Closed Bug 1846314 Opened 2 years ago Closed 2 years ago

Unsigned builds continuously prompt for keychain password when accessing logins/creditcards/syncing etc

Categories

(Toolkit :: Form Autofill, defect)

Product:
Toolkit
Component:
Form Autofill
Platform:
Desktop
macOS
Type:
defect

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: mtigley, Unassigned)

References

Details

Attachments

(2 files)

1st prompt.png
503.88 KB, image/png
Details
2nd prompt.png
528.24 KB, image/png
Details

Steps to Reproduce

  1. On a new profile, save a credit card from about:preferences
  2. Firefox will prompt for keychain password. Click "Allow"

Expected

Credit card is saved when keychain password is successfully authenticated.

Actual

Firefox will prompt the user several more times for the keychain password even though it was successful the first time.

Some notes: this issue goes away when clicking "Always Allow".

Similar experience when syncing (and I think even when uploading existing local cards, so not limited to saving) - but let's see if that gets fixed as a side-effect of fixing this before we open a secondary issue.

It seems that every OSKeystore API call that requires accessing "Firefox Encrypted Storage" keychain access triggers two prompts, and the result is not cached so if we call the API multiple times, each API calls trigger two prompts.

For example, if users save a credit card, then the user will see 4 prompts:

  1. Formautofill module calls encrypt to encrypt the credit card number
  2. Trigger the 1st prompt because ensureLoggedIn -> nativeOSKeyStore.asyncSecretAvailable
  • The dialog says "Firefox wants to use your confidential information stored in Firefox Encrypted Storage in your keychain"
  1. After the user types the password and presses ok, then the 2nd prompt appears, with a little bit different description in the dialog
  • The dialog says "Firefox wants to access key Firefox Encrypted Storage in your keychain"
  1. ensureLoggedIn finishes, but triggers the 3rd prompt because of nativeOSKeyStore.asyncEncryptBytes
  2. The same as step3, after the user types their password, another dialog appears (4th)
  3. Encrypt finishes

Note. This doesn't seem to be recent regression, I tried Fx106 and I could still this issue, maybe this is caused by an OS updated?

Hi dana,
This issue is quite annoying for users, is anyone in your team could help take a look at this bug? Thanks!

Flags: needinfo?(dkeeler)
Attached image 1st prompt.png
Attached image 2nd prompt.png

From a discussion in slack, it seems the dialogs shown in those screen-shots only happen with local builds, not with official builds. I'm guessing the distinction might be more like "signed" vs "unsigned" builds, and that it's the OS showing this dialog?

Yeah, this is an OS thing. I'm not aware of anything Firefox can do to affect this behavior when unsigned. I recommend using "Always Allow".

Flags: needinfo?(dkeeler)

I think my comment on slack caused this to be opened - thanks! But there's nothing for us to do here.

Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → INVALID
Summary: Saving credit cards continuously prompts for keychain password when hitting "Allow" → Unsigned builds continuously prompt for keychain password when accessing logins/creditcards/syncing etc
Duplicate of this bug: 1898589
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: