Open Bug 1835539 Opened 1 year ago Updated 1 month ago

gmail oauth account setup shows blank contents page if the account has a passkey added

Categories

(Thunderbird :: Security, defect)

Thunderbird 114
defect

Tracking

(Not tracked)

UNCONFIRMED

People

(Reporter: mozilla.distinct479, Unassigned, NeedInfo)

References

(Depends on 2 open bugs)

Details

(Whiteboard: [snnot3p])

Attachments

(1 file)

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36

Steps to reproduce:

  1. Download and install fresh copy of of Thunderbird 114.0b5 (64-bit)
  2. Enter gmail credentials and login
  3. Confirm email address in popped up oauth web page

Actual results:

After confirming the email address on the first web page, the browsers is redirected to a blank page with no buttons nor any other way to interact with the page.

Expected results:

There should have been a prompt for a password, totp, or other kind of authentication.

Issue appears to happen due to the gmail account having 2 passkeys added to it.

After removal of the passkeys the authentication continues as normal (webpage asks for password) and succeeds after entering totp code and accepting oauth permissions.

host: macOS 12.4

If a passkey is part of the steps to reproduce, it should be listed as one of the steps ;)

I should think this would also happen in version 102

Component: Account Manager → Security
Whiteboard: [snnot3p]
See Also: → 1837213

FIDO2 support is enabled in Firefox starting with 114. This is a requirement for passkey.
Passkey support in Firefox appears to still be a work in progress. Bug 1792433 and Bug 1838015

I really do not see how anything can be done in Thunderbird as the Mozilla platform apparently does not support the authentication method.

Do you have any suggestions Wayne?

Flags: needinfo?(vseerror)

I agree.

Depends on: passkeys, 1838015
Flags: needinfo?(vseerror)
Duplicate of this bug: 1862648

Progress was made in Bug 1869374 - let passkey support on macOS ride the trains - linked to Bug 1792433, but it looks like this won't be in a. Thunderbird version until 128 this summer.

Should there be user documentation? Who does that? Is it Roland?

Not sure it is related to this bug, but with 125.0b2 on Mac I am seeing oauth dialogs for most or all of my gmail accounts. And for my thunderbird.net account this blank screen. Account settings are unchanged and appear to all be correct.

Error console has

The IMAP server imap.gmail.com does not support the selected authentication method. Please change the 'Authentication method' in the 'Account Settings | Server settings'.

and

Quota 'imap' is not a valid scheme!: OriginParser.cpp:165
01:04:08.300 Quota Origin 'imap+++mail.lehigh.edu+993+' failed to parse, handled tokens: : OriginParser.cpp:71
01:04:08.301
Uncaught NS_ERROR_FAILURE:
exports https://cdn.sso.mozilla.com/nlx/ef06f95c4fe4faae14fba326d2fccefa83527065/js/main.js:1

Flags: needinfo?(leftmostcat)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: