Marketplace/FirefoxAccounts
This page discusses how we'll integrate Firefox Accounts with the Marketplace, which currently uses Persona.
Marketplace
General changes:
- Add in UA/OS sniffing to detect Firefox OS, if its not Firefox OS 2.0, we assume native Firefox Accounts is not available and fall back to the web.
For the web
Because Marketplace will have to work on Firefox OS 1.0 - 1.4, Android and Desktop, the primary Firefox Accounts flow will be the web based flow.
Documentation: https://github.com/mozilla/fxa-oauth-server/blob/master/docs/api.md
Sample application: https://123done.dev.lcip.org/
- Set up a Marketplace account on the Firefox Account server, which contains all the account and redirect information.
- Login
- Add Log in button, that calls /v1/authorization.
- Add Sign in button, that calls the above URL slightly differently. Dependent bugs: https://github.com/mozilla/fxa-content-server/issues/980, https://github.com/mozilla/fxa-content-server/issues/1062, https://github.com/mozilla/fxa-oauth-server/issues/50
- Add an insertial page to complete the log in? Or just bounce back to the original page. Upon receiving the response it:
- Calls POST /v1/token
- Sends resulting call to the profile server (undocumented but on github)
- Matches the email up with users account in zamboni, or creates an account and signs the user in, by creating a session.
- Redirects the user back to the original page.
- Logout
- Nuke the marketplace session, update any UI elements or reload.
For Firefox OS 2.0
On Firefox 2.0, we'll use the native Firefox Accounts.
- Write up here: https://id.etherpad.mozilla.org/tracing-mozId-API
- See also: https://github.com/mozilla-b2g/gaia/blob/master/dev_apps/uitest/js/API/fxa.js#L29
- Login
- Call navigator.id, adding in: wantIssuer: 'firefox-accounts'
- When firefox accounts returns, create or sync up with the existing account (we already do this)
- Create the session
- Logout
- Nuke the local session
Payments
- See this etherpad: https://id.etherpad.mozilla.org/tracing-mozId-API
- Login
- As above for Firefox Accounts for the web or Firefox OS 2.0 as appropriate.
- Reset PIN
- Firefox Accounts for the web
- Log the user out by nuking the local session, not logging them out of Firefox OS
- Login as above for Firefox for the web or Firefox OS 2.0 as appropriate
- When Firefox Accounts returns, assert the email addresses match (already done)
- Restart the payment flow
- Native Firefox Accounts
- Call the force re-auth method: https://bugzilla.mozilla.org/show_bug.cgi?id=952347
- When Firefox Accounts returns, assert the email addresses match (already done)
- Restart the payment flow
- Firefox Accounts for the web
Migration
Persona users allowed users to login with unverified emails, Firefox Accounts does not. If a user has an unverified email they will have to log in to Firefox Accounts with a new email. In this case the record of paid apps on the server will be inaccurate. This will never really affect a user until they try to purchase a previously installed app.
Note: this currently affects users anyway, but Firefox OS accounts by forcing new accounts is more likely to trigger it.
- Add in a move purchase page to the admin lookup pages
- Takes two user accounts, listing all purchases
- Moves all app purchases from account A to account B
Bugs
Tracking bug: 1007956.
No results.
0 Total; 0 Open (0%); 0 Resolved (0%); 0 Verified (0%);