Because:
* FxA environment prefs were reset in dev-launcher on sign out from sync
* This caused sync to revert to FxA prod values (instead of local or stage as defined on startup with fxa-dev-launcher)
This commit:
* Add identity.fxaccounts.autoconfig.uri to the fxa-dev-launcher startup profile
Closes #FXA-10195
Because:
* In the 'account disconnected' Sync state, users are now taken to /signin instead of /force_auth, so our logic needed to be updated
This commit:
* Adjusts the logic for when we send the message. Only send if the user didn't first hit content-server (we will know based on a temporary query param until email-first is converted to React). The browser decides when to automatically respond with ok: true or prompt the user
* Displays an error message when the user cancels
fixes FXA-10176
Because:
- Some temporary band aids were added to support out of date Contentful
data that could no longer be changed, due to the Contentful instance
being changed to read-only.
This commit:
- Removes temporary band aids now that support for Strapi has been added
Closes #FXA-9797
Because:
- the content server backend Glean pings did not have actual values for
most of their metrics
This commit:
- populates the "common" metrics in the ping
- the approach is currently based on the /metrics-flow request; we
can evolve it as necessary as we support more events
- combines the node-uap based useragent lib in auth server into the one
in fxa-shared, since the content server backend need the "device
type"
Because:
- the options for an event's function was not enclosed with the
returned event function in the auth server, leading to the optional
callback not being called
This commit:
- ensure the options for the event function is enclosed with the
created event function
Because:
- Sourcemaps weren't showing up on stage, yet were being deployed.
- The files in `fxa-settings/build` were effectively being webpacked twice.
- The ending comment, `//# sourceMapURL=` was being stripped off when webpacked the second time.
This Commit:
- Just copies over the files from `settings/build` without sending them through webpack.
Because:
- for the auth server backend Glean events, we resolve the event metric
method based on the string event name
- but we currently do that in the created function for the event
This commit:
- resolves the method during the initial function creation for the
event functions, e.g. during server startup
Because:
* There's a case where the session token given back from requestSignedInUser is undefined
This commit:
* Makes sure the sessionToken is defined before checking its validity and using it
fixes FXA-10156
Because:
* If multiple accounts were signed in on different tabs, operations could be applied to the wrong account
* Current account uid was not correctly updating to reflect the account in use in the focused tab
This commit:
* On tab focus, check if the account uid matches the current account uid. If not, update current account uid.
* Only check for destroyed session after updating the current account uid to ensure the correct session is signed out on tab focus.
Closes #FXA-9984
Because:
* Some stories are broken and not loading
This commit:
* Update image imports for image components
* Add React import where missing
* Move use of useSensitiveDataClient hook to container level
Closes #FXA-10085
Because:
- If you signout and the browser isn't notified, users can end up in a wierd state when accessing settings
This Commit:
- Asks firefox for the current user
- Checks the current session token
- If the current session is token, uses it thereby letting the user access settings
- If the current session is not valid, a message is displayed saying to signout from sync.
Because:
- the content server backend needs Glean to record some RP related
events at a minimum
This commit
- adds, configures, and initializes Glean for the content server
backend
Because:
- We saw positive results from doing the same thing for the CanLinkAcocunt web channel message
This Commit:
- Updates the Login webchannel message
Because:
* We want to track metrics for clicks to add/change display name and add a secondary email
This commit:
* Adds and implements glean events account_pref_display_name_submit and account_pref_secondary_email_submit
Closes #FXA-10041, FXA-10042
Because:
* We want to track metrics events on Unlink click from settings, and Unlink confirm, with 'create_password' reason if the user needed to first set a password
This commit:
* Adds events account_pref_google_unlink_submit, account_pref_google_unlink_submit_confirm, account_pref_apple_unlink_submit, account_pref_apple_unlink_submit_confirm
* Includes 'reason' in events if user does not have a password set
* Updates some tests and one warning
closes FXA-10050, closes FXA-10051
Because:
* We want to track successful registrations with google/apple auth
This commit:
* Adds backend glean events for third_party_auth_google_reg_complete and third_party_auth_apple_reg_complete
* Add relevant tests
* Standardize naming of other backend third party auth events
Closes #FXA-9816, FXA-9818
Because:
* This link no longer allows users to get a text via SMS, so we're removing it
This commit:
* Removes the link and updates copy
fixes FXA-9983
Because:
- When signing into sync on Android, the signin button can become 'stuck'
- Yesterday we uncovered a race condition that seemed to help, but didn't totally fix the problem.
- The event handler in fxaCanLinkAccount was too general and could pick up events that were not intended for it.
