Fx Desktop "Sign in to the Web" Update

Austin King ozten at mozilla.com
Wed Oct 16 14:54:49 PDT 2013

What is going on with Persona for Desktop Firefox?

Background: Many awesome platform devs (khuey, ddhal, mattn, etc) have 
done substantial work towards making Persona native to Desktop. In B2G 
land, jedp et al landed a more remote approach, doing amazing work under 
tight deadlines.

Landing Persona (sign in to the web, specifically) in Desktop is an 
important step towards our Persona adoption story. Desktop has taken the 
backseat to B2G, but we now have one committed full time staff to focus 
on landing it.

Get Fx Desktop Persona in to people's hands as soon as possible, while 
still maintaining Desktop performance and security.

Our strategy - MattN and I worked closely on a Hybrid approach for 
landing Persona. It's not the original 100% native plan, nor is it 
exactly the B2G approach

Hybrid Overview:
* Identity Picker - Native in doorhanger
* Discovery - New WSAPI web service provided by the existing Persona server
* Fallback IdP - Persona server becomes a real IdP
** /.well-known/browserid has provisioning and authentication urls
** These can be used by Fx and other SDK / applications in the future
* Provisioning / Authentication flows for primary or secondary email 
addresses are loaded in the same way, a popup controlled via chrome [1]

Various details fall out of this plan either as remote components or 
native components on a case by case basis.

1) Land Persona server changes (Issue#2497)
2) Get awsbox deployment up while #1 is in progress
3) (Re-)Land Persona on Fx Desktop (hg branch TBD pointing at Persona 
dev server or awsbox instance)
4) Get into Fx Desktop UX nightly branch
5) Iterate on Persona server and Desktop code as needed with UX
6) Land polished Persona in Aurora (feature preffed off)
7) Land polished Persona in Nightly (feature preffed on)

Re-land??? :
We're starting from a previous hg revision that had already landed, and 
parts of which were later reverted.
That, plus a few new tweaks.
The goal is to get back to a healthy place with Desktop Fx for bugzilla, 
hg, and UX.
This starts with a big gnarly patch (most of which was already r+ in the 
past). Watch Bug#845546 over the coming weeks.
After step 4, we'll resume filing specific bugs, have small patches, and 
try to leverage the platform team as we can.

Fallback IdP Notes:
We should be able to aggressively land the server side changes, because 
only specific builds of Desktop with a feature preference set, will use 
it. From a maintenance perspective, the provisioning and authentication 
flows will reuse the shim modules and abstractions with minimal code 
duplication. Same for HTML and CSS, but this may change of course.

The existing shim continues to exist as is (we don't use the new 
provisioning and auth urls) to optimize shim performance.

This summary is to document a conversation Jared and I had. _6a68 please 
add anything that I missed.

It is easy to confuse this work with Android, Fx Accounts, Sign in to 
the Browser/Device and other native work.
The scope of this work is Sign in to the Web on Desktop.

CCing sync-dev as Jared suggested.

Most Recent Native Team Update:

I'll send these updates to dev-identity from now on.


[1] This is subject to change after UX feedback cycles of course

More information about the Sync-dev mailing list