[Owncloud] Mozilla sync integration project

Michał Jaskurzyński jaskoola at gmail.com
Mon Jun 11 17:27:44 UTC 2012


Hi,

> Do we really need an email address or is a simple username enough? When I
> click at "Iceweasel -> Set up Sync -> I have an Account -> I don't have the
> device with me" it asks for account, password and recovery key. So it seems
> like the username does not have to be an email address.

New version of Firefox complain that user should be in email format
and there is no possibility to send data without typing email.

According to change password problem, Firefox while changing password
sends such message:

"POST https://server/pathname/version/username/password

    Changes the password associated with the account to the value
specified in the POST body.

    NOTE: Requires basic authentication with the username and
(current) password associated with the account. The auth username must
match the username in the path.

    Alternately, a valid X-Weave-Password-Reset header can be used, if
it contains a code previously obtained from the server.

    Return values: "success" on success.

    Possible errors:

        400: 7 (Missing password field)
        400: 10 (Invalid or missing password reset code)
        400: 9 (Requested password not strong enough)
        404: the user does not exists in the database
        503: there was an error updating the password
        401: authentication failed"

If we assume that we will always response ok message and won't
authenticate and change password via this method it will be no
problem. However implementing that as in original sync server and
changing password via web will cause to authenticate problem. User
won't be able to change password in firefox because firefox will
authenticate with old password and sync server will use new one.

To solve this problems I propose this solution:

User type (in firefox account setup) email submitted in owncloud.
Sync service check this email and password.
In oc_mozilla_sync_user it will be user;synchash to map mozilla user
hash (used in url username field) to owncloud user name

In case of changing password sync service will always respond ok.


Please let me know if something is confusing or you have another ideas.

WBR
Michal Jaskurzynski

> I don't see a point in having several usernames and passwords in one
> ownCloud instance. In my opinion it is better to drop some features of the
> user sync API instead of introducing another user management system.
> Additionally an username like jakob at owncloud.org easily could be confused
> with an email address.
> Regards,
>
> Jakob
>
>
> Am 10.06.2012 22:03, schrieb Michał Jaskurzyński:
>>
>> Hi,
>>
>> What do you think? Please give me your ideas about this problem.
>>
>> 2012/6/2 Michał Jaskurzyński <jaskoola at gmail.com>:
>>>
>>> Hi,
>>>
>>> Another issue is that sync client change email to some kind of hash
>>> and use it as a user name so it will be also need to create user table
>>> to map this hash to owncloud user name.
>>> There can be also troubles when user change owncloud user password.
>>>
>>> So, I am waiting for discussion and ideas how to deal with user
>>> management.
>>>
>>> 2012/6/2 Michał Jaskurzyński <jaskoola at gmail.com>:
>>>>
>>>> Hi,
>>>>
>>>> These approach will cause a lot of trouble for example when users
>>>> change email they will lose access to their sync data. In my opinion
>>>> it will be better to have sync login like this:
>>>> owncloud_login at owncloud.org or even owncloud_login at anydomain. What do
>>>> you think about it?
>>>>
>>>> WBR
>>>> Michal Jaskurzynski
>>>>
>>>> 2012/5/26 Jakob Sack <mail at jakobsack.de>:
>>>>>
>>>>> Hi,
>>>>>
>>>>> sorry for the late answer. I've been ways too busy last week.
>>>>> On a first glance, the coding style looks fine.
>>>>> I aggree with Michael that you should not implement another users
>>>>> table. In
>>>>> my opinion it's better to solve the problem the following way:
>>>>> - in ownCloud the user has to enter it's email address (use the same
>>>>> email
>>>>> address as in "lost password", it's saved in preferences, appid =
>>>>> "settings", configkey = "email"). The user can enter this email using
>>>>> the
>>>>> settings or the interface in your app.
>>>>> - then the user does create a new account in firefox sync. If the email
>>>>> does
>>>>> not exist or the passwords do not match with the password of the user,
>>>>> then
>>>>> return an error code.
>>>>>
>>>>> Regards,
>>>>>
>>>>> Jakob
>>>>>
>>>>>
>>>>> Am 24.05.2012 20:18, schrieb Michał Jaskurzyński:
>>>>>>
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> Sorry for my late answer. I was moving my code to became an app .
>>>>>>
>>>>>>> Can you explain to me who the users are that you need to create and
>>>>>>> authenticate? Are these different people using the same Mozilla sync?
>>>>>>> Are
>>>>>>> these not users on the ownCloud instance?
>>>>>>
>>>>>>
>>>>>>
>>>>>> User is mozilla sync service account. To this account user can connect
>>>>>> his/her devices. There can't be integrated with existing owncloud
>>>>>> users because firefox needs first device to create new account giving
>>>>>> email, password and retype password.
>>>>>>
>>>>>> WBR
>>>>>> Michal
>>>>>> _______________________________________________
>>>>>> Owncloud mailing list
>>>>>> Owncloud at kde.org
>>>>>> https://mail.kde.org/mailman/listinfo/owncloud
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Owncloud mailing list
>>>>> Owncloud at kde.org
>>>>> https://mail.kde.org/mailman/listinfo/owncloud
>
>
> _______________________________________________
> Owncloud mailing list
> Owncloud at kde.org
> https://mail.kde.org/mailman/listinfo/owncloud



More information about the Owncloud mailing list