From b3a335859bce7d69c6c73235adfeec6e3b0d4941 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicol=C3=A1s=20Pe=C3=B1a=20Moreno?= Date: Wed, 15 Nov 2023 15:43:27 -0500 Subject: [PATCH] b --- spec/index.bs | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/spec/index.bs b/spec/index.bs index c1b79c615..4a2bd8271 100644 --- a/spec/index.bs +++ b/spec/index.bs @@ -144,7 +144,8 @@ could be implemented. providers: [{ configURL: "https://idp.example/manifest.json", clientId: "123", - nonce: nonce + nonce: nonce, + domainHint: "any" }] } }); @@ -590,7 +591,7 @@ dictionary IdentityProviderConfig { {{IdentityProviderAccount}}. : {{IdentityProviderConfig/domainHint}} :: A string representing the domain hint corresponding to a domain which the [=RP=] is - interested in, or "*" if the [=RP=] wants any account associated with at least one domain + interested in, or "any" if the [=RP=] wants any account associated with at least one domain hint. If provided, the user agent will not show accounts which do not match the domain hint value. @@ -770,8 +771,8 @@ the exception thrown. 1. If |accountList| is now empty, go to the [=mismatch dialog step=]. 1. If |provider|'s {{IdentityProviderConfig/domainHint}} is not empty: 1. For every |account| in |accountList|: - 1. If {{IdentityProviderConfig/domainHint}} is "*", remove |account| from |accountList| - if |account|'s {{IdentityProviderAccount/domain_hints}} is not empty. + 1. If {{IdentityProviderConfig/domainHint}} is "any", remove |account| from + |accountList| if |account|'s {{IdentityProviderAccount/domain_hints}} is not empty. 1. Otherwise, remove |account| from |accountList| if |account|'s {{IdentityProviderAccount/domain_hints}} does not [=list/contain=] |provider|'s {{IdentityProviderConfig/domainHint}}. @@ -1335,19 +1336,22 @@ To show an IDP login dialog given an {{IdentityProviderAPIConfig}} |c {{IdentityProviderConfig}} |provider|, and a |globalObject|, run the following steps. This returns success or failure. 1. Assert: these steps are running [=in parallel=]. - 1. Let |urlString| be |config|.{{IdentityProviderAPIConfig/login_url}}. - 1. Let |queryList| be a new [=list=]. - 1. If |provider|'s {{IdentityProviderConfig/loginHint}} is not empty, [=list/append=] - ("login_hint", {{IdentityProviderConfig/loginHint}}) to |queryList|. - 1. If |provider|'s {{IdentityProviderConfig/domainHint}} is not empty, [=list/append=] - ("domain_hint", {{IdentityProviderConfig/domainHint}}) to |queryList|. - 1. If |queryList| is not [=list/empty=], let |queryParameters| be the result of the [=urlencoded serializer=] with |queryList|. Append "?" and |queryParameters| to |urlString|. 1. Let |loginUrl| be null. 1. [=Queue a global task=] on the [=DOM manipulation task source=] given |globalObject| to set - |loginUrl| to the result of running [=url parser=] with |urlString|. + |loginUrl| to the result of running [=url parser=] with + |config|.{{IdentityProviderAPIConfig/login_url}}. 1. Wait until |loginUrl| is not null. 1. Assert: |loginUrl| is not failure (the [=user agent=] has checked |config|.{{IdentityProviderAPIConfig/login_url}} to be a valid URL previously). + 1. Let |queryList| be a new [=list=]. + 1. If |provider|'s {{IdentityProviderConfig/loginHint}} is not empty, [=list/append=] + ("login_hint", {{IdentityProviderConfig/loginHint}}) to |queryList|. + 1. If |provider|'s {{IdentityProviderConfig/domainHint}} is not empty, [=list/append=] + ("domain_hint", {{IdentityProviderConfig/domainHint}}) to |queryList|. + 1. If |queryList| is not [=list/empty=]: + 1. Let |queryParameters| be the result of the [=urlencoded serializer=] with |queryList|. + 1. If |loginUrl|'s [=url/query=] is not null or empty, prepend "&" to |queryParameters|. + 1. Append |queryParameters| to |loginUrl|'s [=url/query=]. 1. [=Create a fresh top-level traversable=] with |loginUrl|. 1. The user agent MAY [=set up browsing context features=] or otherwise affect the presentation of this traversable in an implementation-defined