Hi All,
This week we'll be rolling FxA train-38 to production with the following changes: On the Frontend: * Improve the UI of the oauth permissions prompt, and ensure we only allow scopes that were actually shown in the prompt. * Simplify behaviour of oauth flow with verification_redirect=always. * Tell oauth reliers whether the user signed in or signed up. * Let the root URL be framed for allowed reliers. * Include a "service" and "reason" parameter in all login requests. * Improve caching and error-handling when displaying profile images * Add support for "invalid scopes" error message from the oauth server * Add client metrics for screen refreshes, signout and more. * The usual bevy of test fixes and enhancements. On the Backend: * Accept and log "service" and "reason" parameters in login requests. * Allow more config options to be specified in the environment. * Rename "toobusy" config option to "maxEventLoopDelay". * Check email capitalization on login, and error out if mismatched. * Standardize on "bluebird" as our promise library of choice. Special thanks go to new contributor Rishi Baldawa for helping out on the backend changes, and to Edouard and Riadh for continuing to dive in on the frontend. As always, you can dig into the details through the CHANGELOG files in each individual repo: https://github.com/mozilla/fxa-auth-server/blob/master/CHANGELOG https://github.com/mozilla/fxa-content-server/blob/master/CHANGELOG.md Cheers, Ryan _______________________________________________ Dev-fxacct mailing list [email protected] https://mail.mozilla.org/listinfo/dev-fxacct
