Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

create() and get() return an algorithm, not a credential #1984

Open
emlun opened this issue Oct 4, 2023 · 1 comment
Open

create() and get() return an algorithm, not a credential #1984

emlun opened this issue Oct 4, 2023 · 1 comment
Assignees
@emlun @nsatragno
Labels
type:editorial
Milestone
L3-WD-02

Comments

@emlun
Copy link
Member

emlun commented Oct 4, 2023
edited
Loading

Both §5.1.3. Create a New Credential and §5.1.4. Use an Existing Credential to Make an Assertion currently resolve with:

If any authenticator indicates success,
[...]
3. Let constructCredentialAlg be an algorithm that takes a global object global, and whose steps are:
[...]
5. Return constructCredentialAlg and terminate this algorithm.

If any authenticator indicates success,
[...]
5. Let constructAssertionAlg be an algorithm that takes a global object global, and whose steps are:
[...]
7. Return constructAssertionAlg and terminate this algorithm.

So what's returned is just the procedure for how to create the PublicKeyCredential result, not the result itself.

Proposed Change

It seems like these final steps should instead read:

  1. Let global be the [=relevant global object=], as determined by the calling {{CredentialsContainer/create()}} implementation. Return constructCredentialAlg(global) and terminate this algorithm.
@emlun emlun self-assigned this Oct 25, 2023
@nadalin nadalin added this to the L3-WD-02 milestone Oct 25, 2023
@emlun
Copy link
Member Author

emlun commented Nov 15, 2023

Hm, it looks like this is the way it's supposed to be for create at least:

https://w3c.github.io/webappsec-credential-management/#algorithm-create-cred

When creating a Credential, it will return an algorithm that takes a global object and returns an interface object inheriting from Credential. This algorithm MUST be invoked from a task.

I can't find any similar language for get, though. And I'm a bit confused, because it seems like §2.5.4. Create a Credential can accept either a Credential (step 2 below) or an algorithm that produces a Credential (steps 3-4):

  1. Let r be the result of executing interfaces[0]'s [[Create]](origin, options, sameOriginWithAncestors) internal method on origin, options, and sameOriginWithAncestors.

    If that threw an exception: [...]

  2. If r is a Credential or null, resolve p with r, and terminate these substeps.

  3. Assert: r is an algorithm (as defined in § 2.2.1.4 [[Create]] internal method).

  4. Queue a task on global’s DOM manipulation task source to run the following substeps:

    1. Resolve p with the result of promise-calling r given global.

But I guess that means we could leave create() as is? But we still need to fix the language for get()?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@emlun emlun

@nsatragno nsatragno

Labels
type:editorial
Projects
None yet
Milestone
L3-WD-02
Development

No branches or pull requests
3 participants
@emlun @nsatragno @nadalin