matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-09-11 22:30:47 +03:00
Code Activity
2,847 Commits 59 Branches 22 Tags
rei/rate_limiting_configuration
Commit Graph

106 Commits

Author SHA1 Message Date
Quentin Gliech
144de0deb2 storage: freeze the error type on BoxRepository 
This avoids having to deal with traits bounds everywhere. It also moves
the `boxed()` method to the PgRepository, because it was unnecessary to
keep it on the `Repository` trait
 2024-07-26 11:36:55 +02:00
Quentin Gliech
d1b9a4980c Update opentelemetry to 0.24.0 2024-07-25 11:01:43 +02:00
Quentin Gliech
cef4645286 storage: add a filter by last active time on app sessions 2024-07-19 13:40:27 +02:00
Quentin Gliech
62c2af5e6a storage: add a filter by last active time on OAuth 2.0 sessions 2024-07-19 13:40:27 +02:00
Quentin Gliech
8bc1ef151f storage: add a filter by last active time on compatibility sessions 2024-07-19 13:40:27 +02:00
Quentin Gliech
c6b759c56d storage: add a filter by last active time on browser sessions 2024-07-19 13:40:27 +02:00
Quentin Gliech
e89a818ff2 Use dynamic filters on app sessions by reusing the OAuth/compat sessions filters 2024-07-16 18:23:23 +02:00
Quentin Gliech
12d2f1f827 Add new filters on the OAuth and compat sessions 2024-07-16 18:23:23 +02:00
Quentin Gliech
c4e7cf1a27 Use dynamic filters on browser sessions 2024-07-16 18:23:23 +02:00
Quentin Gliech
aa992d31f8 Use dynamic filters on users 2024-07-16 18:23:23 +02:00
Quentin Gliech
76c033b76a Use dynamic filters on user emails 2024-07-16 18:23:23 +02:00
Quentin Gliech
112f673e22 Use dynamic filters on upstream OAuth 2.0 providers 2024-07-16 18:23:23 +02:00
Quentin Gliech
7c2c310cac Use dynamic filters on upstream OAuth 2.0 links 2024-07-16 18:23:23 +02:00
Quentin Gliech
7c54c5f2e6 Use dynamic filters on OAuth 2.0 sessions 2024-07-16 18:23:23 +02:00
Quentin Gliech
df7bc53826 Use dynamic filters on compatibility SSO logins 2024-07-16 18:23:23 +02:00
Quentin Gliech
15c2c740a7 Use dynamic filters on compatibility sessions 2024-07-16 18:23:23 +02:00
Quentin Gliech
452024764a Add a trait to help building dynamic filters 2024-07-16 18:23:23 +02:00
Quentin Gliech
dcaf65e6e7 Batch finish browser sessions 2024-07-16 14:13:11 +02:00
Quentin Gliech
04b96b87b8 Batch finish OAuth 2.0 sessions 2024-07-16 14:13:11 +02:00
Quentin Gliech
f8d12cc305 Batch finish compatibility sessions 2024-07-16 14:13:11 +02:00
Quentin Gliech
3eab10672f Add a lock during syncs of user devices 2024-07-16 09:32:07 +02:00
Quentin Gliech
e75df0752d storage: methods to list and count users with filters and pagination 2024-07-05 13:44:14 +02:00
Quentin Gliech
b2ee5de050 storage: Add an email filter on the user email list 2024-06-28 15:59:21 +02:00
Quentin Gliech
43582e7eca Data model and repository for the user recovery flow 2024-06-28 15:59:21 +02:00
Quentin Gliech
3978acd94e Fix recently added Clippy lints 
This also ignores the clippy::blocks_in_conditions lint in two crates,
until tracing gets fixed: https://github.com/tokio-rs/tracing/issues/2876
 2024-05-07 07:32:02 +02:00
Quentin Gliech
cd0ec35d2f Soft-delete upstream OAuth 2.0 providers on config sync 2024-04-03 09:51:22 +02:00
Quentin Gliech
4e3823fe4f Add a soft-deletion column on upstream OAuth 2.0 providers 2024-04-03 09:51:22 +02:00
Quentin Gliech
dde907758e Use OTEL semantic conventions constants for most attributes 2024-03-19 17:15:14 +01:00
Quentin Gliech
7e30daf83e Replace parse-display with manual Display/FromStr impls 2024-03-19 16:38:46 +01:00
Quentin Gliech
61a69f5af4 Upgrade chrono and replace deprecated methods usage 2024-03-18 17:26:40 +01:00
Quentin Gliech
1821136e3f Additional parameters from upstream OAuth2 providers in the data model 2024-03-01 14:36:37 +01:00
Quentin Gliech
2c9b8a446d Bump Clippy to 1.75 and Rust to 1.76 2024-02-27 16:58:43 +01:00
Quentin Gliech
f3cbd3b315 Parse User Agents on the backend side (#2388) 
* Parse user agents on the server side

