Bugfix FXIOS-14400 [Relay] Fix OAuth scopes (#31202)

* [FXIOS-14400] Fix OAuth for relay

* No need for function call

* [FXIOS-14400] Addtl log

Author: mattreaganmozilla

MozillaRustComponents/Sources/MozillaRustComponentsWrapper/FxAClient/FxAccountOAuth.swift

@@ -11,4 +11,6 @@ public enum OAuthScope {
     public static let oldSync: String = "https://identity.mozilla.com/apps/oldsync"
     // Necessary to obtain a sessionToken, which gives full access to the account.
     public static let session: String = "https://identity.mozilla.com/tokens/session"
+    // Necessary for Relay email masking support.
+    public static let relay: String = "https://identity.mozilla.com/apps/relay"
 }

firefox-ios/Client/Frontend/Browser/RelayController.swift

@@ -82,9 +82,7 @@ final class RelayController: RelayControllerProtocol, Notifiable {
             }
         }
 
-        var scope: String {
-            "profile"
-        }
+        var scope: String { OAuthScope.relay }
     }
 
     // MARK: - Properties
@@ -136,7 +134,9 @@ final class RelayController: RelayControllerProtocol, Notifiable {
 
     func emailFocusShouldDisplayRelayPrompt(url: URL) -> Bool {
         // Note: the prefs key defaults to On. No value (nil) should be treated as true.
-        guard Self.isFeatureEnabled, profile.prefs.boolForKey(PrefsKeys.ShowRelayMaskSuggestions) ?? true else {
+        guard Self.isFeatureEnabled,
+              profile.prefs.boolForKey(PrefsKeys.ShowRelayMaskSuggestions) ?? true,
+              client != nil else {
             return false
         }
         guard let relayRSClient, hasRelayAccount() else { return false }
@@ -157,7 +157,12 @@ final class RelayController: RelayControllerProtocol, Notifiable {
             return
         }
 
-        guard let webView = tab.webView, let client else { return }
+        guard let webView = tab.webView, let client else {
+            logger.log("No tab webview available, or client is nil. Will not populate email field.",
+                       level: .warning,
+                       category: .relay)
+            return
+        }
         Task {
             let (email, result) = await generateRelayMask(for: tab.url?.baseDomain ?? "", client: client)
             guard result != .error else { completion(.error); return }
@@ -319,7 +324,11 @@ final class RelayController: RelayControllerProtocol, Notifiable {
             switch result {
             case .success(let clients):
                 let OAuthID = isStaging ? RelayOAuthClientID.stage.rawValue : RelayOAuthClientID.release.rawValue
-                return clients.contains(where: { $0.clientId == OAuthID })
+                let hasRelayID = clients.contains(where: { $0.clientId == OAuthID })
+                if !hasRelayID {
+                    logger.log("No Relay service on this account.", level: .info, category: .relay)
+                }
+                return hasRelayID
             case .failure(let error):
                 logger.log("Error fetching OAuth clients for Relay: \(error)", level: .warning, category: .relay)
                 return false

firefox-ios/RustFxA/FirefoxAccountSignInViewController.swift

@@ -313,7 +313,7 @@ class FirefoxAccountSignInViewController: UIViewController, Themeable {
                     // We ask for the session scope because the web content never
                     // got the session as the user never entered their email and
                     // password
-                    scopes: [OAuthScope.profile, OAuthScope.oldSync, OAuthScope.session]
+                    scopes: [OAuthScope.profile, OAuthScope.oldSync, OAuthScope.session, OAuthScope.relay]
                 ) { [weak self] result in
                     guard self != nil else { return }
 

firefox-ios/RustFxA/FxAWebViewModel.swift

@@ -125,7 +125,7 @@ class FxAWebViewModel: FeatureFlaggable {
                 case .emailLoginFlow:
                     accountManager.beginAuthentication(
                         entrypoint: "email_\(entrypoint)",
-                        scopes: [OAuthScope.profile, OAuthScope.oldSync]
+                        scopes: [OAuthScope.profile, OAuthScope.oldSync, OAuthScope.relay]
                     ) { [weak self] result in
                         guard let self = self else { return }
 

firefox-ios/RustFxA/RustFirefoxAccounts.swift

@@ -186,7 +186,7 @@ public final class RustFirefoxAccounts: @unchecked Sendable {
         return FxAccountManager(
             config: config,
             deviceConfig: deviceConfig,
-            applicationScopes: [OAuthScope.profile, OAuthScope.oldSync, OAuthScope.session],
+            applicationScopes: [OAuthScope.profile, OAuthScope.oldSync, OAuthScope.session, OAuthScope.relay],
             keychainAccessGroup: accessGroupIdentifier,
             useRustKeychainForFxA: useRustKeychainForFxA
         )