ubuntu-phone team mailing list archive
-
ubuntu-phone team
-
Mailing list archive
-
Message #16304
Re: Disable accounts with invalid credentials
-
To:
Ubuntu Phone <ubuntu-phone@xxxxxxxxxxxxxxxxxxx>
-
From:
Alberto Mardegan <alberto.mardegan@xxxxxxxxxxxxx>
-
Date:
Mon, 19 Oct 2015 12:30:26 +0300
-
In-reply-to:
<CAGTMOcbBBJdt-UdjR+irp=3T9SAB4A5egDTM2KqurjdC8i6AMw@mail.gmail.com>
-
User-agent:
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
On 19.10.2015 11:54, Jonas Drange wrote:
> I want to argue that this logic be placed elsewhere. If/when
> account-polld becomes unnecessary, we lose this logic. So any code we
> add to account-polld that we want for all time, essentially becomes
> technical debt.
>
> And if a Google account is broken, who is going to tell the user if
> account-polld does not “see” it? If account-polld is the canary in the
> accounts mine, then a broken Google account only accessed by calendard
> and contacts, will stay silently broken.
The account is not broken :-) The cached authentication token is either
expired or has been somehow invalidated, and also the cookies which we
store for this account are also expired or anyway the web server wants
to have some interaction with the user, for whatever reason. The account
might still be usable by other applications (which use a different
application key); we really don't know.
The fact that account-polld encounters this error means that any other
app *using the same application key* as account-polld will meet the same
error. I would argue that no other app should use the same key, so the
problem lies almost entirely on the app which encounters the error.
In order to solve the authentication issue with account-polld we need to
find a UI process which can repeat the authentication with the same
account, using the application key from account-polld. This could be
Dekko, or indeed it could be some component in Online Accounts itself.
(the notification which you see in the descktop indeed comes from OA
itself: it caches all the parameters of the failed request, and re-plays
it when the user clicks on the "Grant access" button on the account.)
I believe that we could have something similar on the phone, but since
the amount of work (and risk) is quite considerable, I'd rather wait to
see the UX designers' plan on how this should work UX-wise, and then
come up with a technical solution which implements that.
Ciao,
Alberto
Follow ups
References
