[Bug 33485] Provide an interface for CMs that provide password storage

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Tue Feb 15 21:26:33 CET 2011 

https://bugs.freedesktop.org/show_bug.cgi?id=33485

--- Comment #3 from Will Thompson <will.thompson at collabora.co.uk> 2011-02-15 12:26:32 PST ---
Looks functionally good. Various formatting/documentation nitpicks, basically:

+        <p>A list of the Accounts stored in this connection manager, and flags
+          indicating their status.</p>

an a{sv} is not what i'd normally describe as a list. maybe set?

+    <method name="RemoveAccount" tp:name-for-bindings="Remove_Account">
+      <tp:docstring>
+        <p>Removes an account from the connection manager's internal
+          storage.</p>
+      </tp:docstring>

I guess this includes removing its credentials? I think it'd be good to spell
out exactly how ForgetCredentials and RemoveAccount differ.

+    <tp:docstring xmlns="http://www.w3.org/1999/xhtml">
+      <p>An interface for Accounts whose passwords are stored externally and
+        should not be stored by the client.</p>
+    </tp:docstring>

Which client? I think it's worth saying explicitly that neither the Account
Manager, nor any ServerAuthentication handler, should store the credentials.

+        <p>If this property is false, the client should not attempt to cache
the
+          authentication response in its own keyring.</p>

<code>False</code>

+
+        <p>If this property is not specified, it should be treated as if it
were
+          true.</p>

<code>True</code>

+        more complex than a simple password prompt (e.g.  X-TELEPATHY-PASSWORD
+        or PLAIN).</p>

<code> or <tt> around the mechanisms plz.

+    <method name="StoreCredentials" tp:name-for-bindings="Store_Credentials">
+      <arg direction="in" name="Store" type="b">
+        <tp:docstring>
+          Whether to store the authentication credentials.
+        </tp:docstring>
+      </arg>
+      <tp:docstring xmlns="http://www.w3.org/1999/xhtml">
+        <p>This method tells the connection manager whether to store the
+          authentication response in order to allow the connection manager to
+          sign-on automatically in the future.</p>

When should the handler call this method? Should it call it before or after
providing the password? Just before calling Close? (Allowing it to be called
after authentication has succeeded would allow the “remember your password?”
prompt only to be shown when the password's known to be correct.)

-- 
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.

More information about the telepathy-bugs mailing list