syncserver: Authentication fails with cause "invalid-generation" with commit 72d618f

The latest commit seems to have broken authentication on my syncserver.

From about:sync-log:

1495882087010   Common.TokenServerClient    DEBUG   Beginning BID assertion exchange: https://XXX/token/1.0/sync/1.5
1495882087011   Services.Common.RESTRequest DEBUG   GET request to https://XXX/token/1.0/sync/1.5
1495882087011   Services.Common.RESTRequest TRACE   HTTP Header accept: application/json
1495882087011   Services.Common.RESTRequest TRACE   HTTP Header authorization: ***** (suppressed)
1495882087011   Services.Common.RESTRequest TRACE   HTTP Header x-client-state: XXX
1495882087020   FirefoxAccounts DEBUG   writing secure storage: ["kA","kB"]
1495882088114   Services.Common.RESTRequest TRACE   onStartRequest: GET https://XXX/token/1.0/sync/1.5
1495882088115   Services.Common.RESTRequest TRACE   Channel for GET https://XXX/token/1.0/sync/1.5 returned status code 0
1495882088115   Services.Common.RESTRequest DEBUG   GET https://XXX/token/1.0/sync/1.5 401
1495882088115   Services.Common.RESTRequest TRACE   GET body: {"status": "invalid-generation", "errors": [{"location": "body", "name": "", "description": "Unauthorized"}]}
1495882088115   Common.TokenServerClient    DEBUG   Got token response: 401
1495882088115   Common.TokenServerClient    INFO    Server-reported error: {"location":"body","name":"","description":"Unauthorized"}
1495882088116   Sync.BrowserIDManager   ERROR   Authentication error in _fetchTokenForUser: {"details":{"now":"2017-05-27T10:48:08.115Z","message":"Authentication failed.","cause":"invalid-generation","response_body":"{\"status\": \"invalid-generation\", \"errors\": [{\"location\": \"body\", \"name\": \"\", \"description\": \"Unauthorized\"}]}","response_headers":{"server":"nginx","date":"Sat, 27 May 2017 10:48:08 GMT","content-type":"application/json; charset=UTF-8","content-length":"109","x-weave-timestamp":"1495882088.41","x-timestamp":"1495882088","x-firefox-spdy":"h2"},"response_status":401,"name":"TokenServerClientServerError"},"source":"tokenserver"}
1495882088117   Sync.Status DEBUG   Status.login: success.login => error.login.reason.account
1495882088117   Sync.Status DEBUG   Status.service: success.status_ok => error.login.failed
1495882088123   Sync.BrowserIDManager   ERROR   Failed to fetch a token for authentication: {"details":{"now":"2017-05-27T10:48:08.115Z","message":"Authentication failed.","cause":"invalid-generation","response_body":"{\"status\": \"invalid-generation\", \"errors\": [{\"location\": \"body\", \"name\": \"\", \"description\": \"Unauthorized\"}]}","response_headers":{"server":"nginx","date":"Sat, 27 May 2017 10:48:08 GMT","content-type":"application/json; charset=UTF-8","content-length":"109","x-weave-timestamp":"1495882088.41","x-timestamp":"1495882088","x-firefox-spdy":"h2"},"response_status":401,"name":"TokenServerClientServerError"},"source":"tokenserver"}
1495882088527   Sync.Resource   DEBUG   mesg: GET fail 401 https://XXX/storage/1.5/1/info/collections
1495882088527   Sync.Resource   DEBUG   GET fail 401 https://XXX/storage/1.5/1/info/collections
1495882088528   Sync.Resource   WARN    GET request to https://XXX/storage/1.5/1/info/collections failed with status 401
1495882088529   Sync.Service    INFO    Logging out
1495882088532   browserwindow.syncui    DEBUG   observed: weave:service:logout:finish
1495882088533   browserwindow.syncui    DEBUG   observed: weave:service:logout:finish
1495882088533   browserwindow.syncui    DEBUG   observed: weave:service:logout:finish
1495882088534   Sync.SyncScheduler  DEBUG   Next sync in 3600000 ms.
1495882088534   Sync.ErrorHandler   INFO    Got 401 response; resetting clusterURL.
1495882088534   Sync.ErrorHandler   DEBUG   New mid-sync 401 failure. Making a note.
1495882088534   Sync.ErrorHandler   INFO    Attempting to schedule another sync.
1495882088534   Sync.Service    ERROR   Aborting sync: failed to get collections.

The client is Firefox/53.0.3 (Intel Mac OS X 10.12) FxSync/1.55.0.20170518000419.desktop. The client prompts to reauthenticate, then produces the error above and immediately asks to reauthenticate again.

The server is running via nginx+uwsgi on Debian Jessie.

If I revert back to commit 7fe5c0f everything works again and if I then checkout 72d618f again, I get the same error again, so it must be commit 72d618f which breaks it.

About this issue

  • Original URL
  • State: closed
  • Created 7 years ago
  • Comments: 18 (8 by maintainers)

Commits related to this issue

Most upvoted comments

For anyone still encountering this issue after the fixed version, try a checkout of 7fe5c0f, sync a device, and then going on to master@HEAD.

Just happened to me after an update from a much older version. Looks like the intermediate step is required.

+2
BobVul on Aug 10, 2017
Read more comments on GitHub
← sccache: when scheduler is unreachable, sccache panics with "thread 'tokio-runtime-worker' panicked at 'Cannot start a runtime from within a runtime. This happens because a function (like `block_on`) attempted to block the current thread while the thread is being used to drive asynchronous tasks.', .cargo/registry/src/github.com-1ecc6299db9ec823/tokio-1.16.1/src/runtime/enter.rs:39:9
syncserver: build error: Package 'setuptools' requires a different Python: 2.7.12 not in '>=3.5' →