Closed Bug 985504 Opened 10 years ago Closed 3 years ago

Solicit user credentials once on receiving invalid-client-state response from server

Categories

(Firefox for Android Graveyard :: Android Sync, defect, P5)

Product:
Firefox for Android Graveyard
Component:
Android Sync
Version:
Firefox 29
Platform:
All
Android
Type:
defect

Tracking

(fennec+)

Status:
RESOLVED INCOMPLETE
Tracking Flags:
Tracking Status
fennec + ---

People

(Reporter: rnewman, Assigned: nalexander)

References

Details

(Whiteboard: [qa+]) 

AaronMT just saw an odd situation in which both desktop and Android starting receiving invalid-client-state errors from the server.

This might well be a server bug, but still, there are things we should do better:

* On receiving invalid-client-state, either immediately or after a number of retries, transition to Separated, not Cohabiting.

* Ask the user for credentials, persisting a derivative of the old credentials to determine whether the user re-entered the old ones. If they entered the old ones again, there's no point continuing to ask; enter the Android account hard error state and be done.

There's a balance here between detecting a "real" problem -- perhaps the user's key changed elsewhere, and i-c-s is accurate -- and being robust against some kind of transient error.
are there STR?  Train-06, going out this afternoon, fixes a bug in js-client that has this same error.
Whiteboard: [qa+]
Removed, re-added desktop account, still stuck in a re-auth loop:

https://gist.github.com/AaronMT/7e8ed47d96736593a6e0
i suspect you're seeing this: https://bugzilla.mozilla.org/show_bug.cgi?id=982798

train6 should go out later today.
No password change attempted.
Per Bug 985611, it looks like something made a request to this account with an empty X-Client-State header.  This "should never happen" but clearly it has.  I'll file some bugs about server-side mitigation to prevent this in future.

You should be able to get the account out of this stage by resetting your password.  We'll work on a slightly less brutal recovery path.
(In reply to Ryan Kelly [:rfkelly] from comment #6)
> You should be able to get the account out of this stage by resetting your
> password.  We'll work on a slightly less brutal recovery path.

Confirmed working now by doing so.
tracking-fennec: --- → ?
Assignee: nobody → nalexander
tracking-fennec: ? → 31+
Being realistic about tracking, because we have lots and lots of things to do.

Do we still think this is a problem in the wild, chaps?
tracking-fennec: 31+ → +
filter on [mass-p5]
Priority: -- → P5
Product: Android Background Services → Firefox for Android
We have completed our launch of our new Firefox on Android. The development of the new versions use GitHub for issue tracking. If the bug report still reproduces in a current version of [Firefox on Android nightly](https://play.google.com/store/apps/details?id=org.mozilla.fenix) an issue can be reported at the [Fenix GitHub project](https://github.com/mozilla-mobile/fenix/). If you want to discuss your report please use [Mozilla's chat](https://wiki.mozilla.org/Matrix#Connect_to_Matrix) server https://chat.mozilla.org and join the [#fenix](https://chat.mozilla.org/#/room/#fenix:mozilla.org) channel.
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → INCOMPLETE
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in before you can comment on or make changes to this bug.