QA/Browser Technologies/Services/Releases/BrowserID 04112012
From MozillaWiki
< QA | Browser Technologies | Services | Releases
Contents
- 1 Areas for QA Focus
- 2 Information
- 3 Links
- 4 Deployment Ticket
- 5 OPs Ticket and ChangeWindow
- 6 Hot Fixes and Other Deployments
- 7 ChangeLog
- 8 Versions
- 9 Heartbeat
- 10 Processes
- 11 Logs
- 12 Local Install - Unit Tests
- 13 Local Install - Load Test
- 14 Stage: Load Tests
- 15 Sample Bug and Issue
- 16 New/Updated OPs Tickets and Issues
- 17 New/Updated Security Tickets and Issues
- 18 New/Updated APPs Tickets and Issues
- 19 New/Updated Labs Tickets and Issues
- 20 New/Updated Localization Tickets and Issues
- 21 Resolved/Closed Bugs and Issues
- 22 Reopened or Updated : Server
- 23 Reopened or Updated : Client
- 24 Opened Bugs/Issues For This Week: Server
- 25 Opened Bugs/Issues For This Week: Client
- 26 Other Open Bugs
- 27 Notes
Areas for QA Focus
- [QA] Suggested areas of focus for QA:
- verify no regression on security issue 741814
- all issues in changelog
- extensive regression testing of all RPs (show/booze/beer).
- coordinate with lloyd, and subsequent to that testing of the new API via 123done.org
- Also:
- All 5 Hot Fixes from the previous train
- All 5 current Hot Fixes for this train
- All 4 Firefox channels
- Android/mobile
- Cookies (standard/third-party)
Information
- Train 25: 04-11-2012
Links
- Bugs/Issues: https://github.com/mozilla/browserid/issues
- Test Plan: https://wiki.mozilla.org/QA/BrowserID/TestPlan
- Weekly Train Wiki: https://wiki.mozilla.org/QA/BrowserID/BrowserID_Weekly_Trains_Beta
- Release Wiki: https://wiki.mozilla.org/QA/Browser_Technologies/Services/Releases/BrowserID_04112012
- Test Plan spreadsheet: https://docs.google.com/spreadsheet/ccc?key=0As8GUPwNNWMFdEhxa203Z3FMaE9ubjVRZFZWYUNUZHc#gid=0
- Stage Server: https://diresworb.org
- Stage Client/RP1: http://beta.myfavoritebeer.org
- Stage Client/RP2: http://beta.myfavoritebooze.org
- Stage Client/RP3: http://beta.myfavoriteshow.org
- Stage Client/RP4: http://carrera.databits.net:9999 (requires VPN access)
- Primary 1: https://eyedee.me
- Dev Server: https://dev.diresworb.org
- Dev Client/RP1: http://dev.myfavoritebeer.org
- Dev Client/RP2: http://dev.myfavoritebooze.org
- Dev Client/RP3: http://dev.myfavoriteshow.org
- Primary 1: https://eyedee.me
- Production Server: https://browserid.org
- Prod Client/RP1: http://myfavoritebeer.org
- Prod Client/RP2: http://myfavoritebooze.org
- Prod Client/RP3: http://myfavoriteshow.org
- Primary 1: https://eyedee.me
Deployment Ticket
- bug 744689 - QA and deploy BrowserID train-2012.04.11 to production
OPs Ticket and ChangeWindow
- Services Maintenance/Change Window
Hot Fixes and Other Deployments
- Hot Fix 1:
- 1429: (hotfix 2012.04.12) return 400 rather than 500 for invalid params to stage_user or stage_email
- 1430: (hotfix 2012.04.12) return 400 rather than 500 for invalid params to stage_user or stage_email
- 1425: (hotfix 2012.04.12) fix broken string, "is this your computer" was broken into two fragments
- Hot Fix 2:
- 1442: (hotfix 2012.04.16) fix API regression that would cause javascript error when .get() invoked without second arg
- 1436: (hotfix 2012.04.16) update load_gen to new server apis that require an `ephemeral` argument
- Hot Fix 3:
- 1440: (hotfix 2012.04.17) fix broken reset password flow - button was non-responsive in dialog
- 1445: (hotfix 2012.04.17) mitigate errors seen when adding a secondary email to an acct with only primary emails
- Hot Fix 4:
- 1449: (hotfix 2012.04.18) fix error where under certain conditions user could see an error immediately after authenticating
- Hot Fix 5:
- 1464: [ie8/ie9] IE reporting a problem with test check_registration: user validation with mustAuth result
- 1485: [IE8] error dialog shows up with solid black background (i.e., not just dimmed)
- Various security fixes
ChangeLog
- https://github.com/mozilla/browserid/blob/train-2012.04.11/ChangeLog#L1-15
- https://github.com/mozilla/browserid/blob/train-2012.04.11/ChangeLog#L18-22
Versions
- Dev: https://dev.diresworb.org/ver.txt
- b36af1f try re-configuring travis-ci so we get notifications in irc.mozilla.org #identity
- Prod: https://browserid.org/ver.txt
- e5b7eb0 document hotfix for issue #1429 in 0.2012.03.28.7
- locale svn r104128
- Stage: https://diresworb.org/ver.txt
- Final
- 57ea50a bump version number with inclusion of final shipping locales.
- locale svn r104778
- Hot Fix 5:
- (0.2012.04.08)
- 5fc0c75 bump rpm release number
- locale svn r104128
- Hot Fixes 1 - 4:
- 1613144 0.2012.04.18.7 - fix issue #1449 - whereby user logs in and immediately sees an authentication error
- locale svn r104263
- Original:
- 51c9909 0.2012.04.11.3 - fix broken string that would have caused 'is this your computer' to not make sense for non-en users
- locale svn r104263
- Final
Heartbeat
- Dev: https://dev.diresworb.org/__heartbeat__
- ok
- Prod: https://browserid.org/__heartbeat__
- ok
- Stage: https://diresworb.org/__heartbeat__
- ok
Processes
- webheads
- /usr/bin/node bin/browserid
- /usr/bin/node bin/verifier
- /usr/bin/node /opt/browserid/lib/verifier/verifier-compute.js
- /usr/bin/node /opt/browserid/lib/bcrypt-compute.js
- secure webheads
- /usr/bin/node bin/dbwriter
- /usr/bin/node /opt/browserid/lib/bcrypt-compute.js
- keysigners
- /usr/bin/node bin/keysigner
- /usr/bin/node /opt/browserid/lib/keysigner/keysigner-compute.js
- databases: various mysql processes
- zeus: various zeus processes
Logs
- webheads: /var/log/browserid/
- browserid.log
- browserid-metrics.json
- verifier.log
- verifier-metrics.json
- verifier-compute.log
- secure webheads: /var/log/browserid/
- dbwriter.log
- keysigners have /var/log/browserid/
- keysigner.log
- keysigner-compute.log
- databases: n/a
- zeus: various logs
Local Install - Unit Tests
- Front-End Unit Tests: PASS
- Back-End Unit Tests: n/a
- Headless Front-End Unit Tests: n/a
- Back-End/Headless Unit Tests: PASS
Local Install - Load Test
- None on this round
- Example:
- Term1: CREATE_TEST_USERS=2000 BROWSERID_FAKE_VERIFICATION=1 NODE_ENV=test_mysql npm start
- Term2: bin/load_gen -u 1/60 -m 60000 -o -s http://127.0.0.1:10002
- or similar
- Example:
Stage: Load Tests
- client5:
- bin/load_gen -s https://stage-browserid.services.mozilla.com -o -m 250000 -u 1/250
Sample Bug and Issue
- bug XXXXXX - Bug title
- [BrowserID issue 1400] : Issue title
New/Updated OPs Tickets and Issues
- bug 744892 - 500-level errors not always showing up the pencil graphs for browserid
- bug 716940 - increase ephemeral port range on BrowserID webheads and load generation machines
- bug 748655 - load balancer for stage-browserid2.s.m.c not accepting connection on port 80 for redirect
- bug 748665 - only permit http->https redirects for GET requests to bid:80/tcp
New/Updated Security Tickets and Issues
- n/a
New/Updated APPs Tickets and Issues
- None
New/Updated Labs Tickets and Issues
- None
New/Updated Localization Tickets and Issues
- bug 723775 - Create/Deploy l10n preview env for browserid
- [BrowserID issue 1498] : Locales ready for production.
Resolved/Closed Bugs and Issues
- [BrowserID issue 1884] : public computer challenges
- [BrowserID issue 1912] : add event-based RP API
- [BrowserID issue 1123] : When the user has 2 email addresses, he can cancel his BID account by removing the same address twice
- [BrowserID issue 1201] : The diresworb.org home page displayed both the Account Manager and "Connect with BrowserID..." sections when all the cookies are disabled
- [BrowserID issue 1290] : User Feedback needed after hitting next/verify email
- [BrowserID issue 1293] : change key length
- [BrowserID issue 1326] : Cleanup up output of headless frontend unit tests
- [BrowserID issue 1348] : dev: dialog cancelation is not conveyed properly to RPs
- [BrowserID issue 1349] : dev: prolong session when user confirms ownership of a computer
- [BrowserID issue 1354] : decide on and implement final API for deeper BrowserId involvment in session duration
- [BrowserID issue 1357] : New API does not work with IE8 - IE8 does not have document.createEvent('Event');
- [BrowserID issue 1362] : BrowserID verify should return the correct status codes
- [BrowserID issue 1367] : Update README to include instructions for hooking up Travis-CI to personal fork.
- [BrowserID issue 1374] : ie8 does not have Array.prototype.forEach
- [BrowserID issue 1388] : Account Manager allows password change using same password
- [BrowserID issue 1389] : Account Manager does not clear password fields between use
- [BrowserID issue 1395] : Internal APIs changed in dev (was: The assertion object is not serializable (on development))
- [BrowserID issue 1397] : Fix the Developers link off the main site
- [BrowserID issue 1399] : dev: .logout() function missing a callback argument
- [BrowserID issue 1400] : remove 'Logout from all websites' from management page
- [BrowserID issue 1401] : Spelling error in check_primary_support
- [BrowserID issue 1402] : Mobile: With Cookies disabled, I get a blank screen/tab for sign_in
- [BrowserID issue 1405] : dev: error shown in dialog after confirming your computer
- [BrowserID issue 1406] : dev: "Is this your computer" should not be asked during first sign-up
- [BrowserID issue 1408] : dev: remove deprecation warning
- [BrowserID issue 1425] : Posssible incomplete string
- [BrowserID issue 1440] : Forgot password flow fails to complete; dialog is stuck and won't process clicks
- [BrowserID issue 1464] : [ie8/ie9] IE reporting a problem with test check_registration: user validation with mustAuth result
- [BrowserID issue 1485] : [IE8] error dialog shows up with solid black background (i.e., not just dimmed)
- [BrowserID issue 1499] : Can not redirect http to https on browser with clean profile and cookies disabled
Reopened or Updated : Server
- [BrowserID issue 759] : email reset / password recovery is not good
- [BrowserID issue 1240] : mismatch of PP/TOS text and button text ('next' vs. 'sign in')
- [BrowserID issue 1305] : wordpress plugin so that URL can be a primary
- [BrowserID issue 1327] : add :response-time to format 'default_bid' in lib/custom-logger.js
- [BrowserID issue 1351] : optimize RP page load time with new APIs
- [BrowserID issue 1390] : IE6 and IE7 errors in communication frame
- [BrowserID issue 1391] : Communication frame does not check for min browser requirements
- [BrowserID issue 1418] : signup/signin/forgot pages from main site should check for cookies
Reopened or Updated : Client
- None
Opened Bugs/Issues For This Week: Server
- [BrowserID issue 1437] : Local install: Need better error messaging when email has no domain
- [BrowserID issue 1438] : Local install RP: TOS and Privacy links do not show up unless both are checked.
- [BrowserID issue 1439] : Local install RP: the "logout" button does not appear to do anything
- [BrowserID issue 1499] : Can not redirect http to https on browser with clean profile and cookies disabled
- [BrowserID issue 1469] : Confusing behavior displayed when cancelling an email addition and retrying to add the same email
- [BrowserID issue 1474] : The user can set his current password as his new password when starting this process from the client
- [BrowserID issue 1476] : The items under the list on the emails list dialog should not be scrollable
- [BrowserID issue 1435] : Clear the email field when adding a different email address
- [BrowserID issue 1436] : load_gen no longer works against stage due to new 'ephemeral' post argumen
- [BrowserID issue 1440] : Forgot password flow fails to complete; dialog is stuck and won't process clicks
- [BrowserID issue 1441] : [Safari/Win32] frontend unit tests flaky on second or later run
- [BrowserID issue 1445] : 400 Bad Request: requires authentication response for POST /wsapi/cert_key
- [BrowserID issue 1449] : 400 requires authentication received for /wsapi/list_emails
- [BrowserID issue 1463] : Follow on from GH-1123: gracefully deal with no-op remove of already deleted account
- [BrowserID issue 1464] : [ie8/ie9] IE reporting a problem with test check_registration: user validation with mustAuth result
- [BrowserID issue 1472] : What should /sign_in dialog do if /wsapi/list_emails returns and empty list
- [BrowserID issue 1478] : [chrome/win7] tiny cosmetic pixel gap in arrow in /sign_in dialog
- [BrowserID issue 1479] : should 24-hour expiry on 'denied' state trigger 'is this your question' immediately or just set to 'seen'?
- [BrowserID issue 1484] : exceptions thrown on /signup page when cookies disabled
- [BrowserID issue 1485] : [IE8] error dialog shows up with solid black background (i.e., not just dimmed)
Opened Bugs/Issues For This Week: Client
- None
Other Open Bugs
1300 BrowserID issue 1400]] : Issue title
- bug 728382 - Vinz Clortho the BrowserID IdP Server for Mozilla.com Project
- bug 745829 - Uncaught TypeError: Cannot set property 'onclose' of undefined
- bug 746231 - KPI Dashboard first Key Performance Indicator
- bug 746233 - KPI Dashboard all Key Performance Indicators for 1.0 launch
- bug 745987 - wiki.mozilla.org Maintenance - April 19th 10PM - 1AM Pacific
- [BrowserID issue 1431] : dev: repeatedly asked "Is this your computer?"
- [BrowserID issue 1432] : Place the entire "If you're at a public computer such as a library or internet cafe, we'll ask you..." on a single line.
- [BrowserID issue 1433] : 'Add new email address' screen should show user notification while getting 'email_info' being called
- [BrowserID issue 1434] : suggest implementation of BrowserID in verification email
- [BrowserID issue 1442] : API regression in dev and beta - options are *required*
- [BrowserID issue 1443] : fix case where test_db_connectivity would fail when browserid database doesn't exist. issue #1246
- [BrowserID issue 1444] : fix regression where an undefined second argument to .get() would cause a javascript error - issue #1442
- [BrowserID issue 1446] : "is this your computer" can show when adding a new email address
- [BrowserID issue 1447] : implement updated observer API
- [BrowserID issue 1448] : Hotfix1440
- [BrowserID issue 1450] : Issue 1000 in dialog password
- [BrowserID issue 1451] : Sometimes you must re-enter your password after email verification
- [BrowserID issue 1452] : Hotfix1445
- [BrowserID issue 1453] : cancel link in verification screen for required email does not look like a link
- [BrowserID issue 1454] : Deploying awsbox browserid with _ in domain name breaks login
- [BrowserID issue 1455] : Pr 1447 cancel state
- [BrowserID issue 1456] : Allowing underscore in domain and origin, fixes Issue#1454
- [BrowserID issue 1457] : Fix the link color of the cancel button in the required email check email screen.
- [BrowserID issue 1458] : dev.* Exception - 'onlogout' is a required argument to navigator.id.watch()
- [BrowserID issue 1459] : dev RP with dev IdP: User returned to authentication page if cancels authentication with IdP
- [BrowserID issue 1460] : Assertion should be generated AFTER "is this your computer" screen.
- [BrowserID issue 1461] : remove placeholder text from management screen
- [BrowserID issue 1462] : move the cancel account feature to be inside the email section
- [BrowserID issue 1465] : Change the order of assertion generation to be after the user is asked "is this your computer?"
- [BrowserID issue 146] : Fix primary email being set as most recently used if the user cancels redirect to authenticate with 6primary.
- [BrowserID issue 1467] : Fix a user being asked "is this your computer" if they just verified an email.
- [BrowserID issue 1468] : Remove the placeholder text from the change password input boxes.
- [BrowserID issue 1470] : reduce "normal" certificate duration to 6 hours
- [BrowserID issue 1471] : clicking the sign-in button in dialog doesn't always work
- [BrowserID issue 1473] : Scroll bar shows in dialog in FF for Windows
- [BrowserID issue 1475] : Error message flashes before flow starts
- [BrowserID issue 1477] : optimize all browserid images
- [BrowserID issue 1480] : IE6/IE7: myfavoritebeer.org errors when loading up page
- [BrowserID issue 1481] : IE6/IE7: myfavoritebooze.org errors on page load
- [BrowserID issue 1482] : Hotfix 1390 fix ie6 ie7
- [BrowserID issue 1483] : Error message is never displayed if tosURL or privacyURL are relative URLs
- [BrowserID issue 1486] : Hotfix1485 ie8 black background for IE8 when it shows an error message.
- [BrowserID issue 1487] : Hotfix 1484 chrome exception signup
- [BrowserID issue 1488] : dev rp throws exception if there is no requiredEmail
- [BrowserID issue 1489] : Add a cookie check to most main site pages.
- [BrowserID issue 1490] : Issue 1464 ie exception check registration
- [BrowserID issue 1491] : Start the delay screen and disable form modules for the main site.
- [BrowserID issue 1492] : error screen on mobile is too narrow and pushed too far down.
- [BrowserID issue 1493] : regression: NS_ERROR_DOM_SECURITY_ERR in https://browserid.org/v/e87270a373/production/en_US/browserid.js
- [BrowserID issue 1494] : Hotfix 1390 min browser reqs
- [BrowserID issue 1495] : If no verification token is given, /verify_email_address does not show an error
- [BrowserID issue 1496] : IE6/IE7: unsupported dialogs show unecessary scroll bars.
- [BrowserID issue 1497] : invalid verification link error message is does not match other error messages
- [BrowserID issue 1500] : Previously selected email address not remembered if user's session expires.
- [BrowserID issue 1501] : A more secure verifier?
- [BrowserID issue 1502] : API leakage for window.location.href email return_url and other state
- [BrowserID issue 1503] : Welsh not picked up for train-2012.04.11 release
Notes
- (from Lloyd)
- Next up, we branched train-2012.04.11, which includes some important features:
- A shiny new experimental javascript API (with full backwards compatibility)
- Initial support for public terminals / shared computers
- optimized javascript resources for faster load times
- And moar: https://github.com/mozilla/browserid/blob/train-2012.04.11/ChangeLog#L1-15
- train-2012.04.11 will roll into production on the 25th of this month pending no blockers from QA or the community (uh, you guys).
- Next up, we branched train-2012.04.11, which includes some important features: