improve oauth2 logging for error cases
Categories
(Thunderbird :: Security, defect)
Tracking
(thunderbird_esr91 wontfix, thunderbird_esr102 fixed)
People
(Reporter: mkmelin, Assigned: mkmelin)
References
(Blocks 1 open bug)
Details
Attachments
(1 file)
48 bytes,
text/x-phabricator-request
|
wsmwk
:
approval-comm-esr102+
|
Details | Review |
We should make errors from oauth2 more findable.
Assignee | ||
Comment 1•2 years ago
|
||
NOTE: For the MS case in question, it's not actually and OAuth2 error. We get a success from OAuth2. It's just that auth we got can't be used for SMTP if SMTP AUTH is disabled on the tenant.
But then one does get
mailnews.smtp: Command failed: 535 Authentication unsuccessful, SmtpClientAuthentication is disabled for the Mailbox. Visit https://aka.ms/smtp_auth_disabled for more information. [ME3P282CA0085.AUSP282.PROD.OUTLOOK.COM 2023-02-02T03:03:41.538Z 08DB0468ADBF7A7C]; currentAction=_actionAUTH_XOAUTH2 SmtpClient.jsm:521:19
_onCommand resource:///modules/SmtpClient.jsm:521
_parse resource:///modules/SmtpClient.jsm:360
_onData resource:///modules/SmtpClient.jsm:418
Assignee | ||
Comment 2•2 years ago
|
||
By raising it to warn, the logging will normally show in the console.
Comment 3•2 years ago
|
||
Yeah, that one is an SMTP server error.
The initial suggestion was meant for the "error_description" that you get in the response JSON from the token request like in this screenshot: https://i.imgur.com/YqrqAbp.png
The only way to find errors in the JSON seems to be looking in the response data which is hard to explain to people.
Assignee | ||
Comment 4•2 years ago
|
||
Right, with the patch those would now be logged in the console in a warning.
Updated•2 years ago
|
Updated•2 years ago
|
Assignee | ||
Updated•2 years ago
|
Pushed by mkmelin@iki.fi:
https://hg.mozilla.org/comm-central/rev/3c1be92d7eab
improve oauth2 logging for error cases. r=leftmostcat
Assignee | ||
Comment 6•2 years ago
|
||
Comment on attachment 9315520 [details]
Bug 1814544 - improve oauth2 logging for error cases. r=leftmostcat
[Approval Request Comment]
Safe improvements to OAuth2 logging
Comment 7•2 years ago
|
||
Comment on attachment 9315520 [details]
Bug 1814544 - improve oauth2 logging for error cases. r=leftmostcat
[Triage Comment]
No more betas this cycle.
But let's take this for esr102 - approved
Comment 8•2 years ago
|
||
bugherder uplift |
Thunderbird 102.8.0:
https://hg.mozilla.org/releases/comm-esr102/rev/db0b1d516bca
Description
•