This Commit:
- Uses `this.addEventListener(FirefoxCommand.CanLinkAccount` instead of `window.addEventListener('WebChannelMessageToContent'...`
- Doing so ensures that only responses for the CanLinkAccount command are handled.
Note, we should avoid using `window.addEventListener('WebChannelMessageToContent'`
Because:
* Android responds immediately to the can_link_account message and we don't appear to always have the event listener attached
This fix:
* Adds requestAnimationFrame, as we have needed to use this a couple of times before for testing when the response back was immediate
fixes FXA-10057
Because:
* Avatar for a different cached account was shown after clicking on "Use a different account"
* We want to match parity with backbone where avatar is only shown for cached sign in
This commit:
* Show the default avatar if there is no session token
* Update unit tests to test for custom avatar shown for cached sign in with session token, and default avatar without session token, including tests for both scenarios with passwordless accounts
Closes #FXA-10044
Because:
- On android mobile this response for 'CanLinkAccount' comes back immediately and no pop up is displayed.
- As result, we potentially have a result, and the eventHandler might not be bound.
This commit:
- Attach the event handler before sending the message.
Because:
* Sign in cached, sign in once, use a different account test was failing on the sign out step due to redirect to cached signin
This commit:
* Update the sign out function to check for redirect away from settings but allow for different destinations (email first or sign in, for example)
* Remove the refresh in the test (not needed) and replace with URL check
Closes #FXA-10064
Because:
* We want to track clicks to start an account recovery key setup flow
This commit:
* Add glean event and emit in the appropriate settings page
Closes #FXA-10039
Because:
- We can hit a state where firefox will direct a user to sign in and the redirect uri, or client id won't be present
- This state is erroneous, but it'll take a bit for the fix in FF to be released.
This Commit:
- shortCircuits checkOauthData when we are dealing with a sync integration.
- Sync doesn't need to redirect back to a third party anyway, so this is probably okay.
Because:
- We want to know when a user interacts with the password field
This Commit:
- Adds the login_engage event
- Fires the event when a user focuses on the password input
Because:
* coupon tests are failing in stage due to IP rate limiting
This commit:
* adds signin as a pre-requisite to coupon tests (since all subscription tests now require signin, the steps have been encapsulated in an automatic fixture to reduce code duplication)
Closes # FXA-10045
Because:
* Users on non-Firefox desktop should be shown a more helpful page
This commit:
* Creates a new state on pair/unsupported for non-Firefox, non-Android and non-iOS users to inform them they need to download Firefox to proceed
* Adds cad_redirect_desktop_view and cad_redirect_desktop_download glean events. Ran glean-generate, creating a couple other glean reg.js events
closes FXA-10008
Because:
- the diff looks large because the Glean generated code uses double
quotes whereas our code base uses single quotes
This commit:
- runs the same prettier fix that's part of the pre-commit hook
immediately after generating the code
Because:
* In Backbone we ask users to confirm that they want to merge their Sync data on submission of password signin, if the flow is force_auth since they haven't answered the prompt at this point. We want to do the same for React
This commit:
* Modifies the fxaCanLinkAccount web channel message to return a promise waiting for the browser's response, and only proceeds if the user confirms
fixes FXA-9868
Because:
- we need to able to get metrics flow data directly in React/Settings
without relying on query params
This commit:
- injects a flow id and begin time into the HTML of the React page
- sets the metrics flow data for the app in the precedence of 0) direct
argument, 1) query params, 2) body data attrs
Because:
- Sentry errors logged by the paypal processor did not include
additional error information.
This commit:
- Update paypal processor script to use initSentry, which includes
additional Sentry integrations, such as ExtraErrorData.
- Replace deprecated ExtraErrorData integration with
Sentry.extraErrorDataIntegration()
Closes #FXA-9219
Because:
- We want an event to know if users selected options in the marketing section
This Commit:
- Creates a reg_marketing_engage glean event
- Adds it to the signup page
- Adds labels for standard.marketing that follow the pattern set forth by sync.ctws
Because:
- We want a metric recorded when a user enters an invalid age
This Commit:
- Creates the reg_age_invalid glean metric
- Fires the event on the cannot_create_account page
Because:
* Users that sign out from within account settings destroy their session token but we don't tell the browser it's become invalid. Users trying to access settings again in mobile run into a case where we redirect them to oauth signin, causing problems with at least 2FA login in this scenario
This commit:
* Sends the integration down as a prop into DropDownAvatarMenu so we can conditionally send the webchannel message if the flow is Sync
* Adds unit tests, updates all stories/tests/mocks
closes FXA-9919
Becuase:
- When a user sets their password after signing in with a third party, we want to emit a metirc.
This Commit:
- Adds the third_party_accounts_set_password_complete metric.
Because:
* We were not await confirmation that totp was enabled before signing out of settings in tests
* This could cause a race condition where totp setup was incomplete before sign out, causing flakiness in tests
This commit:
* Add assertion for totp enabled after forms are filled out
Closes #FXA-10001
Because:
- ts-jest is consuming too much memory during unit test execution
This commit:
- Replace ts-jest with @swc/jest, which has better memory utilization
- Replace Nx TSC build executor with Nx esbuild build executor, for better performance.
- Reduce size of unit-test job instance size from large back to medium+
Closes #FXA-9879
Because:
- When the paypal button fails to load during initialization, for
example when there is a PayPal sandbox outage, the subscription
checkout page loads into an error, instead of hiding the PayPal
button.
- This has resulted in a confusing user experience, as well as causing
unrelated functional test failures due to the error page being shown.
This commit:
- If the PayPal button does not successfully finish it's onInit
function, then hide the PayPal button instead of showing an error
message.
- If any other PayPal error occurs, continue showing the error page.
Closes #FXA-9886
Because:
* The locator for the settings heading, intended to confirm that the Settings page is viewed, is not specific enough and matching headings on other pages.
* This is causing false positives on functional-tests.
This commit:
* Update the locator.
Closes #FXA-9991
Because:
- Admin panel rejects with an error if it can't find a Stripe invoice.
- Stripe typically does not allow invoice deletion, and therefore this
error is usually only seen on Stage after Stripe cleans up test data.
This commit:
- Catches the error on invoice failure, and if its due to missing
invoice, log the error, and assume customer subscription data is stale,
and simply return void.
Closes #FXA-9051
Because:
* on the stage environment applying coupons fails with the error message 'An error occured processing the code. Please try again.' indicating that we've hit a rate limit. Since adding fixmes improvements restricting the number of retries and updating tests to use auto-awaiting asserts have been implemented.
This commit:
* removes the fixmes to see if rate limiting is still an issue
Closes #FXA-9689
Because:
* Email address is lost when accessing the “here” link from “Automatic renewal notice” email with the force experiment parameter added
This commit:
* Set the email on emailFromIndex instead of email to ensure it is passed to React force_auth/signin
Closes #FXA-9975
Because:
* Oauth signin token code tests were failing on the step to fill the input
This commit:
* Add a more specific locator for the input on the signin token code page
* Split the test into 3 tests for better compartimentalizarion: valid code, invalid code and resend code
* Remove fixme annotation
Closes #FXA-9931
Because:
* many updates have been made to improve isolation since March and the tests no longer exhibit flake locally
This commit:
* removes the fixme annotation from:
* react-conversion/oauthSignup.spec.ts:96:9 › severity-1 #smoke › signup react › signup oauth webchannel - sync mobile or FF desktop 123+
* react-conversion/signup.spec.ts:53:9 › severity-1 #smoke › signup react › signup sync desktop v3, verify account
* removes waitForRoot from SignupPage
* removes CWTSEngineOpenTabs from LoginPage
Closes #FXA-9306
Because:
* the test fails due to the incorrect comparison of the total with the resubscriptionPrice
This commit:
* fixes the test by comparing resubscriptionPrices
Closes #FXA-9912
Because:
* Confirmation code emails (either for unverified session or unverified account) were not sent out during cached signin with React (but clicking "Email new code" worked
* We want to ensure that an email is immediately sent out
* We want to match parity with Backbone
This commit:
* Send out the email during cached signin if the account or session are unverified
* Update the cached signin functional test
* Add a new functional test for unverified signin
Closes #FXA-9878
Because:
* We are adding new glean events for connect another device flow
This commit:
* Adds cad_view, cad_submit, cad_startbrowsing_submit, cad_firefox_choice_notnow_submit
* Fix a react error spotted during development (React keys must be passed directly to JSX without using spread)
Closes #FXA-9600, FXA-9601, FXA-9602, FXA-9785
Because:
* Error message was not awaited properly causing tests to error
This commit:
* Await error message without using class selector
Closes #FXA-9932
Because:
* We were not properly displaying this code on the inline TOTP page
This commit:
* Creates a new component to share with where we display this code inside Settings, and uses it in both locations
* Adds new component to Storybook, updates test
fixes FXA-9916
Because:
* Some functional tests were failing for the tag
* Some failure traces missing on CI
This commit:
* Increase timeout for assertions
* Update trace config to always retain trace on failure
Closes #FXA-9909
Because:
* Sync was disabled after resetting password during a sync sign in
This commit:
* Add services to the FxaLoginSignedInUserRequest webchannel message used by reset password
Closes #FXA-9870
We fetch the experiments as a passthrough between the app and server
so we don't have to expose another service.
