New issue
Advanced search Search tips

Issue 830498 link

Starred by 1 user
Status: Available
Owner:
droger@chromium.org
Cc:
msarda@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

Call ListAccounts after a token is revoked by Chrome

Project Member Reported by droger@chromium.org, Apr 9 2018 
When Chrome revokes a refresh token, cookies may be bound to it and in this case they become invalid.
However they may not actually change in the cookie store, and thus the GaiaCookieManagerService does not wake up.

After a token is revoked we should force a call to ListAccount to ensure that Chrome has an accurate view on the Gaia accounts in the cookie (or an alternative would be to mark the accounts as stale).

It would be natural to add this behavior to the AccountReconcilor, but it is not trivial to do:
- there is no callback called when tokens are revoked. OnTokenRevoked is actually called before the revocation, but it is important that the call to ListAccounts is made after the revocation.
- It is possible that Chrome revokes a token on the server but does not receive a response from the server (because of network issues for example).
Project Member

Comment 1 by sheriffbot@chromium.org, May 9 2018

Status: Available (was: Assigned)
--Chrome Identity automated triaging--

This bug is Assigned and has gone one month without any activity, so it is being moved to Available to indicate that it is not actively being worked on. If you are working on this bug, please mark yourself as the owner and move back to Assigned. Please see https://goo.gl/78kbny for more details. Please remove the Services>SignIn or UI>Browser>Profiles components if this bug isn't related to Chrome Identity.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 2 by benhenry@chromium.org, Aug 2

Status: Assigned (was: Available)
Project Member

Comment 3 by sheriffbot@chromium.org, Sep 3

Status: Available (was: Assigned)
--Chrome Identity automated triaging--

This bug is Assigned and has gone one month without any activity, so it is being moved to Available to indicate that it is not actively being worked on. If you are working on this bug, please mark yourself as the owner and move back to Assigned. Please see https://goo.gl/78kbny for more details. Please remove the Services>SignIn or UI>Browser>Profiles components if this bug isn't related to Chrome Identity.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment