Attempt to fetch avatar is made after failure to fetch OAuth token #2835

shane-tomlinson · 2015-07-27T13:06:44Z

STR:

Apply the diff from below
Visit 123done
Open the developer console, enable network requests
Click "sign in" on 123done
Watch the developer console make the request to the oauth server's /v1/authorization, then the profile server's /v1/avatar

Expected:

No extra request to the profile server. The user isn't authorized.

The proof:

The diff:

diff --git a/app/scripts/lib/oauth-client.js b/app/scripts/lib/oauth-client.js
index 09f24bc..2ffd6c0 100644
--- a/app/scripts/lib/oauth-client.js
+++ b/app/scripts/lib/oauth-client.js
@@ -22,6 +22,9 @@ function (xhr, OAuthErrors) {

   OAuthClient.prototype = {
     _request: function (method, endpoint, params) {
+      if (params) {
+        delete params.scope;
+      }
       return this._xhr[method](this._oAuthUrl + endpoint, params || null)
         .fail(function (xhr) {
           var err = OAuthErrors.normalizeXHRError(xhr);

Ref mozilla/fxa-oauth-server#315

The text was updated successfully, but these errors were encountered:

vladikoff · 2015-09-28T16:53:26Z

@shane-tomlinson to check this

shane-tomlinson · 2015-09-28T16:53:30Z

@shane-tomlinson to check if this has been fixed.

shane-tomlinson · 2015-10-12T15:38:53Z

Since mozilla/fxa-oauth-server#315 is fixed, the new diff is:

diff --git a/app/scripts/lib/oauth-client.js b/app/scripts/lib/oauth-client.js
index 09f24bc..65913a4 100644
--- a/app/scripts/lib/oauth-client.js
+++ b/app/scripts/lib/oauth-client.js
@@ -22,6 +22,8 @@ function (xhr, OAuthErrors) {

   OAuthClient.prototype = {
     _request: function (method, endpoint, params) {
+      params = {};
+
       return this._xhr[method](this._oAuthUrl + endpoint, params || null)
         .fail(function (xhr) {
           var err = OAuthErrors.normalizeXHRError(xhr);

The request for the users avatar no longer occurs if the request to /authorization has failed:

Closing as fixed.

shane-tomlinson added oauth labels Jul 27, 2015

zaach added waffle:later and removed waffle:ready labels Jul 27, 2015

rfk added waffle:backlog and removed waffle:later labels Aug 10, 2015

vladikoff assigned shane-tomlinson Sep 28, 2015

vladikoff added waffle:soon and removed waffle:backlog labels Sep 28, 2015

shane-tomlinson added waffle:now and removed waffle:soon labels Sep 28, 2015

rfk added this to the FxA-0: quality milestone Sep 29, 2015

vladikoff added waffle:progress and removed waffle:now labels Oct 5, 2015

shane-tomlinson added waffle:now and removed waffle:progress labels Oct 7, 2015

shane-tomlinson closed this Oct 12, 2015

shane-tomlinson removed the waffle:now label Oct 12, 2015

mozilla / fxa-content-server Archived

Attempt to fetch avatar is made after failure to fetch OAuth token #2835

Attempt to fetch avatar is made after failure to fetch OAuth token #2835

shane-tomlinson commented Jul 27, 2015

vladikoff commented Sep 28, 2015

shane-tomlinson commented Sep 28, 2015

shane-tomlinson commented Oct 12, 2015

mozilla / fxa-content-server Archived

Attempt to fetch avatar is made after failure to fetch OAuth token #2835

Attempt to fetch avatar is made after failure to fetch OAuth token #2835

Comments

shane-tomlinson commented Jul 27, 2015

STR:

Expected:

The proof:

The diff:

vladikoff commented Sep 28, 2015

shane-tomlinson commented Sep 28, 2015

shane-tomlinson commented Oct 12, 2015