Skip to content

Commit

Permalink
resolved auto-merge conflict
Browse files Browse the repository at this point in the history
  • Loading branch information
@rlin1
rlin1 committed Jun 6, 2017
2 parents 8fa9da4 + 912c4ec commit 7cd5ebf
Showing 1 changed file with 36 additions and 19 deletions.
55 changes: 36 additions & 19 deletions index.bs
View file
Expand Up @@ -551,21 +551,25 @@ When this method is invoked, the user agent MUST execute the following algorithm
[=ipv6 address=], [=opaque host=], or [=empty host=] -- are disallowed.
-->

1. Let |rpId| be |effectiveDomain|.

<!-- Note: this next step is actually a top-level step, but bikeshed wanted it indented this much in order to compile w/o errors
-->
1. Let |rpId| be |effectiveDomain|.
<li id='CreateCred-DetermineRpId'>
If |options|.{{MakeCredentialOptions/rp}}.{{PublicKeyCredentialEntity/id}} is [=present=]:

1. If |options|.{{MakeCredentialOptions/rp}}.{{PublicKeyCredentialEntity/id}} [=is not a registrable domain suffix of and is
not equal to=] |effectiveDomain|, return a {{DOMException}} whose name is "{{SecurityError}}", and terminate this
algorithm.
1. If |options|.{{MakeCredentialOptions/rp}}.{{PublicKeyCredentialEntity/id}} [=is not a registrable domain suffix of
and is not equal to=] |effectiveDomain|, return a {{DOMException}} whose name is "{{SecurityError}}", and terminate
this algorithm.

1. Set |rpId| to |options|.{{MakeCredentialOptions/rp}}.{{PublicKeyCredentialEntity/id}}.

Note: |rpId| represents the caller's [=RP ID=]. The [=RP ID=] defaults to being the caller's [=environment settings
object/origin=]'s [=effective domain=] unless the caller has explicitly set
|options|.{{MakeCredentialOptions/rp}}.{{PublicKeyCredentialEntity/id}} when calling {{CredentialsContainer/create()}}.
|options|.{{MakeCredentialOptions/rp}}.{{PublicKeyCredentialEntity/id}} when calling
{{CredentialsContainer/create()}}.
</li>

1. Let |normalizedParameters| be a new [=list=] whose [=list/items=] are pairs of {{PublicKeyCredentialType}} and a
[=dictionary=] type (as returned by [=normalizing an algorithm=]).

Expand Down Expand Up @@ -752,18 +756,22 @@ When this method is invoked, the user agent MUST execute the following algorithm
-->

<li id='GetAssn-DetermineRpId'>
If |options|.{{PublicKeyCredentialRequestOptions/rpId}} is [=present|not present=], then set |rpId| to |effectiveDomain|.
If |options|.{{PublicKeyCredentialRequestOptions/rpId}} is [=present|not present=], then set |rpId| to
|effectiveDomain|.

Otherwise:

1. If |options|.{{PublicKeyCredentialRequestOptions/rpId}} [=is not a registrable domain suffix of and is not equal to=]
|effectiveDomain|, return a {{DOMException}} whose name is "{{SecurityError}}", and terminate this algorithm.
1. If |options|.{{PublicKeyCredentialRequestOptions/rpId}} [=is not a registrable domain suffix of and is not
equal to=] |effectiveDomain|, return a {{DOMException}} whose name is "{{SecurityError}}", and terminate
this algorithm.

1. Set |rpId| to |options|.{{PublicKeyCredentialRequestOptions/rpId}}.

Note: |rpId| represents the caller's [=RP ID=]. The [=RP ID=] defaults to being the caller's [=environment settings
object/origin=]'s [=effective domain=] unless the caller has explicitly set
Note: |rpId| represents the caller's [=RP ID=]. The [=RP ID=] defaults to being the caller's [=environment
settings object/origin=]'s [=effective domain=] unless the caller has explicitly set
|options|.{{PublicKeyCredentialRequestOptions/rpId}} when calling {{CredentialsContainer/get()}}.
</li>

1. Let |clientExtensions| be a new [=map=] and let |authenticatorExtensions| be a new [=map=].

1. If the {{PublicKeyCredentialRequestOptions/extensions}} member of |options| is [=present=], then [=map/for each=]
Expand Down Expand Up @@ -817,15 +825,24 @@ When this method is invoked, the user agent MUST execute the following algorithm
<code>|options|.{{PublicKeyCredentialRequestOptions/allowList}}.{{PublicKeyCredentialDescriptor/type}}</code>.
Set |credentialDescriptorList| to this filtered list.

1. If |credentialDescriptorList| [=list/is not empty=], then [=in parallel=], [=list/for each=] credential |C| in
|credentialDescriptorList|:
1. If <code>|C|.{{transports}}</code> [=list/is not empty=], the client SHOULD select one |transport| from
{{transports}}. Then, using |transport|, invoke the [=authenticatorGetAssertion=] operation on |authenticator|, with
|rpId|, |clientDataHash|, |credentialDescriptorList|, and |authenticatorExtensions| as parameters.

Otherwise, using local configuration knowledge of the appropriate transport to use with |authenticator|, invoke
[=in parallel=] the [=authenticatorGetAssertion=] operation on |authenticator| with |rpId|, |clientDataHash|,
and |clientExtensions| as parameters.
1. If |credentialDescriptorList|
<dl class="switch">
: [=list/is not empty=]
:: [=in parallel=], [=list/for each=] credential |C| in |credentialDescriptorList|:
1. If <code>|C|.{{transports}}</code> [=list/is not empty=], the client SHOULD select one |transport| from
{{transports}}. Then, using |transport|, invoke the [=authenticatorGetAssertion=] operation on
|authenticator|, with |rpId|, |clientDataHash|, |credentialDescriptorList|, and |authenticatorExtensions| as
parameters.

1. Otherwise, using local configuration knowledge of the appropriate transport to use with |authenticator|,
invoke the [=authenticatorGetAssertion=] operation on |authenticator| with |rpId|,
|clientDataHash|, |credentialDescriptorList|, and |clientExtensions| as parameters.

: [=list/is empty=]
:: Using local configuration knowledge of the appropriate transport to use with |authenticator|, invoke
[=in parallel=] the [=authenticatorGetAssertion=] operation on |authenticator| with |rpId|, |clientDataHash|,
and |clientExtensions| as parameters.
</dl>

1. [=set/Append=] |authenticator| to |issuedRequests|.

Expand Down

0 comments on commit 7cd5ebf

Please sign in to comment.