Just to add to the below, my browser settings are:
services.sync.tokenServerURI;http://fxa.example.com/token/1.0/sync/1.5
identity.fxaccounts.auth.uri;https://fxa.example.com:9900/v1
identity.fxaccounts.remote.force_auth.uri;https://fxa.example.com:3030/force_auth?service=sync&context=fx_desktop_v1
identity.fxaccounts.remote.signin.uri;https://fxa.example.com:3030/signin?service=sync&context=fx_desktop_v1
identity.fxaccounts.remote.signup.uri;https://fxa.example.com:3030/signup?service=sync&context=fx_desktop_v1
identity.fxaccounts.settings.uri;https://fxa.example.com:3030/settings
Things maybe worth underlining/explaining about the above:
1. The syncserver is running without SSL. No particular reason other
than I was under the impression it wasn't mandatory for that
component, but if I'm wrong there, please tell me and I'll set it up.
2. I changed the port of the fxa-auth-server to 9900 because my port
9000 is already in use. This I can also revert to default if it
matters, though it would be quite inconvenient.
3. In the config below you'll see that fxa-auth-server also has the
"redirect_port" changed to 8800. Again this is because of an existing
server (Apache on 80 and 143). That one I can't do anything about.
Hope this helps. Please let me know what logs etc would be useful.
Robin Bankhead
Quoting Robin Bankhead <[email protected]>:
Hi,
I am starting to find that I can no longer add desktop clients to my
sync-1.1 server any more (I can pair them by installing an old FF
version then upgrade through newer versions, but from FF32.0 they
consistently stop syncing and try to register with FxA). I've
therefore started trying to set up a self-hosted sync-1.5 stack.
I have the syncserver (proxied behind Apache), fxa-auth-server and
fxa-content-server components all running, and after some trial and
error can get most of the way through registration using a desktop
client with a fresh profile. However email verification never quite
works -- the sync preferences tab shows the created account as
unverified (the "Verify email" button does nothing), and although
this changes after restarting the browser, sync still fails. The
problem occurs with various calls to the fxa-auth-server returning
status 401, error 109 (or 110 in some circumstances), example:
1429017392778 Sync.BrowserIDManager ERROR Background fetch for key
bundle failed:
{"details":{"code":401,"errno":109,"error":"Unauthorized","message":"Bad
mac","info":"https://github.com/mozilla/fxa-auth-server/blob/master/docs/api.md#response-format","log":[]}}
1429017392778 Sync.BrowserIDManager ERROR Could not authenticate:
{"details":{"code":401,"errno":109,"error":"Unauthorized","message":"Bad
mac","info":"https://github.com/mozilla/fxa-auth-server/blob/master/docs/api.md#response-format","log":[]}}
1429017409937 FirefoxAccounts ERROR error GETing /account/keys:
{"code":401,"errno":109,"error":"Unauthorized","message":"Bad
mac","info":"https://github.com/mozilla/fxa-auth-server/blob/master/docs/api.md#response-format","log":[]}
1429017409937 FirefoxAccounts ERROR error GETing /account/keys:
{"code":401,"errno":109,"error":"Unauthorized","message":"Bad
mac","info":"https://github.com/mozilla/fxa-auth-server/blob/master/docs/api.md#response-format","log":[]}
1429017409938 Sync.BrowserIDManager ERROR Authentication error in
_fetchTokenForUser:
{"details":{"code":401,"errno":109,"error":"Unauthorized","message":"Bad
mac","info":"https://github.com/mozilla/fxa-auth-server/blob/master/docs/api.md#response-format","log":[]}}
Here are diffs showing my configuration changes from git (cloned a
couple of days ago).
fxa-content-server/server/config/local.json
2c2,4
< "public_url": "http://127.0.0.1:3030";,
---
"fxaccount_url": "https://fxa.example.com:9900";,
"public_url": "https://fxa.example.com:3030";,
"redirect_port": 8800,
12c14
< "secret": "YOU MUST CHANGE ME",
---
"secret": "YOU MUST CHANGE ME OK THEN",
16c18,20
< "use_https": false,
---
"use_https": true,
"cert_path": "/usr/local/src/fxa/server.crt",
"key_path": "/usr/local/src/fxa/server.key",
fxa-auth-server/config/dev.json
3c3
< "url": "http://127.0.0.1:3030";
---
"url": "https://fxa.example.com:3030";
4a5,11
"listen": {
"host": "192.168.2.7",
"port": "9900"
},
"useHttps": true,
"keyPath": "../server.key",
"certPath": "../server.crt",
7c14
< "port": 9999,
---
"port": 25,
9c16,18
< "sender": "[email protected]",
---
"sender": "[email protected]",
"user": "myusername",
"password": "mypassword",
I've also tried with no SSL on either server, but the results are
the same. The key/cert pair I use for both servers is the same pair
used by the local Apache server, if that's relevant. Most tests
were done with a client on localhost, but I can easily try from
another IP on the LAN if that helps.
Any advice welcome. I didn't think I'd get this far on my own, but
I have definitely hit the wall now.
Thanks,
Robin Bankhead
_______________________________________________
Sync-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/sync-dev
_______________________________________________
Sync-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/sync-dev
