From bb3031eaa60e3028c7cf77aa0ba892054e51a94f Mon Sep 17 00:00:00 2001
From: Yi Gu <yigu@chromium.org>
Date: Tue, 13 May 2025 06:46:28 -0700
Subject: [PATCH] [FedCM] Remove selective disclosure related logic
This feature isn't being actively worked on.
Bug: 40250484
Change-Id: I41369b647e1ced58ee63677589c7e66fb2454887
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6537107
Reviewed-by: Dave Tapuska <dtapuska@chromium.org>
Commit-Queue: Yi Gu <yigu@chromium.org>
Reviewed-by: Sam Goto <goto@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1459400}
---
chrome/browser/about_flags.cc | 5 ---
chrome/browser/flag-metadata.json | 5 ---
chrome/browser/flag_descriptions.cc | 5 ---
chrome/browser/flag_descriptions.h | 3 --
content/browser/webid/flags.cc | 4 --
content/browser/webid/flags.h | 3 --
content/child/runtime_features.cc | 2 -
content/public/common/content_features.cc | 6 ---
content/public/common/content_features.h | 1 -
.../bindings/generated_in_modules.gni | 4 --
.../renderer/bindings/idl_in_modules.gni | 2 -
.../identity_claim_requirement.idl | 21 -----------
.../identity_credential_request_options.idl | 2 -
.../identity_standard_claims.idl | 37 -------------------
.../platform/runtime_enabled_features.json5 | 6 ---
tools/metrics/histograms/enums.xml | 2 -
16 files changed, 108 deletions(-)
delete mode 100644 third_party/blink/renderer/modules/credentialmanagement/identity_claim_requirement.idl
delete mode 100644 third_party/blink/renderer/modules/credentialmanagement/identity_standard_claims.idl
diff --git a/chrome/browser/about_flags.cc b/chrome/browser/about_flags.cc
index 34fe48cad4813..9b6739a06eaa3 100644
--- a/chrome/browser/about_flags.cc
+++ b/chrome/browser/about_flags.cc
@@ -9111,11 +9111,6 @@ const FeatureEntry kFeatureEntries[] = {
flag_descriptions::kFedCmMultiIdpDescription, kOsAll,
FEATURE_VALUE_TYPE(features::kFedCmMultipleIdentityProviders)},
- {"fedcm-selective-disclosure",
- flag_descriptions::kFedCmSelectiveDisclosureName,
- flag_descriptions::kFedCmSelectiveDisclosureDescription, kOsAll,
- FEATURE_VALUE_TYPE(features::kFedCmSelectiveDisclosure)},
-
{"fedcm-show-filtered-accounts",
flag_descriptions::kFedCmShowFilteredAccountsName,
flag_descriptions::kFedCmShowFilteredAccountsDescription, kOsAll,
diff --git a/chrome/browser/flag-metadata.json b/chrome/browser/flag-metadata.json
index 7f849549eac58..136460105f46e 100644
--- a/chrome/browser/flag-metadata.json
+++ b/chrome/browser/flag-metadata.json
@@ -4878,11 +4878,6 @@
"owners": ["tanzachary@chromium.org", "web-identity-eng@google.com"],
"expiry_milestone": 145
},
- {
- "name": "fedcm-selective-disclosure",
- "owners": ["goto@chromium.org", "web-identity-eng@google.com"],
- "expiry_milestone": 140
- },
{
"name": "fedcm-show-filtered-accounts",
"owners": ["npm@chromium.org", "web-identity-eng@google.com"],
diff --git a/chrome/browser/flag_descriptions.cc b/chrome/browser/flag_descriptions.cc
index 73a1d5b2ad48f..9dc7d9f5bea24 100644
--- a/chrome/browser/flag_descriptions.cc
+++ b/chrome/browser/flag_descriptions.cc
@@ -2076,11 +2076,6 @@ const char kFedCmMultiIdpDescription[] =
"Allows the FedCM API to request multiple identity providers "
"simultaneously. Requires FedCM to be enabled as well.";
-const char kFedCmSelectiveDisclosureName[] = "FedCmSelectiveDisclosure";
-const char kFedCmSelectiveDisclosureDescription[] =
- "Allows a relying party to selectively request a set of identity "
- "attributes to be disclosed.";
-
const char kFedCmShowFilteredAccountsName[] = "FedCmShowFilteredAccounts";
const char kFedCmShowFilteredAccountsDescription[] =
"Allows the FedCM API to show filtered accounts greyed out.";
diff --git a/chrome/browser/flag_descriptions.h b/chrome/browser/flag_descriptions.h
index 7d58ce7e72b6a..6f4ca4afa1f24 100644
--- a/chrome/browser/flag_descriptions.h
+++ b/chrome/browser/flag_descriptions.h
@@ -1197,9 +1197,6 @@ extern const char kFedCmMultiIdpDescription[];
extern const char kFedCmQuietUiName[];
extern const char kFedCmQuietUiDescription[];
-extern const char kFedCmSelectiveDisclosureName[];
-extern const char kFedCmSelectiveDisclosureDescription[];
-
extern const char kFedCmShowFilteredAccountsName[];
extern const char kFedCmShowFilteredAccountsDescription[];
diff --git a/content/browser/webid/flags.cc b/content/browser/webid/flags.cc
index c40b8e51c681f..a5d50843d9d87 100644
--- a/content/browser/webid/flags.cc
+++ b/content/browser/webid/flags.cc
@@ -23,10 +23,6 @@ bool IsFedCmMetricsEndpointEnabled() {
return base::FeatureList::IsEnabled(features::kFedCmMetricsEndpoint);
}
-bool IsFedCmSelectiveDisclosureEnabled() {
- return base::FeatureList::IsEnabled(features::kFedCmSelectiveDisclosure);
-}
-
bool IsFedCmDelegationEnabled() {
return base::FeatureList::IsEnabled(features::kFedCmDelegation);
}
diff --git a/content/browser/webid/flags.h b/content/browser/webid/flags.h
index 6a1cf6f3581b7..8bc9da8ae7c05 100644
--- a/content/browser/webid/flags.h
+++ b/content/browser/webid/flags.h
@@ -17,9 +17,6 @@ bool IsFedCmMultipleIdentityProvidersEnabled();
// Whether metrics endpoint is enabled.
bool IsFedCmMetricsEndpointEnabled();
-// Whether the Selective Disclosure API is enabled.
-bool IsFedCmSelectiveDisclosureEnabled();
-
// Whether the Delegation API is enabled.
bool IsFedCmDelegationEnabled();
diff --git a/content/child/runtime_features.cc b/content/child/runtime_features.cc
index 78972aa508c55..873f4a0a1aa8e 100644
--- a/content/child/runtime_features.cc
+++ b/content/child/runtime_features.cc
@@ -221,8 +221,6 @@ void SetRuntimeFeaturesFromChromiumFeatures() {
{wf::EnableFedCmMultipleIdentityProviders,
raw_ref(features::kFedCmMultipleIdentityProviders),
kSetOnlyIfOverridden},
- {wf::EnableFedCmSelectiveDisclosure,
- raw_ref(features::kFedCmSelectiveDisclosure), kDefault},
{wf::EnableFencedFrames,
raw_ref(features::kPrivacySandboxAdsAPIsOverride),
kSetOnlyIfOverridden},
diff --git a/content/public/common/content_features.cc b/content/public/common/content_features.cc
index 193728e963933..e2446ed6c4cfe 100644
--- a/content/public/common/content_features.cc
+++ b/content/public/common/content_features.cc
@@ -433,12 +433,6 @@ BASE_FEATURE(kFedCmMultipleIdentityProviders,
"FedCmMultipleIdentityProviders",
base::FEATURE_ENABLED_BY_DEFAULT);
-// Enables usage of the FedCM API with the Selective Disclosure API at the same
-// time.
-BASE_FEATURE(kFedCmSelectiveDisclosure,
- "FedCmSelectiveDisclosure",
- base::FEATURE_DISABLED_BY_DEFAULT);
-
// Enables showing filtered out accounts in FedCM UI after the user attempts to
// login to an account. These accounts are shown greyed out.
BASE_FEATURE(kFedCmShowFilteredAccounts,
diff --git a/content/public/common/content_features.h b/content/public/common/content_features.h
index 415dae8418c25..1ba07e8e11d90 100644
--- a/content/public/common/content_features.h
+++ b/content/public/common/content_features.h
@@ -111,7 +111,6 @@ CONTENT_EXPORT BASE_DECLARE_FEATURE(kFedCmDelegation);
CONTENT_EXPORT BASE_DECLARE_FEATURE(kFedCmIdPRegistration);
CONTENT_EXPORT BASE_DECLARE_FEATURE(kFedCmMetricsEndpoint);
CONTENT_EXPORT BASE_DECLARE_FEATURE(kFedCmMultipleIdentityProviders);
-CONTENT_EXPORT BASE_DECLARE_FEATURE(kFedCmSelectiveDisclosure);
CONTENT_EXPORT BASE_DECLARE_FEATURE(kFedCmShowFilteredAccounts);
CONTENT_EXPORT BASE_DECLARE_FEATURE(kFedCmWithoutWellKnownEnforcement);
CONTENT_EXPORT BASE_DECLARE_FEATURE(kFedCmLightweightMode);
diff --git a/third_party/blink/renderer/bindings/generated_in_modules.gni b/third_party/blink/renderer/bindings/generated_in_modules.gni
index 89a2f93776f68..e01bb34616c52 100644
--- a/third_party/blink/renderer/bindings/generated_in_modules.gni
+++ b/third_party/blink/renderer/bindings/generated_in_modules.gni
@@ -630,8 +630,6 @@ generated_dictionary_sources_in_modules = [
"$root_gen_dir/third_party/blink/renderer/bindings/modules/v8/v8_idb_transaction_options.h",
"$root_gen_dir/third_party/blink/renderer/bindings/modules/v8/v8_idb_version_change_event_init.cc",
"$root_gen_dir/third_party/blink/renderer/bindings/modules/v8/v8_idb_version_change_event_init.h",
- "$root_gen_dir/third_party/blink/renderer/bindings/modules/v8/v8_identity_claim_requirement.cc",
- "$root_gen_dir/third_party/blink/renderer/bindings/modules/v8/v8_identity_claim_requirement.h",
"$root_gen_dir/third_party/blink/renderer/bindings/modules/v8/v8_identity_credential_error_init.cc",
"$root_gen_dir/third_party/blink/renderer/bindings/modules/v8/v8_identity_credential_error_init.h",
"$root_gen_dir/third_party/blink/renderer/bindings/modules/v8/v8_identity_credential_logout_r_ps_request.cc",
@@ -654,8 +652,6 @@ generated_dictionary_sources_in_modules = [
"$root_gen_dir/third_party/blink/renderer/bindings/modules/v8/v8_identity_request_provider.h",
"$root_gen_dir/third_party/blink/renderer/bindings/modules/v8/v8_identity_resolve_options.cc",
"$root_gen_dir/third_party/blink/renderer/bindings/modules/v8/v8_identity_resolve_options.h",
- "$root_gen_dir/third_party/blink/renderer/bindings/modules/v8/v8_identity_standard_claims.cc",
- "$root_gen_dir/third_party/blink/renderer/bindings/modules/v8/v8_identity_standard_claims.h",
"$root_gen_dir/third_party/blink/renderer/bindings/modules/v8/v8_identity_user_info.cc",
"$root_gen_dir/third_party/blink/renderer/bindings/modules/v8/v8_identity_user_info.h",
"$root_gen_dir/third_party/blink/renderer/bindings/modules/v8/v8_idle_options.cc",
diff --git a/third_party/blink/renderer/bindings/idl_in_modules.gni b/third_party/blink/renderer/bindings/idl_in_modules.gni
index ea5b584b2ecf0..5a1ae04cb05ef 100644
--- a/third_party/blink/renderer/bindings/idl_in_modules.gni
+++ b/third_party/blink/renderer/bindings/idl_in_modules.gni
@@ -195,7 +195,6 @@ static_idl_files_in_modules = [
