admin管理员组

文章数量:1356554

I suppose this question is three questions. I have a IdP and RP setup in a lab for FedCM.

My navigator.credentials.get(...) call looks like:

navigator.credentials.get({
 identity: {
    context: "use",
    providers: [{
      fields: ["email"],
      configURL: `https://${idpOrigin}/fedcm.json`,
      clientId,
    }],
    mode: "active",
  }
})

I return a { "token": "dummy-token" } for the id_assertion endpoint which at the browser becomes an IdentityCredential via navigator.credentials.get() that looks like:

// IdentityCredential
{
  id: "",
  isAutoSelected: false,
  token: "dummy-id-token",
  type: "identity"
}

I'm trying to determine:

  1. Should I expect id to be something that isn't ""?
  2. Is there any capability or intention in the platform to specify the format of token?
  3. I understand fields specified in the navigator.credentials.get(options) are passed to the IdP, but are they only used by the user agent to display the disclosure text?

For bonus points, I noticed on Chrome 134 in active mode, the first account from the accounts endpoint pre-selected by default following the initial successful login. This forces user with multiple accounts to click back on the native UI. Everything else being equal in passive mode, the list of accounts shows on the top-right native UI overlay initially. I'm assuming this is a bug?

FYI: I'm testing with Chrome 134 on Windows 11 and a Pixel 6 Pro on Android 15.

本文标签:

版权声明:本文标题:google chrome - FedCM, are there token formats, what is "id" in the returned IdentityCredential and how are fi 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1743991612a2572246.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。