emlun
commented
11 months ago Hm, it looks like this is the way it's supposed to be for create at least:
https://w3c.github.io/webappsec-credential-management/#algorithm-create-cred
When creating a Credential, it will return an algorithm that takes a global object and returns an interface object inheriting from Credential. This algorithm MUST be invoked from a task.
I can't find any similar language for get, though. And I'm a bit confused, because it seems like §2.5.4. Create a Credential can accept either a Credential (step 2 below) or an algorithm that produces a Credential (steps 3-4):
Let r be the result of executing interfaces[0]'s [[Create]](origin, options, sameOriginWithAncestors) internal method on origin, options, and sameOriginWithAncestors.
If that threw an exception: [...]
If r is a Credential or null, resolve p with r, and terminate these substeps.
Assert: r is an algorithm (as defined in § 2.2.1.4 [[Create]] internal method).
Queue a task on global’s DOM manipulation task source to run the following substeps:
- Resolve p with the result of promise-calling r given global.
But I guess that means we could leave create() as is? But we still need to fix the language for get()?
Both §5.1.3. Create a New Credential and §5.1.4. Use an Existing Credential to Make an Assertion currently resolve with:
So what's returned is just the procedure for how to create the
PublicKeyCredentialresult, not the result itself.Proposed Change
It seems like these final steps should instead read: