Restructuring pass of core spec information (IDP and Browser APIs) #424
Conversation
There was a problem hiding this comment.
Thanks for working on this! I think I don't love the placement of the dictionaries because there is no context on how they'd be used. I think they belong better closer to where they were. It might still be ok to have the order of the sections swapped if that is your preference, although that will mean the dictionaries are defined after they are used in the processing model.
|
|
||
| The Sign-up and Sign-in APIs are used by the [=RP=]s to ask the browser |
There was a problem hiding this comment.
There are no Sign-up and Sign-in APIs (and this is explained in the Note below), so perhaps remove lines 274 - 279?
| dictionary IdentityProviderClientMetadata { | ||
| USVString privacy_policy_url; | ||
| USVString terms_of_service_url; | ||
| dictionary IdentityProviderWellKnown { |
There was a problem hiding this comment.
The location of these dictionaries seems off to me. There is no context for these definitions
There was a problem hiding this comment.
unifying convo here: #424 (comment)
| <xmp class="idl"> | ||
| dictionary IdentityProviderToken { | ||
| required USVString token; | ||
| dictionary IdentityProviderAccount { |
There was a problem hiding this comment.
unifying convo here: #424 (comment)
spec/index.bs
Outdated
|
|
||
| TODO: add an ASCII image to explain how the states fit into the algorithms. | ||
| Issue: Displaying an account chooser displaying all of the provided options should not be included normatively |
There was a problem hiding this comment.
As I has mentioned on the proposal, I don't understand why this is an issue, can you elaborate?
There was a problem hiding this comment.
Generally we shouldn't dictate that particular UI get displayed because a browser could obtain user choice can be rendered in multiple ways... e.g. advance configuration, an "always use this account" checkbox, or defaulting to choose the only account if only one is available.
This spec has to toe a fine line between requiring some user consent/information without dictating UI/UX choices. and I am just pointing out that this is probably over that line IMO
There was a problem hiding this comment.
There is a lot going on in this PR and I'm a bit worried that it is going to be hard to determine / review what's just moving things around vs new text that we are introducing. For example, I missed this entirely, and if it weren't for npm double checking this would've probably slipped through. I don't know what the merits are of this specific point here being discussed, but a bit of a meta point is that I think it would be useful to try to make some of the moves so that we can easily tell (by looking at the diff) that we are keeping the normative algorithms / interfaces / etc intact without having to look at every single LOC.
I don't know if that's possible, but just wanted to throw it out there in this review that I worry about the scope of this PR.
| <!-- ============================================================ --> | ||
| ## The <code>\[[DiscoverFromExternalSource]](origin, options, sameOriginWithAncestors)</code> internal method ## {#browser-api-rp-sign-in} | ||
| ## Manifest ## {#idp-api-manifest} |
There was a problem hiding this comment.
nit: we should rename this to Config
spec/index.bs
Outdated
| :: A random number of the choice of the [=RP=]. It is generally used to associate a client | ||
| session with a {{IdentityProviderToken/token}} and to mitigate replay attacks. Therefore, this value should have | ||
| sufficient entropy such that it would be hard to guess. | ||
| The file is parsed expecting a {{IdentityProviderWellKnown}} JSON object with the following semantics: |
There was a problem hiding this comment.
Since this is where IdentityProviderWellKnown is explained, I would add the IDL here. WDYT? Similar for the rest. These are just dictionaries explaning how the IDP files should be structured, so I think it is OK in a non-normative section.
There was a problem hiding this comment.
unifying convo here: #424 (comment)
Maybe. I don't mind having the definition apart from its use. My concern is that the IDL definitions are normative. They describe the JSON structure required and expected. So I'd really like them to be in a normative section. |
I don't know about those IDL definitions being normative here. They are describing the expected format of the JSON file from IDP and are helpful as dictonaries because we can just quote them in the algorithm, but they are not really webexposed in the IDL sense so I think that those would be fine in the non-normative section. Perhaps we can keep them where they are (although preference to move them to before their first use, and that does not seem to be their location right now) but add intro paragraphs to explain what we're defining? Right now there is no context to those IDLs |
|
They end up being normative in a few ways. For one, Although I definitely agree, there could be more context for their definition. I just put them in the list of defined algorithms after their first use, which seemed to be the convention followed in that section. |
If you mean the algorithms then yea I think that makes sense? For dictionaries, it should be easier and clearer to explain what they are and define them before they are used in the algorithms. |
I mean to say that the algorithms and dictionaries are serving the same purpose here: to precisely specify what is required of an implementer in digestible pieces. The dictionary's IDL serves the purpose of defining the requirements of the structure (including the details of de-serializing it). So perhaps both would benefit from being explained more clearly.
