Firefox/Projects/AccountManager

From MozillaWiki
Jump to: navigation, search

The Account Manager project aims to help users manage the (currently manual and tedious) process of signing up/in/out of sites by adding chrome-level status and knobs to give the user a consistent point to view and control of sign-in status to the current site.

The project has two main deliverables:

  1. A protocol definition that sites can use to define their account-and-session management features in a format a web browser can understand. (Check out the latest draft of the specification, or older versions).
  2. An implementation of this protocol in Firefox.

This project is a reboot of the Account Manager Labs project, see that page for more background information.

Drivers

Status

Overview

See bug 571409.

Account Manager is currently a patch to mozilla-central, and is being targeted at the first release post 4.0.

Note that there is an add-on prototype (the result of the Labs exploration), but it is buggy and speaks an older version of the Account Manager protocol. It is not recommended for testing, use try-server builds instead.

Performance Impact

Currently around 1.3% on average:

linux: 1.7%
lin64: 2.4%
macos: 0.2%
mac64: 2.0%
winxp: 1.3%
win 7: 0.5%
Security Review

In progress on Sept 1 3pm

Helping Out

First, see here for a quick walk-through of the code. That will tell you what's what and help you get started.

Then see the TODO section on this page for open items to work on.

Thanks!

TODO

User facing features
  • autoconnect [~2d]
  • multi-profile sign-in bubbles [~1d]
  • federated profile [~3d]
  • HTTP Auth profile
  • right click menu (fast user switching)
  • basic in-content registration [a few days' work]
Backend features
  • cookie-watching (refresh status on cookie changes) [~1day]
  • per-method static parameters (for forms that use a hidden param to determine action)
  • per-method dynamic parameters (for e.g. CSRF protection)
Password manager integration
  • bug 589362
  • use new password manager columns for account lookup/saving
    • migration (set account realm for existing saved logins) [~1 day]
    • also on password manager end (when saving new password) [~1 day (dolske?)]
Security fixes
  • shouldn't support http form auth transparently without more warning
  • explicitly only allow http/https realm uri (and not ftp, etc)
  • only allow https realms from https requests
  • login csrf: amcd enforces where it can be used on which sites
  • login csrf: link header URI needs to be restricted to the site
  • make sure Link header URI and host-meta URI aren't conflicting if header is missing ?
  • STS support - should Just Work, but test that requests get upgraded correctly
  • ensure that SSL cert errors are handled appropriately

Requirements

  • Status display
    • Unregistered, signed-out, and signed-in for supported sites [P1]
    • Notifications of site requests for sign-in [P3]
  • Sign-up support
    • New id+secret pair negotiation [P1]
    • Automatic password generation [P1]
    • Optional feature to allow user-defined passwords [P1]
    • Remember preferred email and username(s) [P1]
  • Sign-in support
    • Request existing user credentials for new/unknown sites [P1]
    • Two-click sign-in [P1]
    • Optional automatic sign-in on next session [P2]
    • Support for multiple accounts [P1]
  • Sign-out support
    • Two-click sign-out [P1]
  • Password change
    • User-initiated password change [P2]
      • To a new random password [P3]
      • To a new user-defined password [P2]
  • Support for various authentication types
    • Form submission/cookie [P1]
    • HTTP Basic auth [P1]
    • HTTP Digest auth [P2]
    • Client certs [P3]
  • Supports sync if installed [P1]
  • Disables itself during private browsing mode [P1]

Non-Goals

  • Greasemonkey-like hacks that work only on one site, except as needed only to demonstrate the potential for the feature.
  • Creating new and interesting authentication/authorization schemes.
  • Extensive hacking on Password Manager-like heuristics to make it only sort of work on more sites.

Dependencies

Generally speaking:

  • Password manager
  • Theme work, site button in particular
  • Notifications, to a lesser extent

Mockups

Iteration 2

Iteration 6 (direct link - doesn't thumbnail correctly).


Related Projects / Other Links

We held an in-person meetup on May 21st, see: