Last Comment Bug 884360 - Login fails on /reviewers pages
: Login fails on /reviewers pages
Status: RESOLVED FIXED
:
Product: Marketplace
Classification: Server Software
Component: Reviewer Tools (show other bugs)
: 1.5
: All All
: P1 normal (vote)
: 2013-06-20
Assigned To: Kumar McMillan [:kumar] (needinfo all the things)
:
:
Mentors:
: 884408 (view as bug list)
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-06-18 08:33 PDT by Wraithan (Chris McDonald) [:wraithan]
Modified: 2013-06-18 16:01 PDT (History)
6 users (show)
See Also:
QA Whiteboard:
Iteration: ---
Points: ---


Attachments

Description Wraithan (Chris McDonald) [:wraithan] 2013-06-18 08:33:34 PDT
STR:
Log out of marketplace
Go to: https://marketplace.firefox.com/reviewers/apps/review/cutedrop
click sign in
sign into persona

Expected:
you sign into the marketplace/reviewer tools

Actual:
you get a persona error
Comment 1 Lloyd Hilaiel [:lloyd] 2013-06-18 08:36:29 PDT
I believe the case here is that the frontend is invoking navigator.id.request() with experimental_forceIssuer set to firefoxos.persona.org, but the backend does not supply the same parameter when verifying the assertion.

I come to this conclusion by inspecting HTTP requests, extracting the supplied assertion, and then unpacking it.  This is what I see:

==== cert ====
issuer: firefoxos.persona.org
principal: {"email":"lloyd@hilaiel.com"}
iat: Tue Jun 18 2013 09:23:47 GMT-0600 (MDT) (1371569027424)
exp: Wed Jun 19 2013 09:23:47 GMT-0600 (MDT) (1371655427424)

Note the issuer is firefoxos.persona.org, the only way that this could happen is if forceIssuer were specified on the front end.
Comment 2 Kumar McMillan [:kumar] (needinfo all the things) 2013-06-18 13:44:30 PDT
whoops, I didn't test this when fixing bug 873228 (I only tested /developers/). The login JS needs a patch which I am preparing now.
Comment 3 Kumar McMillan [:kumar] (needinfo all the things) 2013-06-18 14:02:42 PDT
Fixed https://github.com/mozilla/zamboni/commit/ab80d1d56b13caac52f4cc99e41e2496f6360e6a

You may need to clear cookies for your login to start working.
Comment 4 Kumar McMillan [:kumar] (needinfo all the things) 2013-06-18 15:23:41 PDT
*** Bug 884408 has been marked as a duplicate of this bug. ***
Comment 5 Kumar McMillan [:kumar] (needinfo all the things) 2013-06-18 16:01:22 PDT
This was just pushed to production. It also affected general DevHub logins.

Note You need to log in before you can comment on or make changes to this bug.