Issue 2497 refactor to idp

[ozten]

Background for pull request: Issue #2497 (comment)

Creating a pull request to try to get some frontend help.

Thanks to @shane-tomlinson for previously reviewing and getting it this far.

Known Issues:

• siteName and other options aren't passed in from Desktop code, I'm investigating in gecko

Needs Frontend <3

• rpinfo changes in dev broke this patch, minimal hardcoded changes were made to get it working again
  • Need help doing this correctly

[seanmonstar]

fabulous! gets reviewing goggles

[seanmonstar]

indent is off

[seanmonstar]

reminder to kill these console.logs before merge

[ozten]

Ya, the version of Desktop codebase that this runs against has horrible dev tools, so I need these crutches.

[shane-tomlinson]

is this supposed to have a / prepended?

[shane-tomlinson]

It seems like this try/catch could be generalized and placed into primary.js

[shane-tomlinson]

my bad, secrets.js

[ozten]

This call is made from 7 sites in the code. Not all of them wrap in a try/catch.
I'd rather not do this change which is outside of the scope of this PR.

[shane-tomlinson]

Can both of these well known settings be extracted into functions?

[ozten]

Sure, what do you mean exactly? Something like this?

function prepareWellKnown(pubKey, provUrl, authUrl) {
  provUrl = provUrl || config.get('public_url') + '/provision';
  ...
  return {
    "public-key": pubKey,
    provisioning: provUrl,
    ...
  }
}

[shane-tomlinson]

resizeBy might give you better mileage, resizeTo includes browser chrome which can differ depending on toolbars.

[shane-tomlinson]

Can these be extracted into functions? The pyramid o' doom is getting awfully deep.

[shane-tomlinson]

ya, we need this info for the origin somehow. Are all the RP parameters passed here? If so, we'll need tos/pp, siteLogo and backgroundColor as well.

[shane-tomlinson]

So... What we need is a way to get those parameters into this dialog.... We could drag over the channel stuff that allows you to call navigator.id.registerChannel, and then pass them in that way. We could use query strings. We could possibly stuff that info into local or sessionStorage? Indexeddb? Dunno what the best route forward is, would like to find out what capabilities you have.

[ozten]

Do you have a SHA for before and after the rpinfo stuff?

What are the inputs and were do they come from? We should probably solve this in content space, but natively is also an option.

[shane-tomlinson]

I wanna kill the error rendering with a spoon.

[shane-tomlinson]

so, FWIU, this is a super mini state machine. With as yuck as the state machine is, we may want to use the generalized portion of it here if there is ever a point where the user can go back a screen within the IdP. I can help you with that if necessary.

[ozten]

I'm trying to do this, but not really sure what to do. Can you make a pull request off of issue-2497-refactor-to-idp with a sketch (or complete implementation) of what you mean?

[shane-tomlinson]

OTOH, we should hold off on adding the state machine functionality until we have more direction. No need to add complexity where it's not yet needed.

[shane-tomlinson]

I believe the error/waiting/delay sections will need to be added here to handle when those events occur.

[shane-tomlinson]

Is there ever a chance in hell we'll use this universally? If so, [].indexOf will break in IE8.

[ozten]

If IE8 implements persona natively and re-uses these flows, I'll eat my hat. :)

[shane-tomlinson]

There is navigator.id.raiseProvisioningFailure I believe for this case.

[shane-tomlinson]

So... The devil hiding in the details, password resets and transition states. Are they going to be handled?

[ozten]

The devil hiding in the details, password resets and transition states. Are they going to be handled?

Can we land this and start getting UX feedback, before implementing those features?

[ozten]

Trying to get awsbox working, I've merged from dev, but got bitrot for the second time.

I was able to see that logging.js moved and fix that.

The other issue is that the dialog just comes up blank.

To unblock myself, I've copied over scripts/deploy.js and changed the dependency to awsbox@0.6.2... but we'll have to figure out what changed about the dialog code that has broken the initial screen display for the new /auth screen. Any ideas?

[jaredhirsch]

@ozten I'll do some git twiddling on Monday, see if I can cleanly apply your changes on top of current dev.

[jaredhirsch]

ok, looking now.

[jaredhirsch]

@ozten nice work so far!

I was able to cleanly cherry-pick all the changes onto current dev (except for the commits merging dev into this branch). My branch is at https://github.com/6a68/browserid/tree/issue-2497-idp-rebased-not-merged.

One tiny logging path change was needed to get tests running, that's on the HEAD of that branch, a7fd566.

The local RP seems fine to me on my branch, I can log in and out.

[ozten]

@6a68 is rocking the merge from dev to update this branch, you rule!

Please try to reproduce the blank dialog I was seeing.

You can download a Persona enabled Desktop build:
http://ftp.mozilla.org/pub/mozilla.org/firefox/try-builds/aking@mozilla.com-62351505bca9/

Set a couple preferences (about:config):

dom.identity.enabled = true
dom.identity.persona_fallback = http://127.0.0.1:10002
toolkit.identity.debug = true

Restart Firefox.

dom.identity.persona_fallback defaults to our new ephemeral server https://desktoppersona.personatest.org/ but you can change this to any environment.

Steps to reproduce:

1. Launch Firefox with a clean profile
2. Go to http://127.0.0.1:10001
3. Click Get an assertion
4. Enter foo@bar.com

Actual: empty dialog

Expected: prompt to set a password

[jaredhirsch]

@ozten happy to help :-)

I've got the special FF build, I toggled the settings you mentioned (actually tried using the desktoppersona fallback as well as localhost), but I'm not sure what to do next.

When I try to log into RPs, I click the persona button but nothing happens. Tried 123done, mozillians, nothing. Also not seeing errors in the JS console--maybe there's a desktop-specific console for the native code that I'm unaware of?

I'll poke a bit more at my branch and yours, see if I can at least get an empty dialog using your branch.

[ozten]

So in nightly if you go to about:config and search for identity does it look like this

Clicking get Assertion should look like this

[jaredhirsch]

It looks like the blank dialog error was caused by using hashes, but the recently-landed #3971 I think means we should be using querystring instead.

@ozten said this got him past the blank dialog problem in a local branch, I've updated my issue-2497-idp-rebased-not-merged branch with the fix (commit (9e8ed0f)[https://github.com/6a68/browserid/commit/9e8ed0f]).

[jaredhirsch]

@ozten i don't have the toolkit.identity.enabled pref at all, but I have the other three matching your screenshot.

The second image is broken for me.

[ozten]

Thanks Jared!

Using your patch, I see Error: Relay frame could not be found.

Thanks for continuing to dig for breaking changes from merging.

[jaredhirsch]

I have my current branch running on https://rebasedidp.personatest.org. Will pick this up again in the morning. 🍻

[jaredhirsch]

@ozten looks like this line probably shouldn't have that IP hard-coded. I'm not totally clear on where we can get the proper domain info in this context, though. any ideas?

[jaredhirsch]

heh, I caused the Relay Error: we look for the hash, not the querystring, when we setup the channel. Removing that, or changing that code to look for ?NATIVE as window.location.search, returns us to the mysterious empty dialog situation we had before. Continuing to dig.

[ozten]

@fmarier or @shane-tomlinson I've removed temporary hacks, console.log, etc. We should be good to merge as discussed.

General note: The Goldilocks API breaks the Native implementation, so use http://192.168.186.138:10001/watch.html instead of http://192.168.186.138:10001/

[ozten]

G R E E N

[fmarier]

Did you forget to take these out?

[fmarier]

r+ from me. makes Travis happy. tested by Shane and Austin.

[ozten]

All the man needed was a Guiness at the airport!

Thanks!