* Parse and expose user agents on the backend

* Use the parsed user agent in the device consent page

* Fix the device icon tests

* Fix clippy warnings

* Box stuff to avoid large enum variants

* Ignore a clippy warning

* Fix the requester boxing
 2024-02-23 16:47:48 +01:00
Quentin Gliech
f171d76dc5 Record user agents on OAuth 2.0 and compat sessions (#2386) 
* Record user agents on OAuth 2.0 and compat sessions

* Add tests for recording user agent in sessions
 2024-02-22 10:01:32 +01:00
Quentin Gliech
ed5893eb20 Save which user session created a compat session 
This also exposes the user session in the GraphQL API, and allow
filtering on browser session ID on the app session list.
 2024-02-21 11:55:58 +01:00
Quentin Gliech
03b6ad7138 Remove the unique constraint on device IDs on compatibility sessions 
In OAuth 2.0 sessions, we can have multiple sessions for the same device
anyway, so this constraint doesn't exactly make sense.

Fixes #2033
Fixes #2312
 2024-02-20 15:50:20 +01:00
Quentin Gliech
90c386847a Setup a repository to track user terms agreements 2024-02-07 17:21:22 +01:00
Quentin Gliech
17e968f7cc Record the user agent and IP in the device code grant 2024-02-02 18:01:51 +01:00
Quentin Gliech
b0042eb0c3 Clippy thinks I have too many bools in my structs 2024-02-02 18:01:51 +01:00
Quentin Gliech
31936bcc00 Save whether the client supports the device code grant in the database 2024-02-02 18:01:51 +01:00
Quentin Gliech
50654d2e40 Implement the device code authorisation request 2024-02-02 18:01:51 +01:00
Quentin Gliech
286fc57103 Add a repository for device code grants 2024-02-02 18:01:51 +01:00
Quentin Gliech
a0f5f3c642 Enable clippy lints on a workspace level 
This enables a lot more lints than before in some crates, so this fixed a lot of warnings as well.
 2023-12-05 17:20:42 +01:00
Quentin Gliech
5126d36b2e Add upstream OAuth 2.0 providers name and branding 2023-11-20 17:23:02 +01:00
Quentin Gliech
7315dd9a7a Allow endpoints and discovery mode override for upstream oauth2 providers 
This time, at the configuration and database level
 2023-11-17 16:18:39 +01:00
Quentin Gliech
364093f12f Allow overriding usptream OAuth2 providers endpoints 
Also have a way to disable OIDC discovery when all the endpoints are known.
 2023-11-17 16:18:39 +01:00
Quentin Gliech
3cb8a26d95 "Can request admin" flag on user 2023-10-09 18:52:30 +02:00
Quentin Gliech
2a100ab927 graphql: allow filtering appsessions on device_id 2023-10-06 16:05:26 +02:00
Quentin Gliech
15134b37af Add missing tracing to app session storage 2023-09-20 20:29:16 +02:00
Quentin Gliech
f1d420f381 Storage layer for a unified session list 2023-09-20 20:27:08 +02:00