Firefox Accounts on Firefox OS

Ryan Kelly rfkelly at mozilla.com
Wed Oct 16 16:58:10 PDT 2013


On 16/10/2013 8:25 PM, Lloyd Hilaiel wrote:
> Jedp and I are spending time together in Bulgaria, and the topic is how
> do we implement Firefox Accounts in FirefoxOS.
> We wanted to figure out enough of an architectural direction to unleash
> folks in madrid.

To add my own +1 here: super excited to see this coming together, go team!

> Initial concrete target: logging into 123done.org <http://123done.org>
> on device should use firefox accounts.

Can you run through what this would mean in concrete terms, from a
user-experience point of view and in terms of information flow?

I *think* I can intuit it from the details in the high-level
"fxa-on-fxos" etherpad, but having it spelled out explicitly would be
useful.

My concern here:  in the past we've made a distinction between
signin-to-web and signin-to-device, with persona providing the former
and fxaccounts providing the latter.

But 123done.org is a website :-)

So what does it mean for a login here to "use firefox accounts"?  My
guess is:

  * User authenticates to FxA on FTU, gets a persistent session
    as "user at example.com".

  * User goes to 123done.org, clicks signin button.

  * Device sees that it's authenticated to FxA, offers to signin
    with "user at example.com" identity.

  * User clicks "yes"

  * Device generates an assertion for "user at example.com", backed
    by a certificate from FxA, and delivers it to 123done.org.

  * 123done.org accepts the assertion because it has opted-in to
    trusting FxA as a secondary authority.

Does that match up with your current thinking?


  Cheers,

     Ryan


More information about the Sync-dev mailing list