mozilla
/
fxa-auth-server
зеркало из https://github.com/mozilla/fxa-auth-server.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
1 152 коммитов 174 Ветки 259 Теги 21 MiB
Граф коммитов

292 Коммитов

Автор SHA1 Сообщение Дата
ckarlof 53e3591105 Merge pull request #784 from dannycoates/pvt 
Support for preVerifiedTokens in /account/create to allow trusted reliers who have already verified the the user's email to more easily transition users to FxA. A valid preVerified token allows the user to skip the email verification step, i.e., the user's account is verified after /account/create completes.

fixes #780
r=rfk,ckarlof
 2014-09-03 14:15:32 -07:00
Peter deHaan c4f5e0b75a Removed some bonus trailing commas and dupe vars 2014-09-03 13:20:06 -07:00
Danny Coates 90c192d975 removed iss from preVerifyToken JWT 2014-09-03 11:55:23 -07:00
Danny Coates ebe39b1354 test re-create with preVerifyToken 2014-08-28 15:37:14 -07:00
Danny Coates 74145117d8 config cleanup 2014-08-28 11:26:23 -07:00
Danny Coates d18e786700 use b64url encoding for JWKs as in the spec 2014-08-28 11:19:08 -07:00
Danny Coates 674ed5de72 WIP on public-key preVerifyTokens 2014-08-22 18:06:34 -07:00
Danny Coates 73a0432d31 added a test for invalid preverifytoken, default config to no secret 2014-08-22 11:15:21 -07:00
Danny Coates 0e66115b9e initial sketch of preVerifiedTokens 2014-08-22 11:15:21 -07:00
Ryan Kelly 60672c972a Add a limit to the number of in-flight scrypt hashes. 2014-08-16 13:14:39 +10:00
John Morrison d38c1bd11b limit payload.maxBytes to 16384 2014-08-05 13:55:35 -07:00
Danny Coates c52598e147 fix #700 2014-07-27 20:54:38 -07:00
Danny Coates ca29eeee13 Merge pull request #770 from dannycoates/i759 
test client shouldn't send 'undefined' accept-language
 2014-07-27 20:03:03 -07:00
Danny Coates ae8fac776f test client shouldn't send 'undefined' accept-language 2014-07-27 16:04:16 -07:00
Danny Coates e6ea9c0f14 resolved all custom git dependencies and removed mysql and heap db. 
the new fxa-auth-db-mem dev dep hosts a memory db over the httpdb
api.
 2014-07-23 12:49:59 -07:00
Danny Coates 262aa816f1 another account status test case 2014-07-14 15:11:00 -07:00
Danny Coates a00f30aab1 allow /account/status to be authenticated with a sessionToken 2014-07-13 13:55:39 -07:00
Danny Coates ba3cbcaf8f additional locale tests 2014-07-09 12:13:08 -07:00
Danny Coates 3ca7277630 added locale to account 2014-07-08 14:54:25 -07:00
Danny Coates 650ac2c253 fixed #748 HSTS header 2014-06-15 14:37:01 -07:00
Robert Kowalski 4b0aeb4b02 Use Hapi's builtin config for the Strict-Transport-Security header 2014-06-13 22:21:38 +02:00
Danny Coates cb659fe5a7 default routes should get the basePath 2014-06-11 11:35:59 -07:00
Danny Coates 7454a9f357 don't move .well-known when there is a basePath in publicUrl 2014-06-11 10:48:28 -07:00
Danny Coates 2528676f66 append the base path from config.publicUrl to all routes 2014-06-10 13:47:23 -07:00
Danny Coates 7762e95d42 fixed fxa-auth-mailer case sensitivity issue 2014-06-09 17:40:44 -07:00
Danny Coates 100d816bd0 reorganize test related files and removed unuse code 2014-06-03 12:00:06 -07:00
Danny Coates 4a15d02726 moved client into test directory 2014-06-03 11:15:36 -07:00
Danny Coates c364d1fc02 use fxa-auth-mailer as a library 2014-06-02 11:00:29 -07:00
Danny Coates 212ec77d9c fix no method 'wrap' in sign route #716 2014-05-15 17:48:28 -07:00
Danny Coates cbead14449 verify an account if its unverified when forgot password verification succeeds 2014-04-23 14:55:10 -07:00
Danny Coates aa9a9ca22d fixed email complaint tests 2014-04-16 10:37:06 -07:00
Ryan Kelly 8c1704508f Fix email validation errors caused by typo. 2014-04-16 01:33:03 +10:00
Danny Coates 70817efa3b ses rfk feedback 2014-04-10 23:54:41 -07:00
Danny Coates 6849cfa4c1 phase 1 of ses bounce processing 2014-04-10 15:58:36 -07:00
Danny Coates 579c941bf0 implemented /account/status fixes #656 2014-03-30 12:24:05 -07:00
Danny Coates ebf5fbf669 set the resendBlackoutPeriod to 0 in dev.json 2014-03-25 14:55:42 -07:00
Danny Coates c8b3217762 resend blackout period 2014-03-24 19:10:14 -07:00
Andrew Chilton 0ca5799f51 Convert to array of promises, so adding more test emails is easier 2014-03-21 12:47:10 +13:00
Danny Coates 1a9c987c30 Merge pull request #637 from dannycoates/i610 
added /session/status endpoint
 2014-03-20 15:25:23 -07:00
Danny Coates 4c398826b4 added /password/forgot/status endpoint 2014-03-20 15:24:06 -07:00
Danny Coates 0b4f42720f added /session/status endpoint 2014-03-20 15:21:56 -07:00
Danny Coates 1e98286ac7 improved redirectTo domain validation 2014-03-19 15:19:25 -07:00
Danny Coates 679dd6affd added fxa-verifiedEmail to the signed certificate. fixes #630 2014-03-18 14:28:10 -07:00
Ryan Kelly c4b838ab2e Add a test for KeyFetchToken.fromId 2014-03-18 17:40:01 +11:00
Ryan Kelly 98cbe02c37 Add some more invalid-email test cases 2014-03-18 17:34:17 +11:00
Ryan Kelly d8c7562624 Add some explicit tests for crypto/password.js 2014-03-18 17:28:48 +11:00
Ryan Kelly 79b86ef766 Add more tests for /certificate/sign route 2014-03-18 17:11:10 +11:00
Ryan Kelly 8b6cc773fa Add test for /account/login without keys=true 2014-03-18 17:01:40 +11:00
Ryan Kelly 9b70ea9d78 Add test for unbundling with the wrong token. 2014-03-18 16:58:54 +11:00
Danny Coates 6c4ef094e7 when the db throws a ER_DUP_ENTRY on account create, translate it to an account exists (101) error 2014-03-17 13:08:58 -07:00