37 Commits

Author	SHA1	Message	Date
reivilibre	1afd2a2906	Remove OPA-based password policy enforcement (#2875) ... Co-authored-by: Quentin Gliech <quenting@element.io>	2024-07-16 14:33:04 +01:00
Quentin Gliech	fbb8044dbd	Bump OPA	2024-05-07 07:32:02 +02:00
Quentin Gliech	3ea24dc8e5	Remove the invalid characters OPA policy tests	2024-05-03 16:56:56 +02:00
Quentin Gliech	6db50f098d	Allow more characters in device IDs	2024-05-03 16:56:56 +02:00
Alex Babel	5d85d0fb65	Increase allowed username length to 64 in the default policy (#2471)	2024-03-18 10:58:21 +00:00
Quentin Gliech	46c565cc89	Move schemars to workspace dependencies ... Also enables the `preserve_order` feature, hence the big schema output diff.	2024-03-01 14:36:37 +01:00
Andrew Ferrazzutti	d5e1127c32	Add Podman support to policies Makefile	2024-02-29 17:50:38 +01:00
Quentin Gliech	04f70aa168	Update generated files	2024-02-02 18:01:51 +01:00
Quentin Gliech	1c62543220	Make the device code grants go through the policy engine	2024-02-02 18:01:51 +01:00
Quentin Gliech	5b272dff08	Bump Open Policy Agent version to 0.59.0	2023-11-30 17:59:24 +01:00
Quentin Gliech	974405c7c3	dockerfile: bump rust, opa, nodejs and debian version	2023-11-14 13:41:10 +01:00
Quentin Gliech	3cb8a26d95	"Can request admin" flag on user	2023-10-09 18:52:30 +02:00
Quentin Gliech	6ce216e611	fixup! policies: allow subdomains for the various URIs	2023-09-18 11:57:50 +02:00
Quentin Gliech	bdc375fc6b	policies: allow subdomains for the various URIs	2023-09-18 11:57:50 +02:00
Quentin Gliech	86c425eaf3	Suggestion from code review ... Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>	2023-09-06 09:35:34 +02:00
Quentin Gliech	d16b880267	policy: only require redirect_uris for the authorization_code and implicit grants	2023-09-06 09:35:34 +02:00
Quentin Gliech	542d0a6073	Implement the client credentials grant	2023-09-06 09:35:34 +02:00
Quentin Gliech	8658a3400d	policy: prepare for the client credentials grant	2023-09-06 09:35:34 +02:00
Quentin Gliech	45e3fb045d	Allow HTTPS redirectors for native apps	2023-08-31 14:20:21 +02:00
Quentin Gliech	23571e87ea	Run the registration policy on upstream OAuth registration	2023-08-30 19:39:39 +02:00
Quentin Gliech	7fcd022eea	Make sure we validate passwords & emails by the policy at all stages ... Also refactors the way we get the policy engines in requests	2023-08-30 19:39:39 +02:00
Quentin Gliech	23151ef092	policies: split the email & password policies and add jsonschema validation of the input	2023-08-30 19:39:39 +02:00
Quentin Gliech	17e28f56c1	Upgrade Rust to 1.72.0 ... Fixes new clippy errors and upgrade other tools	2023-08-28 18:05:56 +02:00
Quentin Gliech	bb0939067f	policies: test for the new GraphQL/MAS scopes	2023-08-11 14:56:21 +02:00
Quentin Gliech	4ef3bcf336	Make the GraphQL interface accessible for OAuth clients	2023-08-11 14:56:21 +02:00
Quentin Gliech	60899bf131	Bump rustc, nodejs, opa, etc.	2023-07-17 19:54:49 +02:00
Quentin Gliech	7e90564d16	Bump Rust dependencies	2023-06-14 12:02:16 +02:00
Quentin Gliech	5cd93a5f93	Bump the OTEL crates to 0.19.0 (#1132) ... * Bump the OTEL crates to 0.19.0 Also pins a bunch of versions in the Dockerfile and fixes the docker build in CI	2023-04-24 17:10:55 +00:00
Quentin Gliech	d9649975b9	Upgrade rustc (and clippy) to 1.67.0	2023-02-01 10:37:04 +01:00
Quentin Gliech	5b28c1e6ce	Upgrade Rust, OPA, Node in CI and Docker image	2022-12-16 18:16:18 +01:00
Quentin Gliech	834214bcac	Do not embed the WASM-compiled policies in the binary	2022-11-18 22:37:55 +01:00
Quentin Gliech	071055ad18	Embed the default policy in the binary	2022-06-03 13:37:20 +02:00
Quentin Gliech	dd09a9b36f	Build WASM policies in the Docker image	2022-06-03 13:37:20 +02:00
Quentin Gliech	a2b53f0395	Run OPA policies during registration	2022-06-03 13:37:20 +02:00
Quentin Gliech	07512e3f9f	opa fmt	2022-06-03 13:37:20 +02:00
Quentin Gliech	b4bebe04c0	Add OPA policies tests	2022-06-03 13:37:20 +02:00
Quentin Gliech	aab1f49374	Support for applying OPA policies during client registration	2022-06-03 13:37:20 +02:00