Use a different client ID, scope and keys for Sync in Thunderbird
Categories
(Firefox :: Firefox Accounts, enhancement)
Tracking
()
People
(Reporter: darktrojan, Assigned: darktrojan)
References
(Blocks 1 open bug)
Details
Attachments
(3 files)
|
48 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-beta+
|
Details | Review |
|
48 bytes,
text/x-phabricator-request
|
Details | Review | |
|
48 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-beta+
|
Details | Review |
To avoid accidentally or maliciously accessing Firefox Sync data from Thunderbird, we're going to use a different client ID and scope. I think it should be sufficient to choose which ones to use based on AppConstants.MOZ_APP_NAME. (Seems too easy?)
This depends on the OAuth flow being ready to use.
The scopes will need to be created on the FxA servers, I'm testing using the changes here https://github.com/mozilla/fxa/compare/main...darktrojan:fxa:thunderbird-scopes.
|
Assignee | |
Comment 1•1 year ago
|
||
|
|
Assignee | |
Comment 2•1 year ago
|
||
These preferences need a default value or otherwise the tests I'm trying to enable use a different default value and fail.
|
|
Assignee | |
Updated•1 year ago
|
|
|
Assignee | |
Updated•1 year ago
|
|
||
Updated•1 year ago
|
Pushed by john@thunderbird.net:
https://hg.mozilla.org/comm-central/rev/a2d3e88c2ecf
Add preferences needed to enable FxA tests. r=mkmelin
|
||
Comment 4•1 year ago
|
||
Noting here that Thunderbird ideally uses a different client id for each application/service. e.g. there should be a different client ID for each of these:
- Thunderbird website
- Thunderbird on Windows
- Thunderbird on MacOS
- Thunderbird on Linux
- Thunderbird for iOS
- Thunderbird for Android
etc.
Hopefully this is already how these are being used. :)
|
|
||
Updated•1 year ago
|
|
|
Assignee | |
Comment 5•1 year ago
|
||
- Thunderbird website
I'm not sure that our website is using FxA for anything. The add-ons site does, and I assume that has a client ID of its own. It's really not my department.
- Thunderbird on Windows
- Thunderbird on MacOS
- Thunderbird on Linux
Thunderbird on desktop will have a single ID across the platforms, just like Firefox does.
- Thunderbird for iOS
- Thunderbird for Android
These will get IDs of their own when they get that far.
|
|
Assignee | |
Comment 6•1 year ago
|
||
What do I have to do to get this client ID and scope onto the staging server? File a bug? Where?
(Related: I created https://github.com/mozilla/fxa/pull/16706 to add them to the dev config so that I'm not the only one who can test/develop against the server locally.)
|
||
Comment 8•1 year ago
|
||
What do I have to do to get this client ID and scope onto the staging server? File a bug? Where?
File an issue in the SVCSE project in jira
|
|
Assignee | |
Comment 9•1 year ago
|
||
Sorry, I don't have access to your Jira. Is there another way?
|
|
Assignee | |
Comment 11•1 year ago
|
||
Tom, ping?
|
||
Comment 12•1 year ago
|
||
Hi Geoff. I'll ping my team about it and let you know. As an fyi for the future: I mention in my bugzilla profile but I do not actively monitor Bugzilla so if you need my attention on something, hitting me up in slack is the fastest way.
|
|
||
Comment 13•1 year ago
|
||
I've created a jira ticket in my teams queue to be prioritized. We will try to get it completed within a week or two given our current workload.
|
|
||
Updated•1 year ago
|
|
|
Assignee | |
Updated•1 year ago
|
|
||
Comment 14•1 year ago
|
||
|
|
Assignee | |
Comment 15•1 year ago
|
||
I forgot to update this test, so it'll fail on comm-central.
|
||
Comment 16•1 year ago
|
||
| bugherder | ||
|
|
||
Comment 17•1 year ago
|
||
|
||
Comment 18•1 year ago
|
||
| bugherder | ||
|
|
Assignee | |
Comment 19•1 year ago
|
||
Comment on attachment 9393408 [details]
Bug 1888019 - Use a different client ID, scope and keys for Sync in Thunderbird. r=markh,teshaq
Beta/Release Uplift Approval Request
- User impact if declined: This doesn't change anything for Firefox, but we want to be able to use it in Thunderbird ESR 128 once the server-side changes are ready.
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: Yes
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): Almost all of this code (OAuth flow for Mozilla Accounts) is preffed off.
- String changes made/needed:
- Is Android affected?: No
|
|
Assignee | |
Comment 20•1 year ago
|
||
Comment on attachment 9408340 [details]
Bug 1888019 follow-up - Update the Thunderbird client ID in a test. r=markh
Beta/Release Uplift Approval Request
- User impact if declined: This is fix for a test. The client ID of Thunderbird was changed (in the other patch) before landing and I forgot to update the corresponding test.
- Is this code covered by automated tests?: Yes
- Has the fix been verified in Nightly?: Yes
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky):
- String changes made/needed:
- Is Android affected?: No
|
||
Comment 21•1 year ago
|
||
Comment on attachment 9393408 [details]
Bug 1888019 - Use a different client ID, scope and keys for Sync in Thunderbird. r=markh,teshaq
Approved for 128.0b7.
|
|
||
Updated•1 year ago
|
|
|
||
Updated•1 year ago
|
|
|
||
Comment 22•1 year ago
|
||
| uplift | ||
Description
•