diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 01:14:29 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 01:14:29 +0000 |
commit | fbaf0bb26397aa498eb9156f06d5a6fe34dd7dd8 (patch) | |
tree | 4c1ccaf5486d4f2009f9a338a98a83e886e29c97 /services/sync/modules/sync_auth.sys.mjs | |
parent | Releasing progress-linux version 124.0.1-1~progress7.99u1. (diff) | |
download | firefox-fbaf0bb26397aa498eb9156f06d5a6fe34dd7dd8.tar.xz firefox-fbaf0bb26397aa498eb9156f06d5a6fe34dd7dd8.zip |
Merging upstream version 125.0.1.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'services/sync/modules/sync_auth.sys.mjs')
-rw-r--r-- | services/sync/modules/sync_auth.sys.mjs | 35 |
1 files changed, 20 insertions, 15 deletions
diff --git a/services/sync/modules/sync_auth.sys.mjs b/services/sync/modules/sync_auth.sys.mjs index 6b8da4061c..cfa76827d5 100644 --- a/services/sync/modules/sync_auth.sys.mjs +++ b/services/sync/modules/sync_auth.sys.mjs @@ -164,7 +164,7 @@ SyncAuthManager.prototype = { this._token = null; }, - async observe(subject, topic, data) { + async observe(subject, topic) { this._log.debug("observed " + topic); if (!this.username) { this._log.info("Sync is not configured, so ignoring the notification"); @@ -276,7 +276,7 @@ SyncAuthManager.prototype = { * allows us to avoid a network request for when we actually need the * migration info. */ - prefetchMigrationSentinel(service) { + prefetchMigrationSentinel() { // nothing to do here until we decide to migrate away from FxA. }, @@ -387,22 +387,28 @@ SyncAuthManager.prototype = { // Do the token dance, with a retry in case of transient auth failure. // We need to prove that we know the sync key in order to get a token // from the tokenserver. - let getToken = async key => { + let getToken = async (key, accessToken) => { this._log.info("Getting a sync token from", this._tokenServerUrl); - let token = await this._fetchTokenUsingOAuth(key); + let token = await this._fetchTokenUsingOAuth(key, accessToken); this._log.trace("Successfully got a token"); return token; }; + const ttl = fxAccountsCommon.OAUTH_TOKEN_FOR_SYNC_LIFETIME_SECONDS; try { let token, key; try { this._log.info("Getting sync key"); - key = await fxa.keys.getKeyForScope(SCOPE_OLD_SYNC); + const tokenAndKey = await fxa.getOAuthTokenAndKey({ + scope: SCOPE_OLD_SYNC, + ttl, + }); + + key = tokenAndKey.key; if (!key) { throw new Error("browser does not have the sync key, cannot sync"); } - token = await getToken(key); + token = await getToken(key, tokenAndKey.token); } catch (err) { // If we get a 401 fetching the token it may be that our auth tokens needed // to be regenerated; retry exactly once. @@ -412,8 +418,11 @@ SyncAuthManager.prototype = { this._log.warn( "Token server returned 401, retrying token fetch with fresh credentials" ); - key = await fxa.keys.getKeyForScope(SCOPE_OLD_SYNC); - token = await getToken(key); + const tokenAndKey = await fxa.getOAuthTokenAndKey({ + scope: SCOPE_OLD_SYNC, + ttl, + }); + token = await getToken(tokenAndKey.key, tokenAndKey.token); } // TODO: Make it be only 80% of the duration, so refresh the token // before it actually expires. This is to avoid sync storage errors @@ -437,7 +446,7 @@ SyncAuthManager.prototype = { // A hawkclient error. } else if (err.code && err.code === 401) { err = new AuthenticationError(err, "hawkclient"); - // An FxAccounts.jsm error. + // An FxAccounts.sys.mjs error. } else if (err.message == fxAccountsCommon.ERROR_AUTH_ERROR) { err = new AuthenticationError(err, "fxaccounts"); } @@ -460,17 +469,13 @@ SyncAuthManager.prototype = { }, /** - * Generates an OAuth access_token using the OLD_SYNC scope and exchanges it - * for a TokenServer token. - * + * Exchanges an OAuth access_token for a TokenServer token. * @returns {Promise} * @private */ - async _fetchTokenUsingOAuth(key) { + async _fetchTokenUsingOAuth(key, accessToken) { this._log.debug("Getting a token using OAuth"); const fxa = this._fxaService; - const ttl = fxAccountsCommon.OAUTH_TOKEN_FOR_SYNC_LIFETIME_SECONDS; - const accessToken = await fxa.getOAuthToken({ scope: SCOPE_OLD_SYNC, ttl }); const headers = { "X-KeyId": key.kid, }; |