Closed Bug 821351 Opened 12 years ago Closed 12 years ago

Negotiate Persona verifiers on B2G vs. other platforms


(Marketplace Graveyard :: Payments/Refunds, defect, P1)



(Not tracked)



(Reporter: kumar, Assigned: kumar)



On Firefox OS, Marketplace must:
1. serve the b2g Persona include.js
2. use the b2g Persona verifier service

On all other platforms, Marketplace must use the normal Persona include + verifier as it does now.

To negotiate the verifier on the backend, the code can inspect the JWT certificate which arrives as certificate~assertion (tilde separated). The certificate will have iss (issuer) which can be mapped to a whitelist of verifiers.
Priority: -- → P1
Target Milestone: --- → 2012-12-20
Assignee: nobody → kumar.mcmillan
possible tool for inspecting assertions
We're blocked on prefing this on Gaia without this. Per talking yesterday with Wil, this blocks on-device ship.
blocking-basecamp: --- → ?
scratch the part about parsing the cert for the issuer. This will be too fragile because issuers will be dynamic once primaries are introduced.

Instead, for now, we can detect on the client and pass that via Ajax to the server so it knows to use the B2G verifier.
Details on detecting the shim:
Blocks: 811528
This is on hold for now until the personatest server supports navigator.mozId. We decided on this as a better approach. See
(In reply to Kumar McMillan [:kumar] from comment #5)
> This is on hold for now until the personatest server supports
> navigator.mozId. We decided on this as a better approach. See

This can't be on hold. We're blocked on prefing on the feature without this. Please advise.
aha, it looks like I can do a workaround by setting a custom UA per until bug 821000 is fixed.
Kumar - Do you know when you'll be able to land this?

Our client-side QA team needs to finish a full test run by 12/28/2012 of all Gaia features. For that test run, we want the feature prefed on by default to simulate real user interaction, including from dogfooders. Identity is one of the areas that's at risk for the target since marketplace's login will be broken if we pref on.
I'm working on it today. bug 794695 was higher priority for us but that is done, pending review.
Target Milestone: 2012-12-20 → 2012-12-27
This is fixed and live on the dev site. Logins from desktop work with the existing Persona service and logins from B2G use (you have to create a login there for it to work)

IMPORTANT: If you are using B2G desktop, that is, not a phone or the Firefox OS simulator, then you need to override your UA string like this
Closed: 12 years ago
Resolution: --- → FIXED
blocking-basecamp: ? → ---
You need to log in before you can comment on or make changes to this bug.