Bug 1594929 - Remove invalidateCertificate from FxAccountsKeys.jsm. r=rfkelly
authorMark Hammond <mhammond@skippinet.com.au>
Tue, 12 Nov 2019 04:05:28 +0000
changeset 501699 1dda54201821a681dcd00b06efb2815d9dd7bdea
parent 501698 6a4727c44078f7eca99f39b72a6f8eab2752c3f0
child 501700 c351bea716961017d6e4f59cb48a9bcaf6111e9b
push id114172
push userdluca@mozilla.com
push dateTue, 19 Nov 2019 11:31:10 +0000
treeherdermozilla-inbound@b5c5ba07d3db [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersrfkelly
bugs1594929
milestone72.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1594929 - Remove invalidateCertificate from FxAccountsKeys.jsm. r=rfkelly Differential Revision: https://phabricator.services.mozilla.com/D52623
services/fxaccounts/FxAccountsKeys.jsm
services/sync/modules/browserid_identity.js
--- a/services/fxaccounts/FxAccountsKeys.jsm
+++ b/services/fxaccounts/FxAccountsKeys.jsm
@@ -260,24 +260,16 @@ class FxAccountsKeys {
       kBbytes,
       undefined,
       "identity.mozilla.com/picl/v1/oldsync",
       2 * 32
     );
   }
 
   /**
-   * Invalidate the FxA certificate, so that it will be refreshed from the server
-   * the next time it is needed.
-   */
-  invalidateCertificate() {
-    return this._fxia.invalidateCertificate();
-  }
-
-  /**
    * Derive the WebExtensions Sync Storage Key given the byte string kB.
    *
    * @returns Promise<HKDF(kB, undefined, "identity.mozilla.com/picl/v1/chrome.storage.sync", 64)>
    */
   _deriveWebExtSyncStoreKey(kBbytes) {
     return CryptoUtils.hkdfLegacy(
       kBbytes,
       undefined,
--- a/services/sync/modules/browserid_identity.js
+++ b/services/sync/modules/browserid_identity.js
@@ -416,17 +416,17 @@ this.BrowserIDManager.prototype = {
         // If we get a 401 fetching the token it may be that our certificate
         // needs to be regenerated.
         if (!err.response || err.response.status !== 401) {
           throw err;
         }
         this._log.warn(
           "Token server returned 401, refreshing certificate and retrying token fetch"
         );
-        await fxa.keys.invalidateCertificate();
+        await fxa._internal.invalidateCertificate();
         keys = await fxa.keys.getKeys();
         token = await getToken(keys);
       }
       // TODO: Make it be only 80% of the duration, so refresh the token
       // before it actually expires. This is to avoid sync storage errors
       // otherwise, we may briefly enter a "needs reauthentication" state.
       // (XXX - the above may no longer be true - someone should check ;)
       token.expiration = this._now() + token.duration * 1000 * 0.8;