Bug 1069920 - Firefox Accounts auth dialog does not wait for password. r=spenrose, a=bajaj
authorFernando Jiménez <ferjmoreno@gmail.com>
Tue, 23 Sep 2014 19:58:14 +0200
changeset 225124 47a58d64390d0b1de914fb56196538678bdfe48c
parent 225123 c99eaa75537381c246325a4ce52a2bf1c597f9a3
child 225125 38791329385233206c92f963b5b228e455e8ce87
push id3979
push userraliiev@mozilla.com
push dateMon, 13 Oct 2014 16:35:44 +0000
treeherdermozilla-beta@30f2cc610691 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersspenrose, bajaj
bugs1069920
milestone34.0a2
Bug 1069920 - Firefox Accounts auth dialog does not wait for password. r=spenrose, a=bajaj
services/fxaccounts/FxAccountsManager.jsm
services/fxaccounts/tests/xpcshell/test_manager.js
--- a/services/fxaccounts/FxAccountsManager.jsm
+++ b/services/fxaccounts/FxAccountsManager.jsm
@@ -562,16 +562,20 @@ this.FxAccountsManager = {
           if (permission == Ci.nsIPermissionManager.PROMPT_ACTION &&
               !this._refreshing) {
             return this._refreshAuthentication(aAudience, user.email,
                                                principal,
                                                false /* logoutOnFailure */);
           } else if (permission == Ci.nsIPermissionManager.DENY_ACTION &&
                      !this._refreshing) {
             return this._error(ERROR_PERMISSION_DENIED);
+          } else if (this._refreshing) {
+            // If we are blocked asking for a password we should not continue
+            // the getAssertion process.
+            return Promise.resolve(null);
           }
           return this._getAssertion(aAudience, principal);
         }
         log.debug("No signed in user");
         if (aOptions && aOptions.silent) {
           return Promise.resolve(null);
         }
         return this._uiRequest(UI_REQUEST_SIGN_IN_FLOW, aAudience, principal);
--- a/services/fxaccounts/tests/xpcshell/test_manager.js
+++ b/services/fxaccounts/tests/xpcshell/test_manager.js
@@ -387,16 +387,137 @@ add_test(function(test_getAssertion_refr
       run_next_test();
     },
     error => {
       do_throw("Unexpected error: " + error);
     }
   );
 });
 
+add_test(function(test_getAssertion_no_permissions) {
+  do_print("= getAssertion no permissions =");
+
+  let noPermissionsPrincipal = {origin: 'app://dummy', appId: 28};
+  let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"]
+                 .getService(Ci.nsIScriptSecurityManager);
+  let uri = Services.io.newURI(noPermissionsPrincipal.origin, null, null);
+  let _principal = secMan.getAppCodebasePrincipal(uri,
+    noPermissionsPrincipal.appId, false);
+  let permMan = Cc["@mozilla.org/permissionmanager;1"]
+                  .getService(Ci.nsIPermissionManager);
+  permMan.addFromPrincipal(_principal, FXACCOUNTS_PERMISSION,
+                           Ci.nsIPermissionManager.DENY_ACTION);
+
+  FxAccountsUIGlue._activeSession = {
+    email: "user@domain.org",
+    verified: true,
+    sessionToken: "1234"
+  };
+
+  FxAccountsManager.getAssertion("audience", noPermissionsPrincipal).then(
+    result => {
+      do_throw("Unexpected success");
+    },
+    error => {
+      do_check_false(FxAccountsUIGlue._signInFlowCalled);
+      do_check_false(FxAccountsUIGlue._refreshAuthCalled);
+      FxAccountsManager._fxAccounts._reset();
+      FxAccountsUIGlue._reset();
+      run_next_test();
+    }
+  );
+});
+
+add_test(function(test_getAssertion_permission_prompt_action) {
