Closed
Bug 850084
Opened 11 years ago
Closed 11 years ago
Re-enable forced issuers for Marketplace and Webpay Persona logins
Categories
(Marketplace Graveyard :: Payments/Refunds, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
2013-05-16
People
(Reporter: kumar, Assigned: kumar)
References
Details
On Firefox OS both Marketplace and Webpay rely on unverified emails and thus we must only whitelist a trusted identity provider. We use the forceIssuer Persona feature for this. There is currently a bug where auto-logins break when forceIssuer is used so we have to temporarily disable it. This is a reminder bug to turn forceIssuer back on when the Persona issue is resolved. It is tracked here: https://github.com/mozilla/browserid/issues/3089
|
Assignee | |
Updated•11 years ago
|
|
|
Assignee | |
Comment 1•11 years ago
|
||
When the persona issue is fixed, the STR in bug 843397 can be used to verify it. That was where you had to log in twice to marketplace and webpay.
|
|
Assignee | |
Comment 2•11 years ago
|
||
Disabled: Webpay: https://github.com/mozilla/webpay/commit/f1c5a5420eead0af80ab278cc6a956c7fc7e8652 Zamboni: https://github.com/mozilla/zamboni/commit/50454fe2ffb17beb4b428fea73cc8b60b319fc45
|
||
Comment 3•11 years ago
|
||
Lloyd - this is marked as a P1 for the payments team but no one can remember why (after our workaround). If it's a security issue we should fix it, otherwise we can lower the priority. Is this a security issue?
Flags: needinfo?(lhilaiel)
Priority: P1 → P3
Whiteboard: p= → [blocked on persona] p=
|
||
Comment 4•11 years ago
|
||
the reason for forceIssuer is to disable primary lookup and force the issuer of the assertion to be a mozilla service. Basically, if you don't do this, payments will be broken for all yahoo addresses next month, and all gmail and hotmail addresses next quarter.
|
|
||
Comment 5•11 years ago
|
||
P1 it is then :). Sounds like Jed is going to work on it in the next couple days. Thanks.
Priority: P3 → P1
|
|
||
Updated•11 years ago
|
Whiteboard: [blocked on persona] p= → [blocked on identity]
|
|
Assignee | |
Comment 6•11 years ago
|
||
A fix has landed but it hasn't merged in yet https://github.com/mozilla/browserid/issues/3089
|
|
||
Comment 7•11 years ago
|
||
16:20 jedp │ clouserw timelines are: 16:20 jedp │ the merge will be done within a week so it can start riding the trains (working backward from gtm in june) 16:20 jedp │ clouserw and the redeploy can happen tomorrow morning - if it blows up, we repoint the IP back where it was 16:21 jedp │ clouserw by "redeploy" i mean in native-persona.org - updating to our merged branch
|
|
||
Comment 8•11 years ago
|
||
Looks like it's been a couple weeks. What's the status?
Flags: needinfo?(lhilaiel) → needinfo?(jparsons)
|
||
Comment 9•11 years ago
|
||
The fix for this was merged some weeks ago by stomlinson into the native-persona.org branch. https://github.com/mozilla/browserid/commit/f971f4a5944cb1647b9b93a7fc5d1493153e8d99 Note also shane's comments about navigator.id.watch() here: https://github.com/mozilla/browserid/issues/3089#issuecomment-15595199
Flags: needinfo?(jparsons)
|
|
Assignee | |
Comment 10•11 years ago
|
||
Thanks. We'll try to enable it again. It sounds like we may need to set loggedInEmail. I'll fiddle with it.
Assignee: nobody → kumar.mcmillan
|
|
Assignee | |
Updated•11 years ago
|
Whiteboard: [blocked on identity]
Target Milestone: --- → 2013-05-09
|
|
Assignee | |
Comment 11•11 years ago
|
||
Note to self: these parameters should also be renamed to experimental_allowUnverified and experimental_forceIssuer
|
|
Assignee | |
Comment 12•11 years ago
|
||
I have this working in a branch -- https://github.com/mozilla/webpay/pull/117 -- using loggedInUser but I might wait until we resolve bug 870411 since my fixes won't be testable on 1.0.1 without it
Depends on: 870411
Target Milestone: 2013-05-09 → ---
|
|
Assignee | |
Comment 13•11 years ago
|
||
bug 870411 is resolved (woo!) so I'll land this tomorrow AM to test it on dev.
Target Milestone: --- → 2013-05-16
|
|
Assignee | |
Comment 14•11 years ago
|
||
I re-enabled forceIssuer and also added loggedInUser https://github.com/mozilla/webpay/commit/4702e7c85a7133b8f9f6e7ffc27e512d31228e6b All seems to be working but I'm hitting some timeouts and lag on native-persona.org from unagi over wifi. I don't think it's related to my changes. I wanted to do one change at a time. Next I'll add the experimental_* prefixes.
|
|
Assignee | |
Comment 15•11 years ago
|
||
Jed said that forceIssuer hasn't completely landed on native-persona.org so I'm waiting on him to land it
|
|
||
Comment 16•11 years ago
|
||
Yes, it's just the 'experimental_' prefix that needs to be added so that the api has parity with the main persona tree. Should get it done after lunch today.
|
|
Assignee | |
Comment 17•11 years ago
|
||
Zamboni/Fireplace/WebPay are all on the new Persona (see also bug 872169 and bug 872168) and are using forceIssuer and all experimental params are prefixed: Zamboni: https://github.com/mozilla/zamboni/commit/564ebb172cbe03f7a47e89a7f0b50554c01984c3 Webpay: https://github.com/mozilla/webpay/commit/f7b8802591d40de0605f2ebee1877e8c23c3a7e5 Webpay fix: https://github.com/mozilla/webpay/commit/ceecee81550067973eff91ec1e790225feab4e6a Fireplace: https://github.com/mozilla/fireplace/commit/97cbd9b18075782d8e9ef0b59ebbd4724f656fe4
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
|
|
||
Comment 18•11 years ago
|
||
nice
You need to log in
before you can comment on or make changes to this bug.
Description
•