[Bug]: Requesting API Keys breaks edit profile for my account

[MelissaAutumn]

What happened?

Hello!

While requesting API keys I've seem to have put my account in a state where it just breaks edit profile. TheOne on slack requested me to paste this sentry link here: https://mozilla.sentry.io/issues/4932852329/

These steps started on my mac work laptop.

Steps:

1. Navigated to https://addons.mozilla.org/en-CA/developers/addon/api/key/ from Developer Hub footer
2. Clicked on the Generate new credentials button (I can't remember the exact name of it)
3. It told me to go check my email
4. Click on the link in email and enter the login flow for fxa on mobile
5. After I click "Continue" on the fxa login flow (I was already logged in), the flow 500s (on mobile)
6. Confused I check the original page API key on desktop it does not contain any new information
7. I go to edit profile on AMO with the intention to click "Manage Mozilla accounts"
8. Notice the "Internal Server Error" on Edit Profile
9. Notice via the networks tab, that an api call to GET@https://addons.mozilla.org/api/v5/accounts/account/$my_user_id_goes_here/notifications/?lang=en-CA 500s with {"detail":"Internal Server Error"} (Note: I edited the url to remove my user id)

Internal Server Error screenshot:

I can only replicate the 500 for the fxa sign-in on mobile. (It's the only way I had access to the email my fxa uses at the time.) Finally accessing the link on desktop this morning works as expected for the API key generation. Unfortunately Edit Profile is still broken. I can still do other things on the site, like upload a theme for submission.

It's fully possible that this was broken before I entered the api key flow, but I have vague feelings about entering a functional edit profile before this though. Apologies that I can't offer more insight there!

What did you expect to happen?

1. After clicking the confirmation link in my email I see either the credentials or a button to generate credentials at https://addons.mozilla.org/en-CA/developers/addon/api/key/
2. Enjoying having api credentials alongside my edit profile still working.

Is there an existing issue for this?

• [X] I have searched the existing issues

┆Issue is synchronized with this Jira Task

[diox]

@MelissaAutumn do you know which page 500s on mobile ? I'm interested to know whether it is an FxA one or an AMO one.

The sentry error when editing profile is caused by us trying to sync notifications/newsletters the user is subscribed to with basket, and failing because basket doesn't have a token for that user. We should avoid that (see below), but I still don't know where the 500 at sign-in comes from - if it happens in FxA that's outside of our control though.

Dumb patch to avoid that the error in edit profile page:

diff --git a/src/olympia/amo/utils.py b/src/olympia/amo/utils.py
index 6bcd364af4..157503d77f 100644
--- a/src/olympia/amo/utils.py
+++ b/src/olympia/amo/utils.py
@@ -363,7 +363,7 @@ def sync_user_with_basket(user):
     """
     try:
         data = basket.lookup_user(user.email)
-        user.update(basket_token=data['token'])
+        user.update(basket_token=data['token'] or '')
         return data
     except Exception as exc:
         acceptable_errors = (
@@ -381,7 +381,7 @@ def fetch_subscribed_newsletters(user_profile):
     data = sync_user_with_basket(user_profile)

     if not user_profile.basket_token and data is not None:
-        user_profile.update(basket_token=data['token'])
+        user_profile.update(basket_token=data['token'] or '')
     elif data is None:
         return []
     return data['newsletters']

[diox]

According to @wagnerand the 500 at sign-in was on FxA and solved after clearing cookies. The 500 on edit profile page remains, we should look into my patch for this.

[MelissaAutumn]

Hello @diox. Yep it was fixed with clearing cookies. But it was on the FxA side!

Let me know if you need anymore information!