FxA timelines and you
fabrice at mozilla.com
Thu Oct 17 08:48:45 PDT 2013
On 10/17/2013 05:34 AM, Fernando Jiménez Moreno wrote:
> On 17/10/2013, at 06:28, Fabrice Desré <fabrice at mozilla.com> wrote:
>> The nav.id implementation is "kind of" remoted, in the sense that it
>> works oop, but it relies on the security UI in b2g that spawns a new
>> process to load network resources. That's very suboptimal, and in no way
>> can we add yet another process for FxA (eg.
>> looks very nice, but will likely not work well). This thing will blow up
>> with no rescue team on target devices currently deployed.
> I think there might be a general confusion about Persona vs FxA implementations in FxOS.
> You are describing the implementation of a Persona flow. The FxA flow, even if it will use the same API (with a few tweaks) it's going to be a bit different and it won't open the Trusted UI or use any remotely hosted content.
The diagram at
is not about persona, it shows the FxA app as a standalone app using IAC.
> Lloyd wrote a few words about the proposed architecture at  and . But basically, in a few words, the big picture of the FxA flow would be something like:
> 1- A RP with a FxA <meta> or a FxA manifest field (still to be discussed) requests a login via nav.id.request() API.
> 2- The nsIDOMIdentity component handle this request and notice the <meta> or manifest bits, so it takes the FxA path.
> 3- A "fxacct-login" or similar system message is sent to content and handled by the FxA app (OOP certified app).
> 4- The FxA app communicates with the FxA service via its own REST API and does all the Persona magic to finally get a Persona assertion that is delivered to the RP via the usual nav.id callbacks.
How does that magic part work? Is this still using the current setup
with a dedicated process? If so, you have : the FxA app, the nav.id oop
frame, and probably the oop keyboard at some point (oh, and the
homescreen and cost control apps are still trying to not be killed also).
More information about the Sync-dev