[OpenID] Auth Request display param question

Cal Heldenbrand cal at fbsdata.com
Wed Mar 2 22:17:52 UTC 2016 

Hmm, yeah you're right, now that I think about it.  There is no way to
window.open() a popup from the Provider without nuking the browser's
current window.  If your main authentication page is a responsive view,
then the display parameter probably doesn't matter.  But maybe it's for
those that might want to have a stateful knowledge before rendering the DOM
that it's going to be a small view?


---------------------------------------------------------------
Cal Heldenbrand
   Web Operations at FBS
   Creators of flexmls <http://flexmls.com>® and Spark Platform
<http://sparkplatform.com>
   cal at fbsdata.com

On Wed, Mar 2, 2016 at 3:09 PM, Paul Hethmon <
paul.hethmon at clareitysecurity.com> wrote:

> So I can see that, but that would require the RP to create that pop-up
> window, not the OP.
>
> At the end of the day, if they reach my OP, they’ll get my login screen in
> a browser window (with prompt=popup), which still qualifies as meeting
> specification since its a SHOULD. But I hate not understanding the meaning
> or use case.
>
> Paul
>
> On Mar 2, 2016, at 4:04 PM, Cal Heldenbrand <cal at fbsdata.com> wrote:
>
> I believe that's for an AJAX request in a popup window.  (or maybe a modal
> dialog?)
>
>
> ---------------------------------------------------------------
> Cal Heldenbrand
>    Web Operations at FBS
>    Creators of flexmls <http://flexmls.com/>® and Spark Platform
> <http://sparkplatform.com/>
>    cal at fbsdata.com
>
> On Wed, Mar 2, 2016 at 2:48 PM, Paul Hethmon <
> paul.hethmon at clareitysecurity.com> wrote:
>
>> In section 3.1.2.1 of Core, it details the 4 options for the “display”
>> parameter. While the 4 options are clear enough, I don’t get the intent of
>> having “page” vs “popup”. If the client has been redirected to the OP for
>> authentication, there’s a full browser window sitting there, so why ask the
>> OP to popup something over that? I haven’t found any archived discussion or
>> blogs on the subject and feel I must totally be missing the point here.
>>
>> Discussion here or a pointer to something is greatly appreciated.
>>
>> thanks,
>>
>> Paul
>>
>> -----
>> Paul Hethmon
>> Chief Software Architect
>> paul.hethmon at clareitysecurity.com
>>
>>
>> _______________________________________________
>> general mailing list
>> general at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-general
>>
>
>
> -----
> Paul Hethmon
> Chief Software Architect
> paul.hethmon at clareitysecurity.com
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20160302/0bb728d0/attachment.html>

More information about the general mailing list