-
Notifications
You must be signed in to change notification settings - Fork 172
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix #574 - Change language for Create and Get to support hotplugging #655
Conversation
d176e5b
to
25a4428
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this looks nominally OK. is it enough to do this for WD-07 and resolve issue #613 for CR (since at least one implementation presently handles this anyway) ?
index.bs
Outdated
|
||
Note: The definitions of "overall lifetime" and "becomes available" are intended to represent how | ||
devices are hotplugged into browsers, and are under-specified. Resolving this with good definitions | ||
or some other means will be handled in [Issue #613](https://github.com/w3c/webauthn/issues/613). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
pedantic nit: s/handled in/addressed by resolving/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ditto wrt "Issue:"
index.bs
Outdated
"{{ConstraintError}}", and terminate this algoritm. | ||
Note: The definitions of "overall lifetime" and "becomes available" are intended to represent how | ||
devices are hotplugged into browsers, and are under-specified. Resolving this with good definitions | ||
or some other means will be handled in [Issue #613](https://github.com/w3c/webauthn/issues/613). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
pedantic nit: s/handled in/addressed by resolving/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
also, rather than a "Note:", perhaps should use "Issue:" here ?
index.bs
Outdated
1. If {{AuthenticatorSelectionCriteria/requireUserVerification}} is set to |true| and the | ||
|authenticator| is not capable of performing [=user verification=], [=iteration/continue=]. | ||
1. [=set/Append=] |authenticator| to |selectedAuthenticators|. | ||
1. [=set/For each=] |authenticator| that becomes available on this platform within the overall |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Offhand, I'm thinking that the "Start a timer for adjustedTimeout milliseconds", that is set down below in this alg, would come up to around this here step, which would then define "overall lifetime". but perhaps that's something to wait to incorp in the resolution of issue #613.
index.bs
Outdated
1. Let |authenticator| be a platform-specific handle whose value identifies an [=authenticator=]. | ||
|
||
1. For each |authenticator| currently available on this platform, perform the following steps: | ||
1. For each |authenticator| that becomes available on this platform within the overall lifetime of |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ditto here wrt "Start a timer for adjustedTimeout milliseconds" being done here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. it's fine to merge this now as it seems to not interfere with #498.
cf04b29
to
5f2dd9b
Compare
This "improves" issue #613. |
would be good to get at least one other review on this by someone(s) other than @jcjones and myself before we merge! |
The PR looks nominally ok given it is one step toward the right direction. I have the same question as @equalsJeffH about whether we think the PR is good enough to address hot-plugged authenticator before CR. If so, I encourage us to think about what error should be thrown if there is only one authenticator connected via NFC and the user moves the authenticator in the middle. AbortError seems like a reasonable candidate here. Developers can act based on the error to ask the user to put the authenticator back on again. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Assuming this is just the beginning of addressing hot-plugged authenticator, I will approve this.
index.bs
Outdated
1. If |currentlyAvailableAuthenticators| [=list/is empty=], return a {{DOMException}} whose name is | ||
"{{NotFoundError}}", and terminate this algorithm. | ||
Issue: The definitions of "lifetime of" and "becomes available" are intended to represent how | ||
devices are hotplugged into browsers, and are under-specified. Resolving this with good definitions |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we intend to address what hotplug is after CR, I'd recommend giving an example such as NFC which people relate to more.
index.bs
Outdated
@@ -682,30 +682,25 @@ When this method is invoked, the user agent MUST execute the following algorithm | |||
|
|||
1. Let |clientDataHash| be the [=hash of the serialized client data=] represented by |clientDataJSON|. | |||
|
|||
1. Let |currentlyAvailableAuthenticators| be a new [=ordered set=] consisting of all [=authenticators=] | |||
currently available on this platform. | |||
1. Let |lifetimeTimer| be a timer for |adjustedTimeout| milliseconds. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need to add a new name? We can just change adjustedTimeout to lifetimeTimer.
Note: this is more of a nitpick. Feel free to merge the PR without changing the adjustedTimeout naming.
This is an incomplete fix; a full fix is intended to be handled in Issue w3c#613. This reorders the Create and Get operations to indicate that the algorithms for interacting with devices should be applied as devices are hotplugged / arrive. It does not specify what happens when devices are removed, nor does it use precise language. I'm not sure what language would be appropriate in this world, so this patch is just to make things "better" not "correct". Resolve @equalsJeffH's comments: 1. Define |lifetimeTimer| and make it available to the line that starts the hotplugging 2. Use the |lifetimeTimer| for references later in those algorithms to reduce confusion 3. Reword the Notes 4. Change the Notes to Issues
3f52c80
to
df88d55
Compare
Thanks for the review, @AngeloKai. I've made both sets of corrections. Assuming it passes bikeshed, I think it's ready to merge - maybe with one last look by @equalsJeffH ? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
a few pedantic, and optional, nits. otherwise LGTM.
index.bs
Outdated
<dl class="switch"> | ||
|
||
: If the |adjustedTimeout| timer expires, | ||
: If the |lifetimeTimer| timer expires, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/If the |lifetimeTimer| timer/If |lifetimeTimer|/
index.bs
Outdated
1. [=While=] |issuedRequests| [=list/is not empty=], perform the following actions depending upon the |adjustedTimeout| timer | ||
and responses from the authenticators: | ||
1. [=While=] |issuedRequests| [=list/is not empty=], perform the following actions depending upon the | ||
|lifetimeTimer| timer and responses from the authenticators: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/the |lifetimeTimer| timer/|lifetimeTimer|/
index.bs
Outdated
these [=tasks=] is the [=dom manipulation task source=]. | ||
|
||
1. While |issuedRequests| [=list/is not empty=], perform the following actions depending upon the |adjustedTimeout| timer | ||
1. While |issuedRequests| [=list/is not empty=], perform the following actions depending upon the |lifetimeTimer| timer |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/the |lifetimeTimer| timer/|lifetimeTimer|/
index.bs
Outdated
and responses from the authenticators: | ||
|
||
<dl class="switch"> | ||
|
||
: If the |adjustedTimeout| timer expires, | ||
: If the |lifetimeTimer| timer expires, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/If the |lifetimeTimer| timer/If |lifetimeTimer|/
re-reviewed, thanks! |
This is an incomplete fix; a full fix is intended to be handled [by the resolution to] Issue #613.
This reorders [a portion of the guts of] the Create and Get operations to
indicate that the algorithms for
interacting with devices should be applied as devices are hotplugged / arrive.
It does not specify what happens when devices are removed, nor does it use
precise language. I'm not sure what language would be appropriate in this world,
so this patch is just to make things "better" not "correct".
Preview | Diff