Proposing SignOnUI::removeIdentityData() D-Bus API
5 views
Skip to first unread message
Alberto Mardegan
Apr 22, 2013, 2:35:39 AM4/22/13
to accounts-...@googlegroups.com
Hi all,
the implementation of signon-ui in Ubuntu desktop uses a QWebView with
a custom cookie jar: we keep a cookie jar per identity, so that when the
same identity is asked to be reauthenticated we can often skip the login
page. For Ubuntu Touch (tablets and phones) we are experimenting with
QQuick's WebView, which is based on WebKit2. Due to restrictions on the
QtWebKit API, we are launching the WebView in another process, with a
$HOME variable which depends on the identity: in that way we prevent
sharing of data among the different WebViews.
Either way, it's becoming obvious that this data which signon-ui is
storing (maybe indirectly) for each identity should be removed when the
identity is deleted or even when the Identity::signOut() method is called.
Therefore I'm proposing we add a "removeIdentityData(u)" method to the
signon-ui D-Bus API. I will make it so that signond does not panic if
calling this method fails, so it should be able to run even with a
signon-ui which doesn't implement it.
If I don't hear different opinions, I'll assume that all is good. :-)
Ciao,
Alberto
--
http://blog.mardy.it <- geek in un lingua international!
the implementation of signon-ui in Ubuntu desktop uses a QWebView with
a custom cookie jar: we keep a cookie jar per identity, so that when the
same identity is asked to be reauthenticated we can often skip the login
page. For Ubuntu Touch (tablets and phones) we are experimenting with
QQuick's WebView, which is based on WebKit2. Due to restrictions on the
QtWebKit API, we are launching the WebView in another process, with a
$HOME variable which depends on the identity: in that way we prevent
sharing of data among the different WebViews.
Either way, it's becoming obvious that this data which signon-ui is
storing (maybe indirectly) for each identity should be removed when the
identity is deleted or even when the Identity::signOut() method is called.
Therefore I'm proposing we add a "removeIdentityData(u)" method to the
signon-ui D-Bus API. I will make it so that signond does not panic if
calling this method fails, so it should be able to run even with a
signon-ui which doesn't implement it.
If I don't hear different opinions, I'll assume that all is good. :-)
Ciao,
Alberto
--
http://blog.mardy.it <- geek in un lingua international!
Alberto Mardegan
Apr 24, 2013, 5:05:48 AM4/24/13
to accounts-...@googlegroups.com
On 04/22/2013 09:35 AM, Alberto Mardegan wrote:
> Either way, it's becoming obvious that this data which signon-ui is
> storing (maybe indirectly) for each identity should be removed when the
> identity is deleted or even when the Identity::signOut() method is called.
> Therefore I'm proposing we add a "removeIdentityData(u)" method to the
> signon-ui D-Bus API. I will make it so that signond does not panic if
> calling this method fails, so it should be able to run even with a
> signon-ui which doesn't implement it.
Here is the proposed implementation in signond (please review):
> Either way, it's becoming obvious that this data which signon-ui is
> storing (maybe indirectly) for each identity should be removed when the
> identity is deleted or even when the Identity::signOut() method is called.
> Therefore I'm proposing we add a "removeIdentityData(u)" method to the
> signon-ui D-Bus API. I will make it so that signond does not panic if
> calling this method fails, so it should be able to run even with a
> signon-ui which doesn't implement it.
http://code.google.com/p/accounts-sso/source/list?repo=signond&name=signon-ui-remove-id
For reference, here's the implementation in Ubuntu's signon-ui:
https://code.launchpad.net/~mardy/signon-ui/remove-identity-data/+merge/160568
Reply all
Reply to author
Forward
0 new messages