Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(payments): add Email Verification to Passwordless Flow #12683

Merged
merged 1 commit into from
May 16, 2022
Merged

feat(payments): add Email Verification to Passwordless Flow #12683

merged 1 commit into from
May 16, 2022

Conversation

IvoJP
Copy link
Contributor

@IvoJP IvoJP commented Apr 27, 2022
edited
Loading

Because:

  • We want to prevent subscriptions created for fraudulent purposes that use invalid email domains

This commit:

  • As a temp solution refactors the email domain check used by content server and piggy-backs off the account status check to return information about the validity of the email domain

Closes #12406

Checklist

Put an x in the boxes that apply

  • My commit is GPG signed.
  • If applicable, I have modified or added tests which pass locally.
  • I have added necessary documentation (if appropriate).
  • I have verified that my changes render correctly in RTL (if appropriate).

Other information (Optional)

This is a temporary solution until we evaluate alternatives in #12405 and determine what a more permanent solution will be. I wanted this to be minimally invasive in how things currently work and as easily to remove/revert as possible later.

@IvoJP IvoJP force-pushed the fxa-4827/checkout-email-checker branch 2 times, most recently from dd4da40 to 55b390c Compare May 5, 2022 23:23
@IvoJP IvoJP changed the title Fxa 4827/checkout email checker feat(payments): add Email Verification to Passwordless Flow May 5, 2022
@IvoJP IvoJP requested a review from bbangert May 6, 2022 17:30
@IvoJP IvoJP marked this pull request as ready for review May 6, 2022 17:30
@IvoJP IvoJP requested a review from a team as a code owner May 6, 2022 17:30
bbangert
bbangert requested changes May 11, 2022
View reviewed changes
packages/fxa-shared/email/emailValidatorErrors.js Outdated Show resolved Hide resolved
packages/fxa-auth-server/lib/routes/account.ts Outdated Show resolved Hide resolved
packages/fxa-shared/email/validateEmail.js Outdated Show resolved Hide resolved
packages/fxa-shared/email/validateEmail.js Outdated Show resolved Hide resolved
packages/fxa-shared/email/validateEmail.js Outdated Show resolved Hide resolved
packages/fxa-shared/email/validateEmail.js Outdated Show resolved Hide resolved
@bbangert
Copy link
Member

This seems to only hook the email check into a client-driven API call that it checks. If a user tweaks their local code to ignore the invalid response here, will our other account creation code run this email domain check as well? If not, they can still bypass this.

StaberindeZA
StaberindeZA requested changes May 11, 2022
View reviewed changes
Copy link
Contributor

@StaberindeZA StaberindeZA left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On the front-end side, just 1 small change to the .ftl file.

I also got some different behaviour from the content-server vs payments-server, which I've tried summarizing below.

Content Server

  • ray@j.com => Error with message "Mistyped email? j.com does not offer email."
  • ray@jj.com => Error with message "Mistyped email?"

Payments Server

  • ray@j.com => Error with message "Mistyped email? ⁨j.com⁩ does not offer email."
  • ray@jj.com => No error message

packages/fxa-payments-server/public/locales/en-US/main.ftl Show resolved Hide resolved
@IvoJP
Copy link
Contributor Author

IvoJP commented May 11, 2022
edited
Loading

@StaberindeZA not sure why content errors on it, i will look into it but jj.com is valid - its johnson and johnson's website so the payments server is correct in behavior in what your described but i could have done something that affected the content server from handling correctly.

UPDATE: @StaberindeZA so i just checked this on production, content server is behaving as your described on production which is incorrect.

@IvoJP IvoJP force-pushed the fxa-4827/checkout-email-checker branch from 55b390c to 0d4a6f3 Compare May 11, 2022 18:13
@StaberindeZA
Copy link
Contributor

i will look into it but jj.com is valid

I had a quick look, and according to mailbox.validator.com the jj.com domain has no active MX records, and I believe I saw something in the code checking for that? Might explain why the error pops up in production.

image

@IvoJP
Copy link
Contributor Author

IvoJP commented May 11, 2022

Yeah I think it is because the content server warns if it can resolve the domain to an IP address but not find a MX record for the domain. If thats the case, the content server actually lets you proceed, you can click "Continue" again and it will dismiss the warning and proceed, whereas if it can't resolve either a MX record or IP address it blocks it entirely.

What I am missing, i guess, from the payments server is the warning but I am not sure with how we have the payments server setup if i could do something similar. I'll take a look but my vote would be to ignore the warning since we do allow users to use a domain that resolves to an IP address even if an MX record cannot be found.

@IvoJP IvoJP force-pushed the fxa-4827/checkout-email-checker branch 2 times, most recently from 5361a97 to 1eafe77 Compare May 11, 2022 20:08
@IvoJP IvoJP force-pushed the fxa-4827/checkout-email-checker branch 2 times, most recently from 6b0856f to d7cc356 Compare May 11, 2022 21:34
@IvoJP
Copy link
Contributor Author

IvoJP commented May 11, 2022

@bbangert I caught an error in domain check so i added basically a bypess if there is any error; in the error check now it sets both checks (mail exchange and ipv4) to true so that we don't block anyone from signing up if domain checker fails for any reason.

To answer your question in your other comment: this check does not happen on account creation, this is purely a FE check. I can look into adding to the account creation as well - my original intent was for this to behave exactly as it does for the content server but obvisously the abuse/fraud is happening on subplat so if we are concerned malicious actors will bypass the check then that necessitates adding it on account creation as well.

@StaberindeZA i briefly looked over the component where we display the error and the app running on the content server - the app on the content server has all 4 scenarios accounted for: skipped, passes, fails mail exchange but not IP (which results in a warning tool tip but does not block the user from moving forward), or fails both (user is blocked from proceeding). I dont think NewUserEmailForm is set up for warnings, we just have errors which block the form. Functionally, they allow and permit the same things but on the checkout page we wont have the warning about Mistyped email? for domains that dont have an MX record. Let me know if this is blocking for you.

@IvoJP IvoJP requested review from bbangert and StaberindeZA May 11, 2022 22:48
StaberindeZA
StaberindeZA approved these changes May 12, 2022
View reviewed changes
Copy link
Contributor

@StaberindeZA StaberindeZA left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

r+ wc

As you mentioned, this blocks the invalid domains, the same way as the content server. For the "warning" message, could you file a follow up ticket so we can discuss whether or not we should pick it up?

packages/fxa-payments-server/src/components/NewUserEmailForm/index.test.tsx Outdated Show resolved Hide resolved
packages/fxa-payments-server/src/components/NewUserEmailForm/index.tsx Outdated Show resolved Hide resolved
packages/fxa-payments-server/public/locales/en-US/main.ftl Outdated Show resolved Hide resolved
@IvoJP IvoJP force-pushed the fxa-4827/checkout-email-checker branch from d7cc356 to 129080b Compare May 13, 2022 00:53
@IvoJP
Copy link
Contributor Author

IvoJP commented May 13, 2022

@bbangert I have added the check to the stub account creation and added tests.

@IvoJP
feat(payments): add Email Verification to Passwordless Flow
4ad86a4 
Because:

* We want to prevent subscriptions created for fraudulent purposes that use invalid email domains

This commit:

* As a temp solution refactors the email domain check used by content server and piggy-backs off the account status check to return information about the validity of the email domain

Closes #12406
@IvoJP IvoJP force-pushed the fxa-4827/checkout-email-checker branch from 129080b to 4ad86a4 Compare May 16, 2022 22:35
@IvoJP IvoJP merged commit f29fb5f into main May 16, 2022
@IvoJP IvoJP deleted the fxa-4827/checkout-email-checker branch May 16, 2022 23:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@StaberindeZA StaberindeZA StaberindeZA approved these changes

@bbangert bbangert bbangert approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

In the checkout flow use Fxa domain checker on email input
3 participants
@IvoJP @bbangert @StaberindeZA