> > What exactly are generation numbers and how are they created? >
I suspect that you can ignore the details here, because you control neither the IdP nor the consumer; just know that this can fail, and doing so implies either bad input or a bug somewhere — see e.g., Bug 985504, Bug 1042109. Prompt the user for their credentials again, and start over. The purpose of this whole flow is to make sure that clients with different passwords (because you changed it on one device), and thus different keys, don't sync to the same server and screw things up by seeing/writing partial state. The purpose of the generation check is to avoid accidental time travel. > Which credentials are mentioned here? The "id" and "key" fields in the > tokenserver response? > > If so, are they base64 decoded and directly fed into HAWK header > generation process, or is there something more than just this? > You should read this. It's easier to understand the Java source than to explain in English :) https://dxr.mozilla.org/mozilla-central/source/mobile/android/services/src/main/java/org/mozilla/gecko/sync/net/HawkAuthHeaderProvider.java
_______________________________________________ Sync-dev mailing list Sync-dev@mozilla.org https://mail.mozilla.org/listinfo/sync-dev
