Closed Bug 1080242 Opened 10 years ago Closed 10 years ago

Surface new "Firefox Account locked" messaging in Fennec

Categories

(Android Background Services Graveyard :: Firefox Accounts, defect)

Product:
Android Background Services Graveyard
Component:
Firefox Accounts
Platform:
All
Android
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(fennec36+)

Status:
RESOLVED FIXED
Milestone:
Firefox 37
Tracking Flags:
Tracking Status
fennec 36+ ---

People

(Reporter: nalexander, Assigned: nalexander)

Details

Attachments

(3 files)

https://github.com/mozilla-services/android-sync/pull/504
57 bytes, text/x-github-pull-request
rnewman
: review+
Details | Review
Account.Locked.Error.png
232.17 KB, image/png
Details
Account.Locked.Error.Failure.Toast.png
262.24 KB, image/png
Details 
The Cloud Services team is adding backend account fraud support to fxa-auth and fxa-content servers.  This will take the form of a new error code returned from the /login (and related) endpoints.  Fennec will need a little bit of error handling code to surface these new error messages to the user.

n.b.: the principal messaging will be via an email to the account's email address, so it's enough to just say "account locked and see your email".  We don't need to provide UI to recover from the situation, for example.

Documented at [1] and [2].

[1] https://wiki.mozilla.org/Identity/Firefox_Accounts/Account_lockout

[2] https://github.com/mozilla/fxa-auth-server/issues/801#issuecomment-56592929
Setting tracking-fennec? because this should track Fennec 36.
tracking-fennec: --- → ?
Note that there should be UI to resend the unlock email in case it never made it to the user.
tracking-fennec: ? → 36+
Preliminary review.  Details are not yet finalized, but I wanted to push this forward.
Attachment #8513012 - Flags: review?(rnewman)
Screenshot of the error message with linkified "Resend unlock code".  (For those playing along at home, it's embedded on the create account screen for testing convenience -- I swapped "account already exists" and "account locked" locally -- even though this state can't (?) occur at creation.)
Here's the same error, but with the little "Resend unlock email failed" toast at the bottom.  (This fails because the end point doesn't exist remotely; the logs show the expected 404 response.)
francois: I implemented this with the following two choices:

1) /login and friends returned an error code of ACCOUNT_LOCKED = 121.  I have argued elsewhere that we should not re-use error codes even if we can, so I'd like to see this finalized.

2) I used the endpoint /account/unlock/resend_code.  I post the following JSON:

{"email":email}

where email is just like for /account/create (i.e., just a utf8 string).  (https://github.com/mozilla/fxa-auth-server/blob/master/docs/api.md#post-v1accountcreate)

I expect a 200 response and ignore the body entirely.  It would be nice to get that documented.
Flags: needinfo?(francois)
I think Danny answered most of these already on the Github tracker, but will transfer the needinfo to him just in case.
Flags: needinfo?(francois) → needinfo?(dcoates)
Nick, it will be documented in api.md once there's an implementation to back it, but yes, all you're assumptions are correct.

The errno will be 121 instead of 104 but otherwise will follow https://github.com/mozilla/fxa-auth-server/issues/801#issuecomment-56592929 with response bodies for the new endpoints being empty JSON objects.
Flags: needinfo?(dcoates)
Comment on attachment 8513012 [details] [review]
https://github.com/mozilla-services/android-sync/pull/504

Assuming it works, this looks fine to me, modulo whatever changes are necessary to match the final spec.
Attachment #8513012 - Flags: review?(rnewman) → review+
FYI, I tried the above build against a custom deployment of this auth-server branch: https://github.com/mozilla/fxa-auth-server/pull/840

The flow worked nicely - lockout was reported, error screen was shown, link was clicked, email was sent.

The server implementation is far from ready, but I think we can happily commit to the parts of the API required for this to land in Fennec (the error code, and the URL to visit to resend the email).
Thanks for testing, rfkelly.  Pushed as is; we can follow-up if necessary.
https://hg.mozilla.org/mozilla-central/rev/55313b1290fc
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 37
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: