As I described here
Google is using a proprietary HTTP header named x-auto-login to log you into Google services like GMail using your local Android account.
This is cool.
Browse to a Google website and be logged in without the need to remember the super secure password. Sadly this is a closed system as we learned when implementing this for Firefox for Android (Fennec).
Yes, Fennec can talk to the Authenticator and ask for a "weblogin:" token for "com.google" but the Authenticator answers differently depending on who asks. If Chrome is asking then the returned token redirects you to https://accounts.google.com/ and immediately logs you in, but when you'r Fennec then you are just redirected to https://accounts.google.com/ and have to enter username and password. Bummer.
Anyway: How about using this scheme for Mozilla services and using a Mozilla account on the device or local to the browser (Firefox Sync) if available.
- browse to e.g. https://bugzilla.mozilla.org/show_bug.cgi?id=1030650 (obviously a Mozilla service) and press the login button
- get redirected to https://accounts.firefox.com/ServiceLogin?service=bugzilla&passive=true&rm=false&continue=https://bugzilla.mozilla.org/show_bug.cgi?id=1030650 &ss=1&scc=1<mpl=bugzilla&emr=1
- the response includes an x-auto-login HTTP header in the response
- Firefox sees the x-auto-login header and
- on desktop look for Firefox Sync account use it to obtain a token from a token endpoint hosted at mozilla.org
- on Android ask the AccountManager for a weblogin token for "org.mozilla".
- redirect to the token (the token is an URL). In this case e.g. https://accounts.firefox.com/?t=accesstokenb64&...
- https://accounts.firefox.com/ validates the token and redirects back to https://bugzilla.mozilla.org/show_bug.cgi?id=1030650
Next step then (there is always a next step) is to allow third party logins e.g. from githup to bugzilla using x-auto-login.