In this patch, we've also added the experiments to the sign-in page
context.
Co-authored-by: dschom <dschomburg@mozilla.com>
Because:
- When 2FA is required, and user did not have 2FA enabled yet, they would get bounced to the signup page
This Commit:
- Allows isSessionVerified to settle before redirecting
- Allows totpStatus to settle before redirecting
- Puts redirect logic in separate useEffect to consolidate redirect logic
- Removes that catch block that was using an undefined error state to control user flow
- Cleans up tests:
- Made mocks accessible
- Made sure implementations were defined in setMocks
- Use mockReturnValue where appropriate
- Make sure waitFor is used as needed
fixes: FXA-9848
Because:
- When two tabs are open, logging out of one tab, would not impact the second tab
- Some level interaction would still be possible in the second tab.
This Commit:
- Makes sure that after logging out of one tab, another active tab will also log out
Fixes: FXA-970 by addressing the UX issue. See ticket for more discussion about API level restrictions.
Because:
* There are a couple of bugs we want to address
This commit:
* Swaps the event reason on choice submission, as they were inversed
* Fixes the Glean event map to cad_firefox_choice_view, as it referenced cad_firefox_view
* Only emits the 'cad_firefox_sync_device_submit' event when user reaches the "needs mobile" screen and clicks "Continue to sync"
fixes FXA-9834, fixes FXA-9833, fixes FXA-9832
Because:
* Many tests were failing when react signin is switched to full prod rollout
* Login page object model was a bit of a grab bag that was used for signin, signup as well as other pages
This commit:
* Rename signinReact and signupReact POMs to signin and signup
* Discontinue use of login POM in most tests and replace with page-specific POMs
Closes #FXA-9519
Because:
- ClientIds with values 'none' were making their way to the auth server
- This was happening because 'none' is a valid value for service, and service was a fallback for clientId.
This Commit:
- Creates stricter checks on what a valid clientId is.
FXA-9802
Because:
* Our 'yarn glean-generate' command was failing with 'No module named 'pkg_resources', and this is fixed in latest Glean
This commit:
* Upgrades the package
Because:
* Two tests were failing smoke tests
This commit:
* Fix the PKCE test by using the correct url by environment (removed stray localhost)
* Fix failing assertion that was causing email check to fail
Closes #FXA-9800
Because:
* Adding 'await' in front of this waits for the browser to respond. We thought this may fix an intermittent sync signin issue, but instead hangs
This commit:
* Reverts this change
Because:
* If the user reaches a page where they must reauth, for example when following a link from email, we want to suggest the provided email for signin instead of asking the user to re-enter their email (matching parity with backbone)
This commit:
* When reauth is required and there is a redirect to force_auth, set the email on the user model so it can be picked up when navigating to react
Because:
* we hypothesis that the cause of intermittence in functional tests may be due to uncleared emails and inadequate wait times
This commit:
* consolidates waiting for emails to the EmailClient
* decouples the EmailClient from POMS
* increases the default timeout from 15 to 45 seconds
Closes #FXA-9851
Because:
* We want to clear the error when the code is edited
This commit:
* Clears the error message when the users clicks backspace, delete or pastes a new code
Closes #FXA-9806
Because:
- We noticed that gql queries in inline_totp_setup were failing
- The value for service wasn't passing validation
- The service name was being passed instead of the service id
This Commit:
- Passes the service identifier (aka the RPs client id) in for the service value.
- Uses the integration's 'getService' function to determine this value
Because:
* Users are not signed in to Sync after entering their 2FA code
This commit:
* Prevents the fxaLogin web channel message from being sent up if the next page in the navigation flow is TOTP since we send it up on submit on that page
fixes FXA-9837
Because:
* Subplat subscriptions page sometimes redirects to force_auth and we need to pass params to this page as well as oauth/force_auth
This commit:
* Update router.js to route force_auth and oauth/force_auth to react
* Only pass redirectTo to navigation handler if integration is web
Closes #FXA-9826
Ben Bangert
Vijay Budhram
Dan Schomburg
Vijay Budhram
dependabot[bot]
Reino Muhl
Valerie Pomerleau
Lauren Zugai
dschom
Barry Chen
Valerie Pomerleau
Katrina Anderson
Arkadiusz Komarzewski
Ankita Shrivastava
Ankita Shrivastava
Julian Poyourow
julianpoyourow
Lauren Zugai
Jonathan Almeida
Lisa Chan
Geoff Lankow