What's New in FxA: train-38 edition
Ryan Kelly
rfkelly at mozilla.com
Mon Jun 1 01:21:16 UTC 2015
Hi All,
This week we'll be rolling FxA train-38 to production with the following
changes:
On the Frontend:
* Improve the UI of the oauth permissions prompt, and ensure we
only allow scopes that were actually shown in the prompt.
* Simplify behaviour of oauth flow with verification_redirect=always.
* Tell oauth reliers whether the user signed in or signed up.
* Let the root URL be framed for allowed reliers.
* Include a "service" and "reason" parameter in all login requests.
* Improve caching and error-handling when displaying profile images
* Add support for "invalid scopes" error message from the oauth server
* Add client metrics for screen refreshes, signout and more.
* The usual bevy of test fixes and enhancements.
On the Backend:
* Accept and log "service" and "reason" parameters in login requests.
* Allow more config options to be specified in the environment.
* Rename "toobusy" config option to "maxEventLoopDelay".
* Check email capitalization on login, and error out if mismatched.
* Standardize on "bluebird" as our promise library of choice.
Special thanks go to new contributor Rishi Baldawa for helping out on
the backend changes, and to Edouard and Riadh for continuing to dive in
on the frontend.
As always, you can dig into the details through the CHANGELOG files in
each individual repo:
https://github.com/mozilla/fxa-auth-server/blob/master/CHANGELOG
https://github.com/mozilla/fxa-content-server/blob/master/CHANGELOG.md
Cheers,
Ryan
More information about the Dev-fxacct
mailing list