Skip to content

GitLab

T
tangled
Commit 627f32ed authored by benwells@chromium.org's avatar benwells@chromium.org
Browse files
Options

Add best practice tip to identity API launchWebAuthFlow. 

The tip is to suggest auth flows are initiated from app UI explaining
why. Without this, if a signed out user launches an app that immediately
initiates an interactive auth session, the first thing the user sees is
a chrome signin screen.

BUG=372279

Review URL: https://codereview.chromium.org/273423005

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@269963 0039d316-1c4b-4281-b951-d872f2087c98
parent ec38b18a
Hide whitespace changes
Inline Side-by-side
Showing with 7 additions and 0 deletions
chrome/common/extensions/api/identity.idl
View file @ 627f32ed
...@@ -87,6 +87,13 @@ namespace identity { ...@@ -87,6 +87,13 @@ namespace identity {
// window will close, and the final redirect URL will be passed to // window will close, and the final redirect URL will be passed to
// the <var>callback</var> function. // the <var>callback</var> function.
// //
// For a good user experience it is important interactive auth flows are
// initiated by UI in your app explaining what the authorization is for.
// Failing to do this will cause your users to get authorization requests
// - or even Chrome sign in screens if they are not signed in - with
// no context. In particular, do not launch an interactive auth flow when
// your app is first launched.
//
// |details| : WebAuth flow options. // |details| : WebAuth flow options.
// |callback| : Called with the URL redirected back to your application. // |callback| : Called with the URL redirected back to your application.
static void launchWebAuthFlow(WebAuthFlowDetails details, static void launchWebAuthFlow(WebAuthFlowDetails details,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment