Previously, amplitude click events were being triggered from the
verification.success front-end events. As the name suggests, those
events don't occur until after verification has succeeded. This change
ensures they happen as early as possible after the user has clicked.
https://github.com/mozilla/fxa-content-server/pull/5880
r=vbudhram
Using `require('/i18n/clients.json');` works perfectly
in RequireJS because it makes a network request for the
resource, but not in Webpack where the bundler
attempts to read that file from disk.
Instead of leaning on RequireJS to fetch the resource
using an XHR request, use an XHR request directly.
Note: this only affects dev mode, translations
are still built into the final bundle in prod mode.
Noticed that on a low-resolution screen that these images were being scaled and were not pixel snapped (a + should render with no anti-aliasing on right angles). I hope this fixes it, give it a try before accepting please.
The min-height forced the iframe to be too large on the firstrun page
in the email-first flow. In chromeless, it doesn't really matter
how big the #main-content is, there's no shadow, etc, to display.
Remove the min-height: 300 declaration for chromeless
Webpack chockes on `define((require, exports, module) => {`.
Instead, it needs `define(function(require, exports, module) {`
Part of the drive to replace RequireJS with Webpack.
I forgot to add a `rolloutRate` to Luxembourg (LU) which meant
it was being shipped fully rolled out. This is an easy mistake
to make. Instead of setting the default rolloutRate to 1, this
PR changes that to be 0 to avoid this problem. If a country is
fully rolled out, it's rolloutRate must be set to 1.
fixes#5727
Monaco is not yet enabled, I have not found a phone
number that validates.
I was being too clever with the phone number validation and
was looking for mobile prefixes. At the same time, I had
the validation logic wrong. For many European countries
a trunk line prefix of `0` can be specified IFF the
country code prefix is not specified. For BE,
FR, and GB, I erroneously allowed the user to delete
the country code prefix, but did not force the trunk
prefix. This is fixed.
@philbooth also noticed that the unit tests for the module
were exploding as more countries are added. He suggested
that I convert the tests to be table driven, which condenses
the tests quite a bit.
issue #5573
The back-mixin erroneously passed the back button click event
as `nextViewData` when it invoked the `back` method.
The fix is to use a delegate method that invoked `back`
without the event.
fixes#5515
We know that SMS with signinCodes perform better than SMS w/o signinCodes.
Always use a signinCode if SMS is enabled.
The second half of the fix for #5685
issue #5685
In `_areSmsRequirementsMet`, `isInExperiment` was called
w/o a `country`. The experiment itself requires a country,
so it returned that the user was not a member of the experiment.
Because of this, all users were sent to /connect_another_device,
even if in a country where SMS is was supported.
This fixes that by *not* calling `isInExperiment` in
`_areSmsRequirementsMet` and instead depends on the
call to `getExperimentGroup` in
`navigateToConnectAnotherDeviceScreen` to determine whether
the user is in an experiment group. The user's country is
known at this point and the correct answer will be returned.
If the user is not a member of the experiment, log
it there instead of in `_areSmsRequirementsMet`
Note, there are no functional test updates for this. We
are in a bit of a pickle here because the user is not
enrolled in any experiments within the functional tests
unless the `forceExperiment` query parameter is specified.
fixes#5685
Spotted by @ryanfeeley, starting with train-97.
The problem is the submit handler of CWTS finishes by calling `onSubmitComplete` and
propagating that functions return value. `this.onSubmitComplete` is set in the SignupMixin.
`onSignUpSuccess` will delegate to the `afterSignUp` method in the broker, which returns a
`NavigateBehavior` to `/confirm`. A `NavigateBehavior` returns a promise which never resolves,
causing `working` to be logged.
`signup`, `choose_what_to_sync`, and `signup_permissions` should all have the same
increase in "working" errors.
fixes#5655
Restrict line height to 1.2 to account for emoji in device names.
Previously, the device information line height got out of alignment
with emoji in device names.
Closes#5516
Restrict line height to 1.2 to account for emoji in device names.
Previously, the device information line height got out of alignment
with emoji in device names.
Closes#5516
Simplify the SMS experiment logic by consolidating into a single
experiment, send-sms-install-link. send-sms-enabled-for-country
is removed.
This also consolidates logic to enable/roll out new countries. New
countries only need to be defined in `lib/country-telephone-info.js`.
If a country's entry contains `rolloutRate`, the experiment will
be rolled out at that rate. If a country is in the process of being
rolled out, it uses the `control` group so we can better compare
against CAD phase 1. Countries that are fully rolled out
use only `treatment` and `signinCodes`.
The plus side of this work is that the tests are far simpler
and a lot of code was able to be removed!
fixes#5611
The settings pane within Fx for iOS cannot open external links,
so users would be unable to manage their communication preferences.
Instead of showing a bad experience, disable the feature for
Fx for iOS until we have a better solution.
The `opt-in from settings after signin` is more or less
equivalent to `opt-in from settings after signup`. Only
one tests is needed.
Fixes#5465
We believe the editible email fields may be causing user dropoff.
The editible looking email fields are replaced with readonly
fields like /force_auth's.
fixes#5582
A combined effort of @vladikoff and @shane-tomlinson.
This removed the "disabled form state" from all
forms except /settings/display_name.
Things that are removed:
* Experiment code.
* Notifications to the firstrun iframe parent.
* Code that disables/enables forms in form.js.
A small mixin was created to allow individual
forms to re-add "disabled" state if needed.
`control` performs worse than either `treatment` or `sendSms`. We
are continuing with the experiment pushing all users through
`treatment` and `sendSms`. This should boost the # of users in
each of the remaining groups.
fixes#5561
The patch to let FxA transition after email-verification
from within about:accounts landed in Firefox 58, not 57.
This updates the check/tests to use 58 instead.
fixes#5556
Fx Desktop <= 58 takes control of about:accounts to redirect the user
to about:preferences#sync once it detects a user has verified their email.
We originally used this to reduce polling load on the server. Since
the browser was polling and would redirect once it detected the user
had verified their email, FxA did not poll. The problem is that
we added bounce detection, and we cannot detect bounces within
FxA w/o polling.
This change has FxA poll within about:accounts, but lets the browser
perform the screen transition once verification has been detected.
fixes#5566
If a user verifies at CWTS, no verification data has been
written to localStorage, nor has the browser been informed
of the user's intent to signup/in. When the verification page
is opened, it looks like no user is signed in, so the user
was being asked to sign in again.
This PR fixes the problem by writing the "SameBrowserVerificationInfo"
to localStorage when the user first views CWTS. When the user verifies,
we look for the SameBrowserVerificationInfo, if it's available and
the user has made it as far as CAD, we know the account has been verified
in the same browser and the user will be fully signed in momentarily.
fixes#5554
Users who verify their email while looking at CWTS
have `account.verifed=true` when signup-mixin.onSignUpSuccess
is called. This resulted in the `broker.afterSignIn` function
being called, which only sends users to CAD if they are
part of the CAD on signin experiment.
This was wrong. These users are signing up and should be sent
to CAD.
The problem is the code that sent users to `afterSignIn` was
leftover to handle pre-verified users for users coming from
AMO. We removed this feature long ago, but this code hung
around, and in this case, caused a problem.
To fix this problem, in signinMixin.onSignUpSuccess, always
send users to broker.afterSignUp. If the account is verified,
broker.afterSignUp delegates to broker.afterSignUpConfirmationPoll,
which is the step after `/confirm`.
Extraction from #5518
There were two capabilities, `cadAfterSignInConfirmationPoll`
and `cadAfterSignUpConfirmationPoll` that were used to decide
whether to show CAD after an email confirmation poll. These
two capabilities are set to `true` only when another capabilty,
`browserTransitionsAfterEmailVerification` is set to `false`.
Might as well ditch the extra capabilities and just use
`browserTransitionsAfterEmailVerification` and simplify the logic.
Extraction from #5518
Behaviors are passed a view and an account. The account was not
propagated to the next view in the `view.navigate` call.
This PR changes that by propagating the account.
Extraction from #5518
The `customizeSync` attribute was not available on the account.
This is a regression due to us filtering out `undefined` values
on login data, introduced in d31de3522a.
fixes#5528
With #5479, we isolated the email-first experiment from
other "q3FormChanges" experiments, which caused the number
of users in this experiment to drop to 25% of its original
value. This PR says that enable the experiment for all
users that are chosen in q3FormChanges, as long as
they have metrics reporting enabled. The result is
a 2.5% sample rate.
fixes#5502
* For the trustedUI form factor, set the column width to 118px
* Set the font size of the items to 14px
* Set the label color to grey
* Adjust the margins around the graphic
fixes#5442
The Account assertion cache incorrectly created the expiration
time to always be one hour from now. This sets the
expiration time to be one hour from the creation time.
fixes#4949
The header and button text are translated within the views
and passed to the templates. When the strings are translated
within the views, they are already HTML escaped. Then, the
template was escaping them again!
fixes#5407
* Rename `_areSubjectPrereqsMet` to `_isValidSubject`
* Remove the `instructions` class.
* Add docs about views/base.js->hasNavigated
* Fix some typos.
* Remove the temporary strings from strings.js
In the functional test we use the forceExperiment and
forceExperimentGroup query parameters to force users
into an experiment. To avoid unexpected behaviors,
within the functional tests experiments are usually
disabled, unless of course, forceExperiment is defined.
The problem is, if forceExperiment is defined, all
experiments are then enabled. Independent experiments
that do not have a meta-experiment to choose between
them, e.g., q3FormChanges, can all be chosen. This
leads to unexpected behaviors in the functional tests.
If forceExperiment is defined, only that experiment should be enabled.
fixes#5446
We have seen from the verification password experiment that
the 2nd password field causes ~ 6% drop in registrations.
Including the verification password here makes it impossible
to compare apples and apples because not all users in
the control group have `vpassword` either.
issue #5469
Rhaeto-Romanic (rm) uses a `'` character in the header and
button text of the signin page. These characters were being
escaped, which looked ugly. Do not escape them.
fixes#5407
The next step logic in views/complete_sign_up.js was a rats nest, and easy
to mess up when adding new verification reasons, including mading the CAD
on signin modifications. This complexity has always been a sore point of mine,
and I've had 3 or 4 stabs at this previously but was never happy with the
result. This time I am.
Brokers are great at isolating behaviors for a particular integration
without affecting others. `afterCompleteSignUp` has two corresponding
siblings, `afterCompleteSignIn` and `afterCompleteSecondaryEmail`.
The broker behaviors define the next steps for each of these.
Much cleaner.
Extraction from #5308
The Firstrun Sync v2 email first - email specified by relier, not registered
test frequently fails, I believe because the WebChannel listener is not
yet hooked up for the fxaccounts:can_link_account message.
I moved the delays that were in the auth_brokers/base.js broker and views/index.js
and moved this to app-start.js so that we can stop thinking about it.
In addition, I noticed while testing that sometimes a single listener could
be added multiple times. The listener would be added, but jQuery was not yet
in the DOM, and the try/catch block used in respondToWebChannelMessage would
try to attach a 2nd listener.
Instead of using jQuery, create the element manually.
issue #5390
If a view contained more than one `.links` element and only one
of them needed to stack the links, the `centered` class would
be applied to all `.links` containers.
This iterates through each `.links` element and determines
if any of its child elements cause stackage.
fixes#5392
There were two problems:
- If any of the view's input elements have a value prefilled from the
form-prefill model, an engaged event will be logged as a result of
the input event being fired on the element.
- The check for whether an element should be prefilled will respond
with true even if the formPrefill model contains an empty string
for that field. Users that go from the signin to signup page w/o
entering anything on the signin page will have an empty string saved
for both the email and password fields.
This fixes the problem by:
- No longer trigger an `input` event to cause the form to be enabled. Instead,
update the element values in a `rendered` event handler, which is triggered
before `afterRender` is run. `afterRender` will take care of enabling the form
if valid.
- Only update a form value if the prefill model has a string with a length. Not
strictly necessary, but it seems like the right thing to do.
- Move where the `rendered` event is triggered in the BaseView. It now occurs
just after the template is rendered, before `afterRender`. Before this,
`rendered` was only listened for in unit tests, so this is safe.
fixes#5388
These are logged as flow evnets.
Possible flow events:
* flow.sms.ineligible.android
* flow.sms.ineligible.control_group
* flow.sms.ineligible.ios
* flow.sms.ineligible.not_in_experiment
* flow.sms.ineligible.no_session
* flow.sms.ineligible.other_user_signed_in
* flow.sms.ineligible.signin
* flow.sms.ineligible.unsupported_country
* flow.sms.ineligible.xhr_error
In addition, the country returned from the auth-server is logged:
* flow.sms.status.country.<TWO_LETTER_COUNTRY_CODE>
fixes#5382
We originally chose crc32 as the hashing function because it's small.
This worked fine when experiment.choose for two experiments were
called independently, but when one experiment was used to choose
another, *all* users of the chosen experiment were placed into
the same bucket. md5 doesn't suffer from this problem.
fixes#5378
Views that navigate in `beforeRender` are not rendered to the DOM
and are not logged in metrics. Views that navigate in `afterRender`
erroneously are. This unifies the behavior so that if `navigate`
is called any time during `render`, the view is not rendered
to the DOM, nor is the view logged in metrics.
This fixes a problem where users that visit `/` and immediately
redirect to `/signup` or `/settings` still have the `/` view
logged, skewing the metrics making it seem like more people
see `/` than really do.
fixes#5375
viewNames are normally created from the URL pathname.
The pathname for `/` is ``, meaning the view had no name.
This would show up in metrics with things like `flow..view`
This sets the viewName for `/` to `email-first`
fixes#5372
Use the session-verification-poll-mixin in the CWTS page to
handle both bounces and auto-submit the form if verification completes.
fixes#4094fixes#4193
Extract the logic to do the signup/signin verification polling
from models/account.js into its own model, models/polls/session.js
Extract most of the polling logic from /confirm into
its own mixin, session-verification-poll-mixin. This
will allow the common logic to be used on CWTS.
The poll is started when entering the /confirm page,
stopped when leaving.
The hope is that this will make #4094 and #4193 very easy.
fixes#5323fixes#5325
Instead of using a nth-child selector in the tests, give the
email-suggestion element an ID that can be checked for and
clicked. Hopefully this is a bit more sane.
Tangential changes:
* Modify the styles slightly to not use a `> span`, and instead
use classes and IDs. > span is slow because of CSS pattern matches
operate from right to left.
fixes#5309
The email first flow is available for Sync if the action=email query parameter is specified. The opt-in allows us to release and test without interfering w/ other views & flows. If action=email is not specified and no user is signed in, users should be sent to /signup. If a user is signed in, action is ignored, the user will be sent to /settings.
On the / screen, if the user enters an email that is registered, they will be sent to /signin. If the email isn't registered, they'll be sent to /signup. Note, an email that is registered but has not yet verified will be sent to /signin. The user can reset their password if they really want to re-register.
Once a user is on /signin or /signup, if the user decides they want to change their email, they'll be sent back to / to edit their email. This avoids having to deal with things like signin-from-signup or handling Account doesn't exist errors on the signin page.
I opted to use totally new views instead of the existing SignInView and SignUpView for a couple of reasons. First, this is an experiment. If the experiment fails, I want to be able to easily remove the code. Second, if the experiment succeeds, I want to be able to rip out the old views. There is so much complexity to handle corner cases that'll be avoided with this flow.
If the experiment succeeds, we'll need to update the new signin view to handle OAuth flows and the user's avatar, but that's in the future.
Note, I did not add an A/B test or metrics for this. That'll be a follow on PR, this portion is already large enough.
Note for testing: open https://127.0.0.1:3030/?service=sync&context=fx_firstrun_v2&action=emailfixes#5194
The new officially supported way to enable signinCodes is to use:
`&forceExperiment=sendSms&forceExperimentGroup=signinCodes`
Support for `&signinCodes=true` has been removed.
After adding the ExperimentMixin to the SmsMixin, I saw a bug
in the ExperimentMixin where it assumes `this._account` always
exists on the View, which isn't the case for the SMSSendView.
Most views declare a `this.getAccount()` function that returns
the account being used. I updated the mixin to first check for
`this.getAccount`, then as a fallback, use `this._account`
fixes#5278
The tests that deselected a bucket on CWTS failed on Fx 54
because the original input element is too small to click
after being updated to use the Google Material style.
The fixes the problem by moving the label used as the selector
from the input element to the label, which is always visible.
fixes#5330
The experiment mixin made an assumption that `this.experiments` was always
available in the delegate methods. This assumption is invalid once view.destroy
is called.
This caused a problem on the confirm page - if the app was polling for
an email confirmation and the user clicks the browser's `back` button,
the confirm view was destroyed when the page went back to CWTS, but
the poll continued. If the user verified their email, the poll would
complete, which would then attempt to call the confirm view's
`isInExperimentGroup` function. Since the view was destroyed,
`view.experiments` was `null`. Kaboom.
issue #5323fixes#5324
The reset_password view hard coded it's previous view,
which makes it more difficult to use reset_password
from other views than needs to be.
Use the back-mixin which provides generic functionality.
* fix(back): Clicks on the hash button no longer append # to the URL.
`preventDefaultThen` was being called in the wrong place. We were not
calling it on click handlers, but we were always calling it on keyup,
event if the key was not `ENTER`.
fixes#5290
* fix(test): Test to ensure event.preventDefault is called on #back.
After requesting account data from the browser it is written
to storage inside of a promise. We were not waiting for the
promise to complete before starting the complete_sign_up
view, which checks storage for the account data that is not
yet written. No account is returned, so a new account is
created with the data present in the verification link,
which does not include a sessionToken. When the SMS check
occurs, the account has no sessionToken, so we force
the user down the CAD flow.
The fix? Add a `return` so the promise is propagated
whenever user.setSignedInAccountFromBrowserAccountData is
called.
fixes#5285
What is the problem?
When going "back" through history, the router creates a new model
for the previous view. This causes problems in email-first where
the user's email address on /signup_password is filled in from
an `account` model. Users that go to the TOS/PP agreements then
click "back" are sent all the way back to `/email` because a new
view is created for /signup_password.
How does this fix the problem?
Keep a stack of viewModels. When going back through history,
re-use the same model that was used the first time a view is
displayed.
extraction from #5177
COPPA was originally extracted from the signup flow into its own
view because we had two variations to A/B test. This variant won.
I want to re-use the COPPA logic in the email-first flow. Initially
a mixin was created that creates the COPPA logic. The mixin ended
up doing a lot of plumbing between the consuming object and the
COPPA object, things like delegating to COPPA object methods, event
delegation from the COPPA object to the consuming object, etc.
This housekeeping seemed unnecessary with mixins. Instead
of pushing all responsibilities to the COPPA object, the consuming
object takes over these responsibilities via the mixin.
Extraction from #5177
* fix(test): Increase automatedBrowser timeout to fetch fxaStatus.
200ms does not seem to be enough on Circle. Bump to 500ms.
fixes#5247
* refactor(test): Move the flaky handshake tests to the top of the circle list.
* refactor(client): Extract a form-prefill-mixin.
Form elements that have a `name` or `id` attribute and
do not have `data-novalue` are eligible for form-prefill.
Values are prefilled if:
* Above prerequisites are met.
* Element does not have an `autocomplete="off"` attribute.
* Form prefill model has a value for the field.
Values are saved if:
* Above prerequisites are met.
Element name/id attributes are used as the key into
the formPrefill model.
Extraction from #5177
* fix(form-prefill): Cleanup based on @seanmonstar's feedback.
* Remove extra `beforeDestroy` in sign_up.js
* Remove extra `password` context value in sign_up.js
* Remvoe extra `value={{password}}` in templates.
What is the problem?
A lot of mixins require other mixins to function. To make this work,
a View would have to mix-in all of the dependent mixins too, or
a mixin would have to mix the dependent mixin to itself. It was
difficult to know what to do whenever adding a mixin that depended
on others, like the connect-another-device-mixin.
How does this fix the problem?
A mixin that depends on other mixins can declare an array `dependsOn`.
Each mixin declared in `dependsOn` will be mixed into the
consuming object before the mixin itself.
This also takes care of the possibility of a mixin being added
multiple times.
`serviceName` especially was set in all of the views that consumed the ServiceMixin.
Might as well reduce duplicate effort and set the value in one place.
Extraction from #5177
* fix(devices): Correctly print a session's name if no userAgent is sent.
If no userAgent was sent for a session, we displayed the session
name as "Web Session,". Notice the extra comma.
This gets rid of the extra comma if no userAgent is sent,
instead printing "Web Session".
fixes#5230
* fix(cwts): Success message updates.
* Update the success message to include a "Mistyped email?" link.
* Remove the "Back" link since this is duplicate functionality.
fixes#4726
* fix(cwts): Change ":email created" to ":email registered"
If no userAgent was sent for a session, we displayed the session
name as "Web Session,". Notice the extra comma.
This gets rid of the extra comma if no userAgent is sent,
instead printing "Web Session".
fixes#5230
The new engines are only supported in Firefox >= 56. `addresses` is always
supported, `creditcards` is only supported if the browser includes
it in it's list of supported engines when requesting fxaccounts:fxa_status.
fixes#5087
To avoid a line break on a two word link, I have replaced the
space in Mistyped number? with a non-breaking unicode
space. We should probably be doing this more often in other
places to avoid "typographic orphans".
What is the problem?
When rendering a template, or translating a string, a view's `context()` function returns an object.
This paradigm makes it almost impossible for `context` to be overridden easily in mixins.
How does this fix the problem?
First, rename `context` to `updateContext`. Instead of having `updateContext` return an object,
pass in a Backbone model that each `updateContext` method can update. Mixins can override
`updateContext` and set the data on the passed in model.
Add-ons, preferences, and soon addresses and credit cards will not be in parity on Android. I don't think this point in the process is the right time to mention it. Few care, and those that do won't be noticing here.
Remove able. All grouping rules have been imported
to app/scripts/lib/experiments/grouping-rules.
Documentation has been added on how to create a new
grouping rule, look at
app/scripts/lib/experiments/grouping-rules/README.md
fixes#4893
This required a larger change than I had hoped. The external-links-mixin
was capturing the click and then calling `event.stopImmediatePropagation()`
on the event, meaning the click handler in the flow-events-mixin was
never called. :/
fixes#4680fixes#5115
Add an `.smsStatus` suffix to the error context, which is included
in messages sent to DataDog, e.g.,:
error.verify-email.smsStatus.auth.999
issue #5109
If the browser responds to an fxaccounts:fxa_status message with a `No Such Webchannel`
error, that means the UA either does not support the channel name, or is not set up
to communicate with this FxA server. In either case, FxA and the UA cannot communicate
using WebChannels.
If this happens, log the error and set the `fxaStatus` broker capability to `false`.
This will cause the session to use state stored in localStorage rather than the
state stored by the browser.
fixes#5114
Before this fix, if a call to /sms/status failed,
signup confirmation would appear to fail with an
"Unexpected error".
Instead of failing, log and drop errors to /sms/status.
fixes#5109
Use a `createClientDelegate` method to pass all method call parameters
directly to the delegated to method in the fxa-js-client.
Also removed fxa-client->signOut, the functionality
was a subset to the more full featured sessionDestroy.
Finally, add lots of documentation.
Extracted from #5092
With the changes to fetch user state brom the browser, we were
attempting to check the signed in account before the storage
formats were updated. An Account model was created with `accountData`,
causing an exception to be thrown.
Updates the stored accounts before checking for
the signed in account.
Since a functional test caught this, no new functional tests
were added, only unit tests.
fixes#5104
We were binding using `account.on` in `beforeRender`. This didn't cause any
visible problems, but caused two problems behind the scenes:
1. The view to be retained in memory after being torn down because the
account kept a reference to the View.
