Open Bug 985504 Opened 6 years ago Updated 2 years ago
Solicit user credentials once on receiving invalid-client-state response from server
AaronMT just saw an odd situation in which both desktop and Android starting receiving invalid-client-state errors from the server. This might well be a server bug, but still, there are things we should do better: * On receiving invalid-client-state, either immediately or after a number of retries, transition to Separated, not Cohabiting. * Ask the user for credentials, persisting a derivative of the old credentials to determine whether the user re-entered the old ones. If they entered the old ones again, there's no point continuing to ask; enter the Android account hard error state and be done. There's a balance here between detecting a "real" problem -- perhaps the user's key changed elsewhere, and i-c-s is accurate -- and being robust against some kind of transient error.
are there STR? Train-06, going out this afternoon, fixes a bug in js-client that has this same error.
Removed, re-added desktop account, still stuck in a re-auth loop: https://gist.github.com/AaronMT/7e8ed47d96736593a6e0
i suspect you're seeing this: https://bugzilla.mozilla.org/show_bug.cgi?id=982798 train6 should go out later today.
No password change attempted.
Per Bug 985611, it looks like something made a request to this account with an empty X-Client-State header. This "should never happen" but clearly it has. I'll file some bugs about server-side mitigation to prevent this in future. You should be able to get the account out of this stage by resetting your password. We'll work on a slightly less brutal recovery path.
(In reply to Ryan Kelly [:rfkelly] from comment #6) > You should be able to get the account out of this stage by resetting your > password. We'll work on a slightly less brutal recovery path. Confirmed working now by doing so.
Assignee: nobody → nalexander
tracking-fennec: ? → 31+
Being realistic about tracking, because we have lots and lots of things to do. Do we still think this is a problem in the wild, chaps?
tracking-fennec: 31+ → +
filter on [mass-p5]
Priority: -- → P5
You need to log in before you can comment on or make changes to this bug.