search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
history | raw | HEAD
Bug 1851372 [wpt PR 41785] - HTML: search setter always uses UTF-8, a=testonly
[gecko.git] / services / fxaccounts / FxAccountsCommon.sys.mjs
blob48435e1c707516bdcf96c3e8a11facedf4a58626
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2  * License, v. 2.0. If a copy of the MPL was not distributed with this
3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5 import { Log } from "resource://gre/modules/Log.sys.mjs";
6 import { LogManager } from "resource://services-common/logmanager.sys.mjs";
7
8 // loglevel should be one of "Fatal", "Error", "Warn", "Info", "Config",
9 // "Debug", "Trace" or "All". If none is specified, "Debug" will be used by
10 // default.  Note "Debug" is usually appropriate so that when this log is
11 // included in the Sync file logs we get verbose output.
12 const PREF_LOG_LEVEL = "identity.fxaccounts.loglevel";
13
14 // A pref that can be set so "sensitive" information (eg, personally
15 // identifiable info, credentials, etc) will be logged.
16 const PREF_LOG_SENSITIVE_DETAILS = "identity.fxaccounts.log.sensitive";
17
18 export let log = Log.repository.getLogger("FirefoxAccounts");
19 log.manageLevelFromPref(PREF_LOG_LEVEL);
20
21 let logs = [
22   "Sync",
23   "Services.Common",
24   "FirefoxAccounts",
25   "Hawk",
26   "browserwindow.syncui",
27   "BookmarkSyncUtils",
28   "addons.xpi",
29 ];
30
31 // For legacy reasons, the log manager still thinks it's part of sync.
32 export let logManager = new LogManager("services.sync.", logs, "sync");
33
34 // A boolean to indicate if personally identifiable information (or anything
35 // else sensitive, such as credentials) should be logged.
36 export let logPII = () =>
37   Services.prefs.getBoolPref(PREF_LOG_SENSITIVE_DETAILS, false);
38
39 export let FXACCOUNTS_PERMISSION = "firefox-accounts";
40
41 export let DATA_FORMAT_VERSION = 1;
42 export let DEFAULT_STORAGE_FILENAME = "signedInUser.json";
43
44 export let OAUTH_TOKEN_FOR_SYNC_LIFETIME_SECONDS = 3600 * 6; // 6 hours
45
46 // After we start polling for account verification, we stop polling when this
47 // many milliseconds have elapsed.
48 export let POLL_SESSION = 1000 * 60 * 20; // 20 minutes
49
50 // Observer notifications.
51 export let ONLOGIN_NOTIFICATION = "fxaccounts:onlogin";
52 export let ONVERIFIED_NOTIFICATION = "fxaccounts:onverified";
53 export let ONLOGOUT_NOTIFICATION = "fxaccounts:onlogout";
54 export let ON_PRELOGOUT_NOTIFICATION = "fxaccounts:on_pre_logout";
55 // Internal to services/fxaccounts only
56 export let ON_DEVICE_CONNECTED_NOTIFICATION = "fxaccounts:device_connected";
57 export let ON_DEVICE_DISCONNECTED_NOTIFICATION =
58   "fxaccounts:device_disconnected";
59 export let ON_PROFILE_UPDATED_NOTIFICATION = "fxaccounts:profile_updated"; // Push
60 export let ON_PASSWORD_CHANGED_NOTIFICATION = "fxaccounts:password_changed";
61 export let ON_PASSWORD_RESET_NOTIFICATION = "fxaccounts:password_reset";
62 export let ON_ACCOUNT_DESTROYED_NOTIFICATION = "fxaccounts:account_destroyed";
63 export let ON_COLLECTION_CHANGED_NOTIFICATION = "sync:collection_changed";
64 export let ON_VERIFY_LOGIN_NOTIFICATION = "fxaccounts:verify_login";
65 export let ON_COMMAND_RECEIVED_NOTIFICATION = "fxaccounts:command_received";
66
67 export let FXA_PUSH_SCOPE_ACCOUNT_UPDATE = "chrome://fxa-device-update";
68
69 export let ON_PROFILE_CHANGE_NOTIFICATION = "fxaccounts:profilechange"; // WebChannel
70 export let ON_ACCOUNT_STATE_CHANGE_NOTIFICATION = "fxaccounts:statechange";
71 export let ON_NEW_DEVICE_ID = "fxaccounts:new_device_id";
72 export let ON_DEVICELIST_UPDATED = "fxaccounts:devicelist_updated";
73
74 // The common prefix for all commands.
