Remove oauth tokens etc when "active logins" are cleared

RESOLVED FIXED

Status

RESOLVED FIXED
7 years ago
7 years ago

People

(Reporter: markh, Unassigned)

Tracking

Trunk
x86_64
Windows Vista

Details

Attachments

(2 attachments)

(Reporter)

Description

7 years ago
If the user presses Ctrl+Shift+Delete and removes "Active Logins", all OAuth tokens should be removed and the apps should revert to a "not yet authorized" state.

Note that this will not cover the password manager having logins removed for 2 reasons:

* If you use the password manager, there will be no passwords remembered which relate to this auth.  IOW, if you manually removed each entry one-by-one, you would not have any effect on app auth - "remove all" should really act as if you did them all one at a time.

* Removing all logins does not reset the auth status for existing pages.  Eg, log in to twitter and remove all passwords, then refresh the twitter page - you are still logged in.  It is just when you manually log out of twitter or nuke the cookies, your password isn't remembered.
(Reporter)

Comment 1

7 years ago
Created attachment 567672 [details]
Pointer to Github pull request: https://github.com/mozilla/openwebapps/pull/121

Pointer to Github pull-request
(Reporter)

Updated

7 years ago
Attachment #567672 - Flags: review?(mixedpuppy)
(Reporter)

Comment 2

7 years ago
Created attachment 567677 [details]
Pointer to Github pull request: https://github.com/mozilla/fx-share-addon/pull/31

Pointer to Github pull-request
(Reporter)

Comment 3

7 years ago
Comment on attachment 567677 [details]
Pointer to Github pull request: https://github.com/mozilla/fx-share-addon/pull/31

Against the fx-q3 branch as this *is* a hack that will not work with "real" apps.
Attachment #567677 - Flags: review?(mixedpuppy)
Attachment #567672 - Flags: review?(mixedpuppy) → review+
Attachment #567677 - Flags: review?(mixedpuppy) → review+
merged openwebapps patch https://github.com/mozilla/openwebapps/commit/5593b14394b06173173ed83db2a15e8a40671354

merged share patch https://github.com/mozilla/fx-share-addon/commit/e24096eab49cf797bc5584213901f5a161a00429

bug 695366 exists to figure out a permanent solution.
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.