Closed
Bug 887862
Opened 11 years ago
Closed 11 years ago
The 5 minutes PIN lockout is displayed even if users logged in with another persona account.
Categories
(Marketplace Graveyard :: Payments/Refunds, defect, P2)
Tracking
(Not tracked)
VERIFIED
FIXED
2013-09-03
People
(Reporter: vcarciu, Assigned: wraithan)
References
Details
(Keywords: regression)
Attachments
(1 file)
8.34 KB,
text/plain
|
Details |
Prerequisites: Unagi device with MP stage installed Steps to reproduce: 1.Login to MP stage and try to purchase any paid app 2.When PIN is required, enter an wrong PIN 5 times 3.When the 5 mins pin lockout screen is displayed, sign out and sign in again with a completely new persona account 4.Try to buy an app Expected results: Users are asked to create\confirm a new PIN Actual results: Pin lockout screen is still displayed. NOTES: After 5 minutes the old PIN is still recognized and user can buy without creating a new PIN for Please see attached logs
Reporter | ||
Comment 1•11 years ago
|
||
I just observed that at a subsequent purchase, Create PIN flow started , so the old pin can be used only first time.
Reporter | ||
Updated•11 years ago
|
Target Milestone: --- → 2013-06-27
Updated•11 years ago
|
Blocks: marketplace-payments
Updated•11 years ago
|
Target Milestone: 2013-06-27 → 2013-07-04
Updated•11 years ago
|
Flags: affects-moss+
Updated•11 years ago
|
Target Milestone: 2013-07-04 → 2013-07-11
Updated•11 years ago
|
Flags: affects-tricycle+
Flags: affects-seville-
Flags: affects-seahorse+
Flags: affects-durango+
Assignee | ||
Updated•11 years ago
|
Assignee: nobody → wraithan
Updated•11 years ago
|
Target Milestone: 2013-07-11 → 2013-07-25
Assignee | ||
Comment 3•11 years ago
|
||
The sign out/sign in part is in marketplace, not in webpay. I didn't realize that until I tried to actually trigger this bug and realized I couldn't the way I was thinking about it. What likely needs to happen is we need to initiate a logout in webpay when you logout of marketplace. If we blow away session cookies then you'll be able to log in and we will check your locked status of the newly logged in account.
Updated•11 years ago
|
Target Milestone: 2013-07-25 → 2013-08-01
Assignee | ||
Updated•11 years ago
|
Target Milestone: 2013-08-01 → 2013-08-06
Assignee | ||
Updated•11 years ago
|
Target Milestone: 2013-08-06 → 2013-08-13
Updated•11 years ago
|
Version: 1.5 → 1.3
Updated•11 years ago
|
Target Milestone: 2013-08-13 → 2013-09-03
Assignee | ||
Comment 4•11 years ago
|
||
https://github.com/mozilla/webpay/commit/0937b5a46a7cf1cdd7a5070c24d3cbbbedcdb0fd Fixed. Now bounces through an intermediary screen to hit persona before redirecting. Slows things down slightly but is the best solution for now.
Assignee | ||
Updated•11 years ago
|
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 5•11 years ago
|
||
This is still reproducible on Stage. I was not able to grab logs with "submit logs" feature, but the issue is reproducible exactly as described in original scenario.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Assignee | ||
Comment 6•11 years ago
|
||
This was landed after stage updated yesterday. As of Noon PST today, stage will update with this patch.
Status: REOPENED → RESOLVED
Closed: 11 years ago → 11 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 7•11 years ago
|
||
Verified as fixed. Users were asked for PIN after switching to another account.
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•