Decide how to handle signin dialog closure for the IDP signin status API

[cbiesinger]

The IDP signin status API expects to show a IDP signin dialog popup of some kind. The question is how to close this dialog once the user is done.

We can not close this dialog once we receive this header because the signin flow may not be done yet -- there may be interstitials such as verifying your phone number is up-to-date, etc.

Options:

• Call window.close(). However, in general, window.close() only works on popups opened by JavaScript. We need to investigate whether we can enable it for this popup
• Provide a new API (maybe IdentityProvider.signInFlowFinished()) to be called when sign-in is done
• Provide a “special” URL scheme; when this URL is loaded in the popup, this is used as a signal. For example, we could provide fedcm://idp-signin-finished, and this could be used as the redirect URL.
• No special API, just show a text to the user “Please close this page”

[cbiesinger]

Interested in any thoughts on these options. (@bvandersloot-mozilla maybe?)

[bvandersloot-mozilla]

I was imagining the IDP to get a Promise when it calls IDP.login() that resolves when the user closes the dialog. Then it is the IDP's responsibility to close it, presumably with window.close(). Or is this a different signin dialog?

[cbiesinger]

I'm not sure that's workable... 1) that does not work if the IDP uses the header, and 2) I think that login flows will typically be across multiple pages

[cbiesinger]

Sorry, I misunderstood. Yes that will work, if we make window.close() work for this dialog

[tttzach]

We have introduced IdentityProvider.close() for this purpose. Closing for now.