Fix #574 - Change language for Create and Get to support hotplugging #655
Conversation
jcjones
force-pushed
the
574-hotplugging
branch
from
d176e5b
to
25a4428
Compare
There was a problem hiding this comment.
this looks nominally OK. is it enough to do this for WD-07 and resolve issue #613 for CR (since at least one implementation presently handles this anyway) ?
index.bs
Outdated
|
|
||
| Note: The definitions of "overall lifetime" and "becomes available" are intended to represent how | ||
| devices are hotplugged into browsers, and are under-specified. Resolving this with good definitions | ||
| or some other means will be handled in [Issue #613](https://github.com/w3c/webauthn/issues/613). |
There was a problem hiding this comment.
pedantic nit: s/handled in/addressed by resolving/
index.bs
Outdated
| "{{ConstraintError}}", and terminate this algoritm. | ||
| Note: The definitions of "overall lifetime" and "becomes available" are intended to represent how | ||
| devices are hotplugged into browsers, and are under-specified. Resolving this with good definitions | ||
| or some other means will be handled in [Issue #613](https://github.com/w3c/webauthn/issues/613). |
There was a problem hiding this comment.
pedantic nit: s/handled in/addressed by resolving/
There was a problem hiding this comment.
also, rather than a "Note:", perhaps should use "Issue:" here ?
index.bs
Outdated
| 1. If {{AuthenticatorSelectionCriteria/requireUserVerification}} is set to |true| and the | ||
| |authenticator| is not capable of performing [=user verification=], [=iteration/continue=]. | ||
| 1. [=set/Append=] |authenticator| to |selectedAuthenticators|. | ||
| 1. [=set/For each=] |authenticator| that becomes available on this platform within the overall |
There was a problem hiding this comment.
Offhand, I'm thinking that the "Start a timer for adjustedTimeout milliseconds", that is set down below in this alg, would come up to around this here step, which would then define "overall lifetime". but perhaps that's something to wait to incorp in the resolution of issue #613.
index.bs
Outdated
| 1. Let |authenticator| be a platform-specific handle whose value identifies an [=authenticator=]. | ||
|
|
||
| 1. For each |authenticator| currently available on this platform, perform the following steps: | ||
| 1. For each |authenticator| that becomes available on this platform within the overall lifetime of |
There was a problem hiding this comment.
ditto here wrt "Start a timer for adjustedTimeout milliseconds" being done here.
There was a problem hiding this comment.
LGTM. it's fine to merge this now as it seems to not interfere with #498.
jcjones
force-pushed
the
574-hotplugging
branch
from
cf04b29
to
5f2dd9b
Compare
|
This "improves" issue #613. |
|
would be good to get at least one other review on this by someone(s) other than @jcjones and myself before we merge! |
|
The PR looks nominally ok given it is one step toward the right direction. I have the same question as @equalsJeffH about whether we think the PR is good enough to address hot-plugged authenticator before CR. If so, I encourage us to think about what error should be thrown if there is only one authenticator connected via NFC and the user moves the authenticator in the middle. AbortError seems like a reasonable candidate here. Developers can act based on the error to ask the user to put the authenticator back on again. |
index.bs
Outdated
| 1. If |currentlyAvailableAuthenticators| [=list/is empty=], return a {{DOMException}} whose name is | ||
| "{{NotFoundError}}", and terminate this algorithm. | ||
| Issue: The definitions of "lifetime of" and "becomes available" are intended to represent how | ||
| devices are hotplugged into browsers, and are under-specified. Resolving this with good definitions |
There was a problem hiding this comment.
If we intend to address what hotplug is after CR, I'd recommend giving an example such as NFC which people relate to more.
index.bs
Outdated
| @@ -682,30 +682,25 @@ When this method is invoked, the user agent MUST execute the following algorithm | |||
|
|
|||
| 1. Let |clientDataHash| be the [=hash of the serialized client data=] represented by |clientDataJSON|. | |||
|
|
|||
| 1. Let |currentlyAvailableAuthenticators| be a new [=ordered set=] consisting of all [=authenticators=] | |||
| currently available on this platform. | |||
| 1. Let |lifetimeTimer| be a timer for |adjustedTimeout| milliseconds. | |||
There was a problem hiding this comment.
Do we need to add a new name? We can just change adjustedTimeout to lifetimeTimer.
Note: this is more of a nitpick. Feel free to merge the PR without changing the adjustedTimeout naming.
This is an incomplete fix; a full fix is intended to be handled in Issue w3c#613. This reorders the Create and Get operations to indicate that the algorithms for interacting with devices should be applied as devices are hotplugged / arrive. It does not specify what happens when devices are removed, nor does it use precise language. I'm not sure what language would be appropriate in this world, so this patch is just to make things "better" not "correct". Resolve @equalsJeffH's comments: 1. Define |lifetimeTimer| and make it available to the line that starts the hotplugging 2. Use the |lifetimeTimer| for references later in those algorithms to reduce confusion 3. Reword the Notes 4. Change the Notes to Issues
jcjones
force-pushed
the
574-hotplugging
branch
from
3f52c80
to
df88d55
Compare
|
Thanks for the review, @AngeloKai. I've made both sets of corrections. Assuming it passes bikeshed, I think it's ready to merge - maybe with one last look by @equalsJeffH ? |
index.bs
Outdated
| <dl class="switch"> | ||
|
|
||
| : If the |adjustedTimeout| timer expires, | ||
| : If the |lifetimeTimer| timer expires, |
There was a problem hiding this comment.
s/If the |lifetimeTimer| timer/If |lifetimeTimer|/
index.bs
Outdated
| 1. [=While=] |issuedRequests| [=list/is not empty=], perform the following actions depending upon the |adjustedTimeout| timer | ||
| and responses from the authenticators: | ||
| 1. [=While=] |issuedRequests| [=list/is not empty=], perform the following actions depending upon the | ||
| |lifetimeTimer| timer and responses from the authenticators: |
There was a problem hiding this comment.
s/the |lifetimeTimer| timer/|lifetimeTimer|/
index.bs
Outdated
| these [=tasks=] is the [=dom manipulation task source=]. | ||
|
|
||
| 1. While |issuedRequests| [=list/is not empty=], perform the following actions depending upon the |adjustedTimeout| timer | ||
| 1. While |issuedRequests| [=list/is not empty=], perform the following actions depending upon the |lifetimeTimer| timer |
There was a problem hiding this comment.
s/the |lifetimeTimer| timer/|lifetimeTimer|/
index.bs
Outdated
| and responses from the authenticators: | ||
|
|
||
| <dl class="switch"> | ||
|
|
||
| : If the |adjustedTimeout| timer expires, | ||
| : If the |lifetimeTimer| timer expires, |
There was a problem hiding this comment.
s/If the |lifetimeTimer| timer/If |lifetimeTimer|/
|
re-reviewed, thanks! |
This is an incomplete fix; a full fix is intended to be handled [by the resolution to] Issue #613.
This reorders [a portion of the guts of] the Create and Get operations to
indicate that the algorithms for
interacting with devices should be applied as devices are hotplugged / arrive.
It does not specify what happens when devices are removed, nor does it use
precise language. I'm not sure what language would be appropriate in this world,
so this patch is just to make things "better" not "correct".
Preview | Diff