========
cd7edfa0b5
Author: Nick Alexander <nalexander@mozilla.com>
Bug 1140812 - Part 3: React to Backoff and Retry-After headers.
========
8581f5a572
Author: Nick Alexander <nalexander@mozilla.com>
Date: Fri Mar 27 15:30:33 2015 -0700
Bug 1140812 - Part 2: Include request in HTTP response observation callbacks.
This allows to only handle responses from certain hosts.
========
05b50325db
Author: Nick Alexander <nalexander@mozilla.com>
Date: Fri Mar 27 14:47:38 2015 -0700
Bug 1140812 - Part 1: Generalize from one to many HTTP response observers.
CopyOnWriteArrayList is a reasonable choice here: we have few writes but
many iterations. See
http://docs.oracle.com/javase/7/docs/api/java/util/concurrent/CopyOnWriteArrayList.html
========
5950219343
Author: Nick Alexander <nalexander@mozilla.com>
Date: Fri Mar 27 16:04:07 2015 -0700
Bug 1140812 - Pre: Modernize backoffInSeconds.
Sync uses X-Backoff; newer services, including Reading List, use Backoff.
This tries to sync prod accounts against prod Reading List, stage
accounts against stage Reading List, and reject all other account
servers. Custom Sync (Token) servers (not prod, not stage) should cause
us not to Sync Reading List, the intention being to avoid storing data
with Mozilla if the user has expressed a desire not to.
========
b69b097505
Author: Nick Alexander <nalexander@mozilla.com>
Bug 1148029 - Disable Reading List sync when using custom endpoints.
Custom is interpreted to mean neither Mozilla production nor Mozilla
stage. To ease the burden of testing stage, we sync the reading list
against stage reading list storage when the account is authing against
stage FxA.
Messaging this in some way would be nice but will have to wait for
follow-up.
When it's on the parent of the outermost container with
layout_width="match_parent", the margin adds to the parent's size
(i.e. the screen width). Adding the margin to the child ensures the width is
reduced and content centered.
========
8b1d353ee8
Author: Nick Alexander <nalexander@mozilla.com>
Bug 1148504 - Part 2: Make updating Firefox Account state happen in a critical section.
It's worth noting that the two consumers of the shared state lock will
only race for a very short window -- essentially only when creating or
re-connecting an account.
That's because Reading List oauth tokens are long-lived and do not
expire (yet) in response to remote Account state changes, such as
updating the Account password. So Sync and RL will race to initialize
the Account state; eventually RL will get an oauth token; and that token
will be cached forever until RL produces a 401 for the token or Android
expires the token.
Since Sync requests a token server token at the start of every sync, the
lock will be constantly exercised, but should never block.
========
d7a8611810
Author: Nick Alexander <nalexander@mozilla.com>
Date: Fri Mar 27 08:27:28 2015 -0700
Bug 1148504 - Part 1: Reduce scope of section that may set Account state.
The only place that might throw a TokenServerException is the token
server client code itself. By handling such an exception earlier, we
reduce the scope of the section that may update the Firefox Account
state. (This comes at the cost of threading AndroidFxAccount into
syncWithAssertion, but c'est la vie.)
This does not interact with the exist handling of 401s that we might see
from the storage endpoint. Those 401s never generated
TokenServerExceptions; in fact, they were (essentially) ignored. Since
we fetch a fresh token every Sync, what was (and is) expected is that
such 401s would be transient and fixed by authenticating with a fresher
token.
Test plan: manually verify that remotely changing the Firefox Account's
password while the device is in the Married state does the following:
1) uses the cached certificate to generate a local assertion;
2) the assertion produces a 401 from the TokenServerException, since the
certificate is no longer fresh;
3) the TokenServerException drives the Account state to Cohabiting;
4) the state machine discovers it cannot /sign, driving the Account
state to Separated.
========
9b406122ef
Author: Nick Alexander <nalexander@mozilla.com>
Bug 1142596 - Post: Use production OAuth and Reading List endpoints.
========
9e5368b4aa
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 23:00:34 2015 -0700
Bug 1142596 - Part 4: Make ReadingListSyncAdapter use oauth tokens produced and cached by the authenticator.
========
fbef93698d
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 22:49:52 2015 -0700
Bug 1142596 - Part 3: Implement getAuthToken with token types of the form oauth::scope.
Be aware that there are two levels of token invalidation relevant here.
The first level is when a consumer uses an oauth token and gets a 401;
in this case, the consumer *must* call Android's own
invalidateAuthToken. The second level is when the oauth client itself
gets a 401 trying to fetch an oauth token; in this case, the internal
state of the Firefox Account needs to be pushed back.
========
e4e2247b4e
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 22:43:26 2015 -0700
Bug 1142596 - Part 2: Extract login state machine delegate encapsulating expirations.
========
f1f716cc88
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 22:14:47 2015 -0700
Bug 1142596 - Part 1: Surface Reading List authentication errors.
========
5833cbbf71
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 22:01:46 2015 -0700
Bug 1142596 - Pre: Add note about deleting cached oauth tokens.
Deleting cached oauth tokens is tracked by Bug 1147245.
========
b0165a6c14
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 23:06:49 2015 -0700
Bug 1142596 - Pre: Trim imports.
========
afcbbba32c
Author: Nick Alexander <nalexander@mozilla.com>
Bug 1147473 - Part 2: Make it possible to toggle Firefox Accounts debug / PII logging at runtime.
Tap the email address in the Firefox Account settings activity 5 times.
Only available when:
!defined(MOZILLA_OFFICIAL) || defined(NIGHTLY_BUILD) || defined(MOZ_DEBUG)
========
261f912d12
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 22:10:05 2015 -0700
Bug 1147473 - Part 1: Add additional (dangerous!) debug commands.
These make it easier to test oauth token authorization, especially using
stage servers.
========
c1509baa77
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 22:06:43 2015 -0700
Bug 1142596 - Pre: Move constants around.
========
2c676500c3
Author: Nick Alexander <nalexander@mozilla.com>
Date: Thu Mar 26 11:28:22 2015 -0700
Bug 1142596 - Pre: Make it easier to construct intermediate states.
========
575d80fddb
Author: Nick Alexander <nalexander@mozilla.com>
Date: Wed Mar 25 16:35:26 2015 -0700
Bug 1140810 - Part 2: Upload material (non-status) modifications.
========
a86e734ef1
Author: Nick Alexander <nalexander@mozilla.com>
Date: Wed Mar 25 10:56:07 2015 -0700
Bug 1140810 - Part 1: Add storage test for material (non-status) modifications.
========
2259378d08
Author: Nick Alexander <nalexander@mozilla.com>
Date: Wed Mar 25 13:33:13 2015 -0700
Bug 1140810 - Part 0: Add and use HTTP PATCH.
========
0222d53d98
Author: Nick Alexander <nalexander@mozilla.com>
Date: Wed Mar 25 14:49:19 2015 -0700
Bug 1140810 - Pre: Don't fail in status upload when there are no failures.
========
7f2feede3b
Author: Nick Alexander <nalexander@mozilla.com>
Date: Wed Mar 25 14:53:45 2015 -0700
Bug 1140810 - Pre: convert 4 spaces to 2 spaces.
========
49e80d271e
Author: Nick Alexander <nalexander@mozilla.com>
Date: Wed Mar 25 10:40:26 2015 -0700
Bug 1140810 - Pre: Fix whitespace.
========
8b1d353ee8
Author: Nick Alexander <nalexander@mozilla.com>
Date: Fri Mar 27 10:01:35 2015 -0700
Bug 1148504 - Part 2: Make updating Firefox Account state happen in a critical section.
It's worth noting that the two consumers of the shared state lock will
only race for a very short window -- essentially only when creating or
re-connecting an account.
That's because Reading List oauth tokens are long-lived and do not
expire (yet) in response to remote Account state changes, such as
updating the Account password. So Sync and RL will race to initialize
the Account state; eventually RL will get an oauth token; and that token
will be cached forever until RL produces a 401 for the token or Android
expires the token.
