Add hasEnrolledInstrument()

w3c · marcoscaceres · May 3, 2019 · Feb 8, 2019 · Feb 8, 2019 · Feb 8, 2019
commit 2f6bb15cd743ba86909744ed2a0e3e21ba455970
@@ -1300,20 +1300,71 @@ <h2>
         <h2>
           <dfn>canMakePayment()</dfn> method
         </h2>
-        <p class="note">
-          The <a>canMakePayment()</a> method can be used by the developer to
-          determine if the <a>PaymentRequest</a> object can be used to make a
-          payment, before they call <a>show()</a>. It returns a <a>Promise</a>
-          that will be fulfilled with true if the <a>user agent</a> supports
-          any of the desired <a>payment methods</a> supplied to the
-          <a>PaymentRequest</a> constructor, and false if none are supported.
-          If the method is called too often, the user agent might instead
-          return <a>a promise rejected with</a> a "<a>NotAllowedError</a>"
-          <a>DOMException</a>, at its discretion.
-        </p>
+        <div class="note">
+          <p>
+            The <a>canMakePayment()</a> method can be used by the developer to
+            determine if the <a>PaymentRequest</a> object can be used to make a
+            payment, before they call <a>show()</a>. It returns a <a>Promise</a>
+            that will be fulfilled with true if the <a>user agent</a> supports
+            any of the desired <a>payment methods</a> supplied to the
+            <a>PaymentRequest</a> constructor, and false if none are supported.
+          </p>
+          <p>
+            A true result from <a>canMakePayment()</a> does not imply that the
+            user has an provisioned instrument ready for payment. For that, use
+            <a>hasEnrolledInstrument()</a> instead.
+          </p>
+        </div>
         <p data-tests="payment-request-canmakepayment-method.https.html">
           The <a>canMakePayment()</a> method MUST act as follows:
         </p>
+        <ol class="algorithm">
+          <li>Let <var>request</var> be the <a>PaymentRequest</a> object on
+          which the method was called.
+          </li>
+          <li>If <var>request</var>.<a>[[\state]]</a> is not "<a>created</a>",
+          then return <a>a promise rejected with</a> an
+          "<a>InvalidStateError</a>" <a>DOMException</a>.
+          </li>
+          <li>Let <var>hasHandlerPromise</var> be <a>a new promise</a>.
+          </li>
+          <li>Return <var>hasHandlerPromise</var>, and perform the remaining
+          steps <a>in parallel</a>.
+          </li>
+          <li>For each <var>paymentMethod</var> tuple in
+          <var>request</var>.<a>[[\serializedMethodData]]</a>:
+            <ol>
+              <li>Let <var>identifier</var> be the first element in the
+              <var>paymentMethod</var> tuple.
+              </li>
+              <li>If the user agent has a <a>payment handler</a> that support
+              handling payment requests for <var>identifier</var>, or if it can
+              perform just-in-time installation of a suitable payment handler,
+              resolve <var>hasHandlerPromise</var> with true and terminate this
+              algorithm.
+              </li>
+            </ol>
+          </li>
+          <li>Resolve <var>hasHandlerPromise</var> with false.
+          </li>
+        </ol>
+      </section>
+      <section data-dfn-for="PaymentRequest" data-link-for="PaymentRequest">
+        <h2>
+          <dfn>hasEnrolledInstrument()</dfn> method
+        </h2>
+        <p class="note">
+          The <a>hasEnrolledInstrument()</a> method can be used by the developer
+          to determine if the <a>user agent</a> not only has support for one of
+          the desired <a>payment methods</a> but is also "ready for payment", (
+          e.g. when showing a "buy now" button). If the method is called too
+          often, the user agent might instead return <a>a promise rejected
+          with </a> a "<a>NotAllowedError</a>" <a>DOMException</a>, at its
+          discretion.
+        </p>
+        <p data-tests="payment-request-hasenrolledinstrument-method.https.html">
+          The <a>hasEnrolledInstrument()</a> method MUST act as follows:
+        </p>
         <ol class="algorithm">
           <li>Let <var>request</var> be the <a>PaymentRequest</a> object on
           which the method was called.
