Added aborted flag to the Create and DiscoverFromExternalSource methods #104
Conversation
|
the corresponding webauthn PR is here: w3c/webauthn#544 |
index.src.html
Outdated
| @@ -52,6 +52,9 @@ | |||
| spec: FETCH; urlPrefix: https://fetch.spec.whatwg.org/ | |||
| type: dfn | |||
| text: http-network-or-cache fetch; url: http-network-or-cache-fetch | |||
| spec: DOM; urlPrefix: https://dom.spec.whatwg.org/ | |||
| type: interface | |||
| text: AbortSignal url: https://dom.spec.whatwg.org/#abortsignal | |||
There was a problem hiding this comment.
You don't need these 3 lines: Update bikeshed with
cd <bikeshed-dir>
git pull --rebase
bikeshed update
and AbortSignal will be there.
index.src.html
Outdated
| @@ -250,6 +254,12 @@ | |||
| :: This attribute's getter returns the value of the object's [=interface object=]'s | |||
| {{[[type]]}} slot, which specifies the kind of credential represented by this object. | |||
|
|
|||
| : <dfn attribute>signal</dfn> | |||
| :: The credential object has an associated signal (an {{AbortSignal}} object), initially | |||
| a new {{AbortSignal}} object. Developers can use AbortSignal to [=terminated|terminate=] an | |||
There was a problem hiding this comment.
An AbortSignal attribute on the Credential would allow developers to respond to a Credential being aborted, not let them abort the .create() or .get() call.
Instead, you need to add an AbortSignal field to CredentialRequestOptions and CredentialCreationOptions, and thread that into [[Create]] and [[DiscoverFromExternalSource]]. See https://dom.spec.whatwg.org/#abortcontroller-api-integration for how to do that.
I'd lean toward not threading the AbortSignal into the returned Credential: if the caller aborts the .get() or .create() before it resolves, they won't get a Credential object at all.
|
@jyasskin can you please review the change? |
index.src.html
Outdated
| @@ -428,7 +430,7 @@ | |||
|
|
|||
| Note: This function was previously called `requireUserMediation()` which should be considered | |||
| deprecated. | |||
| </div> | |||
| </div> | |||
There was a problem hiding this comment.
You probably shouldn't change this indentation in this PR.
index.src.html
Outdated
| }; | ||
| </pre> | ||
| <div dfn-for="CredentialRequestOptions" dfn-type="dict-member"> | ||
| : <dfn>mediation</dfn> | ||
| :: This property specifies the mediation requirements for a given credential request. The | ||
| meaning of each enum value is described below in {{CredentialMediationRequirement}}. | ||
| Processing details are defined in [[#algorithm-request]]. | ||
| : <dfn>signal</dfn> | ||
| :: This property lets the developer abort an ongoing | ||
| {{[[DiscoverFromExternalSource]](options)}} operation and subequently all related |
index.src.html
Outdated
| : <dfn>signal</dfn> | ||
| :: This property lets the developer abort an ongoing | ||
| {{[[DiscoverFromExternalSource]](options)}} operation and subequently all related | ||
| [=authenticatorGetAssertion=] operations. Aborted promise would |
There was a problem hiding this comment.
Credential Manager should probably only discuss webauthn in examples. I might write this description as
This property lets the developer abort an ongoing {{CredentialsContainer/get()}}
operation. An aborted operation may complete normally (generally if the abort was
received after the operation finished) or reject with an "{{AbortError}}"
{{DOMException}}."
There was a problem hiding this comment.
Sure. But I'd prefer calling out AuthenticatorMakeCredential because of the same logic I mentioned above. I'd prefer this PR to just webauthn and handle abort for Credman overall in another PR. I do appreciate the added detail about how an aborted operation may complete.
index.src.html
Outdated
| }; | ||
| </pre> | ||
| <div dfn-for="CredentialCreationOptions" dfn-type="dict-member"> | ||
| : <dfn>signal</dfn> | ||
| :: This property lets the developer to abort an ongoing {{Credential/[[Create]](options)}} operation |
| @@ -282,7 +282,9 @@ | |||
| ### `Credential` Internal Methods ### {#credential-internal-methods} | |||
|
|
|||
| Each [=interface object=] created for interfaces which [=interface/inherit=] from {{Credential}} | |||
| defines several internal methods that allow retrieval and storage of {{Credential}} objects: | |||
| defines several internal methods that allow retrieval and storage of {{Credential}} objects. The | |||
| {{Credential/[[Create]](options)}} method and {{Credential/[[DiscoverFromExternalSource]](options)}} | |||
There was a problem hiding this comment.
I wouldn't restrict this to these two methods. Any operations taking options receives an AbortSignal and can use it to abort. Today, only [[Create]] and [[DiscoverFromExternalSource]] use it that way, but the interface doesn't restrict that.
There was a problem hiding this comment.
My personal preference is to let this PR do the job of unblocking WebAuthn. Then we can submit another PR that extends for password and federated credential. This keeps the progress cleaner. Plus if we are allowing the PR to extend for password and federated, I'd prefer having mikewest and dominic review the PR more thoroughly. But if this is just WebAuthn, I am fine merging this as it is.
.gitignore
Outdated
| @@ -0,0 +1 @@ | |||
| bikeshed/ | |||
There was a problem hiding this comment.
This is much more for my personal benefit cuz I do keep bikeshed in a repo in the code. I will go ahead and take this out if it causes controversy.
index.src.html
Outdated
| <div dfn-for="CredentialCreationOptions" dfn-type="dict-member"> | ||
| : <dfn>signal</dfn> | ||
| :: This property lets the developer to abort an ongoing {{Credential/[[Create]](options)}} operation | ||
| and susquently all related [=authenticatorMakeCredential=] operations. Aborted romise would |
There was a problem hiding this comment.
spelling: s/romise/promise/ and s/susquently/subsequently/
|
@battre can you please merge the PR? I don't have write access. @samuelweiler @wseltzer @mikewest can you please grant me write access? |
|
Actually, I think we want to merge #110, which will also close this PR. |
|
Merged as part of #110. |
This is to address w3c/webauthn#537. I will follow up soon with the corresponding webauthn PR.
Preview | Diff