New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Provide better examples of scope #380

Open
marcoscaceres opened this Issue May 8, 2015 · 6 comments

Comments

Projects
None yet
3 participants
@marcoscaceres
Member

marcoscaceres commented May 8, 2015

People are confused by the lack of examples relating to scope:
pwa-builder/PWABuilder-CLI#42 (comment)

@boyofgreen

This comment has been minimized.

boyofgreen commented May 9, 2015

This might be a stretch for this topic, but we are seeing a use case in ManifoldJS for the ability to add multiple end points to a scope. Mainly being able to support authentication. For example, if an app uses Facebook to authenticate, and Facebook is not into he scope, then the auth process is outside the app experience for the users. Any thoughts on this?

@marcoscaceres

This comment has been minimized.

Member

marcoscaceres commented May 11, 2015

Ok, two thoughts... and it would be great to work through a real example here...:

  1. normal linking + deep linking
  2. window.open()

Given:

{
   "scope": "/myapp/"
}

normal linking

So, given a user wants to log into facebook, one could navigate to https://login.facebook.com - this "breaks" scope, hence causes browser to open (not great experience, but stay with me). Once authentication finishes, facebook.com navigates back to "example.com/myapp/logged_in/". As the scope is registered (and as the app is open), the web application reopens (i.e., this is a "deep link" behavior).

Issues: requires the browser to keep track of which pages are working as "apps". The app could die in the background before the user finishes authentication. It doesn't integrate nicely with OS level pre-authentication (but it could, MAYBE, with the proposed credential management API ... need to investigate this).

window.open()

Using window.open() could work as an overlay, allow authentication to take place (same as a popup window in desktop browsers). This would allow for a more integrated authentication experience without requiring users to jump into a separate application (the default browsers).

Issues: we probably need to have more control over window.open() to make it feel more native.

@boyofgreen

This comment has been minimized.

boyofgreen commented May 16, 2015

I like having control over window.open in an app scenario. As an app you could want a different experience than on the web.
Let me throw another example at you for scope. I use to work for a bank doing front end development. We had a few services that we integrate to for our bank customers. Things liked credit check, bill pay and redeeming points. These were what we called branded experiences, where the site looked like our site (we provided the template) and we passed them a token for auth, but the experience was on their dominion. Most of the time it was something like this:
www.mybank.com --> mybank.outhersite.com --> www.mybank.com
This type of shared experience wouldn't work within the current approach to scope. I could see this being common not just for auth but things like this shared experience, or even transactions that use external services like paypal or the like.

@marcoscaceres

This comment has been minimized.

Member

marcoscaceres commented May 19, 2015

@boyofgreen, yeah, I also found a few examples of this while researching scope. Multi-origin sites/apps are certainly common practice today. Going to think about this a bit more...

@marcoscaceres

This comment has been minimized.

Member

marcoscaceres commented May 19, 2015

FWIW, having an "unbounded" (i.e., undefined) scope allows for the multi-origin navigation today. However, the user agent might intervene and show a small URL bar if you navigate to another origin (as happens in Chrome on Android).

@benfrancis

This comment has been minimized.

benfrancis commented Jul 1, 2015

Just a quick note that an example for scope might be registering a web app as handling a particular URL scope for the purpose of handling App Links on Android, or Universal Links on iOS.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment