maor_native flag for the jelly

Chris Karlof ckarlof at mozilla.com
Wed Oct 23 16:35:15 PDT 2013


Hi all,

In our Desktop/Sync/FxA integration push, we're trying to push more of the API functionality from the hosted code into the browser. To enable this push while maintaining backward compatibility with the existing jelly, I've added support for the maor_native flag in the hosted FxA login page. 

If you request the login page as: https://accounts.dev.lcip.org/flow, after the user logs in, you get a single event, 'login', the user's email will be verified, and the data will look like:

{
  assertion: <an assertion for the user at our token server>,
  kB: <user's kB>,
  kA: <users kA>,
  sessionToken: <a session token>,
  email: <user's email>,
  uid: <uid>@idp.dev.lcip.org
}

If you request the login page as: https://accounts.dev.lcip.org/flow?maor_native=true, after the user logs in, you get a single event, 'login', the user's email will not necessarily verified, and the data will look like:

{
  unwrapkB: <user's unwrapping key for kB>,
  sessionToken: <a session token>,
  keyFetchToken: <a token for fetching the user's keys>,
  email: <user's email>
}

Let me know if you have any problems with this.

-chris



More information about the Sync-dev mailing list