Of course now the test runs just fine. I will try to reproduce this. The JSON error struct simply said "reason: unauthorized" I think. it did not mention anything about expired or not-yet-valid assertions or certificates. (I don't know how specific the Token Server is. Maybe it will simply translate anything to a 401?)
I've had clock skew problems before but that was when I tested with the MockMyID code. In that case I simply set the assertion creation date a few minutes in the past to get around that. In this case it happened when calling the token server after asking the account api to /v1/certificate/sign ... I'll try some things to make it happen again. S. ----- Original Message ----- > On 30/01/2014 2:06 AM, Stefan Arentz wrote: > > > > On Jan 29, 2014, at 1:40 AM, Ryan Kelly <rfkelly at mozilla.com> wrote: > > > >> We have also deployed a matching environment to the final production URL: > >> > >> https://token.services.mozilla.com/1.0/sync/1.5 > > > > Ryan are you sure this works in combination with > > https://api.accounts.firefox.com/ ? > > It should work. They're only tied by the standard BrowserID > verification process, and Nick reports that this combo works for him > from inside the android sync code. > > > When I create a new (and verified) account on api.accounts, the new > > production token server tells me I am unauthorized. > > My first guess would be some sort of clock-skew-related failure. The > 401 response from the tokenserver should have a JSON body with > additional details, what does it return? > > What method are you using to perform this login sequence? I'll try to > replicate and track down the error. _______________________________________________ Sync-dev mailing list [email protected] https://mail.mozilla.org/listinfo/sync-dev