75 export let COMMAND_PREFIX = "https://identity.mozilla.com/cmd/";
76
77 // The commands we support - only the _TAIL values are recorded in telemetry.
78 export let COMMAND_SENDTAB_TAIL = "open-uri";
79 export let COMMAND_SENDTAB = COMMAND_PREFIX + COMMAND_SENDTAB_TAIL;
80
81 // OAuth
82 export let FX_OAUTH_CLIENT_ID = "5882386c6d801776";
83 export let SCOPE_PROFILE = "profile";
84 export let SCOPE_PROFILE_WRITE = "profile:write";
85 export let SCOPE_OLD_SYNC = "https://identity.mozilla.com/apps/oldsync";
86
87 // This scope was previously used to calculate a telemetry tracking identifier for
88 // the account, but that system has since been decommissioned. It's here entirely
89 // so that we can remove the corresponding key from storage if present. We should
90 // be safe to remove it after some sensible period of time has elapsed to allow
91 // most clients to update; ref Bug 1697596.
92 export let DEPRECATED_SCOPE_ECOSYSTEM_TELEMETRY =
93   "https://identity.mozilla.com/ids/ecosystem_telemetry";
94
95 // OAuth metadata for other Firefox-related services that we might need to know about
96 // in order to provide an enhanced user experience.
97 export let FX_MONITOR_OAUTH_CLIENT_ID = "802d56ef2a9af9fa";
98
99 // UI Requests.
100 export let UI_REQUEST_SIGN_IN_FLOW = "signInFlow";
101 export let UI_REQUEST_REFRESH_AUTH = "refreshAuthentication";
102
103 // Firefox Accounts WebChannel ID
104 export let WEBCHANNEL_ID = "account_updates";
105
106 // WebChannel commands
107 export let COMMAND_PAIR_HEARTBEAT = "fxaccounts:pair_heartbeat";
108 export let COMMAND_PAIR_SUPP_METADATA = "fxaccounts:pair_supplicant_metadata";
109 export let COMMAND_PAIR_AUTHORIZE = "fxaccounts:pair_authorize";
110 export let COMMAND_PAIR_DECLINE = "fxaccounts:pair_decline";
111 export let COMMAND_PAIR_COMPLETE = "fxaccounts:pair_complete";
112
113 export let COMMAND_PROFILE_CHANGE = "profile:change";
114 export let COMMAND_CAN_LINK_ACCOUNT = "fxaccounts:can_link_account";
115 export let COMMAND_LOGIN = "fxaccounts:login";
116 export let COMMAND_LOGOUT = "fxaccounts:logout";
117 export let COMMAND_DELETE = "fxaccounts:delete";
118 export let COMMAND_SYNC_PREFERENCES = "fxaccounts:sync_preferences";
119 export let COMMAND_CHANGE_PASSWORD = "fxaccounts:change_password";
120 export let COMMAND_FXA_STATUS = "fxaccounts:fxa_status";
121 export let COMMAND_PAIR_PREFERENCES = "fxaccounts:pair_preferences";
122 export let COMMAND_FIREFOX_VIEW = "fxaccounts:firefox_view";
123
124 // The pref branch where any prefs which relate to a specific account should
125 // be stored. This branch will be reset on account signout and signin.
126 export let PREF_ACCOUNT_ROOT = "identity.fxaccounts.account.";
127
128 export let PREF_LAST_FXA_USER = "identity.fxaccounts.lastSignedInUserHash";
129 export let PREF_REMOTE_PAIRING_URI = "identity.fxaccounts.remote.pairing.uri";
130
131 // Server errno.
132 // From https://github.com/mozilla/fxa-auth-server/blob/master/docs/api.md#response-format
133 export let ERRNO_ACCOUNT_ALREADY_EXISTS = 101;
134 export let ERRNO_ACCOUNT_DOES_NOT_EXIST = 102;
135 export let ERRNO_INCORRECT_PASSWORD = 103;
136 export let ERRNO_UNVERIFIED_ACCOUNT = 104;
137 export let ERRNO_INVALID_VERIFICATION_CODE = 105;
138 export let ERRNO_NOT_VALID_JSON_BODY = 106;
139 export let ERRNO_INVALID_BODY_PARAMETERS = 107;
140 export let ERRNO_MISSING_BODY_PARAMETERS = 108;
141 export let ERRNO_INVALID_REQUEST_SIGNATURE = 109;
142 export let ERRNO_INVALID_AUTH_TOKEN = 110;
143 export let ERRNO_INVALID_AUTH_TIMESTAMP = 111;
144 export let ERRNO_MISSING_CONTENT_LENGTH = 112;
145 export let ERRNO_REQUEST_BODY_TOO_LARGE = 113;
146 export let ERRNO_TOO_MANY_CLIENT_REQUESTS = 114;
147 export let ERRNO_INVALID_AUTH_NONCE = 115;
148 export let ERRNO_ENDPOINT_NO_LONGER_SUPPORTED = 116;
149 export let ERRNO_INCORRECT_LOGIN_METHOD = 117;
150 export let ERRNO_INCORRECT_KEY_RETRIEVAL_METHOD = 118;
151 export let ERRNO_INCORRECT_API_VERSION = 119;
152 export let ERRNO_INCORRECT_EMAIL_CASE = 120;
153 export let ERRNO_ACCOUNT_LOCKED = 121;
154 export let ERRNO_ACCOUNT_UNLOCKED = 122;
155 export let ERRNO_UNKNOWN_DEVICE = 123;
156 export let ERRNO_DEVICE_SESSION_CONFLICT = 124;
157 export let ERRNO_SERVICE_TEMP_UNAVAILABLE = 201;
158 export let ERRNO_PARSE = 997;
159 export let ERRNO_NETWORK = 998;
160 export let ERRNO_UNKNOWN_ERROR = 999;
161
162 // Offset oauth server errnos so they don't conflict with auth server errnos
163 export let OAUTH_SERVER_ERRNO_OFFSET = 1000;
164
165 // OAuth Server errno.
166 export let ERRNO_UNKNOWN_CLIENT_ID = 101 + OAUTH_SERVER_ERRNO_OFFSET;
167 export let ERRNO_INCORRECT_CLIENT_SECRET = 102 + OAUTH_SERVER_ERRNO_OFFSET;
168 export let ERRNO_INCORRECT_REDIRECT_URI = 103 + OAUTH_SERVER_ERRNO_OFFSET;
169 export let ERRNO_INVALID_FXA_ASSERTION = 104 + OAUTH_SERVER_ERRNO_OFFSET;
170 export let ERRNO_UNKNOWN_CODE = 105 + OAUTH_SERVER_ERRNO_OFFSET;
171 export let ERRNO_INCORRECT_CODE = 106 + OAUTH_SERVER_ERRNO_OFFSET;
172 export let ERRNO_EXPIRED_CODE = 107 + OAUTH_SERVER_ERRNO_OFFSET;
173 export let ERRNO_OAUTH_INVALID_TOKEN = 108 + OAUTH_SERVER_ERRNO_OFFSET;
174 export let ERRNO_INVALID_REQUEST_PARAM = 109 + OAUTH_SERVER_ERRNO_OFFSET;
175 export let ERRNO_INVALID_RESPONSE_TYPE = 110 + OAUTH_SERVER_ERRNO_OFFSET;
176 export let ERRNO_UNAUTHORIZED = 111 + OAUTH_SERVER_ERRNO_OFFSET;
177 export let ERRNO_FORBIDDEN = 112 + OAUTH_SERVER_ERRNO_OFFSET;
178 export let ERRNO_INVALID_CONTENT_TYPE = 113 + OAUTH_SERVER_ERRNO_OFFSET;
179
180 // Errors.
181 export let ERROR_ACCOUNT_ALREADY_EXISTS = "ACCOUNT_ALREADY_EXISTS";
182 export let ERROR_ACCOUNT_DOES_NOT_EXIST = "ACCOUNT_DOES_NOT_EXIST ";
183 export let ERROR_ACCOUNT_LOCKED = "ACCOUNT_LOCKED";
184 export let ERROR_ACCOUNT_UNLOCKED = "ACCOUNT_UNLOCKED";
185 export let ERROR_ALREADY_SIGNED_IN_USER = "ALREADY_SIGNED_IN_USER";
186 export let ERROR_DEVICE_SESSION_CONFLICT = "DEVICE_SESSION_CONFLICT";
187 export let ERROR_ENDPOINT_NO_LONGER_SUPPORTED = "ENDPOINT_NO_LONGER_SUPPORTED";
188 export let ERROR_INCORRECT_API_VERSION = "INCORRECT_API_VERSION";
189 export let ERROR_INCORRECT_EMAIL_CASE = "INCORRECT_EMAIL_CASE";
190 export let ERROR_INCORRECT_KEY_RETRIEVAL_METHOD =
191   "INCORRECT_KEY_RETRIEVAL_METHOD";
192 export let ERROR_INCORRECT_LOGIN_METHOD = "INCORRECT_LOGIN_METHOD";
193 export let ERROR_INVALID_EMAIL = "INVALID_EMAIL";
194 export let ERROR_INVALID_AUDIENCE = "INVALID_AUDIENCE";
195 export let ERROR_INVALID_AUTH_TOKEN = "INVALID_AUTH_TOKEN";
196 export let ERROR_INVALID_AUTH_TIMESTAMP = "INVALID_AUTH_TIMESTAMP";
197 export let ERROR_INVALID_AUTH_NONCE = "INVALID_AUTH_NONCE";
198 export let ERROR_INVALID_BODY_PARAMETERS = "INVALID_BODY_PARAMETERS";
199 export let ERROR_INVALID_PASSWORD = "INVALID_PASSWORD";
200 export let ERROR_INVALID_VERIFICATION_CODE = "INVALID_VERIFICATION_CODE";
201 export let ERROR_INVALID_REFRESH_AUTH_VALUE = "INVALID_REFRESH_AUTH_VALUE";
202 export let ERROR_INVALID_REQUEST_SIGNATURE = "INVALID_REQUEST_SIGNATURE";
203 export let ERROR_INTERNAL_INVALID_USER = "INTERNAL_ERROR_INVALID_USER";
204 export let ERROR_MISSING_BODY_PARAMETERS = "MISSING_BODY_PARAMETERS";
205 export let ERROR_MISSING_CONTENT_LENGTH = "MISSING_CONTENT_LENGTH";
206 export let ERROR_NO_TOKEN_SESSION = "NO_TOKEN_SESSION";
207 export let ERROR_NO_SILENT_REFRESH_AUTH = "NO_SILENT_REFRESH_AUTH";
208 export let ERROR_NOT_VALID_JSON_BODY = "NOT_VALID_JSON_BODY";
209 export let ERROR_OFFLINE = "OFFLINE";
210 export let ERROR_PERMISSION_DENIED = "PERMISSION_DENIED";
211 export let ERROR_REQUEST_BODY_TOO_LARGE = "REQUEST_BODY_TOO_LARGE";
212 export let ERROR_SERVER_ERROR = "SERVER_ERROR";
213 export let ERROR_SYNC_DISABLED = "SYNC_DISABLED";
214 export let ERROR_TOO_MANY_CLIENT_REQUESTS = "TOO_MANY_CLIENT_REQUESTS";
215 export let ERROR_SERVICE_TEMP_UNAVAILABLE = "SERVICE_TEMPORARY_UNAVAILABLE";
216 export let ERROR_UI_ERROR = "UI_ERROR";
217 export let ERROR_UI_REQUEST = "UI_REQUEST";
218 export let ERROR_PARSE = "PARSE_ERROR";
219 export let ERROR_NETWORK = "NETWORK_ERROR";
220 export let ERROR_UNKNOWN = "UNKNOWN_ERROR";
221 export let ERROR_UNKNOWN_DEVICE = "UNKNOWN_DEVICE";
222 export let ERROR_UNVERIFIED_ACCOUNT = "UNVERIFIED_ACCOUNT";
223
224 // OAuth errors.
225 export let ERROR_UNKNOWN_CLIENT_ID = "UNKNOWN_CLIENT_ID";
226 export let ERROR_INCORRECT_CLIENT_SECRET = "INCORRECT_CLIENT_SECRET";
227 export let ERROR_INCORRECT_REDIRECT_URI = "INCORRECT_REDIRECT_URI";
228 export let ERROR_INVALID_FXA_ASSERTION = "INVALID_FXA_ASSERTION";
229 export let ERROR_UNKNOWN_CODE = "UNKNOWN_CODE";
230 export let ERROR_INCORRECT_CODE = "INCORRECT_CODE";
231 export let ERROR_EXPIRED_CODE = "EXPIRED_CODE";
232 export let ERROR_OAUTH_INVALID_TOKEN = "OAUTH_INVALID_TOKEN";
233 export let ERROR_INVALID_REQUEST_PARAM = "INVALID_REQUEST_PARAM";
234 export let ERROR_INVALID_RESPONSE_TYPE = "INVALID_RESPONSE_TYPE";
235 export let ERROR_UNAUTHORIZED = "UNAUTHORIZED";
236 export let ERROR_FORBIDDEN = "FORBIDDEN";
237 export let ERROR_INVALID_CONTENT_TYPE = "INVALID_CONTENT_TYPE";
238
239 // Additional generic error classes for external consumers
240 export let ERROR_NO_ACCOUNT = "NO_ACCOUNT";
241 export let ERROR_AUTH_ERROR = "AUTH_ERROR";
242 export let ERROR_INVALID_PARAMETER = "INVALID_PARAMETER";
243
244 // Status code errors
245 export let ERROR_CODE_METHOD_NOT_ALLOWED = 405;
246 export let ERROR_MSG_METHOD_NOT_ALLOWED = "METHOD_NOT_ALLOWED";
247
248 // FxAccounts has the ability to "split" the credentials between a plain-text
249 // JSON file in the profile dir and in the login manager.
250 // In order to prevent new fields accidentally ending up in the "wrong" place,
251 // all fields stored are listed here.
252
253 // The fields we save in the plaintext JSON.
254 // See bug 1013064 comments 23-25 for why the sessionToken is "safe"
255 export let FXA_PWDMGR_PLAINTEXT_FIELDS = new Set([
256   "email",
257   "verified",
258   "authAt",
259   "sessionToken",
260   "uid",
261   "oauthTokens",
262   "profile",
263   "device",
264   "profileCache",
265   "encryptedSendTabKeys",
266 ]);
267
268 // Fields we store in secure storage if it exists.
269 export let FXA_PWDMGR_SECURE_FIELDS = new Set([
270   "keyFetchToken",
271   "unwrapBKey",
272   "scopedKeys",
273 ]);
274
275 // An allowlist of fields that remain in storage when the user needs to
276 // reauthenticate. All other fields will be removed.
277 export let FXA_PWDMGR_REAUTH_ALLOWLIST = new Set([
278   "email",
279   "uid",
280   "profile",
281   "device",
282   "verified",
283 ]);
284
285 // The pseudo-host we use in the login manager
286 export let FXA_PWDMGR_HOST = "chrome://FirefoxAccounts";
287 // The realm we use in the login manager.
288 export let FXA_PWDMGR_REALM = "Firefox Accounts credentials";
289
290 // Error matching.
291 export let SERVER_ERRNO_TO_ERROR = {
292   [ERRNO_ACCOUNT_ALREADY_EXISTS]: ERROR_ACCOUNT_ALREADY_EXISTS,
293   [ERRNO_ACCOUNT_DOES_NOT_EXIST]: ERROR_ACCOUNT_DOES_NOT_EXIST,
294   [ERRNO_INCORRECT_PASSWORD]: ERROR_INVALID_PASSWORD,
295   [ERRNO_UNVERIFIED_ACCOUNT]: ERROR_UNVERIFIED_ACCOUNT,
296   [ERRNO_INVALID_VERIFICATION_CODE]: ERROR_INVALID_VERIFICATION_CODE,
297   [ERRNO_NOT_VALID_JSON_BODY]: ERROR_NOT_VALID_JSON_BODY,
298   [ERRNO_INVALID_BODY_PARAMETERS]: ERROR_INVALID_BODY_PARAMETERS,
299   [ERRNO_MISSING_BODY_PARAMETERS]: ERROR_MISSING_BODY_PARAMETERS,
300   [ERRNO_INVALID_REQUEST_SIGNATURE]: ERROR_INVALID_REQUEST_SIGNATURE,
301   [ERRNO_INVALID_AUTH_TOKEN]: ERROR_INVALID_AUTH_TOKEN,
302   [ERRNO_INVALID_AUTH_TIMESTAMP]: ERROR_INVALID_AUTH_TIMESTAMP,
303   [ERRNO_MISSING_CONTENT_LENGTH]: ERROR_MISSING_CONTENT_LENGTH,
304   [ERRNO_REQUEST_BODY_TOO_LARGE]: ERROR_REQUEST_BODY_TOO_LARGE,
305   [ERRNO_TOO_MANY_CLIENT_REQUESTS]: ERROR_TOO_MANY_CLIENT_REQUESTS,
306   [ERRNO_INVALID_AUTH_NONCE]: ERROR_INVALID_AUTH_NONCE,
307   [ERRNO_ENDPOINT_NO_LONGER_SUPPORTED]: ERROR_ENDPOINT_NO_LONGER_SUPPORTED,
308   [ERRNO_INCORRECT_LOGIN_METHOD]: ERROR_INCORRECT_LOGIN_METHOD,
309   [ERRNO_INCORRECT_KEY_RETRIEVAL_METHOD]: ERROR_INCORRECT_KEY_RETRIEVAL_METHOD,
310   [ERRNO_INCORRECT_API_VERSION]: ERROR_INCORRECT_API_VERSION,
311   [ERRNO_INCORRECT_EMAIL_CASE]: ERROR_INCORRECT_EMAIL_CASE,
312   [ERRNO_ACCOUNT_LOCKED]: ERROR_ACCOUNT_LOCKED,
313   [ERRNO_ACCOUNT_UNLOCKED]: ERROR_ACCOUNT_UNLOCKED,
314   [ERRNO_UNKNOWN_DEVICE]: ERROR_UNKNOWN_DEVICE,
315   [ERRNO_DEVICE_SESSION_CONFLICT]: ERROR_DEVICE_SESSION_CONFLICT,
316   [ERRNO_SERVICE_TEMP_UNAVAILABLE]: ERROR_SERVICE_TEMP_UNAVAILABLE,
317   [ERRNO_UNKNOWN_ERROR]: ERROR_UNKNOWN,
318   [ERRNO_NETWORK]: ERROR_NETWORK,
319   // oauth
320   [ERRNO_UNKNOWN_CLIENT_ID]: ERROR_UNKNOWN_CLIENT_ID,
321   [ERRNO_INCORRECT_CLIENT_SECRET]: ERROR_INCORRECT_CLIENT_SECRET,
322   [ERRNO_INCORRECT_REDIRECT_URI]: ERROR_INCORRECT_REDIRECT_URI,
323   [ERRNO_INVALID_FXA_ASSERTION]: ERROR_INVALID_FXA_ASSERTION,
324   [ERRNO_UNKNOWN_CODE]: ERROR_UNKNOWN_CODE,
325   [ERRNO_INCORRECT_CODE]: ERROR_INCORRECT_CODE,
326   [ERRNO_EXPIRED_CODE]: ERROR_EXPIRED_CODE,
327   [ERRNO_OAUTH_INVALID_TOKEN]: ERROR_OAUTH_INVALID_TOKEN,
328   [ERRNO_INVALID_REQUEST_PARAM]: ERROR_INVALID_REQUEST_PARAM,
329   [ERRNO_INVALID_RESPONSE_TYPE]: ERROR_INVALID_RESPONSE_TYPE,
330   [ERRNO_UNAUTHORIZED]: ERROR_UNAUTHORIZED,
331   [ERRNO_FORBIDDEN]: ERROR_FORBIDDEN,
332   [ERRNO_INVALID_CONTENT_TYPE]: ERROR_INVALID_CONTENT_TYPE,
333 };
334
335 // Map internal errors to more generic error classes for consumers
336 export let ERROR_TO_GENERAL_ERROR_CLASS = {
337   [ERROR_ACCOUNT_ALREADY_EXISTS]: ERROR_AUTH_ERROR,
338   [ERROR_ACCOUNT_DOES_NOT_EXIST]: ERROR_AUTH_ERROR,
339   [ERROR_ACCOUNT_LOCKED]: ERROR_AUTH_ERROR,
340   [ERROR_ACCOUNT_UNLOCKED]: ERROR_AUTH_ERROR,
341   [ERROR_ALREADY_SIGNED_IN_USER]: ERROR_AUTH_ERROR,
342   [ERROR_DEVICE_SESSION_CONFLICT]: ERROR_AUTH_ERROR,
343   [ERROR_ENDPOINT_NO_LONGER_SUPPORTED]: ERROR_AUTH_ERROR,
344   [ERROR_INCORRECT_API_VERSION]: ERROR_AUTH_ERROR,
345   [ERROR_INCORRECT_EMAIL_CASE]: ERROR_AUTH_ERROR,
346   [ERROR_INCORRECT_KEY_RETRIEVAL_METHOD]: ERROR_AUTH_ERROR,
347   [ERROR_INCORRECT_LOGIN_METHOD]: ERROR_AUTH_ERROR,
348   [ERROR_INVALID_EMAIL]: ERROR_AUTH_ERROR,
349   [ERROR_INVALID_AUDIENCE]: ERROR_AUTH_ERROR,
350   [ERROR_INVALID_AUTH_TOKEN]: ERROR_AUTH_ERROR,
351   [ERROR_INVALID_AUTH_TIMESTAMP]: ERROR_AUTH_ERROR,
352   [ERROR_INVALID_AUTH_NONCE]: ERROR_AUTH_ERROR,
353   [ERROR_INVALID_BODY_PARAMETERS]: ERROR_AUTH_ERROR,
354   [ERROR_INVALID_PASSWORD]: ERROR_AUTH_ERROR,
355   [ERROR_INVALID_VERIFICATION_CODE]: ERROR_AUTH_ERROR,
356   [ERROR_INVALID_REFRESH_AUTH_VALUE]: ERROR_AUTH_ERROR,
357   [ERROR_INVALID_REQUEST_SIGNATURE]: ERROR_AUTH_ERROR,
358   [ERROR_INTERNAL_INVALID_USER]: ERROR_AUTH_ERROR,
359   [ERROR_MISSING_BODY_PARAMETERS]: ERROR_AUTH_ERROR,
360   [ERROR_MISSING_CONTENT_LENGTH]: ERROR_AUTH_ERROR,
361   [ERROR_NO_TOKEN_SESSION]: ERROR_AUTH_ERROR,
362   [ERROR_NO_SILENT_REFRESH_AUTH]: ERROR_AUTH_ERROR,
363   [ERROR_NOT_VALID_JSON_BODY]: ERROR_AUTH_ERROR,
364   [ERROR_PERMISSION_DENIED]: ERROR_AUTH_ERROR,
365   [ERROR_REQUEST_BODY_TOO_LARGE]: ERROR_AUTH_ERROR,
366   [ERROR_UNKNOWN_DEVICE]: ERROR_AUTH_ERROR,
367   [ERROR_UNVERIFIED_ACCOUNT]: ERROR_AUTH_ERROR,
368   [ERROR_UI_ERROR]: ERROR_AUTH_ERROR,
369   [ERROR_UI_REQUEST]: ERROR_AUTH_ERROR,
370   [ERROR_OFFLINE]: ERROR_NETWORK,
371   [ERROR_SERVER_ERROR]: ERROR_NETWORK,
372   [ERROR_TOO_MANY_CLIENT_REQUESTS]: ERROR_NETWORK,
373   [ERROR_SERVICE_TEMP_UNAVAILABLE]: ERROR_NETWORK,
374   [ERROR_PARSE]: ERROR_NETWORK,
375   [ERROR_NETWORK]: ERROR_NETWORK,
376
377   // oauth
378   [ERROR_INCORRECT_CLIENT_SECRET]: ERROR_AUTH_ERROR,
379   [ERROR_INCORRECT_REDIRECT_URI]: ERROR_AUTH_ERROR,
380   [ERROR_INVALID_FXA_ASSERTION]: ERROR_AUTH_ERROR,
381   [ERROR_UNKNOWN_CODE]: ERROR_AUTH_ERROR,
382   [ERROR_INCORRECT_CODE]: ERROR_AUTH_ERROR,
383   [ERROR_EXPIRED_CODE]: ERROR_AUTH_ERROR,
384   [ERROR_OAUTH_INVALID_TOKEN]: ERROR_AUTH_ERROR,
385   [ERROR_INVALID_REQUEST_PARAM]: ERROR_AUTH_ERROR,
386   [ERROR_INVALID_RESPONSE_TYPE]: ERROR_AUTH_ERROR,
387   [ERROR_UNAUTHORIZED]: ERROR_AUTH_ERROR,
388   [ERROR_FORBIDDEN]: ERROR_AUTH_ERROR,
389   [ERROR_INVALID_CONTENT_TYPE]: ERROR_AUTH_ERROR,
390 };