QA/Browser Technologies/Services/Releases/BrowserID 08172012

From MozillaWiki
Jump to: navigation, search

Areas for QA Focus

[QA] Suggested additional areas of focus for QA:

* everything, this is our beta candidate!
* changing your password should sign you at everywhere the next time you interact with an RP or persona.org

Additional areas of focus

* Functionality, stability, expected behavior with normal use, error recovery
* Work with OPs to verify the schema change once this goes to Stage

Information

  • Train 34: 08-14-2012

Links

Deployment Ticket

  • Bug 783725 - browserid: QA and deploy BrowserID train-2012.08.17 to ephemeral "stage"

OPs Ticket and ChangeWindow

  • Services Maintenance/Change Window
    • TBD

Hot Fixes and Other Deployments

  • TBD

ChangeLog

* Reseting your password now logs you out everywhere: #2026, #2307
* SCHEMA CHANGE: add TIMESTAMP lastPasswordReset to user table for #2026
* CONFIG CHANGE: default statsd to false
* Changes to allow devs to work on windows: #1751
* KPI refinements: #2061, #2176, #2203
* No email is selected by default for a site you haven't logged into on a device: #2059
* Logging improvements: #928, #2016
* URL length limits in frontend code: #2081
* UI improvements: #2087, #2023, #2082, #2132, #2120, #2187, #2200, #1565, #406, #1093, #1615, #2258, #1594, #2231
* Fixed javascript error in FFX 14 when resizing dialog: #2071
* IE8 fixes: #2190, #2206
* Mobile UI fixes: #2066, #1325
* Disable spell checking in email fields in iOS: #2116
* Language improvements: #2136
* All environments now on node 0.6.17, minimum required version raised: #2250
* Node.JS 0.8.x now continuously tested in CI environment: #2238
* Persona window now has a name "__persona_dialog" to simplify automated testing: #1023
* Added email headers for improved verification completion by non-humans: #2174
* Usability enhancements for "forgot password" screen: #1679
* Redirect an authenticated user from /signin or /forgot to / on main site: #2178
* Update jwcrypto with zero behavior change: #2204, #2226
* Documentation improvements: #2125, #2262, #1977
* Make sure navigator.id.get can be called with no options: #2216
* Automated (selenium) tests moved into repository at /automated-tests/*: #2235
* Code cleanup: #2213, #2227
* Addition of a command line utility to inspect your browser's local storage: #2243
* RPM build fixes: #2249
* API improvements (better error messages): #1438, #2255, #2228, #1659
* .getVerifiedEmail() deprecated: #2267
* add a permanent redirect from /signup to /signin: issue #2277
* lockdown our dependencies, keep checksums of .tgzs in repo: #2022

Travis/CI

  • Tests pass: TBD

Versions

Processes

  • webheads
    • /usr/bin/node bin/browserid
    • /usr/bin/node bin/verifier
    • /usr/bin/node /opt/browserid/lib/verifier/verifier-compute.js
    • /usr/bin/node /opt/browserid/lib/bcrypt-compute.js
    • /usr/bin/node bin/router
    • /usr/bin/node bin/static
  • secure webheads
    • /usr/bin/node bin/dbwriter
    • /usr/bin/node /opt/browserid/lib/bcrypt-compute.js
  • keysigners
    • /usr/bin/node bin/keysigner
    • /usr/bin/node /opt/browserid/lib/keysigner/keysigner-compute.js
  • databases: various mysql processes
  • zeus: various zeus processes

Logs

  • webheads: /var/log/browserid/
    • browserid.log
    • verifier.log
    • verifier-metrics.json
    • verifier-compute.log
    • router.log
    • static.log
    • router-metrics.json
Note: router-metrics.json replaces browserid-metrics.json
  • secure webheads: /var/log/browserid/
    • dbwriter.log
  • keysigners have /var/log/browserid/
    • keysigner.log
    • keysigner-compute.log
  • databases: n/a
  • zeus: various logs

Local Install - Unit Tests

  • Front-End Unit Tests: TBD
  • Back-End/Headless Unit Tests: TBD

Local Install - Load Test

  • Set 1 - TBD
    • Term1: CREATE_TEST_USERS=2000 BROWSERID_FAKE_VERIFICATION=1 NODE_ENV=test_mysql nohup npm start
    • Term2: nohup bin/load_gen -u 1/50 -m 50000 -o -s http://127.0.0.1:10002

Stage: Load Tests

  • Set 1: TBD

Sample Bug and Issue

New/Updated OPs Tickets and Issues

Bugzilla: https://bugzilla.mozilla.org/

  • Bug 781568 - Dev: Cert Expiration warning and inability to log in to dev.diresworb.org/login.dev.anosrep.org
  • Bug 783712 - Missing intermediate certificates on diresworb.org, dev.diresworb.org, login.dev.anosrep.org
  • Bug 768169 - New process for serving static content for Persona
  • Bug 779906 - l10n-preview.idweb.mtv1.dev.svc.mozilla.com failing with browserid-server-0.2012.07.30-1.el6_107924.x86_64
  • Bug 781838 - Develop and stage zeus rule changes for browserid
  • Bug 783501 - Design develop test and deploy zeus broker
  • Bug 755795 - New DNS & SSL certs for the BrowserID rebrand
  • Bug 783506 - Establish method to enable QA to insert specific RPMs into mrepo
  • Bug 781644 - Port Zeus config to nginx

https://github.com/mozilla/browserid/issues

  • TBD

New/Updated General Security-Related Tickets and Issues

Bugzilla: https://bugzilla.mozilla.org/

  • Bug 742809 - Security review for new Identity Project BigTent
  • Bug 783712 - Missing intermediate certificates on diresworb.org, dev.diresworb.org, login.dev.anosrep.org

New/Updated APPs Tickets and Issues

Bugzilla: https://bugzilla.mozilla.org/

  • TBD

New/Updated Labs Tickets and Issues

Bugzilla: https://bugzilla.mozilla.org/

  • TBD

New/Updated Localization Tickets and Issues

Bugzilla: https://bugzilla.mozilla.org/

  • TBD

GitHub: https://github.com/mozilla/browserid/issues

  • 2360: English localization not picked up unless using en-US
  • 2372: Some strings are not present in the last messages.po file
  • 2373: Use "reset_password" for the reported service name whenenver a password reset occurs.
  • 2384: Change all references of en-US to en

Resolved/Closed/Verified Bugs and Issues

Bugzilla: https:/bugzilla.mozilla.org/

  • Bug 774745 - Persona l10n preview returns error

GitHub: https://github.com/mozilla/browserid/issues

  • 406: Pressing Ctrl+C with the email field focused returns the user to a previous BrowserID Signing in dialog
  • 426: Create a medium-technical FAQ page
  • 928: Local installs: clean up ver.txt error on start up
  • 1023: Enhancement request: Add a name to the BrowserID popup window
  • 1093: buttons that could be potentially slow should have a spinner
  • 1207: Refine raiseAuthenticationFailure API
  • 1329: Definitions for vars
  • 1438 Local install RP: TOS and Privacy links do not show up unless both are checked.
  • 1594: FF: Consider making "Check your email!" minimizable
  • 1615: More than one tooltip can be displayed at once
  • 1639: Consider putting link to complete registration in email header
  • 1659: if rp specifies all of privacyPolicy,termsOfService and the old params, the old params trump the new
  • 1679: /forgot page: email address field not disabled and has keyboard focus
  • 1751: windows: node-statsd won't npm install
  • 1990: deprecate getVerifiedEmail
  • 2059: don't select any email address in the picker for a new site
  • 2061: kpi new_account only sent when new account is created (unlike other kpi keys)
  • 2066: "Remember You" button text overflows on desktop when resized to mobile device size
  • 2071: screen_size_hacks.js->undefined variable favIconHeight
  • 2082: /signin - redirect to primary "verify" button does not match normal button style
  • 2087: main site confirm screen - password field not automatically focused
  • 2116: Spellcheck is enabled in email input fields (webkit)
  • 2120: Sign In with unknown email results in lame Sign In button
  • 2125: Update MDN documentation with post-rebrand URLs
  • 2132: 'checking with email provider' permanently shown when cancelling out of forgot password screen
  • 2162: Give the Persona window the name __persona_dialog when opening
  • 2174: Add VerificationURL and RelyingParty to verification email headers
  • 2176: sites_signed_in and sites_visited KPI renaming
  • 2178: If the user hits the /signin or /forgot pages while signed in, redirect them to the "/" page.
  • 2183: IE doesn't remember you (was: [ie8] train-2012.07.20 js exception when signing in)
  • 2187: Persona sign-up page's placeholder input texts same font as regular input
  • 2190: catch winchan removeListener error in IE8
  • 2200: tooltip does not show arrow as specified in designs
  • 2203: can configure kpi datastore url with env var
  • 2206: [ie8] javascript exception signing up a new user via /sign_in dialog
  • 2213: Give "next" button a unique ID.
  • 2215: call to navigator.id.get with no options or navigator.id.getVerifiedEmail throws exception
  • 2227: example RP - loggedInEmail still used in navigator.id.watch
  • 2228: Sanity checks for the deprecated tosURL and privacyURL
  • 2231: In dialog, changing the email chosen then 'Forgot password' causes email to be sent to initial email not the corrected one.
  • 2238: add nodejs 0.8 to travis-ci
  • 2243: a command-line tool for looking at browserid stuff in localStorage sqlite databases on Firefox, Chrome and Safari
  • 2249: exclude .svn in addition to .git when building RPM
  • 2253: MDN documentation issues
  • 2258: dialog becomes unresponsive in set password screen for new account if api call is throttled
  • 2262: Review and clean up the README
  • 2277: Make main site /signup into a 301 Moved Permanently to /signin
  • 2293: missing cancel button after cancelling out of "forgot password" when upgrading from "assertion" to "password" level.
  • 2307: Confirm email addition in 2nd browser causes email_addition_status to return 400 "Bad Request"
  • 2335: Retain site<->email associations until a user either explicitly logs out or a new user logs in.
  • 2360: English localization not picked up unless using en-US
  • 2362: Split up storage into distinct models for cohesion.

GitHub: https://github.com/mozilla/123done/issues

  • TBD

Reopened or Updated

Bugzilla: https://bugzilla.mozilla.org/

  • Bug 728382 - Vinz Clortho the BrowserID IdP Server for Mozilla.com Project
  • Bug 735785 - Request to enable CEF logging for Identity
  • Bug 731856 - mozilla.com needs to host /.well-known/browserid after deployment of Mozilla IdP
  • Bug 778951 - Mozilla Persona page difficult to read

GitHub: https://github.com/mozilla/browserid/issues

  • 314: Saved passwords are not automatically filled in when logging in with BrowserID on Firefox 6
  • 1232: flip order of new account flow : password <-> verify email
  • 1305: wordpress plugin so that URL can be a primary
  • 1523: Explore DNS as a alternative to Declaration of Support Document
  • 1665: integrate "BrowserID and CSP" instructions into an official documentation page
  • 1677: cannot add secondary back to a primary-only account that previously had a secondary email in the account
  • 2017: add different callback and discourage onready()
  • 2022: Use npm-seal to verify dependencies in production
  • 2097: login.persona.org/verify can be used as a verifier
  • 2197: Accepting emails to persona@persona.org?

GitHub: https://github.com/mozilla/123done/issues

  • TBD

Opened Bugs/Issues For This Week - QA

Bugzilla: https://bugzilla.mozilla.org/

  • TBD

GitHub: https://github.com/mozilla/browserid/issues

  • 2357: [iphone safari] 123done: logged in state not always reflected between two windows
  • 2359: error while deploying awsbox on scripts/generate_ephemeral_keys.js: Permission denied
  • 2385: investigate using data: urls for images in HTML email
  • 2387: clear 'usersComputer', etc., when user says 'This is not me
  • 2388: return to management UI when verify_email_address in a second browser
  • 2395: [ie8] leftover from GH-2087 - main site confirm screen - password field not automatically focused
  • 2396: gmail doesn't handle multipart/alternative email well
  • 2405: Adding existing primary email account to secondary email account does not expire session

GitHub: https://github.com/mozilla/123done/issues

  • TBD

Other Open Bugs and Issues - Dev, Contributers

Bugzilla: https://bugzilla.mozilla.org/

  • Bug 785418 - on a samsung galaxy tablet, I can't read the text due to userscalable=no
  • Bug 785419 - on a samsung galaxy tablet, I can't click the 'forgot password' link

GitHub: https://github.com/mozilla/browserid/issues

  • 2358: remove platform dependant "which" code
  • 2361: Split up the PageModule into Module, DOMModule and PageModule.
  • 2362: Split up storage into distinct models for cohesion.
  • 2363: Fix the Opera unit test flakiness when checking for element focus.
  • 2364: selenium tests: pull in upstream bidpom changes
  • 2365: remove need for --email and --password in bidpom tests
  • 2366: run.py updates,rebased (was pull request 2338)
  • 2367: Example RP has redirect error on Windows
  • 2368: Issue 2364 upstream selenium changes
  • 2369: fix calling id.watch() from the head
  • 2370: Issue 2364 upstream selenium changes
  • 2371: Not proper Forgot password window
  • 2374: persona_server tests added to run.py and run_saucelabs
  • 2375: use pkg_resources instead of which() for modules
  • 2376: use pkg_resources instead of which() for modules
  • 2377: s/Unalbe/Unable/
  • 2378: add docs about snippets to docs/changes/ (which also keeps the directory alive)
  • 2379: MDN navigator.id.request privacyPolicy & termsofService docs
  • 2380: MDN navigator.id.get extra parameters
  • 2381: MDN "quick setup" uses less stable API
  • 2382: Re-enable siteName and siteLogo for .get()
  • 2383: Fix the password being hidden if the user tabbed into the email field without typing any key besides tab
  • 2386: remove duplicate copy of bidpom from persona_server
  • 2389: email associations stored in localStorage.loggedIn not removed when an email is removed from localStorage.
  • 2390: When an email address is removed, make sure to remove loggedIn associations
  • 2391: submit element cache retry patch upstream to selenium project
  • 2392: Complete registration test fix
  • 2393: Confirmation screen asks "is this your computer," even when I'm on a phone
  • 2394: Pre-compile EJS templates
  • 2397: on a samsung galaxy tablet, I can't click the 'forgot password' link
  • 2398: on a samsung galaxy tablet, I can't read the text due to userscalable=no
  • 2399: Emails list should be scrollable
  • 2400: Host "sign in" button images on a CDN
  • 2401: Add note-to-ourselves re: onready's deprecation
  • 2402: deployer: Add jenkins call on success to neatly trigger build
  • 2403: update to awsbox 0.2.16 which includes latest security patches and speeds deployment
  • 2404: Make secondary to primary transition screen show one time only
  • 2406: Document how to contribute new localizations
  • 2407: Collect JavaScript errors into a KPI

GitHub: https://github.com/mozilla/123done/issues

  • TBD

GitHub: https://github.com/mozilla/browserid-bigtent/issues

  • TBD

Notes

  • All testing to take place on the AWS/Ephemeral setup while Dev and OPs work on Stage.