Thursday, January 17, 2008

ID Selector Selector

Is the Kevin Miller's Firefox extension an identity selector selector? I think that it is and was from the beginning (November 2006). When it was first released it was an identity selector selector that allowed one identity selector (CardSpace). Then Chuck Mortimore in December 2006 packaged his Firefox identity selector so that it was usable with the identity selector selector. Now the selector selector had something to select.

If you want to use e.g. DigitalMe with the identity selector selector than all you need to do is wrap it into a XPCOM component that follows Kevin's API.

Here is the current javascript interface:

Xmldapidentityselector.prototype = {

GetBrowserToken: function (
issuer , recipientURL, requiredClaims, optionalClaims ,
tokenType, privacyPolicy, privacyPolicyVersion,
serverCert, issuerPolicy ) {

All parameter are simple types except serverCert which is a nsIX509Cert. This could be a string too should somebody insist...

Calling the XPCOM component looks something like this:

var obj = null;
try {
var cidClass = Components.classes[cid];
if (cidClass != undefined) {
obj = cidClass.createInstance();
obj = obj.QueryInterface(Components.interfaces.IIdentitySelector);
} else {
IdentitySelector.reportError("onCallIdentitySelector", "the class " + cid + " is not installed");
catch (e) {
IdentitySelector.throwError( "onCallIdentitySelector:", e);

/* Make the call to the selector */
identObject.targetElem.token = obj.GetBrowserToken(
data.issuer ,
data.issuerPolicy );

Here is the current interface definition:

interface IIdentitySelector : nsISupports
void About();
string GetBrowserToken(in wstring issuerUri, in wstring recipientUrl,
in wstring requiredClaims, in wstring optionalClaims,
in wstring tokenType, in wstring privacyPolicy,
in long privacyPolicyVersion ,
in nsIX509Cert certificate, in wstring issuerPolicy );
string GetVersion();

readonly attribute wstring errorstring;
readonly attribute long errornumber;


This identity selector selector is not outside a browser; but... who cares!

No comments: