Closed Bug 968320 Opened 11 years ago Closed 11 years ago

A way to verify app:// origins in the Firefox Accounts verifier

Categories

(Core Graveyard :: Identity, defect)

defect
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: jedp, Unassigned)

References

Details

If an app posts an identity assertion up to its server, the server should be able to ask the Firefox Accounts verifier to verify the assertion, even if it has an app://something url.

Presently, the verifier rejects such origins - and for good reason, since a url of the form app://{guid} is inherently unverifiable.  But if the app has a stable, if arbitrary, origin in its manifest (the case for packaged apps), then the app's server should be allowed to tell the verifier that this is an accepted origin.

Such a change will require only simple changes to the DOM API, for which we already have Bug 947374, and a simple modification to the verifier.
Depends on: 947374
QA Contact: jparsons
Blocks: 955951
Wait.  What am I talking about.  That's completely irrelevant.  Sorry.  Move along ...
The good :fmarier will open a PR in the new verifier [1] that does something like this PR that I completely forgot I landed in the old verifier last year [2].

[1] https://github.com/mozilla/browserid-verifier
[2] https://github.com/mozilla/persona/pull/3334

Benson, do you know if the new 'browserid-verifier' has been deployed in production yet?  Or are we still using the old 'browserid' verifier for Persona and Firefox Accounts?
Flags: needinfo?(bwong)
@jedp the new verifier (https://github.com/mozilla/browserid-verifier) is deployed at verifier.accounts.firefox.com. 

Let me know when your PR lands and I will deploy it. 

Ben
Flags: needinfo?(bwong)
Thanks, Benson!
Blocks: 947374
No longer depends on: 947374
:fmarier remarks that, according to the unit tests, this feature is already live and deployed on the new verifier.  Thank you, Lloyd.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.