complete fixing #251 (in getAssertion())

index.bs

@@ -479,9 +479,10 @@ This method takes the following parameters:
 
 When this method is invoked, the user agent MUST execute the following algorithm:
 
-1. If {{AssertionOptions/timeoutSeconds}} was specified, check if its value lies within a reasonable range as defined by the
-    platform and if not, correct it to the closest value lying within that range. Set |adjustedTimeout| to this adjusted value.
-    If {{AssertionOptions/timeoutSeconds}} was not specified, then set |adjustedTimeout| to a platform-specific default.
+1. If the {{AssertionOptions/timeoutSeconds}} member of {{options}} is <a>present</a>, check if its value lies within a 
+    reasonable range as defined by the platform and if not, correct it to the closest value lying within that range. Set
+    |adjustedTimeout| to this adjusted value. If {{AssertionOptions/timeoutSeconds}} is not <a>present</a>, then set
+    |adjustedTimeout| to a platform-specific default.
 
 2. Let |promise| be a new <a data-lt="Promises">Promise</a>. Return |promise| and start a timer for |adjustedTimeout| seconds.
     Then asynchronously continue executing the following steps. If any fatal error is encountered in this process other than the
@@ -491,17 +492,18 @@ When this method is invoked, the user agent MUST execute the following algorithm
 3. Set |callerOrigin| to the <a link-for='web'>current settings object</a>'s <a link-for='web'>origin</a>. If |callerOrigin| is 
     an <a link-for='web'>opaque origin</a>, reject |promise| with a <a>DOMException</a> whose name is "NotAllowedError", and
     terminate this algorithm. Otherwise,
-    - If {{AssertionOptions/rpId}} is not specified, then set |rpId| to |callerOrigin|, and |rpIdHash| to the SHA-256
-        hash of |rpId|.
-    - If {{AssertionOptions/rpId}} is specified, then invoke the procedure used for <a>relaxing the same-origin restriction</a>
-        by setting the `document.domain` attribute, using {{AssertionOptions/rpId}} as the given value but without changing the
-        current document's `domain`. If no errors are thrown, set |rpId| to the value of `host` as computed by this procedure,
-        and |rpIdHash| to the SHA-256 hash of |rpId|. Otherwise, reject |promise| with a <a>DOMException</a> whose name is
-        "SecurityError", and terminate this algorithm.
-
-4. If {{AssertionOptions/extensions}} was specified, process any extensions supported by this client platform, to produce the
-    extension data that needs to be sent to the authenticator. If an error is encountered while processing an extension, skip
-    that extension and do not produce any extension data for it. Call the result of this processing |clientExtensions|.
+    - If the {{AssertionOptions/rpId}} member of {{options}} is not <a>present</a>, then set |rpId| to |callerOrigin|, and 
+        |rpIdHash| to the SHA-256 hash of |rpId|.
+    - If the {{AssertionOptions/rpId}} member of {{options}} is <a>present</a>, then invoke the procedure used for <a>relaxing 
+        the same-origin restriction</a> by setting the `document.domain` attribute, using {{AssertionOptions/rpId}} as the given
+        value but without changing the current document's `domain`. If no errors are thrown, set |rpId| to the value of `host`
+        as computed by this procedure, and |rpIdHash| to the SHA-256 hash of |rpId|. Otherwise, reject |promise| with a
+        <a>DOMException</a> whose name is "SecurityError", and terminate this algorithm.
+
+4. If the {{AssertionOptions/extensions}} member of {{options}} is <a>present</a>, process any extensions supported by this 
+    client platform, to produce the extension data that needs to be sent to the authenticator. If an error is encountered while
+    processing an extension, skip that extension and do not produce any extension data for it. Call the result of this
+    processing |clientExtensions|.
 
 5. Use {{assertionChallenge}}, |callerOrigin| and |rpId|, along with the token binding key associated with |callerOrigin| (if
     any), to create a {{ClientData}} structure representing this request. Choose a hash algorithm for {{ClientData/hashAlg}} and
@@ -510,15 +512,15 @@ When this method is invoked, the user agent MUST execute the following algorithm
 6. Initialize |issuedRequests| to an empty list.
 
 7. For each authenticator currently available on this platform, perform the following steps:
-    - If {{AssertionOptions/allowList}} is empty, let |credentialList| be an empty list. Otherwise, execute a
-        platform-specific procedure to determine which, if any, credentials listed in {{AssertionOptions/allowList}} might be
-        present on this authenticator, and set |credentialList| to this filtered list. If no such filtering is possible, set
-        |credentialList| to an empty list.
+    - If the {{AssertionOptions/allowList}} member of {{options}} is empty, let |credentialList| be an empty list. Otherwise, 
+        execute a platform-specific procedure to determine which, if any, credentials listed in {{AssertionOptions/allowList}}
+        might be present on this authenticator, and set |credentialList| to this filtered list. If no such filtering is
+        possible, set |credentialList| to an empty list.
     - For each credential C within the |credentialList| that has a non-empty |transports| list, optionally use only the
         specified transports to get assertions using credential C.
-    - If the above filtering process concludes that none of the credentials on {{AssertionOptions/allowList}} can possibly be on this
-        authenticator, do not perform any of the following steps for this authenticator, and proceed to the next authenticator
-        (if any).
+    - If the above filtering process concludes that none of the credentials on the {{AssertionOptions/allowList}} can possibly 
+        be on this authenticator, do not perform any of the following steps for this authenticator, and proceed to the next
+        authenticator (if any).
     - Asynchronously invoke the <a>authenticatorGetAssertion</a> operation on this authenticator with |rpIdHash|,
         <a>clientDataHash</a>, |credentialList|, and |clientExtensions| as parameters.
     - Add an entry to |issuedRequests|, corresponding to this request.