d49aa2f2dd
Merge pull request #3012 from mozilla/shane-tomlinson-patch-1
...
chore(docs): Update readme to point to new monorepo
2019-04-03 07:26:30 +01:00
2650d8eb98
chore(docs): Update readme to point to new monorepo
2019-04-03 06:43:15 +01:00
2192903102
Merge train-134 into master
...
https://github.com/mozilla/fxa-auth-server/pull/3011
r=vladikoff
2019-04-02 17:40:39 +00:00
3f0d30c5b4
Release v1.134.0
2019-04-02 18:05:20 +01:00
b30037ff9e
chore(package): update shrinkwrap
2019-04-02 18:05:12 +01:00
1f82d473c1
Merge pull request #3008 from mozilla/rm-config-hash
...
fix(config): remove hash alg from config
2019-04-01 16:51:37 -04:00
96154d369b
fix(config): remove hash alg from config
2019-04-01 16:43:29 -04:00
da5b3c70c8
Merge pull request #3007 from mozilla/i2957-mau-events r=@philbooth
...
feat(metrics): amplitude events from the OAuth server for MAU
2019-04-01 15:26:05 +01:00
9756fde817
feat(metrics): amplitude events from the OAuth server for MAU
...
* `fxa_activity - access_token_created` whenever an access token is created.
* `fxa_activity - access_token_checked` whenever an access token is checked.
issue #2957
2019-04-01 15:15:40 +01:00
2e1b01f87b
Merge pull request #2985 from mozilla/fenix-token-exchanges
...
Notify push and email on code exchanges
2019-04-01 09:41:33 -04:00
2e25c45669
feat(oauth): notify push and email on code exchanges
...
Fixes #2880
Fixes #2955
2019-03-31 22:02:48 -04:00
158e1add5e
Merge pull request #3005 from mozilla/i3003; r=rfk
...
fix(devices): return isCurrentDevice for refreshToken device endpoint
2019-04-01 11:04:02 +11:00
e89d24e184
fix(devices): return isCurrentDevice for refreshToken device endpoint
...
Fixes #3003
2019-03-30 16:45:24 -04:00
67f4e8e016
Merge pull request #2999 from mozilla/pb/write-email-script
...
https://github.com/mozilla/fxa-auth-server/pull/2999
r=shane-tomlinson
2019-03-29 06:03:19 +00:00
2cd624beaa
fix(scripts): exit cleanly from write-emails-to-disk script
2019-03-29 05:51:39 +00:00
2d5ce76a1f
fix(scripts): add missing createSenders arg to write-email script
2019-03-29 05:51:38 +00:00
4eb44363c2
chore(scripts): force NODE_ENV=dev in write-email script
2019-03-29 05:51:38 +00:00
c081407b5d
chore(scripts): remove legacy_log abstraction
2019-03-29 05:51:35 +00:00
e566a1849e
Merge pull request #2990 from mozilla/pb/2939-verification-reminders
...
https://github.com/mozilla/fxa-auth-server/pull/2990
r=vbudhram
2019-03-29 05:51:11 +00:00
a326c28a69
feat(email): add view actions to verification reminder emails
2019-03-28 20:10:01 +00:00
0ab024aa86
fix(email): use new copy for verification reminder emails
2019-03-28 20:02:44 +00:00
b42276f391
feat(scripts): add a script to process verification reminders
2019-03-28 12:40:15 +00:00
7bd920e7e4
feat(email): reinstate account verification reminder emails
2019-03-28 06:55:46 +00:00
57f58917e1
Merge pull request #2983 from mozilla/oauth-grant-with-session-token
...
feat(oauth): Add /oauth/token route, optionally authed via sessionToken
2019-03-27 17:53:56 -04:00
5f2391579b
fix(config): make Fenix canGrant just like the Reference Browser
2019-03-27 15:43:27 -04:00
2bf8dd2be4
Merge pull request #2932 from mozilla/oauth-authorize-with-session-token
...
feat(oauth): Add /oauth/authorization route, authenticated with a sessionToken
2019-03-27 11:03:37 -04:00
5efdbc40e9
feat(oauth): Add /oauth/token route, optionally authed via sessionToken
2019-03-27 20:05:55 +11:00
c3bb754c57
feat(oauth): Add /oauth/authorization route, authenticated with a sessionToken.
2019-03-27 20:02:40 +11:00
9564168b28
Merge pull request #2969 from mozilla/oauth-assertion-grant; r=stomlinson,vladikoff
...
feat(oauth): Use an assertion to directly grant tokens at /token.
