Bug 1010623 - sign out when password was reset on web. r=jedp

This commit is contained in:
Sam Penrose 2014-05-15 16:52:52 -07:00
parent 547b318b65
commit 2a838b8dff
3 changed files with 68 additions and 0 deletions

View File

@ -25,6 +25,7 @@ XPCOMUtils.defineLazyModuleGetter(this, "jwcrypto",
// All properties exposed by the public FxAccounts API.
let publicProperties = [
"accountStatus",
"getAccountsClient",
"getAccountsSignInURI",
"getAccountsSignUpURI",
@ -511,6 +512,15 @@ FxAccountsInternal.prototype = {
this.currentAccountState = new AccountState(this);
},
accountStatus: function accountStatus() {
return this.currentAccountState.getUserAccountData().then(data => {
if (!data) {
return false;
}
return this.fxAccountsClient.accountStatus(data.uid);
});
},
signOut: function signOut(localOnly) {
let currentState = this.currentAccountState;
let sessionToken;

View File

@ -288,6 +288,24 @@ this.FxAccountsClient.prototype = {
);
},
/**
* Given the uid of an existing account (not an arbitrary email), ask
* the server if it still exists via /account/status.
*
* Used for differentiating between password change and account deletion.
*/
accountStatus: function(uid) {
return this._request("/account/status?uid="+uid, "GET").then(
(result) => {
return result.exists;
},
(error) => {
log.error("accountStatus failed with: " + error);
return Promise.reject(error);
}
);
},
/**
* The FxA auth server expects requests to certain endpoints to be authorized using Hawk.
* Hawk credentials are derived using shared secrets, which depend on the context

View File

@ -41,6 +41,7 @@ function run_test() {
function MockFxAccountsClient() {
this._email = "nobody@example.com";
this._verified = false;
this._deletedOnServer = false; // for testing accountStatus
// mock calls up to the auth server to determine whether the
// user account has been verified
@ -57,6 +58,12 @@ function MockFxAccountsClient() {
return deferred.promise;
};
this.accountStatus = function(uid) {
let deferred = Promise.defer();
deferred.resolve(!!uid && (!this._deletedOnServer));
return deferred.promise;
};
this.accountKeys = function (keyFetchToken) {
let deferred = Promise.defer();
@ -505,6 +512,39 @@ add_task(function test_resend_email_not_signed_in() {
do_throw("Should not be able to resend email when nobody is signed in");
});
add_test(function test_accountStatus() {
let fxa = new MockFxAccounts();
let alice = getTestUser("alice");
// If we have no user, we have no account server-side
fxa.accountStatus().then(
(result) => {
do_check_false(result);
}
).then(
() => {
fxa.setSignedInUser(alice).then(
() => {
fxa.accountStatus().then(
(result) => {
// FxAccounts.accountStatus() should match Client.accountStatus()
do_check_true(result);
fxa.internal.fxAccountsClient._deletedOnServer = true;
fxa.accountStatus().then(
(result) => {
do_check_false(result);
fxa.internal.fxAccountsClient._deletedOnServer = false;
run_next_test();
}
);
}
)
}
);
}
);
});
add_test(function test_resend_email() {
let fxa = new MockFxAccounts();
let alice = getTestUser("alice");