2. If the accessToken was invalidated after the view was destroyed, the
*view would re-render anyways*, just not visibly.
Using view.listenTo, the listener is removed from the account whenever
the view is torn down. In addition, this is only done in afterVisible
so that only one listener is ever bound. If done in `beforeRender`,
a new listener was attached on every render.
Not attached to an issue.
Use fat arrows to make code more consise, let, const, etc.
Only render to the DOM when absolutely needed to speed up tests.
This is such a low-risk unit test only change that I self-merged.
Update invokeBrokerMethod, invokeBehavior, and invokeHandler
to use ES2015 rest & spread operators.
Also make `invokeBehavior` always return a promise.
Done by having the progress indicator decorator look on the target element
for a `data-min-progress-indicator-ms` attribute. If it exists, wait for
the time to elapse before completing the submit action.
Use this in the "settings clients" functional tests to ensure the refresh
has completed to continue with the tests.
fixes#4570fixes#5071
The app store buttons were only shown if ?service=sync was specified on
the URL. This caused confusion whenever loading the two screens during
manual testing. Since these screens are only shown for the Sync flow,
always show them.
fixes#4948
The web channel command declarations were sprinkled throughout several modules.
This centralizes the location to lib/channels/web.js
This does not fix#3432, but takes the first step - centralizing where
the commands are declared.
issue #3432
If an OAuth relier specified service=sync, the Sync relier model was used
and caused the UI to say "Sign in to continue to Sync".
This could cause confusion.
This ensures that if the user is in an OAuth flow, the OAuth relier model
is used. OAuth relier models no longer import the `service` query parameter
for signin and signup, only for verification where `service` is used
as `clientId`.
Why this change?
The long term intent is to completely remove the implicit state
machine from within the views. To do so, the implicit state machine
needs to be made explicit. The state machine is unique for each
browser integration. Auth brokers are created for each integration,
and are currently our best mechanism for creating per-integration
state machines.
What are the broker updates?
* `web` is for people who browse directly to the site.
* `fx-sync` - re-purposed to define generic Sync behaviors, does not
contain any references to channels. Used when someone signs up for
Sync and verifies in a 2nd browser.
* `fx-sync-channel` is the former `fx-sync` broker, it defines Sync
behaviors but has channels.
Since each integration will have its own broker, which defines its own
behaviors, we can remove `isDirectAccess` from the relier.
@ryanfeeley and @davismtl both agree that "Maybe later"
should be removed from the /sms screen. Doing so will
probably boost the number of users who send an SMS,
and most /connect_another_device screens show the
user the same app store links as showed on the /sms page.
fixes#5044
Issue #4944
Users in the SMS "control" group must be in CAD, we are comparing
SMS against the CAD screens, not the general population.
This PR makes that happen. The SMS/CAD selection logic is extracted
into its own mixin so that it can be independently tested and
used on the "signup" page too.
From the experiment-mixin, trigger `flow.initialized` which
will force the flow model to initialize for experiments
that are created at runtime.
What does this do?
Replaces direct references to lib/validate w/ lib/vat.
VAT still delegates to Validate, the next step is for VAT to
take over responsibilities of Validate.
WHY?
While I was was working on using the same RegExps for both
the front and back-ends, I grew frustrated that the
front-end had multiple ways of validating. The same
mechanism should be used everywhere on the frontend.
Why did so many tests change?
The notifier now fully validates the uid and email fields. Tests that
expected proper uids and emails had to be updated. Some other tests
tried to sign in w/o a sessionTokenContext.
Pass errors back to the caller of `request`, if possible.
This will be used when requesting user data from the browser,
if for whatever the web channel returns an error, the user
should continue with the flow, so the caller should be
responsible for stopping the flow.
Ryan Kelly
Vlad Filippov
Vijay Budhram
Phil Booth
Princi Vershwal
Ryan Feeley
Anwesh Nayak
Soumya Himanish Mohapatra
Mutasem Aldmour
shikhar-scs
Shane Tomlinson
MeridelW
Edouard Oger
Tommasina
Erika Jonell
apoorvasingh17
Sean McArthur
Udara Weerasinghege
morrme