2019-03-27 20:00:17 +11:00
6db4efb374
feat(oauth): Use an assertion to directly grant tokens at /token.
...
Clients could previously use an FxA assertion to grant themselves
OAuth access tokens via the /authorization endpoint in a style
modelled after OAuth's "implicit grant" flow. But it's not really
the implicit grant flow, the way we use it in practice much more
closely resembles the "resource owner password credentials" flow.
In particular, existing clients use it to directly create tokens
for their own use, rather than to authorize tokens for another client.
This commit makes that functionality available on the /token
endpoint instead, using `grant_type=fxa-credentials`. This is better
aligned with the way that the rest of OAuth works, closely mirroring
the `grant_type=password` flow and keeping a clear distinction
between obtaining tokens for ones own use (always use the /token
endpoint) versus authorizing them for someone else (always use the
/authorization endpoint).
It will hopefully help us avoid future footguns if we want to allow
assertion-bearing clients to create things for their own use (such
as refresh tokens) that are forbidden in the "implicit grant" flow
proper.
2019-03-27 19:49:50 +11:00
67a95e2aa7
Merge pull request #2989 from mozilla/pb/cache-content-server-url
...
https://github.com/mozilla/fxa-auth-server/pull/2989
r=shane-tomlinson
2019-03-26 11:27:40 +00:00
ef5479991d
refactor(config): cache repetitive calls to conf.get
2019-03-26 07:17:05 +00:00
c74df5a62e
Merge pull request #2986 from hritvi/semicolons
...
https://github.com/mozilla/fxa-auth-server/pull/2986
r=philbooth
2019-03-26 06:15:26 +00:00
4761ad010d
refactor(fxa-auth-server): Added prefer-template rule in .eslintrc
2019-03-26 11:09:35 +05:30
2ee331e64a
refactor(fxa-auth-server): Added prefer-const rule in .eslintrc
2019-03-26 11:09:35 +05:30
818115f0d7
refactor(fxa-auth-server): Added prefer-arrow-callback rule in .eslintrc
2019-03-26 11:09:35 +05:30
fca50dc23c
refactor(fxa-auth-server): Added no-var rule in .eslintrc
2019-03-26 11:09:35 +05:30
1b910f0af9
refactor(fxa-auth-server): Added semicolons(semi rule)
2019-03-26 11:09:35 +05:30
8a6490e22c
Merge pull request #2988 from mozilla/pb/disable-docs-generation
...
https://github.com/mozilla/fxa-auth-server/pull/2988
r=vladikoff
2019-03-25 20:55:26 +00:00
66302e1fc7
chore(docs): disable the auto-generated api docs script
2019-03-25 20:33:11 +00:00
6956f1d72c
Merge pull request #2987 from mozilla/pb/redundant-query-params
...
https://github.com/mozilla/fxa-auth-server/pull/2987
r=shane-tomlinson
2019-03-25 13:05:14 +00:00
b8886b0524
fix(api): remove redundant query params from /recovery_email/verify_code
2019-03-25 10:28:57 +00:00
f9108bb4a4
Merge pull request #2984 from mozilla/npm-deps; r=rfk
...
fix(deps): fix npm advisory 788
2019-03-25 12:00:20 +11:00
a87338aad6
fix(deps): fix npm advisory 788
2019-03-23 11:38:28 -04:00
724355fea8
Merge pull request #2980 from mozilla/train-133
...
Uplift train-133 to master
2019-03-19 13:34:25 -04:00
86786f7fcd
Merge pull request #2979 from mozilla/train-133-1
...
Release v1.133.1
2019-03-19 12:47:43 -04:00
85267a82f0
Release v1.133.1
2019-03-19 11:16:02 -04:00
0fa08f2a15
Merge pull request #2937 from mozilla/feature.devices2
...
feat(devices): devices API with refreshTokens
2019-03-19 11:15:26 -04:00
3b33f416ea
feat(devices): devices API with refreshTokens
...
Co-authored-by: Vlad Filippov <vlad.filippov@gmail.com>
Co-authored-by: Ryan Kelly <rfkelly@mozilla.com>
Fixes #2547
2019-03-19 11:00:04 -04:00
447ffee21b
Merge train-133 into master
...
https://github.com/mozilla/fxa-auth-server/pull/2977
r=shane-tomlinson
2019-03-19 12:48:03 +00:00
Shane Tomlinson
Phil Booth
Vlad Filippov
Ryan Kelly
Ryan Kelly
hritvi