Since Sync requests a token server token at the start of every sync, the
lock will be constantly exercised, but should never block.
========
d7a8611810
Author: Nick Alexander <nalexander@mozilla.com>
Date: Fri Mar 27 08:27:28 2015 -0700
Bug 1148504 - Part 1: Reduce scope of section that may set Account state.
The only place that might throw a TokenServerException is the token
server client code itself. By handling such an exception earlier, we
reduce the scope of the section that may update the Firefox Account
state. (This comes at the cost of threading AndroidFxAccount into
syncWithAssertion, but c'est la vie.)
This does not interact with the exist handling of 401s that we might see
from the storage endpoint. Those 401s never generated
TokenServerExceptions; in fact, they were (essentially) ignored. Since
we fetch a fresh token every Sync, what was (and is) expected is that
such 401s would be transient and fixed by authenticating with a fresher
token.
Test plan: manually verify that remotely changing the Firefox Account's
password while the device is in the Married state does the following:
1) uses the cached certificate to generate a local assertion;
2) the assertion produces a 401 from the TokenServerException, since the
certificate is no longer fresh;
3) the TokenServerException drives the Account state to Cohabiting;
4) the state machine discovers it cannot /sign, driving the Account
state to Separated.
========
9b406122ef
Author: Nick Alexander <nalexander@mozilla.com>
Date: Thu Mar 26 14:13:58 2015 -0700
Bug 1142596 - Post: Use production OAuth and Reading List endpoints.
========
9e5368b4aa
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 23:00:34 2015 -0700
Bug 1142596 - Part 4: Make ReadingListSyncAdapter use oauth tokens produced and cached by the authenticator.
========
fbef93698d
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 22:49:52 2015 -0700
Bug 1142596 - Part 3: Implement getAuthToken with token types of the form oauth::scope.
Be aware that there are two levels of token invalidation relevant here.
The first level is when a consumer uses an oauth token and gets a 401;
in this case, the consumer *must* call Android's own
invalidateAuthToken. The second level is when the oauth client itself
gets a 401 trying to fetch an oauth token; in this case, the internal
state of the Firefox Account needs to be pushed back.
========
e4e2247b4e
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 22:43:26 2015 -0700
Bug 1142596 - Part 2: Extract login state machine delegate encapsulating expirations.
========
f1f716cc88
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 22:14:47 2015 -0700
Bug 1142596 - Part 1: Surface Reading List authentication errors.
========
5833cbbf71
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 22:01:46 2015 -0700
Bug 1142596 - Pre: Add note about deleting cached oauth tokens.
Deleting cached oauth tokens is tracked by Bug 1147245.
========
b0165a6c14
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 23:06:49 2015 -0700
Bug 1142596 - Pre: Trim imports.
========
afcbbba32c
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 23:24:27 2015 -0700
Bug 1147473 - Part 2: Make it possible to toggle Firefox Accounts debug / PII logging at runtime.
Tap the email address in the Firefox Account settings activity 5 times.
Only available when:
!defined(MOZILLA_OFFICIAL) || defined(NIGHTLY_BUILD) || defined(MOZ_DEBUG)
========
261f912d12
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 22:10:05 2015 -0700
Bug 1147473 - Part 1: Add additional (dangerous!) debug commands.
These make it easier to test oauth token authorization, especially using
stage servers.
========
c1509baa77
Author: Nick Alexander <nalexander@mozilla.com>
Date: Tue Mar 24 22:06:43 2015 -0700
Bug 1142596 - Pre: Move constants around.
========
2c676500c3
Author: Nick Alexander <nalexander@mozilla.com>
Date: Thu Mar 26 11:28:22 2015 -0700
Bug 1142596 - Pre: Make it easier to construct intermediate states.
Toasts are unclickable (http://stackoverflow.com/a/20698525) so this button
never actually did anything. If we want to add this functionality, we'd have to
use a new toasting API (dialog was suggested) and potentially create a new
Activity (so it can be shown over another underlying Activity).
We could implement this but it'd be better to spend time creating system
notifications to show tab sending progress (bug 1145434).
