[step2] Re: OpenID Popup Extension - Draft 0
Allen Tom
atom at yahoo-inc.com
Mon Feb 16 01:10:43 UTC 2009
Breno wrote:
>
> Ok. In the interest of expediency, we could at this point define only
> ui.mode=popup which is extensible in principle without introducing any
> new other use cases at the present.
>
OK, let's just agree that mode=popup implies 450x500, and there may be
other modes defined in the future.
Will this work for your mobile users? The puffypoodles example looks
good on my iphone, so I'm thinking that we'll just use mode=popup for
desktop browsers and for advanced smartphones.
>
> I agree that we shouldn't have too much going on simultaneously with
> the popup. However, it may prove useful for the RP to provide some
> context "before the popup opens and the RP screen goes dim".
We can add some text that describes this, however I'm not sure if this
is really necessary, and could just make the overall experience heavier
and wordier.
>
>
>
>
>> Should we also cover the case where the parent window is closed
>> before authentication is completed?
>>
> Ah, I hadn't thought of this case.
>
>
> This can be addressed as follows:
>
> When the user completes the authentication and is returned at the RP,
> the RP should proceed as follows:
>
> Check if window.opener.location is defined and within its realm. If
> so, it should close the popup after ensure that all side-effects (set
> cookies, etc) that follow the login operation have completed.
>
> If window.opener.location is not defined, not accessible (attempt to
> read it throws a security exception, for instance) or not recognized
> to be part of the RP's site, then the RP should try to load its normal
> landing page for full-page redirects.
>
Sounds good!
Allen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-user-experience/attachments/20090215/a05e0c3e/attachment-0002.htm>
More information about the user-experience
mailing list