Closed Bug 1588552 Opened 6 years ago Closed 6 years ago

Can't update Firefox Sync because of expired or invalid confirmation code

Categories

(Cloud Services :: Server: Firefox Accounts, defect)

Product:
Cloud Services
Component:
Server: Firefox Accounts
Version:
60 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: tony, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0

Steps to reproduce:

Try to sign in to FF Sync.
"Check your email for the code sent to xxxx"
Wait for confirmation email, which takes longer than 5 minutes

Actual results:

Email eventually arrives, after about 8 minutes:
X-Greylist: delayed 423 seconds by postgrey-1.36 at shell
When applying the code, the massage "expired or invalid code" is displayed

Expected results:

The timeout should be considerably longer than 5 minutes. Even allowing for zero greylist delay in the through the server, an IMAP client is normally set to check every 10 minutes.

A more appropriate timeout would be 15 minutes at least. 30 would be better.

Component: Untriaged → Server: Firefox Accounts
Product: Firefox → Cloud Services
Summary: Can't update FF sync → Can't update Firefox Sync because of expired or invalid confirmation code

This is strange, we display that the codes are only good for 5 minutes to give users a sense of urgency, but the reality is they should be valid for a minimum of 10 and a max of 20 minutes. An expired code after 8 minutes seems strange to me. Vijay, are the times I wrote there correct? Is it possible for us to have a mis-configuration?

Flags: needinfo?(vbudhram)

are the times I wrote there correct?

Yea those times are correct [1]. Code lives between 10-20mins depending on where in OTP window the code was generated. Tony, is it possible that you entered an incorrect code instead of code being expired? We use the same error message to avoid leaking any additional information about the code.

[1] - https://github.com/mozilla/fxa/blob/44412c2d0912529575fd42813b1d1bb7fa5654de/packages/fxa-auth-server/config/index.js#L1151

Flags: needinfo?(vbudhram) → needinfo?(tony)

Not very likely, I'm afraid. I've only ever copy/pasted the code; and I've done it about 6 times with different codes. I did eventually succeed, having whitelisted accounts@firefox.com in postgrey, and reduced my Thunderbird IMAP collection time, so for me, it's no longer an issue.

Flags: needinfo?(tony)

I guess it's just possible that in copy/pasting from the email that I picked up some invisible HTML. Maybe there needs to be some sort of filtering on the verification page.

You might have possibly hit this bug [1] with copy and paste. It was fixed and should be deployed sometime this week. I'll close this here, but can reopen if still an issue.

[1] - https://github.com/mozilla/fxa/pull/2807

Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.