Closed
Bug 1080242
Opened 10 years ago
Closed 10 years ago
Surface new "Firefox Account locked" messaging in Fennec
Categories
(Android Background Services Graveyard :: Firefox Accounts, defect)
Tracking
(fennec36+)
RESOLVED
FIXED
Firefox 37
Tracking | Status | |
---|---|---|
fennec | 36+ | --- |
People
(Reporter: nalexander, Assigned: nalexander)
Details
Attachments
(3 files)
The Cloud Services team is adding backend account fraud support to fxa-auth and fxa-content servers. This will take the form of a new error code returned from the /login (and related) endpoints. Fennec will need a little bit of error handling code to surface these new error messages to the user. n.b.: the principal messaging will be via an email to the account's email address, so it's enough to just say "account locked and see your email". We don't need to provide UI to recover from the situation, for example. Documented at [1] and [2]. [1] https://wiki.mozilla.org/Identity/Firefox_Accounts/Account_lockout [2] https://github.com/mozilla/fxa-auth-server/issues/801#issuecomment-56592929
Assignee | ||
Comment 1•10 years ago
|
||
Setting tracking-fennec? because this should track Fennec 36.
tracking-fennec: --- → ?
Comment 2•10 years ago
|
||
Note that there should be UI to resend the unlock email in case it never made it to the user.
Updated•10 years ago
|
tracking-fennec: ? → 36+
Assignee | ||
Comment 3•10 years ago
|
||
Preliminary review. Details are not yet finalized, but I wanted to push this forward.
Attachment #8513012 -
Flags: review?(rnewman)
Assignee | ||
Comment 4•10 years ago
|
||
Screenshot of the error message with linkified "Resend unlock code". (For those playing along at home, it's embedded on the create account screen for testing convenience -- I swapped "account already exists" and "account locked" locally -- even though this state can't (?) occur at creation.)
Assignee | ||
Comment 5•10 years ago
|
||
Here's the same error, but with the little "Resend unlock email failed" toast at the bottom. (This fails because the end point doesn't exist remotely; the logs show the expected 404 response.)
Assignee | ||
Comment 6•10 years ago
|
||
francois: I implemented this with the following two choices: 1) /login and friends returned an error code of ACCOUNT_LOCKED = 121. I have argued elsewhere that we should not re-use error codes even if we can, so I'd like to see this finalized. 2) I used the endpoint /account/unlock/resend_code. I post the following JSON: {"email":email} where email is just like for /account/create (i.e., just a utf8 string). (https://github.com/mozilla/fxa-auth-server/blob/master/docs/api.md#post-v1accountcreate) I expect a 200 response and ignore the body entirely. It would be nice to get that documented.
Flags: needinfo?(francois)
Comment 7•10 years ago
|
||
I think Danny answered most of these already on the Github tracker, but will transfer the needinfo to him just in case.
Flags: needinfo?(francois) → needinfo?(dcoates)
Comment 8•10 years ago
|
||
Nick, it will be documented in api.md once there's an implementation to back it, but yes, all you're assumptions are correct. The errno will be 121 instead of 104 but otherwise will follow https://github.com/mozilla/fxa-auth-server/issues/801#issuecomment-56592929 with response bodies for the new endpoints being empty JSON objects.
Flags: needinfo?(dcoates)
Comment 9•10 years ago
|
||
Comment on attachment 8513012 [details] [review] https://github.com/mozilla-services/android-sync/pull/504 Assuming it works, this looks fine to me, modulo whatever changes are necessary to match the final spec.
Attachment #8513012 -
Flags: review?(rnewman) → review+
Assignee | ||
Comment 10•10 years ago
|
||
https://tbpl.mozilla.org/?tree=Try&rev=56a7d3409606
Comment 11•10 years ago
|
||
FYI, I tried the above build against a custom deployment of this auth-server branch: https://github.com/mozilla/fxa-auth-server/pull/840 The flow worked nicely - lockout was reported, error screen was shown, link was clicked, email was sent. The server implementation is far from ready, but I think we can happily commit to the parts of the API required for this to land in Fennec (the error code, and the URL to visit to resend the email).
Assignee | ||
Comment 12•10 years ago
|
||
https://hg.mozilla.org/integration/fx-team/rev/55313b1290fc
Assignee | ||
Comment 13•10 years ago
|
||
Thanks for testing, rfkelly. Pushed as is; we can follow-up if necessary.
Comment 14•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/55313b1290fc
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 37
You need to log in
before you can comment on or make changes to this bug.
Description
•