Closed Bug 830062 Opened 13 years ago Closed 13 years ago

App purchase requires a double log in

Categories

(Marketplace Graveyard :: Payments/Refunds, defect, P1)

Tracking

(Not tracked)

RESOLVED FIXED
2013-01-24

People

(Reporter: krupa.mozbugs, Assigned: cvan)

References

Details

(Whiteboard: u=patron p=1)

steps to reproduce: 1. Launch marketplace-dev app on your unagi phone 2. Click on the Login/Register button 3. Log in using unverified account 4. Navigate to 'private yacht' 5. Click on the purchase button expected behavior: Payment Flow opens in the trustedUI and PIN creation screen loads. observed behavior: Payment Flow opens in the trustedUI but user is prompted to log in.
Login in what sense in the observed behavior? Was the persona cookie saved? You can validate if the persona cookie was saved if after step #5, you should not have to enter your username and password, but instead, select to login with the account saved.
Priority: -- → P1
This is a Marketplace bug. You can reproduce it on desktop B2G too. The *second* time you log in using the same account, everything works. The bug is something in the way that Marketplace is using the Persona observer API. Even after logging in successfully, Marketplace still calls nav.id.request() which is why it appears to take two logins instead of one.
Summary: Don't prompt logged-in users to sign in during app purchase → App purchase requires a double log in
Assignee: nobody → cvan
Target Milestone: --- → 2013-01-17
Whiteboard: u=patron p=1
Supposedly webpay is prompting the user to log in during purchase if they have been logged into marketplace for a while. This should not happen. We have PIN verification to avoid any malicious intent. Logged-in users should directly be prompted to enter their PIN.
Severity: normal → major
Unfortunately, using the exact STR with a new unverified account I was able to start a purchase and get to the mozPay window. (In reply to krupa raj 82[:krupa] from comment #3) > Supposedly webpay is prompting the user to log in during purchase By "webpay" do you mean "Marketplace"? If it looks like this - http://f.cl.ly/items/2Y3v3O2s1f180O10132C/Screen%20Shot%202013-01-16%20at%206.40.04%20PM.png - that's the Marketplace, not webpay. > if they have been logged into marketplace for a while. This should not happen. What do you mean a while? Did you close the app or anything? I can't think of what effect duration would have on login. I'm sure this is happening (and likely blamable on some Persona wonkiness). Any advice to repro would be bawse.
I've noticed this double-login as well, and would be happy to help diagnose. Where does the marketplace code live? I'd be glad to look at the way the observer api is being used; if, as kumar says, there's a second call to navigator.id.request(), then this is the expected behavior. And if, as cvan suspects, there's something wonky with persona, we certainly want to know that, too :) Trying to reproduce now and follow the debug logs (which would give some idea about the way persona is being used and the way it is behaving) is unsuccessful: After clicking on the private yacht, I get a "Something went wrong!" error in the Trusted UI, so I can't do any more at present. (Debug logs: If you pref toolkit.identity.debug to true, you'll get a lot of information about how persona is being called and what it's doing behind the scenes.)
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Target Milestone: 2013-01-17 → 2013-01-24
Verified as fixed using a new account : http://screencast.com/t/jq4Iv6EZ
Status: RESOLVED → VERIFIED
moving back to verify the bug on the phone.
Status: VERIFIED → RESOLVED
Closed: 13 years ago13 years ago
I suspect that this still happens.Kumar and i saw this happen on marketplace-dev STR: 1. Log into marketplace-dev 2. Wait for > 40 mins 3. Search for a paid app and try to purchase it observed behavior: Payment Flow opens in the trustedUI but user is prompted to log in again.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
krupa will file a separate bug for cvan
Status: REOPENED → RESOLVED
Closed: 13 years ago13 years ago
Resolution: --- → FIXED
Version: 1.0 → 1.1
You need to log in before you can comment on or make changes to this bug.