Review bridge pass (Lox) invites

We have a few features related to Lox invites that could do with some review.

/cc @cohosh, @onyinyang for infomation about Lox. /cc @donuts for UX.

Should we keep invites when the Lox credentials change?

Currently, whenever TorSettings.bridges.lox_id changes we loose all the invites we have generated in the past. However, in principle those invites are still valid. Especially since they haven't been shared.

In particular, if the user removes lox but then restores it later, we should give them access back to their invite codes.

Are there any potential problems that could arise from sharing invites for a bridge pass you are no longer using?

Do invites have an expire date?

If an invite is generated, will it expire after some time if it is not redeemed? I seem to remember @cohosh mentioning something like this.

Is there a way for Tor Browser to determine when an invite will expire in the future, or a way to determine that an invite has already expired?

If there was, we could show the expire date in the invite dialog, and we could automatically hide expired invites (or just drop them entirely if enough time passes).

Can we check whether an invite has been redeemed?

Is there a way for a user to check that the invite they generated has already been redeemed?

If there was, we could show the status in the invite dialog.

Can we know why an invite is rejected?

I feel like an invite can be rejected for a few reasons:

• A non-existing invite code.
• The invite has already been used.
• The invite has expired?

Right now the UI does not distinguish between these error cases. It would be nice if the Lox authority could give some kind of error code for why an invite was rejected, so we can pass on some message to the user.