Closed
Bug 1313731
Opened 8 years ago
Closed 8 years ago
autoconfigured FxA auth URI is missing trailing /v1
Categories
(Firefox :: Sync, defect, P1)
Firefox
Sync
Tracking
()
RESOLVED
FIXED
Firefox 52
Tracking | Status | |
---|---|---|
firefox52 | --- | fixed |
People
(Reporter: glasserc, Assigned: tcsc)
Details
Attachments
(1 file)
I tried using the autoconfig support today in nightly and everything seemed to work OK, but it wanted me to verify my email, and sending email verifications wasn't working. Instead I saw a stream of errors in the terminal like: 1477675336645 FirefoxAccounts ERROR error GETing /recovery_email/status?reason=timer: {"code":404,"errno":999,"error":"Not Found","message":"Unspecified error","info":"https://github.com/mozilla/fxa-auth-server/blob/master/docs/api.md#response-format"} :vladikoff suggested examining the value of identity.fxaccounts.auth.uri, which was https://stable.dev.lcip.org/auth. The default value is https://api.accounts.firefox.com/v1. Noticing that there is a trailing /v1 on the default value, I tried the value https://stable.dev.lcip.org/auth/v1. Once I restarted Firefox, it seemed fine -- it didn't even ask me to verify my email any more.
Updated•8 years ago
|
Flags: needinfo?(tchiovoloni)
Comment 1•8 years ago
|
||
Filed : https://github.com/mozilla/fxa-dev/issues/286
Flags: needinfo?(tchiovoloni)
Comment 3•8 years ago
|
||
I seem to recall us deliberately *not* including the /v1, but I could be mis-remembering. In that case, it would mean that the production config is wrong. And indeed, if I examine the production config, only the auth-server includes the /v1 suffix: $ curl --silent https://accounts.firefox.com/.well-known/fxa-client-configuration | jq { "auth_server_base_url": "https://api.accounts.firefox.com/v1", "oauth_server_base_url": "https://oauth.accounts.firefox.com", "profile_server_base_url": "https://profile.accounts.firefox.com", "sync_tokenserver_base_url": "https://token.services.mozilla.com" } This seems weird to me, they should all be consistent one way or another. But, I take this issue to indicate that the client code is expecting the /v1 to be present, so we probably have to move forward with including it.
Comment 4•8 years ago
|
||
Yep, the client expects the auth URL to contain the /v1 already, but adds it to the oauth and profile URLs: https://hg.mozilla.org/integration/autoland/rev/d08f86205057#l9.151
Comment 5•8 years ago
|
||
It looks like we confused ourselves here, because the content-server's own config will accept an auth-server URL either with or without the /v1, and will add it as appropriate. But it's echoing that config to the client, which expects the /v1 to be present. I think the only path forward from here is to ensure we always include the /v1 in the response to the client: https://github.com/mozilla/fxa-content-server/pull/4356
Comment 6•8 years ago
|
||
> I think the only path forward from here is to ensure we always include the /v1 After discussion with :markh, it makes more sense to fix the client so it has consistent expectations for all these URLs. In practice that means: 1) Changing the client code here: https://dxr.mozilla.org/mozilla-central/source/services/fxaccounts/FxAccountsConfig.jsm#147 So that it appends /v1 to the auth-server URL, like it already does for the other two. 2) Adding safeguards in content-server to ensure that we do *not* include the /v1 in the URL being reported to the client.
Comment hidden (mozreview-request) |
Assignee | ||
Comment 8•8 years ago
|
||
As explained in the commit message, this is done conditionally as to not break current stage. Let me know if I should open a bug to make this added unconditionally.
Comment 9•8 years ago
|
||
Comment on attachment 8806767 [details] Bug 1313731 - Append /v1 to fxaccount's autoconfig's auth_server_base_url if not present Ryan, do you mind taking this?
Attachment #8806767 -
Flags: review?(markh) → review?(rfkelly)
Updated•8 years ago
|
Assignee: nobody → tchiovoloni
Priority: P3 → P1
Comment 10•8 years ago
|
||
mozreview-review |
Comment on attachment 8806767 [details] Bug 1313731 - Append /v1 to fxaccount's autoconfig's auth_server_base_url if not present https://reviewboard.mozilla.org/r/90092/#review89852 Looks good to me! The conditional behaviour makes sense in order to smooth out the transition in the server-side behaviour.
Attachment #8806767 -
Flags: review?(rfkelly) → review+
Comment 11•8 years ago
|
||
Pushed by tchiovoloni@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/1459baf15694 Append /v1 to fxaccount's autoconfig's auth_server_base_url if not present r=rfkelly
Comment 12•8 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/1459baf15694
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Target Milestone: --- → Firefox 52
You need to log in
before you can comment on or make changes to this bug.
Description
•