[spec] Add key fetch to getInterestGroupAdAuctionData()

spec.bs

@@ -2862,23 +2862,53 @@ partial interface Navigator {
   Promise<AdAuctionData> getInterestGroupAdAuctionData(AdAuctionDataConfig config);
 };
 
+dictionary AdAuctionData {
+  required Uint8Array request;
+  required USVString requestId;
+};
+</xmp>
+
+<xmp class="idl">
 dictionary AdAuctionDataConfig {
   required USVString seller;
   required USVString coordinatorOrigin;
   unsigned long requestSize;
   record<USVString, AdAuctionDataBuyerConfig> perBuyerConfig;
 };
+</xmp>
+
+<dl class=domintro>
+  <dt>{{AdAuctionDataConfig/seller}}
+  <dd>The seller that will be used as the {{AuctionAdConfig/seller}} in the
+    following {{AuctionAdConfig}} passed to {{Window/navigator}}.{{Navigator/runAdAuction()}}.
+  <dt>{{AdAuctionDataConfig/coordinatorOrigin}}
+  <dd>The origin of the coordinator hosting public encryption keys for the server
+    running the ad auction. The [=origin/scheme=] must be "`https`". An implementation
+    may select which coordinators are acceptable.
+  <dt>{{AdAuctionDataConfig/requestSize}}
+  <dd>The desired size for the returned {{AdAuctionData/request}}. If any buyers are specified in
+    {{AdAuctionDataConfig/perBuyerConfig}}, this will be the exact size of the returned {{AdAuctionData/request}}.
+    Otherwise the returned {{AdAuctionData/request}}'s size will be at most the
+    {{AdAuctionDataConfig/requestSize}}.
+  <dt>{{AdAuctionDataConfig/perBuyerConfig}}
+  <dd>[=map/Keys=] are [=serialization of an origin|serialized origins=] of
+    buyers that should be included in the returned request. [=map/Values=] are
+    {{AdAuctionDataBuyerConfig}} for that buyer.
+</dl>
 
+<xmp class="idl">
 dictionary AdAuctionDataBuyerConfig {
   unsigned long targetSize;
 };
-
-dictionary AdAuctionData {
-  required Uint8Array request;
-  required USVString requestId;
-};
 </xmp>
 
+<dl class=domintro>
+  <dt>{{AdAuctionDataBuyerConfig/targetSize}}
+  <dd>The size of the request to allocate for this buyer. Required when
+    {{AdAuctionDataConfig}}'s {{AdAuctionDataConfig/requestSize}} is not
+    specified.
+</dl>
+
 A <dfn>server auction interest group</dfn> is a [=struct=] with the following [=struct/items=]:
 <dl dfn-for="server auction interest group">
   : <dfn>name</dfn>
@@ -2896,7 +2926,8 @@ A <dfn>server auction interest group</dfn> is a [=struct=] with the following [=
   : <dfn>browser signals</dfn>
   :: A [=server auction browser signals=].
   : <dfn>priority</dfn>
-  :: A {{double}}
+  :: A {{double}}. Used to select which interest groups for a given buyer are excluded
+    from the serialized request due to space limitations.
 </dl>
 
 A <dfn>server auction browser signals</dfn> is a [=struct=] with the following [=struct/items=]:
@@ -2944,15 +2975,34 @@ The <dfn for=Navigator method>getInterestGroupAdAuctionData(|configIDL|)</dfn> m
 1. Let |global| be [=this=]'s [=relevant global object=].
 1. If |global|'s [=associated Document=] is not [=allowed to use=] the "[=run-ad-auction=]"
   [=policy-controlled feature=], then [=exception/throw=] a "{{NotAllowedError}}" {{DOMException}}.
-1. Let |config| be the result of running [=parse and verify ad auction config=] on |configIDL|.
+1. Let |config| be the result of running [=parse and verify ad auction data config=] on |configIDL|.
 1. Let |p| be [=a new promise=].
 1. Let |queue| be the result of [=starting a new parallel queue=].
 1. [=parallel queue/enqueue steps|Enqueue the following steps=] to |queue|:
+  1. If |config|'s [=auction data config/coordinator=] is not one of the [=implementation-defined=]
+     coordinators supported by this [=user agent=]:
+     1. [=Queue a global task=] on the [=DOM manipulation task source=], given |global|, to
+        [=reject=] |p| with a {{TypeError}}.
+     1. Abort these steps.
+  1. Let |key| be a [=byte sequence=] containing one of the [[RFC9180|HPKE]] public
+     encryption keys for |config|'s [=auction data config/seller] as determined
+     by the coordinator specified in |config|'s
+     [=auction data config/coordinator=], or failure if no key is available. The
+     actual method for this lookup is [=implementation-defined=], and may
+     consist of fetching the keys from a known [=URL=].
+  1. If |key| is failure then:
+     1. [=Queue a global task=] on the [=DOM manipulation task source=], given |global|, to
+        [=reject=] |p| with a {{TypeError}}.
+     1. Abort these steps.
+  1. Set |config|'s [=auction data config/encryption key=] to |key|.
   1. Let |igMap| be a new [=map=] whose [=map/keys=] are [=origins=] and [=map/values=] are [=lists=].
   1. Let |startTime| be a [=moment=] equal to the [=current wall time=].
   1. [=list/For each=] |ig| of the [=user agent=]'s [=interest group set=]:
     1. If |ig|'s [=interest group/ads=] is null or [=list/is empty=], [=iteration/continue=].
     1. Let |owner| be |ig|'s [=interest group/owner=].
+    1. If |config|'s [=auction data config/per buyer config=] [=map/is not empty=] and
+       |config|'s [=auction data config/per buyer config=][|owner|] does not
+       [=map/exist=], then [=iteration/continue=].
     1. If |igMap|[|owner|] does not [=map/exist=], then [=map/set=] |igMap|[|owner|] to a new [=list=].
     1. Let |ads| be a new [=list=].
     1. [=list/For each=] |ad| in |ig|'s [=interest group/ads=], [=list/append=] |ad|'s [=interest group ad/ad render ID=] to |ads|.
@@ -3015,45 +3065,47 @@ The <dfn for=Navigator method>getInterestGroupAdAuctionData(|configIDL|)</dfn> m
 </div>
 
 <div algorithm>
-  To <dfn>parse and verify ad auction config</dfn> given an {{AdAuctionDataConfig}} |configIDL|:
+  To <dfn>parse and verify ad auction data config</dfn> given an {{AdAuctionDataConfig}} |configIDL|:
 
+  1. Let |seller| be the result of running [=parse an https origin=] on
+       |configIDL|["{{AdAuctionDataConfig/seller}}"].
+  1. Let |coordinator| be the result of running [=parse an https origin=] on
+       |configIDL|["{{AdAuctionDataConfig/coordinatorOrigin}}"].
+  1. If |seller| or |coordinator| are failure, then [=exception/throw=] a {{TypeError}}.
   1. Let |config| be a new [=auction data config=] with the following [=struct/items=]:
     : [=auction data config/seller=]
-    :: The result of running [=parsing an https origin=] on
-       |configIDL|["{{AdAuctionDataConfig/seller}}"]
+    :: |seller|
     : [=auction data config/coordinator=]
-    :: The result of running [=parsing an https origin=] on
-       |configIDL|["{{AdAuctionDataConfig/coordinatorOrigin}}"]
+    :: |coordinator|
     : [=auction data config/request size=]
-    :: |configIDL|["{{AdAuctionDataConfig/requestSize}}"]
+    :: |configIDL|["{{AdAuctionDataConfig/requestSize}}"] if it [=map/exists=], null otherwise
     : [=auction data config/per buyer config=]
     :: The result of running [=parse per buyer auction data configs=] on
       |configIDL|["{{AdAuctionDataConfig/perBuyerConfig}}"]
-  1. If |config|'s [=auction data config/seller=] or [=auction data config/coordinator=]
-     fields are failure, then [=exception/throw=] a {{TypeError}}.
   1. If |config|'s [=auction data config/per buyer config=] [=map/is not empty=]
      and |config|'s [=auction data config/request size=] is null:
-     1. Let |request_size| equal 0.
-     1. [=list/For each] |buyerConfig| of |config|'s [=auction data config/per buyer config=]'s [=map/values=]:
+     1. Let |requestSize| be 0.
+     1. [=list/For each=] |buyerConfig| of |config|'s [=auction data config/per buyer config=]'s [=map/values=]:
         1. If |buyerConfig|'s [=auction data buyer config/size=] is null,
            then [=exception/throw=] a {{TypeError}}.
-        1. Set |request_size| to |request_size| + |buyerConfig|'s [=auction data buyer config/size=]
-    1. Set |config|'s [=auction data config/request size=] to |request_size|.
+        1. Set |requestSize| to |requestSize| + |buyerConfig|'s [=auction data buyer config/size=].
+    1. Set |config|'s [=auction data config/request size=] to |requestSize|.
   1. Return |config|.
 </div>
 
 <div algorithm>
   To <dfn>parse per buyer auction data configs</dfn> given an
   {{AdAuctionDataBuyerConfig}} |perBuyerConfigIDL|:
   1. Let |configs| be a new [=ordered map=] whose [=map/keys=] are [=origins=]
-     and whose [=map/values=] are [=auction data config=]
+     and whose [=map/values=] are [=auction data configs=].
   1. [=map/For each=] |buyerIDL| → |buyerConfigIDL| of |perBuyerConfigIDL|:
-    1. Let |buyerConfig| be a new [=auction data buyer config=] with the following [=struct/items=]:
-      : [=auction data buyer config/size=]
-      :: |buyerConfigIDL|["{{AdAuctionDataBuyerConfig/targetSize}}"]
-    1. Let |buyer| be the result of running [=parsing an https origin=] on |buyerIDL|.
+    1. Let |buyerConfig| be a new [=auction data buyer config=].
+    1. Set |buyerConfig|'s [=auction data buyer config/size=] to
+       |buyerConfigIDL|["{{AdAuctionDataBuyerConfig/targetSize}}"] if it
+       [=map/exists=], null otherwise.
+    1. Let |buyer| be the result of running [=parse an https origin=] on |buyerIDL|.
     1. If |buyer| is failure, then [=exception/throw=] a {{TypeError}}.
-    1. [=map/Set=] configs[|buyer|] to |buyerConfig|.
+    1. [=map/Set=] |configs|[|buyer|] to |buyerConfig|.
   1. Return |configs|.
 </div>
 
@@ -7349,6 +7401,9 @@ An <dfn>auction data config</dfn> is a [=struct=] with the following [=struct/it
   :  <dfn>coordinator</dfn>
   :: The origin of the coordinator hosting public encryption keys for the server
     running the ad auction. The [=origin/scheme=] must be "`https`".
+  :  <dfn>encryption key</dfn>
+  :: A [=byte sequence=]. The public [[RFC9180|HPKE]] encryption key to be used
+     to construct the request.
   :  <dfn>request size</dfn>
   :: {{unsigned long}} or null. An optional field, containing the desired size
     for the returned encrypted request blob.