[OpenID] Auth Request display param question

Phil Hunt phil.hunt at oracle.com
Wed Mar 2 23:03:26 UTC 2016 

Wasn’t it a way to pass a value to the user interface to give a justification for the request for personal information and/or authentication?

Phil

@independentid
www.independentid.com <http://www.independentid.com/>phil.hunt at oracle.com <mailto:phil.hunt at oracle.com>





> On Mar 2, 2016, at 2:37 PM, John Bradley <ve7jtb at ve7jtb.com> wrote:
> 
> I recall it was a early requirement from Facebook and JainRain.
> 
> There was a popup extension for openID 2.
> http://svn.openid.net/repos/specifications/user_interface/1.0/trunk/openid-user-interface-extension-1_0.html <http://svn.openid.net/repos/specifications/user_interface/1.0/trunk/openid-user-interface-extension-1_0.html>
> 
> I suspect that anyone using the popup extension from openid 2 kept using the popup dimensions.
> 
> On looking at the parameter  in the Connect Core specification it is underspecified on it’s own.
> 
> JainRain and some others were using it.  I don’t know if there has been any real demand for it in Connect. 
> That is probably why no one has pointed it out prior to this.
> 
> It should be fleshed out in a profile.
> 
> John B.
> 
>> On Mar 2, 2016, at 7:17 PM, Cal Heldenbrand <cal at fbsdata.com <mailto:cal at fbsdata.com>> wrote:
>> 
>> Hmm, yeah you're right, now that I think about it.  There is no way to window.open() a popup from the Provider without nuking the browser's current window.  If your main authentication page is a responsive view, then the display parameter probably doesn't matter.  But maybe it's for those that might want to have a stateful knowledge before rendering the DOM that it's going to be a small view?
>> 
>> 
>> ---------------------------------------------------------------
>> Cal Heldenbrand
>>    Web Operations at FBS
>>    Creators of flexmls <http://flexmls.com/>® and Spark Platform <http://sparkplatform.com/>
>>    cal at fbsdata.com <mailto:cal at fbsdata.com>
>> On Wed, Mar 2, 2016 at 3:09 PM, Paul Hethmon <paul.hethmon at clareitysecurity.com <mailto:paul.hethmon at clareitysecurity.com>> wrote:
>> So I can see that, but that would require the RP to create that pop-up window, not the OP.
>> 
>> At the end of the day, if they reach my OP, they’ll get my login screen in a browser window (with prompt=popup), which still qualifies as meeting specification since its a SHOULD. But I hate not understanding the meaning or use case.
>> 
>> Paul
>> 
>>> On Mar 2, 2016, at 4:04 PM, Cal Heldenbrand <cal at fbsdata.com <mailto:cal at fbsdata.com>> wrote:
>>> 
>>> I believe that's for an AJAX request in a popup window.  (or maybe a modal dialog?)  
>>> 
>>> 
>>> ---------------------------------------------------------------
>>> Cal Heldenbrand
>>>    Web Operations at FBS
>>>    Creators of flexmls <http://flexmls.com/>® and Spark Platform <http://sparkplatform.com/>
>>>    cal at fbsdata.com <mailto:cal at fbsdata.com>
>>> On Wed, Mar 2, 2016 at 2:48 PM, Paul Hethmon <paul.hethmon at clareitysecurity.com <mailto:paul.hethmon at clareitysecurity.com>> wrote:
>>> In section 3.1.2.1 of Core, it details the 4 options for the “display” parameter. While the 4 options are clear enough, I don’t get the intent of having “page” vs “popup”. If the client has been redirected to the OP for authentication, there’s a full browser window sitting there, so why ask the OP to popup something over that? I haven’t found any archived discussion or blogs on the subject and feel I must totally be missing the point here.
>>> 
>>> Discussion here or a pointer to something is greatly appreciated.
>>> 
>>> thanks,
>>> 
>>> Paul
>>> 
>>> -----
>>> Paul Hethmon
>>> Chief Software Architect
>>> paul.hethmon at clareitysecurity.com <mailto:paul.hethmon at clareitysecurity.com>
>>> 
>>> 
>>> _______________________________________________
>>> general mailing list
>>> general at lists.openid.net <mailto:general at lists.openid.net>
>>> http://lists.openid.net/mailman/listinfo/openid-general <http://lists.openid.net/mailman/listinfo/openid-general>
>>> 
>> 
>> -----
>> Paul Hethmon
>> Chief Software Architect
>> paul.hethmon at clareitysecurity.com <mailto:paul.hethmon at clareitysecurity.com>
>> 
>> 
>> 
>> _______________________________________________
>> general mailing list
>> general at lists.openid.net <mailto:general at lists.openid.net>
>> http://lists.openid.net/mailman/listinfo/openid-general
> 
> _______________________________________________
> general mailing list
> general at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-general

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20160302/65582e78/attachment.html>

More information about the general mailing list