2e1b01f87b
Merge pull request #2985 from mozilla/fenix-token-exchanges
...
Notify push and email on code exchanges
2019-04-01 09:41:33 -04:00
2e25c45669
feat(oauth): notify push and email on code exchanges
...
Fixes #2880
Fixes #2955
2019-03-31 22:02:48 -04:00
e89d24e184
fix(devices): return isCurrentDevice for refreshToken device endpoint
...
Fixes #3003
2019-03-30 16:45:24 -04:00
c081407b5d
chore(scripts): remove legacy_log abstraction
2019-03-29 05:51:35 +00:00
a326c28a69
feat(email): add view actions to verification reminder emails
2019-03-28 20:10:01 +00:00
0ab024aa86
fix(email): use new copy for verification reminder emails
2019-03-28 20:02:44 +00:00
b42276f391
feat(scripts): add a script to process verification reminders
2019-03-28 12:40:15 +00:00
7bd920e7e4
feat(email): reinstate account verification reminder emails
2019-03-28 06:55:46 +00:00
5efdbc40e9
feat(oauth): Add /oauth/token route, optionally authed via sessionToken
2019-03-27 20:05:55 +11:00
c3bb754c57
feat(oauth): Add /oauth/authorization route, authenticated with a sessionToken.
2019-03-27 20:02:40 +11:00
4761ad010d
refactor(fxa-auth-server): Added prefer-template rule in .eslintrc
2019-03-26 11:09:35 +05:30
818115f0d7
refactor(fxa-auth-server): Added prefer-arrow-callback rule in .eslintrc
2019-03-26 11:09:35 +05:30
fca50dc23c
refactor(fxa-auth-server): Added no-var rule in .eslintrc
2019-03-26 11:09:35 +05:30
1b910f0af9
refactor(fxa-auth-server): Added semicolons(semi rule)
2019-03-26 11:09:35 +05:30
b8886b0524
fix(api): remove redundant query params from /recovery_email/verify_code
2019-03-25 10:28:57 +00:00
3b33f416ea
feat(devices): devices API with refreshTokens
...
Co-authored-by: Vlad Filippov <vlad.filippov@gmail.com>
Co-authored-by: Ryan Kelly <rfkelly@mozilla.com>
Fixes #2547
2019-03-19 11:00:04 -04:00
28eb48f445
Merge pull request #2964 from mozilla/remove-bad-db-constructor-arguments
...
fix(profile_server_messaging): fix db constructor signature
2019-03-18 17:00:56 -05:00
dd7c0e38fd
fix(profile_server_messaging): fix db constructor signature
...
Fixes #2916 . The signature didn't cause any bugs, since the DB object is only used for very specific things in the profile_server_messaging and must-reset scripts, but this corrects the invocation.
Also makes the UnblockCode parameter explicitly optional.
2019-03-18 15:11:43 -05:00
0b02308873
feat(basket): Updates to `login` and `verified` events for Basket
...
The Mozmeao team would like to create custom onboarding journeys
for different services, but we don't provide sufficient information
for them to do so.
Send along a `service` when emitting the `verified` event.
Send `login` for all services, not just Sync.
fixes #2915
2019-03-18 16:04:09 +00:00
5ad4d15ff8
chore(api): make redis.watch.conflict a 409 instead of 500 error
2019-03-14 08:25:51 +00:00
5172ed867d
fix(node 8 and scrypt-hash): removed support for node 8 and scrypt-hash
2019-03-13 18:55:53 +05:30
87f1bb027c
refactor(redis): use the extracted redis implementation from fxa-shared
2019-03-11 18:22:41 +00:00
0b3e970de1
refactor(logging): Update to Mozlog format.
...
Remove all of the `op:` stuff in the logging.
fixes #2940
2019-03-08 17:40:04 +00:00
04986a7ba3
refactor(oauthdb): Split OAuthDB implementation across multiple files.
...
This lets us share validation objects between the external routes and
internal API calls, and should make things more manageable when we
come to add addional routes.
2019-03-06 14:39:54 +11:00
8d36529a8a
fix(db): Stop using deprecated 'sessionWithDevice' db route.
...
The database now always returns device information when getting a
sessionToken, so we don't need to use a special route for it.
2019-02-27 15:27:04 +11:00
edd058fb4d
Merge train-131 into master
...
https://github.com/mozilla/fxa-auth-server/pull/2930
r=vladikoff
2019-02-21 15:31:59 +00:00
9732cf2561
fix(api): add validation for utm params and entrypoint
2019-02-21 14:52:28 +00:00
551467ed8c
fix(metrics): reinstate entrypoint to the metrics context schema
2019-02-21 14:52:15 +00:00
811e584fbf
fix(errors): strip pii and sensitive fields from logged payloads
2019-02-20 10:41:38 +00:00
39de07d887
Merge branch 'master' into pb/2884-better-500-errors
2019-02-20 09:57:15 +00:00
24add4d232
fix(devices): return full device response on spurious updates
2019-02-18 22:40:45 -05:00
b0a6d00397
fix(errors): include request data on unexpected errors
2019-02-11 17:44:17 +00:00
8bb7856273
fix(errors): add extra data to internal validation errors
2019-02-11 17:22:41 +00:00
74b48af219
feat(email): Update verification email for OAuth reliers.
...
Show the relier name in the email in the header and in
the main text.
fixes #2859
2019-02-08 15:22:03 +00:00
6d945c8723
refactor(crypto): fall back to node's scrypt implementation
2019-02-01 19:19:25 +00:00
529dc462ae
Merge pull request #2865 from mozilla/more-data-for-dataflow r=@vbudhram
...
feat(metrics): Emit additional data for the DataFlow fraud detection pipeline.
2019-01-31 14:12:09 +00:00
0a626392b2
feat(metrics): Emit additional data for the DataFlow fraud detection pipeline.
...
Adds `email`, `phoneNumber` and `method`
fixes #2858
2019-01-31 13:54:06 +00:00
3900303125
fix(sms): catch errors thrown from phoneNumberUtil.parse
2019-01-30 15:55:19 +00:00
72b2a52da7
fix(validation): fix missing validation for client name
2019-01-28 09:10:16 -05:00
3568958702
Merge train-129 into master
...
https://github.com/mozilla/fxa-auth-server/pull/2890
r=vbudhram
2019-01-25 18:06:16 +00:00
d82232c31f
fix(error): remove `A` from totpTokenNotFound and totpTokenAlreadyExists errors
2019-01-25 10:00:25 -05:00
30fd3d5e46
Merge pull request #2881 from mozilla/train-129 r=@shane-tomlinson
...
Release v1.129.0
2019-01-25 11:44:09 +00:00
d04300cde1
style(lib/senders): removed right arrows
2019-01-25 16:18:15 +05:30
42c4c372f4
fix(logs): rename `code` to `status` on request.summary log lines
...
Stackdriver doesn't like it when properties change their type across
log lines, and there is a clash between the type of the `code` property
for the `account.signin.confirm.success` and `request.summary` log
lines.
This change renames it to `status` on `request.summary`, because that
seems like a more appropriate name and the other log message appears to
have greater legitimacy to its claim to use the `code` property name
(that is literally the name of the corresponding property in the request
payload).
2019-01-24 21:50:39 +00:00
f13de2f17f
fix(email): add missing query params to link in new device email
2019-01-24 12:26:16 +00:00
acd40c3916
Merge pull request #2879 from mozilla/pb/2850
...
https://github.com/mozilla/fxa-auth-server/pull/2879
r=shane-tomlinson
2019-01-24 10:48:50 +00:00
39c6d31c89
fix(metrics): stop emitting route flow events for status endpoints
...
/password/forgot/status and /recovery_email/status are hit frequently,
generating lots of events which aren't very useful. If we skip them we
can appreciably reduce the amount of data that passes through our logs,
our metrics pipeline and into Redshift.
Additionally, there are a number of specific /recoveryKey/... endpoints
that also generate useless event data (although nowhere near as many
events as the other two). I've stopped emitting those too.
2019-01-23 13:13:18 +00:00
176a75b0e9
Use sub instead of uid
2019-01-22 13:57:53 -05:00
9b0fac90b2
fix(oauth): Use correct max length for oauth client name validation.
2019-01-17 13:25:13 +11:00
c09242a52c
fix(log): use fatal instead of criticial in log
2019-01-16 13:43:14 -05:00
Vlad Filippov
Phil Booth
Ryan Kelly
hritvi
Ian Bicking
Shane Tomlinson
Muhammad Farhan
Edouard Oger
Vijay Budhram