specify the continuation API #662
Conversation
| way. | ||
| 1. Wait for one of the following conditions: | ||
| * The user closes the browsing context: return failure. | ||
| * {{IdentityProvider}}.{{IdentityProvider/close}} is called in the |
There was a problem hiding this comment.
Should this actually be a reject() if the completion mechanism is resolve() — borrowing naming from Promises?
There was a problem hiding this comment.
Ah yeah, that sounds nicer to me too!
There was a problem hiding this comment.
That or something like abort(reason?: string) and finish(token: string, accountId?: string)
There was a problem hiding this comment.
IdentityProvider.close already exists (added to support logging in), so we either need to make it do something or make a decision it should not do something in this context.
IdentityProvider.reject makes sense to me but I'd prefer waiting until we have the error API (#498) because that's what adds the error code and URL to the returned credential. We have no place to put the reason until then.
(for what it's worth, we also have no IDP feedback on an API like reject)
|
I'm glad to see this idea being implemented! |
|
Discussed at 8 October meeting [minutes to be linked] |
| @@ -1251,7 +1267,8 @@ To <dfn>fetch an identity assertion</dfn> given a {{USVString}} | |||
|
|
|||
| <xmp class="idl"> | |||
| dictionary IdentityProviderToken { | |||
| required USVString token; | |||
| USVString token; | |||
There was a problem hiding this comment.
Can you put some thought on how/whether we should think about forwards compatibility?
There was a problem hiding this comment.
I will address that in a later PR
|
FWIW, I believe the IdP needs to have the option to request user interaction during token creation, for example when the RP has requested a higher level of authentication assurance (step-up authentication). Therefore, I consider this API essential. |
spec/index.bs
Outdated
| 1. If |tokenPair| is failure, set |credential| to failure and return. | ||
| 1. Let |tokenString| be the first entry of |tokenPair|. | ||
| 1. If the second entry of |tokenPair| is not null, set |accountId| to that second entry. | ||
| 1. Wait for |tokenString| to be set if necessary. |
There was a problem hiding this comment.
If necessary? This is not clear. I think we wait until either credential is set to failure or tokentString is set. In the former, we return here (note that the return in the inner algorithm does not also automatically return from here.
There was a problem hiding this comment.
Should be fixed now.
I also rebased. PTAL!
|
Note: discussed during https://github.com/fedidcg/meetings/blob/main/2024/2024-11-12-notes.md |
SHA: 344458d Reason: push, by npm1 Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
SHA: 344458d Reason: push, by pull[bot] Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Bug: w3c-fedid/custom-requests#1
Preview | Diff