Hi All, This week we'll be rolling FxA train-37 to production. It continues a theme from the previous train, improving support for third-party OAuth reliers in addition to some crucial bugfixes.
On the Frontend: * Show an interstitial permission screen when connecting to third-party reliers, to indicate what information will be shared. * Add a new "verification_redirect" query parameter to OAuth endpoints, giving reliers more control over the post-verification redirect flow. * Suggest the account to use during sign-up, if possible. * Log metrics about whether we ask for a password during sign-in. * Add hooks and infrastructure to support embedding the sync signup flow in an iframe. * Make the email suggestion tooltip keyboard-accessible. * Fix a bug with deriving relier encryption keys during sign-up. * Check for getUserMedia when changing the avatar picture. * Log additional metrics to track account deletion events. On the Backend: * Remove the never-really-implemented and totally-unused "devices" API. * Don't retry failing HTTP requests to the db server. * Replace browserid-crypto with newer, better "jwtool" library. * Several code cleanups and dependency updates. As always, you can dig into the details through the CHANGELOG files in each individual repo: https://github.com/mozilla/fxa-auth-server/blob/master/CHANGELOG https://github.com/mozilla/fxa-content-server/blob/master/CHANGELOG.md Cheers, Ryan _______________________________________________ Dev-fxacct mailing list [email protected] https://mail.mozilla.org/listinfo/dev-fxacct
