Closed Bug 1134852 Opened 10 years ago Closed 4 years ago

Update password manager recipes from a server/kinto/Remote Settings

Categories

(Toolkit :: Password Manager, enhancement, P3)

Product:
Toolkit
Component:
Password Manager
Type:
enhancement
Points:
8

Tracking

()

Status:
RESOLVED FIXED
Milestone:
83 Branch
Tracking Flags:
Tracking Status
firefox83 --- fixed

People

(Reporter: MattN, Assigned: tgiles)

References

(Blocks 2 open bugs,
URL
)

Details

(Whiteboard: [passwords:recipes])

Attachments

(1 file)

Bug 1134852 - Update password manager recipes from Remote Settings. r=sfoster,leplatrem,esawin
47 bytes, text/x-phabricator-request
Details | Review
Once we have recipes in their own file (bug 1134850), we should update them from a secure server periodically. JSON schema: ```json { "$schema": "http://json-schema.org/draft-04/schema#", "type": "object", "properties": { "siteRecipes": { "type": "array", "items": { "type": "object", "properties": { "description": { "type": "string" }, "hosts": { "type": "array", "items": { "type": "string" } }, "passwordSelector": { "type": "string" }, "usernameSelector": { "type": "string" }, "pathRegex": { "type": "string" }, "notUsernameSelector": { "type": "string" }, "notPasswordSelector": { "type": "string" } }, "required": [ "description", "hosts" ] } } }, "required": [ "siteRecipes" ] } ```
Flags: qe-verify-
Flags: firefox-backlog+
Summary: Update password manager recipes from a server → Update password manager recipes from a server/kinto
Whiteboard: [passwords:recipes]
Matt, is it still something you would be interested in?
Plans for the new passwords team are still being worked on so I'm not sure yet. I'll mention this on IRC.
Assignee: nobody → bwong
Priority: -- → P3
Blocks: 1620649
Summary: Update password manager recipes from a server/kinto → Update password manager recipes from a server/kinto/Remote Settings

Hi Benson, are you still the right person to talk to about adding new collections to Remote Settings and kicking this off? I may have some questions for you shortly (e.g. related to tradeoffs on different schemas and versioning of the schema) if I don't find answer in the docs

Flags: needinfo?(bwong)
Flags: needinfo?(MattN+bmo)

Hi Matt, I can try to answer your questions.

About schemas:

  • we use them to generate the forms in the UI
  • records are validated on creation/update
  • the current schema version is stored as record attribute
  • when schema is updated, its version is bumped, but no record is modified
  • you can filter records based on their schema attribute

See also Kinto API docs https://docs.kinto-storage.org/en/stable/api/1.x/collections.html#collection-json-schema

Hi Matt,

Yes, I'm the right person to ask.
:leplatrem is the lead engineer and I will defer to him for very specific technical questions.

You can also engage with us in #delivery on slack. I'm in the PST timezone and Mat in a European (UTC+1) timezone.

Flags: needinfo?(bwong)
Assignee: bwong → tgiles
Status: NEW → ASSIGNED
Flags: needinfo?(mozilla+bmo)
Attachment #9175032 - Attachment description: Bug 1134852 - Update password manager recipes from Remote Settings. → Bug 1134852 - Update password manager recipes from Remote Settings. r=sfoster,leplatrem

:mkmelin,
This bug concerns moving away from the static, in-tree management of recipes for the passwordmgr to Remote Settings, where we can more quickly respond to login form changes in popular sites that would otherwise take weeks to get a fix to end users.

Specifically, the pref signon.recipes.path currently points to chrome://passwordmgr/content/recipes.json, and this patch would move it to resource://app/defaults/settings/main/password-recipes.json - which is a dump from remote settings. This will be essentially static for Fenix/ChromeView, only Firefox will sync these records from the Remote Settings server.

I know TB uses some functions of the password manager, but I don't know if it would ever load LoginRecipes.jsm, or if this new resource path will cause an issue for Thunderbird. Let me know here or on Element/Matrix.

Flags: needinfo?(mkmelin+mozilla)

Thanks. It looks like Thunderbird doesn't use any of that atm. I'd expect that we need to map/ship resource://app/defaults/settings/main/password-recipes.json though, to avoid test failures.

Flags: needinfo?(mkmelin+mozilla)
Attachment #9175032 - Attachment description: Bug 1134852 - Update password manager recipes from Remote Settings. r=sfoster,leplatrem → Bug 1134852 - Update password manager recipes from Remote Settings. r=sfoster,leplatrem,esawin
Pushed by cbrindusan@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/6435c885b3cb Update password manager recipes from Remote Settings. r=sfoster,leplatrem,geckoview-reviewers,esawin

https://hg.mozilla.org/mozilla-central/rev/6435c885b3cb

Status: ASSIGNED → RESOLVED
Closed: 4 years ago
status-firefox83: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 83 Branch
Regressions: 1749570
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: