* I think these are the STR * 1. create an fx account 2. force reauth flow by hacking locally session 3. sign in 4. change password 5. sign in running into this after changing my password, it blocks TPS from running. I changed it once, then back to fix the invalid client state. You're welcome to use this account till it gets fixed: user:crossweaveservices@restmail.net pw: crossweaveservicescrossweaveservices 1394472871654 Sync.Status DEBUG Status.service: success.status_ok => success.status_ok 1394472871654 Sync.Service DEBUG Caching URLs under storage user base: https://sync-2-us-east-1.sync.services.mozilla.com/1.5/71679/ 1394472871654 Sync.Status DEBUG Status.service: success.status_ok => success.status_ok 1394472871654 Sync.AddonsReconciler INFO Registering as Add-on Manager listener. 1394472871654 Sync.AddonsReconciler DEBUG Adding change listener. 1394472871655 Sync.Tracker.History INFO Adding Places observer. 1394472871679 Sync.Status DEBUG Status.service: success.status_ok => success.status_ok 1394472871680 Sync.Status DEBUG Status.service: success.status_ok => success.status_ok 1394472871680 Sync.Status DEBUG Status.service: success.status_ok => success.status_ok 1394472872098 Sync.BrowserIDManager ERROR fxa.getAssertion() failed with: 401 - Invalid authentication token in request signature 1394472872098 Sync.BrowserIDManager ERROR Authentication error in _fetchTokenForUser: AuthenticationError(Unable to get assertion for user) 1394472872099 Sync.Status DEBUG Status.login: success.login => error.login.reason.account 1394472872099 Sync.Status DEBUG Status.service: success.status_ok => error.login.failed 1394472872099 Sync.BrowserIDManager ERROR Background fetch for key bundle failed: AuthenticationError(Unable to get assertion for user)

so it looks like i can repro this if I change password with this accout: user:crossweaveservices@restmail.net pw: crossweaveservicescrossweaveservices I've been changing the pw between the following: crossweaveservicescrossweaveservices crossweaveservicescrossweaveservices1 1. sign in 2. change password 3. select sync now 1394492607776 Sync.ErrorHandler DEBUG Flushing file log. 1394492607776 Sync.Service DEBUG Exception: Aborting sync: failed to get collections. No traceback available 1394492607778 Sync.Service DEBUG User-Agent: Firefox/30.0a1 FxSync/1.32.0.20140310030201. 1394492607778 Sync.Service INFO Starting sync at 2014-03-10 16:03:27 1394492607778 Sync.Service DEBUG In sync: should login. 1394492607778 Sync.Status DEBUG Status.login: error.login.reason.account => error.login.reason.account 1394492607778 Sync.Status DEBUG Status.service: error.login.failed => error.login.failed 1394492607778 Sync.Status DEBUG Status.login: error.login.reason.account => error.login.reason.account 1394492607778 Sync.Status DEBUG Status.service: error.login.failed => error.login.failed 1394492607780 Sync.Status DEBUG Status.login: error.login.reason.account => error.login.reason.account 1394492607780 Sync.Status DEBUG Status.service: error.login.failed => error.login.failed 1394492607787 Sync.Status DEBUG Status.login: error.login.reason.account => error.login.reason.account 1394492607787 Sync.Status DEBUG Status.service: error.login.failed => error.login.failed 1394492607788 Sync.Status DEBUG Status.login: error.login.reason.account => error.login.reason.account 1394492607788 Sync.Status DEBUG Status.service: error.login.failed => error.login.failed 1394492607790 Sync.Status DEBUG Status.login: error.login.reason.account => error.login.reason.account 1394492607790 Sync.Status DEBUG Status.service: error.login.failed => error.login.failed 1394492607790 Sync.Service INFO Logging in user crossweaveservices@restmail.net 1394492607806 Sync.ErrorHandler DEBUG Log cleanup threshold time: 1393628607806 1394492607807 Sync.ErrorHandler DEBUG No logs to clean up. 1394492608095 Sync.BrowserIDManager ERROR Authentication error in _fetchTokenForUser: AuthenticationError(TokenServerClientServerError({"now":"2014-03-10T23:03:28.094Z","message":"Authentication failed.","cause":"invalid-generation","response_body":"{\"status\": \"invalid-generation\", \"errors\": [{\"location\": \"body\", \"name\": \"\", \"description\": \"Unauthorized\"}]}","response_headers":{"content-type":"application/json; charset=UTF-8","date":"Mon, 10 Mar 2014 23:03:35 GMT","server":"nginx/1.4.4","x-timestamp":"1394492615","content-length":"109","connection":"keep-alive"},"response_status":401})) 1394492608095 Sync.Status DEBUG Status.login: error.login.reason.account => error.login.reason.account 1394492608095 Sync.Status DEBUG Status.service: error.login.failed => error.login.failed 1394492608096 Sync.Service DEBUG verifyLogin failed: AuthenticationError(TokenServerClientServerError({"now":"2014-03-10T23:03:28.094Z","message":"Authentication failed.","cause":"invalid-generation","response_body":"{\"status\": \"invalid-generation\", \"errors\": [{\"location\": \"body\", \"name\": \"\", \"description\": \"Unauthorized\"}]}","response_headers":{"content-type":"application/json; charset=UTF-8","date":"Mon, 10 Mar 2014 23:03:35 GMT","server":"nginx/1.4.4","x-timestamp":"1394492615","content-length":"109","connection":"keep-alive"},"response_status":401})) No traceback available 1394492608096 Sync.Status DEBUG Status.login: error.login.reason.account => error.login.reason.network 1394492608096 Sync.Status DEBUG Status.service: error.login.failed => error.login.failed 1394492608096 Sync.SyncScheduler DEBUG Clearing sync triggers and the global score. 1394492608097 Sync.SyncScheduler DEBUG Next sync in 86400000 ms.

> 2. change password Though the web UI? I don't recall whether FF has change-your-password exposed in "native" UI. > "cause":"invalid-generation" This is the tokenserver telling the client that there's been a password change, and it should go back to the FxA server to re-login and get an updated certificate. Does the client code have handling for this state? It should trigger some sort of "you need to re-auth" flow to get the updated password.

digging in with Chris we found rest password isn't being handled. This is not a bug