Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Specify multiple configURLs #667

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Specify multiple configURLs #667

Changes from 2 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
09a43d2
Specify multiple configURLs
cbiesinger Oct 28, 2024
06cd209
Address comments from TallTed
cbiesinger Oct 29, 2024
6d44639
don't return within the fetch handler
cbiesinger Oct 30, 2024
6183adb
skip fetch if same-site
cbiesinger Oct 30, 2024
a530862
wellknown
cbiesinger Oct 31, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
128 changes: 71 additions & 57 deletions spec/index.bs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -930,59 +930,48 @@ or failure.
1. Set |rootUrl|'s [=url/scheme=] to |configUrl|'s [=url/scheme=].
1. Set |rootUrl|'s [=url/host=] to |configUrl|'s [=url/host=]'s [=host/registrable domain=].
1. Set |rootUrl|'s [=url/path=] to the <a>list</a> «".well-known", "web-identity"».
1. Let |config|, |configInWellKnown| both be null.
1. Let |config|, |discovery|, |accounts_url|, and |login_url| be null.
1. Let |rpOrigin| be |globalObject|'s [=associated Document=]'s [=Document/origin=].
1. If |rpOrigin| is not an [=opaque origin=], and |rootUrl|'s [=url/host=] is equal
to |rpOrigin|'s [=host/registrable domain=], and |rootUrl|'s [=url/scheme=] is
equal to |rpOrigin|'s [=origin/scheme=], set |configInWellKnown| to true.
1. Let |wellKnownRequest| be a new [=/request=] as follows:

Note: Because domain cookies are valid across an entire site, there is no privacy
benefit from doing the well-known check if the RP and IDP are in the same site.
1. Otherwise:
1. Let |wellKnownRequest| be a new [=/request=] as follows:

: [=request/URL=]
:: |rootUrl|
: [=request/client=]
:: null
: [=request/window=]
:: "no-window"
: [=request/service-workers mode=]
:: "none"
: [=request/destination=]
:: "webidentity"
: [=request/origin=]
:: a unique [=opaque origin=]
: [=request/header list=]
:: a [=list=] containing a single [=header=] with [=header/name=] set to `Accept` and
[=header/value=] set to `application/json`
: [=request/referrer policy=]
:: "no-referrer"
: [=request/credentials mode=]
:: "omit"
: [=request/mode=]
:: "no-cors"

Issue: The spec is yet to be updated so that all <a spec=fetch for=/>requests</a> are created
with [=request/mode=] set to "user-agent-no-cors". See the relevant
[pull request](https://github.com/whatwg/fetch/pull/1533) for details.

1. [=Fetch request=] with |wellKnownRequest| and |globalObject|, and with <var ignore>processResponseConsumeBody</var>
set to the following steps given a <a spec=fetch for=/>response</a> |response| and |responseBody|:
1. Let |json| be the result of [=extract the JSON fetch response=] from |response| and
|responseBody|.
1. [=converted to an IDL value|Convert=] |json| to an {{IdentityProviderWellKnown}},
|discovery|.
1. If one of the previous two steps threw an exception, or if the
[=list/size=] of |discovery|["{{IdentityProviderWellKnown/provider_urls}}"] is
greater than 1, set |configInWellKnown| to false.

Issue: [relax](https://github.com/fedidcg/FedCM/issues/333) the size of the
provider_urls array.

1. Otherwise, set to |configInWellKnown| to true if
|discovery|["{{IdentityProviderWellKnown/provider_urls}}"][0] [=string/is=] equal to
|provider|'s {{IdentityProviderConfig/configURL}}, and to false otherwise.
: [=request/URL=]
:: |rootUrl|
: [=request/client=]
:: null
: [=request/window=]
:: "no-window"
: [=request/service-workers mode=]
:: "none"
: [=request/destination=]
:: "webidentity"
: [=request/origin=]
:: a unique [=opaque origin=]
: [=request/header list=]
:: a [=list=] containing a single [=header=] with [=header/name=] set to `Accept` and
[=header/value=] set to `application/json`
: [=request/referrer policy=]
:: "no-referrer"
: [=request/credentials mode=]
:: "omit"
: [=request/mode=]
:: "no-cors"

Issue: The spec is yet to be updated so that all <a spec=fetch for=/>requests</a> are created
with [=request/mode=] set to "user-agent-no-cors". See the relevant
[pull request](https://github.com/whatwg/fetch/pull/1533) for details.

1. [=Fetch request=] with |wellKnownRequest| and |globalObject|, and with <var ignore>processResponseConsumeBody</var>
set to the following steps, given a <a spec=fetch for=/>response</a> |response| and |responseBody|:
1. Let |json| be the result of [=extract the JSON fetch response=] from |response| and
|responseBody|.
1. Set |discovery| to the result of [=converted to an IDL value|converting=] |json|
cbiesinger marked this conversation as resolved.
Show resolved Hide resolved
to an {{IdentityProviderWellKnown}}.
1. If one of the previous two steps threw an exception, or if the
[=list/size=] of |discovery|["{{IdentityProviderWellKnown/provider_urls}}"] is
greater than 1, set |discovery| to null.

Issue: [relax](https://github.com/fedidcg/FedCM/issues/333) the size of the
provider_urls array.

1. Let |configRequest| be a new <a spec=fetch for=/>request</a> as follows:

Expand Down Expand Up @@ -1021,11 +1010,34 @@ or failure.
1. [=converted to an IDL value|Convert=] |json| to an {{IdentityProviderAPIConfig}} stored
in |config|.
1. If one of the previous two steps threw an exception, set |config| to failure.
1. Set |config|.{{IdentityProviderAPIConfig/login_url}} to the result of [=computing
the manifest URL=] with |provider|, |config| and |globalObject|.
1. If |config|.{{IdentityProviderAPIConfig/login_url}} is null, return failure.
1. Wait for both |config| and |configInWellKnown| to be set.
1. If |configInWellKnown| is true, return |config|. Otherwise, return failure.
1. Set |login_url| to the result of [=computing the manifest URL=] with |provider|,
|config|.{{IdentityProviderAPIConfig/login_url}}, and |globalObject|.
1. Set |accounts_url| to the result of [=computing the manifest URL=] with |provider|,
|config|.{{IdentityProviderAPIConfig/accounts_endpoint}}, and |globalObject|.
1. If |login_url| or |accounts_url| is failure, return failure.
npm1 marked this conversation as resolved.
Show resolved Hide resolved
1. Wait for both |config| and |discovery| to be set.
1. If |discovery| is null, return failure.
1. If |rpOrigin| is not an [=opaque origin=], and |rootUrl|'s [=url/host=] is equal
npm1 marked this conversation as resolved.
Show resolved Hide resolved
to |rpOrigin|'s [=host/registrable domain=], and |rootUrl|'s [=url/scheme=] is
equal to |rpOrigin|'s [=origin/scheme=], return |config|.

Note: Because domain cookies are valid across an entire site, there is no privacy
benefit from doing the well-known check if the RP and IDP are in the same site.
1. If |discovery|.{{IdentityProviderWellKnown/accounts_endpoint}} and
|discovery|.{{IdentityProviderWellKnown/login_url}} are set:
1. Let |well_known_accounts_url| be the result of [=computing the manifest URL=] with
|provider|, |discovery|.{{IdentityProviderWellKnown/accounts_endpoint}},
and |globalObject|.
1. Let |well_known_login_url| be the result of [=computing the manifest URL=] with |provider|,
|discovery|.{{IdentityProviderWellKnown/login_url}}, and |globalObject|.
1. If |well_known_accounts_url| is not [=url/equal=] to |accounts_url|, return failure.
1. If |well_known_login_url| is not [=url/equal=] to |login_url|, return failure.
1. Otherwise:
1. Let |allowed_config_url| be the result of [=computing the manifest URL=] with |provider|,
|discovery|.{{IdentityProviderWellKnown/provider_urls}}[0], and |globalObject|.
1. If |allowed_config_url| is not [=url/equal=] to |configUrl|, return failure.
1. Return |config|.

</div>

NOTE: a two-tier file system is used in order to prevent the [=IDP=] from easily determining the [=RP=]
Expand All @@ -1038,7 +1050,9 @@ path manipulation to fingerprint (for instance, by including the RP in the path)

<xmp class="idl">
dictionary IdentityProviderWellKnown {
required sequence<USVString> provider_urls;
sequence<USVString> provider_urls;
USVString accounts_endpoint;
USVString login_url;
};

dictionary IdentityProviderIcon {
Expand Down
Loading