search

w3c-fedid / FedCM

A privacy preserving identity exchange Web API
https://w3c-fedid.github.io/FedCM/
Other
375 stars 72 forks source link

Finalize naming for the IDP sign-in status API #430

Closed cbiesinger closed 1 year ago

cbiesinger commented 1 year ago

https://github.com/fedidcg/FedCM/blob/main/proposals/idp-sign-in-status-api.md

We currently use these names:

IdP-SignIn-Status: action=signin
IdP-SignIn-Status: action=signout-all

interface IdentityProvider {
  static void login();
  static void logout();
}

We should make sure these are the names we want to use. I believe @bvandersloot-mozilla / @martinthomson had thoughts on this.

bvandersloot-mozilla commented 1 year ago

Alternative proposal, leaving the headers alone but altering the Javascript version.

IdP-SignIn-Status: action=signin
IdP-SignIn-Status: action=signout-all
interface IdentityProvider {
  static void recordSignIn(IdentityProviderSignInOptions? options);
  static void recordSignOut(IdentityProviderSignOutOptions? options);
}

dictionary IdentityProviderSignInOptions {
};

dictionary IdentityProviderSignOutOptions {
};

Three changes:

  1. prepend record to the function names to make clear that this is not inducing the browser to perform actions, but is instead mutating some internal state about the provider in the browser.
  2. unify on Sign In rather than splitting on log in and sign in.
  3. Add a nullable options arguments that are initially empty to allow extensions.
cbiesinger commented 1 year ago

Thanks! That basically sounds good.

I don't think we need the empty dictionaries; we can just add them when needed, right? Adding a new optional parameter is generally backwards compatible.

Also, just to confirm, does that match what Martin wanted (since he talked about this in that meeting)?