@@ -1323,40 +1374,66 @@ <h2>
           "<a>InvalidStateError</a>" <a>DOMException</a>.
           </li>
           <li data-tests=
-          "payment-request/payment-request-canmakepayment-method-protection.https.html">
+          "payment-request/payment-request-hasenrolledinstrument-method-protection.https.html">
           Optionally, at the <a>top-level browsing context</a>'s discretion,
           return <a>a promise rejected with</a> a "<a>NotAllowedError</a>" <a>
-            DOMException</a>.
+          DOMException</a>.
             <p class="note" data-link-for="PaymentRequest">
               This allows user agents to apply heuristics to detect and prevent
-              abuse of the <a>canMakePayment()</a> method for fingerprinting
-              purposes, such as creating <a>PaymentRequest</a> objects with a
-              variety of supported <a>payment methods</a> and calling
-              <a>canMakePayment()</a> on them one after the other. For example,
-              a user agent may restrict the number of successful calls that can
-              be made based on the <a>top-level browsing context</a> or the
-              time period in which those calls were made.
+              abuse of the <a>hasEnrolledInstrument()</a> method for
+              fingerprinting purposes, such as creating <a>PaymentRequest</a>
+              objects with a variety of supported <a>payment methods</a> and
+              calling <a>hasEnrolledInstrument()</a> on them one after the
+              other. For example, a user agent may restrict the number of
+              successful calls that can be made based on the <a>top-level
+              browsing context</a> or the time period in which those calls were
+              made.
             </p>
           </li>
-          <li>Let <var>hasHandlerPromise</var> be <a>a new promise</a>.
+          <li>Let <var>promise</var> be <a>a new promise</a>.
           </li>
-          <li>Return <var>hasHandlerPromise</var>, and perform the remaining
-          steps <a>in parallel</a>.
+          <li>Return <var>promise</var> and perform the remaining steps <a>in
+          parallel</a>.
           </li>
           <li>For each <var>paymentMethod</var> tuple in
           <var>request</var>.<a>[[\serializedMethodData]]</a>:
             <ol>
               <li>Let <var>identifier</var> be the first element in the
               <var>paymentMethod</var> tuple.
               </li>
-              <li>If there user agent has a <a>payment handler</a> that support
-              handling payment requests for <var>identifier</var>, resolve
-              <var>hasHandlerPromise</var> with true and terminate this
+              <li>Let <var>data</var> be the result of <a data-cite=
+              "ECMASCRIPT#sec-json.parse">JSON-parsing</a> the second element
+              in the <var>paymentMethod</var> tuple.
+              </li>
+              <li>If required by the specification that defines the
+              <var>identifier</var>, then <a data-cite=
+              "WEBIDL#dfn-convert-ecmascript-to-idl-value">convert</a>
+              <var>data</var> to an IDL value. Otherwise, <a data-cite=
+              "WEBIDL#dfn-convert-ecmascript-to-idl-value">convert</a> to
+              <a data-cite="WEBIDL#idl-object">object</a>.
+              </li>
+              <li>If conversion results in an <a data-cite=
+              "WEBIDL#dfn-exception">exception</a> <var>error</var>, reject
+              <var>promise</var> with <var>error</var> and terminate this
               algorithm.
               </li>
+              <li>Let <var>handlers</var> be a <a>list</a> of registered
+              <a>payment handlers</a> that are authorized and can handle
+              payment request for <var>identifier</var>.
+              </li>
+              <li>For each <var>handler</var> in <var>handlers</var>:
+                <ol>
+                  <li>Let <var>hasEnrolledInstrument</var> be the result of
+                  running <var>handler</var>'s <a>steps to check if a payment
+                  can be made</a> with <var>data</var>.
+                  </li>
+                  <li>If <var>hasEnrolledInstrument</var> is true, resolve
+                  <var>promise</var> with true, and return.
+                  </li>
+                </ol>
+              </li>
             </ol>
-          </li>
-          <li>Resolve <var>hasHandlerPromise</var> with false.
+          <li>Resolve <var>promise</var> with false.
           </li>
         </ol>
       </section>