FxA timelines and you
Fernando Jiménez Moreno
ferjmoreno at gmail.com
Thu Oct 17 05:34:56 PDT 2013
On 17/10/2013, at 06:28, Fabrice Desré <fabrice at mozilla.com> wrote:
> The nav.id implementation is "kind of" remoted, in the sense that it
> works oop, but it relies on the security UI in b2g that spawns a new
> process to load network resources. That's very suboptimal, and in no way
> can we add yet another process for FxA (eg.
> looks very nice, but will likely not work well). This thing will blow up
> with no rescue team on target devices currently deployed.
I think there might be a general confusion about Persona vs FxA implementations in FxOS.
You are describing the implementation of a Persona flow. The FxA flow, even if it will use the same API (with a few tweaks) it's going to be a bit different and it won't open the Trusted UI or use any remotely hosted content.
Lloyd wrote a few words about the proposed architecture at  and . But basically, in a few words, the big picture of the FxA flow would be something like:
1- A RP with a FxA <meta> or a FxA manifest field (still to be discussed) requests a login via nav.id.request() API.
2- The nsIDOMIdentity component handle this request and notice the <meta> or manifest bits, so it takes the FxA path.
3- A "fxacct-login" or similar system message is sent to content and handled by the FxA app (OOP certified app).
4- The FxA app communicates with the FxA service via its own REST API and does all the Persona magic to finally get a Persona assertion that is delivered to the RP via the usual nav.id callbacks.
That's for the RP side. The special cases of FTU and Settings are different, but basically there will be a communication between the FxA app, the System app and these apps (FTU and Settings) via the IAC API . I'll be glad to elaborate more on this if needed, but it feels like Lloyd already wrote a very good description :).
More information about the Sync-dev