+  do_print("= getAssertion PROMPT_ACTION permission =");
+
+  let promptPermissionsPrincipal = {origin: 'app://dummy-prompt', appId: 29};
+  let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"]
+                 .getService(Ci.nsIScriptSecurityManager);
+  let uri = Services.io.newURI(promptPermissionsPrincipal.origin, null, null);
+  let _principal = secMan.getAppCodebasePrincipal(uri,
+    promptPermissionsPrincipal.appId, false);
+  let permMan = Cc["@mozilla.org/permissionmanager;1"]
+                  .getService(Ci.nsIPermissionManager);
+  permMan.addFromPrincipal(_principal, FXACCOUNTS_PERMISSION,
+                           Ci.nsIPermissionManager.PROMPT_ACTION);
+
+  FxAccountsUIGlue._activeSession = {
+    email: "user@domain.org",
+    verified: true,
+    sessionToken: "1234"
+  };
+
+  FxAccountsManager.getAssertion("audience", promptPermissionsPrincipal).then(
+    result => {
+      do_check_false(FxAccountsUIGlue._signInFlowCalled);
+      do_check_true(FxAccountsUIGlue._refreshAuthCalled);
+      do_check_eq(result, "assertion");
+
+      let permission = permMan.testPermissionFromPrincipal(
+        _principal,
+        FXACCOUNTS_PERMISSION
+      );
+      do_check_eq(permission, Ci.nsIPermissionManager.ALLOW_ACTION);
+      FxAccountsManager._fxAccounts._reset();
+      FxAccountsUIGlue._reset();
+      run_next_test();
+    },
+    error => {
+      do_throw("Unexpected error: " + error);
+    }
+  );
+});
+
+add_test(function(test_getAssertion_permission_prompt_action_refreshing) {
+  do_print("= getAssertion PROMPT_ACTION permission already refreshing =");
+
+  let promptPermissionsPrincipal = {origin: 'app://dummy-prompt-2', appId: 30};
+  let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"]
+                 .getService(Ci.nsIScriptSecurityManager);
+  let uri = Services.io.newURI(promptPermissionsPrincipal.origin, null, null);
+  let _principal = secMan.getAppCodebasePrincipal(uri,
+    promptPermissionsPrincipal.appId, false);
+  let permMan = Cc["@mozilla.org/permissionmanager;1"]
+                  .getService(Ci.nsIPermissionManager);
+  permMan.addFromPrincipal(_principal, FXACCOUNTS_PERMISSION,
+                           Ci.nsIPermissionManager.PROMPT_ACTION);
+
+  FxAccountsUIGlue._activeSession = {
+    email: "user@domain.org",
+    verified: true,
+    sessionToken: "1234"
+  };
+
+  FxAccountsManager._refreshing = true;
+
+  FxAccountsManager.getAssertion("audience", promptPermissionsPrincipal).then(
+    result => {
+      do_check_false(FxAccountsUIGlue._signInFlowCalled);
+      do_check_false(FxAccountsUIGlue._refreshAuthCalled);
+      do_check_null(result);
+
+      let permission = permMan.testPermissionFromPrincipal(
+        _principal,
+        FXACCOUNTS_PERMISSION
+      );
+      do_check_eq(permission, Ci.nsIPermissionManager.PROMPT_ACTION);
+
+      FxAccountsManager._refreshing = false;
+
+      FxAccountsManager._fxAccounts._reset();
+      FxAccountsUIGlue._reset();
+      run_next_test();
+    },
+    error => {
+      do_throw("Unexpected error: " + error);
+    }
+  );
+});
+
 add_test(function(test_getAssertion_server_state_change) {
   FxAccountsManager._fxAccounts._signedInUser.verified = true;
   FxAccountsManager._activeSession.verified = true;
   passwordResetOnServer = true;
   FxAccountsManager.getAssertion("audience").then(
     (result) => {
       // For password reset, the UIGlue mock simulates sucessful
       // refreshAuth which supplies new password, not signin/signup.