Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Keep HOWTO-chrome.md up to date #506

Merged
merged 8 commits into from
Oct 18, 2023
Merged

Keep HOWTO-chrome.md up to date #506

Changes from 1 commit
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
c665d3b
Update HOWTO-chrome.md with Error API and AccountAutoSelected API
yi-gu Oct 3, 2023
7807b03
Address comments
yi-gu Oct 3, 2023
35db075
Update explorations/HOWTO-chrome.md
yi-gu Oct 4, 2023
671b116
Rename the API for extensibility
yi-gu Oct 12, 2023
013a93a
change lower case id
yi-gu Oct 17, 2023
3ccbb07
Update JS snippet
yi-gu Oct 17, 2023
8a6684e
nit
yi-gu Oct 17, 2023
a0f208f
remove flag for shipped feature
yi-gu Oct 17, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 17 additions & 11 deletions explorations/HOWTO-chrome.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -177,18 +177,23 @@ optional. As long as the flag is enabled, Chrome will render an error UI when
the token request fails. The `error` field is used to customize the flow when an
error happens. Chrome will show a customized UI with proper error message if the
code is "invalid_request", "unauthorized_client", "access_denied", "server_error",
or "temporarily_unavailable". If a `url` field is provided, Chrome will add an
affordance for users to open a new page (e.g., via pop-up window) with that URL
to learn more about the error on that page.
or "temporarily_unavailable". If a `url` field is provided and same-site with
the IdP's `configURL`, Chrome will add an affordance for users to open a new
page (e.g., via pop-up window) with that URL to learn more about the error on
that page.

### `AccountAutoSelectedFlag` API
### `IdentityCredentialAutoSelectedFlag` API

To use the AccountAutoSelectedFlag API:
* Enable the experimental feature `FedCmAccountAutoSelectedFlag` in `chrome://flags`.
To use the IdentityCredentialAutoSelectedFlag API:
yi-gu marked this conversation as resolved.
Show resolved Hide resolved
* Enable the experimental feature `FedCmIdentityCredentialAutoSelectedFlag`
in `chrome://flags`.

The browser will send a new boolean to represent whether auto re-authentication was triggered such that the account was auto selected by the browser in the flow to both the IdP and the API caller.
The browser will send a new boolean to represent whether auto re-authentication
was triggered such that the account was auto selected by the browser in the flow
to both the IdP and the API caller.

For IdP, the browser will include the boolean `is_account_auto_selected` in the request sent to the id assertion endpoint:
For IdP, the browser will include `is_identity_credential_auto_selected` in the
request sent to the id assersion endpoint:
yi-gu marked this conversation as resolved.
Show resolved Hide resolved
```
POST /fedcm_assertion_endpoint HTTP/1.1
Host: idp.example
Expand All @@ -197,13 +202,14 @@ Content-Type: application/x-www-form-urlencoded
Cookie: 0x23223
Sec-Fetch-Dest: webidentity

account_id=123&client_id=client1234&nonce=Ct60bD&disclosure_text_shown=true&is_account_auto_selected=true
account_id=123&client_id=client1234&nonce=Ct60bD&disclosure_text_shown=true&is_identity_credential_auto_selected=true
```

For the API caller, the browser will include the boolean `isAccountAutoSelected` when resolving the promise with the token:
For the API caller, the browser will include the boolean
`isIdentityCredentialAutoSelected` when resolving the promise with the token:
```
{
yi-gu marked this conversation as resolved.
Show resolved Hide resolved
"token": "eyJC...J9.eyJzdWTE2...MjM5MDIyfQ.SflV_adQssw....5c",
"isAccountAutoSelected": true
"isIdentityCredentialAutoSelected": true
}
```
Loading