Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ambiguous definition for IdP errors #14

Open
dontcallmedom opened this issue Jul 26, 2017 · 1 comment
Open

Ambiguous definition for IdP errors #14

dontcallmedom opened this issue Jul 26, 2017 · 1 comment
Assignees
@martinthomson

Comments

@dontcallmedom
Copy link
Member

Initially raised by @soareschen at w3c/webrtc-pc#1511

In the last step of 9.3 Requesting Identity Assertions:

If assertion generation fails, then the promise for the corresponding function call is rejected with a newly created OperationError.

This is not consistent with several other sections.

  • Section 9.5 IdP Error Handling suggests that IdP-related failures would cause the corresponding method to reject with RTCError.

  • In createOffer and createAnswer, any error from identity assertion request process would cause it to reject with NotReadableError.

Section 9.5 also do not distinguish well of which error is returned by the IdP proxy callback, vs which error is returned by the RTCPeerConnection methods. For example:

  • If login is required, the IdP proxy's generateAssertion() should reject with RTCError('idp-need-login'). But is the rejection from the corresponding getIdentityAssertion() an RTCError('idp-need-login'), RTCError('idp-execution-failure'), or OperationError? It also doesn't make sense for validateAssertion() to throw such error.

  • It seems that RTCError('idp-token-expired') and RTCError('idp-token-invalid') are to be thrown by an IdP proxy's validateAssertion(). So these errors have to be propogated to the corresponding RTCPeerConnection methods so that applications can know the failure reasons? It also doesn't make sense for generateAssertion() to throw such error.

  • It seems that errors such as RTCError('idp-load-failure'), RTCError('idp-bad-script-failure') are to be returned only by the corresponding RTCPeerConnection methods. What happen if an IdP proxy return such RTCErrors in generateAssertion() and validateAssertion()? Do those errors get propogated up to the corresponding RTCPeerConnection methods, or do they get swallowed and converted into generic RTCError('idp-execution-failure')?

  • It is not clear whether attributes such as idpErrorInfo and idpLoginUrl get to propogate from IdP proxy back to the error results of RTCPeerConnection methods. Or do these attributes only accessible through pc.idpErrorInfo and pc.idpLoginUrl? Can a generic Error object having custom idpErrorInfo be propogated, or does it have to be RTCError thrown by the IdP proxy?

Some of the failure do not have defined error type. For example 9.4.9 says:

  1. The RTCPeerConnection validates that the domain portion of the identity matches the domain of the IdP as described in [RTCWEB-SECURITY-ARCH]. If this check fails then the identity validation fails.

If identity validation fails and there is a target peer identity for the RTCPeerConnection, the promise returned by setRemoteDescription MUST be rejected with the same DOMException.

So it's not clear if in such as do setRemoteDescription get rejected with OperationError?

I think the error sections can be rewritten with more concise definitions by separating them into multiple phases. And for each kind of failure, the specific type of error should be mentioned in the same step.
@dontcallmedom
Copy link
Member Author

Comment by @fluffy

@martinthomson - have a look at this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@martinthomson martinthomson

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@martinthomson @dontcallmedom