Closed Bug 1513060 Opened 3 years ago Closed 2 years ago

Please provision production oauth credentials for Firefox Monitor

Categories

(Cloud Services :: Server: Firefox Accounts, enhancement)

Product:
Cloud Services
Component:
Server: Firefox Accounts
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: stomlinson, Unassigned)

Details

Firefox Monitor is integrating Firefox Accounts and would like production credentials.

Since this is a Mozilla property, it will be a trusted client.

Luke, we'll need the following info:

name:
redirect uri:
allowed scopes:
Flags: needinfo?(lcrouch)
Thanks Shane.

Name: Firefox Monitor
Redirect URI: https://monitor.firefox.com/oauth/confirmed
allowed scopes: profile (all)

We would also like to be a Trusted client if that's okay - that will streamline the sign up for FxA users who are already signed in, right?

We will be adding access_type=offline in our query params to get a refresh token.
Flags: needinfo?(lcrouch)
Flags: needinfo?(jrgm)
Flags: needinfo?(jbuckley)
:groovecoder - I've created the client on FxA production: https://oauth.accounts.firefox.com/v1/client/802d56ef2a9af9fa

The GPG key listed in your phonebook is expired - can you update your phonebook entry to point to an unexpired key or let me know when you're online so we can use magic-wormhole to transfer the oauth secret?
Flags: needinfo?(lcrouch)
Flags: needinfo?(jrgm)
Flags: needinfo?(jbuckley)
Added secrets to the GCP configuration.
To develop our code for handling emails, images, display names, and/our FxA uids, we need an OAuth client on the dev environment that is allowed full profile scope. (And probably another for stage)

I don't see anywhere in the UI for https://oauth-stable.dev.lcip.org/console/client/register to request full profile scope?

Can someone provision us dev and stage oauth credentials for Firefox Monitor too?

Dev:
Name: Firefox Monitor (local)
Redirect URI: http://localhost:6060/oauth/confirmed
allowed scopes: profile (all)

Heroku:
Name: Firefox Monitor (heroku)
Redirect URI: https://fx-breach-alerts.herokuapp.com/oauth/confirmed
allowed scopes: profile (all)

Stage:
Name: Firefox Monitor (stage)
Redirect URI: https://stage.firefoxmonitor.nonprod.cloudops.mozgcp.net/oauth/confirmed
allowed scopes: profile (all)

The stage creds can be sent straight to :bobm. The local & heroku creds can be sent to myself, :lnorton, and :nhnt11.
Flags: needinfo?(lcrouch)
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED

We deployed our FXA code to our stage environment, but we're getting incorrect redirect_uri error.

FxA stage deploy bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1526043

Is our stage client configured on https://accounts.firefox.com or on https://oauth-stable.dev.lcip.org/ ?

Can you help us make sure we're using the right OAUTH values?

Status: RESOLVED → REOPENED
Flags: needinfo?(vlad)
Resolution: FIXED → ---

(In reply to Luke Crouch [:groovecoder] from comment #5)

We deployed our FXA code to our stage environment, but we're getting incorrect redirect_uri error.

FxA stage deploy bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1526043

Is our stage client configured on https://accounts.firefox.com or on https://oauth-stable.dev.lcip.org/ ?

Can you help us make sure we're using the right OAUTH values?

We made changes and we now have the following:

Client id: E7E2

Firefox Monitor Trusted (Stage) https://stage.firefoxmonitor.nonprod.cloudops.mozgcp.net/oauth/confirmed

Client id: 58AB

Firefox Monitor (Stage) https://stage.firefoxmonitor.nonprod.cloudops.mozgcp.net/oauth/confirmed

Let me know if something else needs changing

Flags: needinfo?(vlad)

checked in slack, seems good!

Status: REOPENED → RESOLVED
Closed: 2 years ago2 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.