Closed Bug 695259 Opened 14 years ago Closed 14 years ago

Remove oauth tokens etc when "active logins" are cleared

Categories

(Mozilla Labs :: F1, defect)

x86_64
Windows Vista
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: markh, Unassigned)

Details

Attachments

(2 files)

If the user presses Ctrl+Shift+Delete and removes "Active Logins", all OAuth tokens should be removed and the apps should revert to a "not yet authorized" state. Note that this will not cover the password manager having logins removed for 2 reasons: * If you use the password manager, there will be no passwords remembered which relate to this auth. IOW, if you manually removed each entry one-by-one, you would not have any effect on app auth - "remove all" should really act as if you did them all one at a time. * Removing all logins does not reset the auth status for existing pages. Eg, log in to twitter and remove all passwords, then refresh the twitter page - you are still logged in. It is just when you manually log out of twitter or nuke the cookies, your password isn't remembered.
Attachment #567672 - Flags: review?(mixedpuppy)
Comment on attachment 567677 [details] Pointer to Github pull request: https://github.com/mozilla/fx-share-addon/pull/31 Against the fx-q3 branch as this *is* a hack that will not work with "real" apps.
Attachment #567677 - Flags: review?(mixedpuppy)
Attachment #567672 - Flags: review?(mixedpuppy) → review+
Attachment #567677 - Flags: review?(mixedpuppy) → review+
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: