diff --git a/webrtc.html b/webrtc.html index f39411e25..d8bb8a6ee 100644 --- a/webrtc.html +++ b/webrtc.html @@ -66,13 +66,7 @@

Introduction

This specification defines conformance criteria that apply to a single product: the user agent that implements the interfaces that it - contains with the exception of the RTCIdentityProvider - interface which is used by the - user agent but not implemented by the user agent.

- -

It also defines conformance criteria for identity providers which provide - implementations of the RTCIdentityProvider - interface.

+ contains.

Conformance requirements phrased as algorithms or specific steps may be implemented in any manner, so long as the end result is equivalent. (In @@ -6103,7 +6097,7 @@

Instantiating an IdP Proxy

Registering an IdP Proxy

An IdP proxy implements the RTCIdentityProvider - callback interface, which is the means by which the user agent is able to + methods, which are the means by which the user agent is able to request that an identity assertion be generated or validated.

Once instantiated, the IdP script is executed. The IdP MUST call the @@ -6117,70 +6111,82 @@

Registering an IdP Proxy

void register(RTCIdentityProvider idp)

This method is invoked by the IdP when its script is first - executed. This registers an instance of - RTCIdentityProvider with the user agent.

+ executed. This registers + RTCIdentityProvider methods with the user + agent.

Interface Exposed by Identity Providers

-

The RTCIdentityProvider interface is exposed by identity - providers and is called by RTCPeerConnection to acquire or - validate identity assertions.

+

The callback functions in RTCIdentityProvider are + exposed by identity providers and is called + by RTCPeerConnection to acquire or validate identity + assertions.

-
-
Promise<RTCIdentityAssertionResult> - generateAssertion(DOMString contents, DOMString origin, - optional DOMString usernameHint)
+
+
required GenerateAssertionCallback generateAssertion

A user agent invokes this method on the IdP to request the generation of an identity assertion.

-

The contents parameter includes the information that the - user agent wants covered by the identity assertion. A successful - validation of the provided assertion MUST produce this string.

- -

The origin parameter identifies the origin of the - RTCPeerConnection that triggered this request. - An IdP can use this information as input to policy decisions about - use. This value is generated by the user agent based on the - origin of the document that created - the RTCPeerConnection and therefore can be trusted to - be correct.

- -

The IdP selects the identity to assert. The optional - usernameHint parameter is the same value that was passed to - setIdentityProvider.

-

The IdP provides a promise that resolves to an RTCIdentityAssertionResult to successfully generate an identity assertion. Any other value, or a rejected promise, is treated as an error.

-
Promise<RTCIdentityValidationResult> - validateAssertion(DOMString assertion, DOMString origin)
+
required ValidateAssertionCallback validateAssertion

A user agent invokes this method on the IdP to request the validation of an identity assertion.

-

The assertion parameter includes the assertion that was +

The IdP returns a Promise that resolves to an + RTCIdentityValidationResult to successfully + validate an identity assertion and to provide the actual identity. + Any other value, or a rejected promise, is treated as an error.

+
+
+ +
+
DOMString contents
+
The contents parameter includes the information that the + user agent wants covered by the identity assertion. A successful + validation of the provided assertion MUST produce this string.
+ +
DOMString origin
+
The origin parameter identifies the origin of the + RTCPeerConnection that triggered this request. + An IdP can use this information as input to policy decisions about + use. This value is generated by the user agent based on the + origin of the document that created + the RTCPeerConnection and therefore can be trusted to + be correct.
+ +
optional DOMString usernameHint
+
The IdP selects the identity to assert. The optional + usernameHint parameter is the same value that was passed to + setIdentityProvider.
+
+ +
+
DOMString assertion
+
The assertion parameter includes the assertion that was recovered from an a=identity in the session description; that is, the value that was part of the RTCIdentityAssertionResult provided by the IdP - that generated the assertion.

+ that generated the assertion.
-

The origin parameter identifies the origin of the +

DOMString origin
+
The origin parameter identifies the origin of the RTCPeerConnection that triggered this request. An IdP can use this information as input to policy decisions about - use.

- -

The IdP returns a Promise that resolves to an - RTCIdentityValidationResult to successfully - validate an identity assertion and to provide the actual identity. - Any other value, or a rejected promise, is treated as an error.

-
+ use.
@@ -6259,7 +6265,7 @@

Requesting Identity

  • The RTCPeerConnection invokes the generateAssertion - method on the RTCIdentityProvider instance + method on the RTCIdentityProvider methods registered by the IdP.

    The RTCPeerConnection generates the @@ -6394,8 +6400,7 @@

    Verifying Identity Assertions

  • The RTCPeerConnection invokes the validateAssertion - method on the RTCIdentityProvider instance - registered by the IdP.

    + method registered by the IdP.

    The assertion parameter is taken from the decoded identity assertion. The origin parameter contains the