matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-09-11 22:30:47 +03:00
Code Activity
2,847 Commits 59 Branches 22 Tags
rei/rate_limiting_configuration
Commit Graph

35 Commits

Author SHA1 Message Date
Quentin Gliech
d1b9a4980c Update opentelemetry to 0.24.0 2024-07-25 11:01:43 +02:00
Quentin Gliech
112f673e22 Use dynamic filters on upstream OAuth 2.0 providers 2024-07-16 18:23:23 +02:00
Quentin Gliech
15c2c740a7 Use dynamic filters on compatibility sessions 2024-07-16 18:23:23 +02:00
Quentin Gliech
e47f26fde6 Update the query introspection data 2024-07-16 14:13:11 +02:00
Quentin Gliech
3eab10672f Add a lock during syncs of user devices 2024-07-16 09:32:07 +02:00
Quentin Gliech
43582e7eca Data model and repository for the user recovery flow 2024-06-28 15:59:21 +02:00
Quentin Gliech
4e3823fe4f Add a soft-deletion column on upstream OAuth 2.0 providers 2024-04-03 09:51:22 +02:00
Quentin Gliech
1821136e3f Additional parameters from upstream OAuth2 providers in the data model 2024-03-01 14:36:37 +01:00
Quentin Gliech
f171d76dc5 Record user agents on OAuth 2.0 and compat sessions (#2386) 
* Record user agents on OAuth 2.0 and compat sessions

* Add tests for recording user agent in sessions
 2024-02-22 10:01:32 +01:00
Quentin Gliech
ed5893eb20 Save which user session created a compat session 
This also exposes the user session in the GraphQL API, and allow
filtering on browser session ID on the app session list.
 2024-02-21 11:55:58 +01:00
Quentin Gliech
03b6ad7138 Remove the unique constraint on device IDs on compatibility sessions 
In OAuth 2.0 sessions, we can have multiple sessions for the same device
anyway, so this constraint doesn't exactly make sense.

Fixes #2033
Fixes #2312
 2024-02-20 15:50:20 +01:00
Quentin Gliech
90c386847a Setup a repository to track user terms agreements 2024-02-07 17:21:22 +01:00
Quentin Gliech
17e968f7cc Record the user agent and IP in the device code grant 2024-02-02 18:01:51 +01:00
Quentin Gliech
31936bcc00 Save whether the client supports the device code grant in the database 2024-02-02 18:01:51 +01:00
Quentin Gliech
5126d36b2e Add upstream OAuth 2.0 providers name and branding 2023-11-20 17:23:02 +01:00
Quentin Gliech
7315dd9a7a Allow endpoints and discovery mode override for upstream oauth2 providers 
This time, at the configuration and database level
 2023-11-17 16:18:39 +01:00
Quentin Gliech
3cb8a26d95 "Can request admin" flag on user 2023-10-09 18:52:30 +02:00
Quentin Gliech
50558a7319 Make the last activity timestamp and IP available through the API 2023-09-19 21:57:54 +02:00
Quentin Gliech
b85655b944 Save the session activity in the database 2023-09-19 21:57:54 +02:00
Quentin Gliech
9c97a0c37a storage: make the access token expiration optional 2023-09-11 12:03:42 +02:00
Quentin Gliech
542d0a6073 Implement the client credentials grant 2023-09-06 09:35:34 +02:00
Quentin Gliech
00fe5f902b storage: add a method to create an OAuth 2.0 session for a client credentials grant 2023-09-06 09:35:34 +02:00
Quentin Gliech
7a9197f222 storage-pg: make the user_id in oauth2_sessions nullable 2023-09-06 09:35:34 +02:00
Quentin Gliech
5d3b8cd92f Store the browser user-agent when starting a browser session 2023-08-29 17:38:01 +02:00
Quentin Gliech
1849b86a7d graphql: Always make the associated SSO login available in compatibility sessions 2023-08-29 16:53:38 +02:00
Quentin Gliech
8402a75a7d storage: Look up compat sessions by device_id 2023-08-29 16:53:38 +02:00
Quentin Gliech
438a10332a Add the user_id directly on oauth2_sessions and make the scope a text list 2023-08-29 12:52:24 +02:00
Quentin Gliech
d9a12de8a3 Save the authentication method on each authorization 
This will help us logging out of the upstream.
 2023-08-28 17:14:59 +02:00
Quentin Gliech
096386e9b9 Save the application_type and the contacts in the OAuth 2.0 clients 
This also removes the dedicated "redirect_uris" table and makes it a field of the "oauth2_clients" table
 2023-08-28 14:41:49 +02:00
Quentin Gliech
652a2784ce Remove the pgcrypto extension requirement 
Fixes #1557
 2023-08-23 18:46:45 +02:00
Quentin Gliech
182df73578 storage-pg: add tests for user locking 2023-08-03 14:06:34 +02:00
Quentin Gliech
40b49cdd10 Add a way to lock users 2023-08-03 14:06:34 +02:00
Quentin Gliech
517438471c Better upstream OAuth provider pagination and filtering 2023-07-21 19:50:30 +02:00
Quentin Gliech
802cf142fd Remove the last authentication from the browser session model 2023-07-21 19:50:30 +02:00
Quentin Gliech
ba0f7ea62c Upgrade all Rust dependencies 
This includes breaking changes of sqlx 0.7.0
 2023-07-17 19:04:06 +02:00