1229037 - [stage] Unable to log in using Firefox Accounts

Status: RESOLVED FIXED

(developer.mozilla.org Graveyard :: BrowserCompat, defect)

Description

[Matt Brandt [:mbrandt]]

Attachment: qa - screencast of bug

Creation of an account using FxA appears to not work.

Steps to reproduce
1. Goto https://browsercompat.herokuapp.com/accounts/login/
2. Select sign in using Firefox Accounts
3. Sign in

Actual:
The page displays an error. HTTP response is 200 OK

Expected:
If an error occurs, a more appropriate HTTP response is returned.

If an error does not occur, the user is able to log in.

Comment 1

[John Whitlock [:jwhitlock]]

We're using the development FxA server, which sometimes breaks during development, and sometimes has the database wiped. We need to move to the stable server, and generate new credentials.

Comment 2

[John Whitlock [:jwhitlock]]

FxA added a trusted/untrusted flag in early 2015 that included changes to the scope parameter:

https://github.com/mozilla/fxa-oauth-server/issues/143
https://github.com/mozilla/fxa-oauth-server/blob/master/lib/routes/authorization.js#L27-L31

Configuration changes are needed to get authentication working again.

Comment 3

[Ryan Kelly [:rfkelly]]

> We're using the development FxA server

Does it make sense to look into migrating to use the Production FxA servers?

Comment 4

[John Whitlock [:jwhitlock]]

Not until we switch to production environment (bug 1242437), which is at least a few months out. I imagine we'll still need to use the test servers when we create temporary environments for load testings (bug 1246953).

Comment 5

[John Whitlock [:jwhitlock]]

I've submitted the change as a PR 1299 [1] against the upstream django-allauth project.  This will make it easier for other Django-based projects to use FxA, such as the push-dev-dashboard [2] and eventually MDN (if it adopts FxA as a Persona replacement). Working code is in BrowserCompat PR 105 [3], but I'm waiting on the official django-allauth release [4] with the new code to merge the fix (it will be the next version after 0.24.1). If this becomes a blocker, I can make a preliminary merge against the unreleased code.

[1] https://github.com/pennersr/django-allauth/pull/1299
[2] https://github.com/mozilla-services/push-dev-dashboard
[3] https://github.com/mdn/browsercompat/pull/105
[4] https://pypi.python.org/pypi/django-allauth

Comment 6

[MDN Team (:mdn-dev)]

Commits pushed to master at https://github.com/mdn/browsercompat

https://github.com/mdn/browsercompat/commit/6e66cb6835ecb0fb0a9f30460cadd70ef95339d7
bug 1229037 - Fix mock teardown

The call was mocked.stop(), should have been patcher.stop(). Switched to
addCleanup() method as well, for auto-tearDown.

https://github.com/mdn/browsercompat/commit/f4a3121a932fdd5bc7fb746eac78b51bc9c083d8
bug 1229037 - Switch to django-allauth 0.25.2

0.25.2 adds additional parameters to the fxa provider, so that the
endpoints can be overridden from settings. This removes the need for the
custom fxa provider. An environment override FXA_SCOPE is added for
overriding the scope, needed when an application is not on the Mozilla
whitelist.

https://github.com/mdn/browsercompat/commit/7b56bbeb505bfc670aa5735c00153141e71c083f
Merge pull request #105 from mdn/fxa_scope_1229037

bug 1229037 - Refine FxA scope value

Comment 7

[John Whitlock [:jwhitlock]]

Works on browsercompat.herokuapp.com. If you have an existing username + password account, you'll want to log in with that, go to your profile, pick "Linked Accounts", and then log in with Firefox Accounts to associate it (or, log in and jump to https://browsercompat.herokuapp.com/accounts/social/connections/)