"//third_party/blink/renderer/modules/credentialmanagement/federated_credential.idl",
"//third_party/blink/renderer/modules/credentialmanagement/federated_credential_init.idl",
"//third_party/blink/renderer/modules/credentialmanagement/federated_credential_request_options.idl",
- "//third_party/blink/renderer/modules/credentialmanagement/identity_claim_requirement.idl",
"//third_party/blink/renderer/modules/credentialmanagement/identity_credential.idl",
"//third_party/blink/renderer/modules/credentialmanagement/identity_credential_error.idl",
"//third_party/blink/renderer/modules/credentialmanagement/identity_credential_logout_r_ps_request.idl",
@@ -203,7 +202,6 @@ static_idl_files_in_modules = [
"//third_party/blink/renderer/modules/credentialmanagement/identity_provider.idl",
"//third_party/blink/renderer/modules/credentialmanagement/identity_provider_account.idl",
"//third_party/blink/renderer/modules/credentialmanagement/identity_provider_config.idl",
- "//third_party/blink/renderer/modules/credentialmanagement/identity_standard_claims.idl",
"//third_party/blink/renderer/modules/credentialmanagement/navigator_credentials.idl",
"//third_party/blink/renderer/modules/credentialmanagement/navigator_identity.idl",
"//third_party/blink/renderer/modules/credentialmanagement/navigator_login.idl",
diff --git a/third_party/blink/renderer/modules/credentialmanagement/identity_claim_requirement.idl b/third_party/blink/renderer/modules/credentialmanagement/identity_claim_requirement.idl
deleted file mode 100644
index f19cedd051636..0000000000000
--- a/third_party/blink/renderer/modules/credentialmanagement/identity_claim_requirement.idl
+++ /dev/null
@@ -1,21 +0,0 @@
-// Copyright 2022 The Chromium Authors
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-dictionary IdentityClaimRequirement {
- // Controls the optionality of the attribute.
- // NOTE: "required" is a reserved WebIDL keyword, so we prefix it with
- // the _ character to use it.
- // https://webidl.spec.whatwg.org/#:~:text=escape%20an%20identifier
- boolean _required;
-
- // TODO(crbug.com/1400878): introduce the other requirement types as needed.
- // Requires the attribute to be verified.
- // boolean verified;
- // Requires the attribute to be over a certain number.
- // long over;
- // Requires the attribute to be under a certain number.
- // long under;
- // Requires the attribute to be equal to certain value.
- // any value;
-};
diff --git a/third_party/blink/renderer/modules/credentialmanagement/identity_credential_request_options.idl b/third_party/blink/renderer/modules/credentialmanagement/identity_credential_request_options.idl
index d0942cdf294c7..56180b39a8147 100644
--- a/third_party/blink/renderer/modules/credentialmanagement/identity_credential_request_options.idl
+++ b/third_party/blink/renderer/modules/credentialmanagement/identity_credential_request_options.idl
@@ -21,8 +21,6 @@ dictionary IdentityCredentialRequestOptions {
IdentityCredentialRequestOptionsContext context = "signin";
// Allows an RP to select between the two modes of operation: active or passive.
[MeasureAs=FedCmButtonMode] IdentityCredentialRequestOptionsMode mode = "passive";
- // A querying language that allows an RP to ask what it wants from the IdPs.
- [RuntimeEnabled=FedCmSelectiveDisclosure] IdentityStandardClaims claims;
// This is a debugging aid string instead of an actual member of this dictionary.
// `mediation` could be accidentally set by web developers here and this helps
// with showing debugging info to developers when it happens.
diff --git a/third_party/blink/renderer/modules/credentialmanagement/identity_standard_claims.idl b/third_party/blink/renderer/modules/credentialmanagement/identity_standard_claims.idl
deleted file mode 100644
index 4eff1f82a4512..0000000000000
--- a/third_party/blink/renderer/modules/credentialmanagement/identity_standard_claims.idl
+++ /dev/null
@@ -1,37 +0,0 @@
-// Copyright 2022 The Chromium Authors
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-dictionary IdentityStandardClaims {
- // The standard identity claims is derived and kept consistent with the <form>
- // autocomplete spec.
- // https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#attr-fe-autocomplete
- // We are starting with the attributes that are currently supported, so many
- // of the attributes are left commented out to allow us to introduce them
- // incrementally, while still testing if the generalization will hold.
- // TODO(crbug.com/1400878): introduce the other attributes as needed.
- IdentityClaimRequirement name;
- IdentityClaimRequirement givenName;
- // IdentityClaimRequirement familyName;
- // IdentityClaimRequirement nickname;
- // IdentityClaimRequirement username;
- IdentityClaimRequirement email;
- // IdentityClaimRequirement sex;
- // IdentityClaimRequirement bday;
- // IdentityClaimRequirement language;
- // IdentityClaimRequirement phoneNumber;
- // IdentityClaimRequirement streetAddress;
- // IdentityClaimRequirement country;
- // IdentityClaimRequirement url;
- // IdentityClaimRequirement tel;
- // Age is neither in the OIDC Standard Claims nor in HTML, but maps better
- // than bday (HTML) / birthday (OIDC).
- // IdentityClaimRequirement age;
- // Picture currently follows the OIDC Standard Claims
- // https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
- // Which we take as equivalent to photo from the HTML standard.
- // We use both to keep backwards compatibility with the AccountList
- // dictionary.
- IdentityClaimRequirement picture;
- // IdentityClaimRequirement photo;
-};
diff --git a/third_party/blink/renderer/platform/runtime_enabled_features.json5 b/third_party/blink/renderer/platform/runtime_enabled_features.json5
index ad167379d327f..3660469b05d5b 100644
--- a/third_party/blink/renderer/platform/runtime_enabled_features.json5
+++ b/third_party/blink/renderer/platform/runtime_enabled_features.json5
@@ -2008,12 +2008,6 @@
origin_trial_os: ["win", "mac", "linux", "chromeos"],
origin_trial_allows_third_party: true,
},
- {
- name: "FedCmSelectiveDisclosure",
- depends_on: ["FedCm"],
- public: true,
- base_feature: "none",
- },
{
name: "FencedFrames",
base_feature: "none",
diff --git a/tools/metrics/histograms/enums.xml b/tools/metrics/histograms/enums.xml
index 821cc752adfd7..cc07c3e40b630 100644
--- a/tools/metrics/histograms/enums.xml
+++ b/tools/metrics/histograms/enums.xml
@@ -12386,7 +12386,6 @@ from previous Chrome versions.
<int value="-630256330" label="EnableDrDc:enabled"/>
<int value="-629084845" label="UseToastManager:disabled"/>
<int value="-629041881" label="MuteNotificationsDuringScreenShare:disabled"/>
- <int value="-628675321" label="FedCmSelectiveDisclosure:disabled"/>
<int value="-628535358"
label="AutofillPreventOverridingPrefilledValues:enabled"/>
<int value="-626329144" label="SyncSupportTrustedVaultPassphrase:enabled"/>
@@ -13221,7 +13220,6 @@ from previous Chrome versions.
<int value="-304886342" label="QuickAnswersTranslation:disabled"/>
<int value="-304841801" label="AccessibilityFlashScreenFeature:enabled"/>
<int value="-304777110" label="PreconnectToSearch:disabled"/>
- <int value="-304594674" label="FedCmSelectiveDisclosure:enabled"/>
<int value="-304502255" label="DiscardRingImprovements:enabled"/>
<int value="-304329578" label="OmniboxContextualSearchActionsAtTop:enabled"/>
<int value="-303992327" label="SwipeToMoveCursor:disabled"/>