matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-07-31 09:24:31 +03:00
Code Activity

Move from MSC3824 actions to org.matrix.msc3824.delegated_oidc_compatibility flag (#250)

Browse Source 
Co-authored-by: Quentin Gliech <quenting@element.io>
This commit is contained in:
Hugh Nimmo-Smith
2022-06-15 16:49:03 +01:00
committed by GitHub
parent 5632f6ba99
commit 9e3f43f1f0
2 changed files with 10 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
crates/axum-utils/src/client_authorization.rs
View File

@ -562,6 +562,11 @@ mod tests {
async fn client_assertion_test() { async fn client_assertion_test() {
// Signed with client_secret = "client-secret" // Signed with client_secret = "client-secret"
let jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJjbGllbnQtaWQiLCJzdWIiOiJjbGllbnQtaWQiLCJhdWQiOiJodHRwczovL2V4YW1wbGUuY29tL29hdXRoMi9pbnRyb3NwZWN0IiwianRpIjoiYWFiYmNjIiwiZXhwIjoxNTE2MjM5MzIyLCJpYXQiOjE1MTYyMzkwMjJ9.XTaACG_Rww0GPecSZvkbem-AczNy9LLNBueCLCiQajU"; let jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJjbGllbnQtaWQiLCJzdWIiOiJjbGllbnQtaWQiLCJhdWQiOiJodHRwczovL2V4YW1wbGUuY29tL29hdXRoMi9pbnRyb3NwZWN0IiwianRpIjoiYWFiYmNjIiwiZXhwIjoxNTE2MjM5MzIyLCJpYXQiOjE1MTYyMzkwMjJ9.XTaACG_Rww0GPecSZvkbem-AczNy9LLNBueCLCiQajU";
let body = Bytes::from(format!(
"client_assertion_type={}&client_assertion={}&foo=bar",
JWT_BEARER_CLIENT_ASSERTION, jwt,
));
let mut req = RequestParts::new( let mut req = RequestParts::new(
Request::builder() Request::builder()
.method(Method::POST) .method(Method::POST)
@ -569,13 +574,7 @@ mod tests {
http::header::CONTENT_TYPE, http::header::CONTENT_TYPE,
mime::APPLICATION_WWW_FORM_URLENCODED.as_ref(), mime::APPLICATION_WWW_FORM_URLENCODED.as_ref(),
) )
.body(Full::<Bytes>::new( .body(Full::new(body))
format!(
"client_assertion_type={}&client_assertion={}&foo=bar",
JWT_BEARER_CLIENT_ASSERTION, jwt,
)
.into(),
))
.unwrap(), .unwrap(),
); );

17
crates/handlers/src/compat/login.rs
View File

@ -33,18 +33,11 @@ use thiserror::Error;
use super::MatrixError; use super::MatrixError;
#[derive(Debug, Serialize)]
#[serde(rename_all = "lowercase")]
enum Action {
Login,
Register,
}
#[derive(Debug, Serialize)] #[derive(Debug, Serialize)]
#[serde(tag = "type")] #[serde(tag = "type")]
enum LoginType { enum LoginType {
#[serde(rename = "m.login.password")] #[serde(rename = "m.login.password")]
Password { actions: Vec<Action> }, Password,
// we will leave MSC3824 `actions` as undefined for this auth type as unclear // we will leave MSC3824 `actions` as undefined for this auth type as unclear
// how it should be interpreted // how it should be interpreted
@ -55,7 +48,7 @@ enum LoginType {
Sso { Sso {
#[serde(skip_serializing_if = "Vec::is_empty")] #[serde(skip_serializing_if = "Vec::is_empty")]
identity_providers: Vec<SsoIdentityProvider>, identity_providers: Vec<SsoIdentityProvider>,
actions: Vec<Action>, delegated_oidc_compatibility: bool,
}, },
} }
@ -73,12 +66,10 @@ struct LoginTypes {
pub(crate) async fn get() -> impl IntoResponse { pub(crate) async fn get() -> impl IntoResponse {
let res = LoginTypes { let res = LoginTypes {
flows: vec![ flows: vec![
LoginType::Password { LoginType::Password,
actions: vec![Action::Login],
},
LoginType::Sso { LoginType::Sso {
identity_providers: vec![], identity_providers: vec![],
actions: vec![Action::Login, Action::Register], delegated_oidc_compatibility: true,
}, },
LoginType::Token, LoginType::Token,
], ],