Maybe? But in the Browser API section you only really need to know how they are used, not what they are and why. If the reader is confused by what the semantics of the values are, they can use bikeshed links like this to navigate around for more context. Alternatively, this would be a great avenue for editorial improvement to the Introduction- especially giving context to some of those typograms at the end. |
|
Ok, I think I'm ok with this. We should rebase though since there are merge conflicts. I also left some other comments but they can be resolved in a separate PR since this is mainly just reordering things. |
|
Okay, I think I have resolved merge conflicts well. Sounds good! |
There was a problem hiding this comment.
I went through this PR and am a bit worried that it is hard for me to be confident that we are keeping the normative parts intact (I'm assuming that was the intent?). because we changed the orders of the sections (which sounds right to me), between the browser API and the IDP HTTP API, the diff is hard to parse for errors. I don't feel strongly about this, because we can just look more manually for copying/pasting errors, but if you can think of ways to make the move a bit easier to detect for errors, that'd be great.
spec/index.bs
Outdated
|
|
||
| TODO: add an ASCII image to explain how the states fit into the algorithms. | ||
| Issue: Displaying an account chooser displaying all of the provided options should not be included normatively |
There was a problem hiding this comment.
There is a lot going on in this PR and I'm a bit worried that it is going to be hard to determine / review what's just moving things around vs new text that we are introducing. For example, I missed this entirely, and if it weren't for npm double checking this would've probably slipped through. I don't know what the merits are of this specific point here being discussed, but a bit of a meta point is that I think it would be useful to try to make some of the moves so that we can easily tell (by looking at the diff) that we are keeping the normative algorithms / interfaces / etc intact without having to look at every single LOC.
I don't know if that's possible, but just wanted to throw it out there in this review that I worry about the scope of this PR.
It is 100% my intent that normative parts of the spec remain intent. I agree that the Diffs are rather difficult to read. The rendered diff makes it a little easier, but not too much. Let my try splitting it across a few commits to see if they are piecemeal more readable. |
bvandersloot-mozilla
force-pushed
the
main
branch
from
359ebbf to
666226b
Compare
|
So I split it into 6 commits and left out the Issue that seemed controversial. Only the first commit (1fe4569) is still hard to read. However if you check it out and do the diff with |
There was a problem hiding this comment.
So I split it into 6 commits and left out the Issue that seemed controversial.
This indeed helped review the patch. I did check manually the first commit and couldn't find anything else missing.
I'm going to merge this since (a) this is a good restructuring that is going to help going forward, (b) the intent is to keep it purely non-normative, so in case we do find that this caused normative changes we can look at this history here to see where things may have lost, (c) there are other PRs that depend on this and (d) I think future PRs are going to be more incremental than this.
| 1. A [[#idp-api-manifest]] endpoint in an agreed upon location that points to | ||
| 1. An [[#idp-api-accounts-endpoint]] endpoint | ||
| 1. A [[#idp-api-client-id-metadata-endpoint]] endpoint | ||
| 1. An [[#idp-api-id-assertion-endpoint]] endpoint | ||
|
|
||
|
|
||
| The [=IDP=] must also host a file at the ".well-known/web-identity" path of its [=registrable domain=] that has JSON contents that are convertable to an {{IdentityProviderWellKnown}} object. |
There was a problem hiding this comment.
We are losing this non-normative text here about the location of the ".well-known/web-identity" file. We are keeping the normative section, so, not a substantative change, but seemed worth noting that this is going to be lost in your move here.
) SHA: 10c8d09 Reason: push, by samuelgoto Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…3c-fedid#424) SHA: 10c8d09 Reason: push, by pull[bot] Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…3c-fedid#424) SHA: 10c8d09 Reason: push, by bvandersloot-mozilla Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
…3c-fedid#424) SHA: 10c8d09 Reason: push, by bvandersloot-mozilla Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
This should improve the clarity of these central sections of the spec and call out a few shortcomings
This should address the following issues from Issue #416: 7-9, 12, 13, 15. This leaves only 16 & 19 from issue #416 remaining.
Preview | Diff