matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-09-11 22:30:47 +03:00
Code Activity
2,847 Commits 59 Branches 22 Tags
rei/rate_limiting_configuration
Commit Graph

106 Commits

Author SHA1 Message Date
Quentin Gliech
50558a7319 Make the last activity timestamp and IP available through the API 2023-09-19 21:57:54 +02:00
Quentin Gliech
b85655b944 Save the session activity in the database 2023-09-19 21:57:54 +02:00
Quentin Gliech
9c97a0c37a storage: make the access token expiration optional 2023-09-11 12:03:42 +02:00
Quentin Gliech
e6b91c1ce4 data-model: make the access token expiration optional 2023-09-11 12:03:42 +02:00
Quentin Gliech
83ca90ee3d Add a GraphQL mutation to create arbitrary OAuth2 sessions. 2023-09-11 12:03:42 +02:00
Quentin Gliech
542d0a6073 Implement the client credentials grant 2023-09-06 09:35:34 +02:00
Quentin Gliech
00fe5f902b storage: add a method to create an OAuth 2.0 session for a client credentials grant 2023-09-06 09:35:34 +02:00
Quentin Gliech
7a9197f222 storage-pg: make the user_id in oauth2_sessions nullable 2023-09-06 09:35:34 +02:00
Quentin Gliech
7e247830c9 data-model: Make the user_id optional in the OAuth 2.0 sessions 2023-09-06 09:35:34 +02:00
Quentin Gliech
5d3b8cd92f Store the browser user-agent when starting a browser session 2023-08-29 17:38:01 +02:00
Quentin Gliech
1849b86a7d graphql: Always make the associated SSO login available in compatibility sessions 2023-08-29 16:53:38 +02:00
Quentin Gliech
8402a75a7d storage: Look up compat sessions by device_id 2023-08-29 16:53:38 +02:00
Quentin Gliech
d7abdccc0a storage: Allow filtering oauth2 sessions by scope 2023-08-29 16:53:38 +02:00
Quentin Gliech
438a10332a Add the user_id directly on oauth2_sessions and make the scope a text list 2023-08-29 12:52:24 +02:00
Quentin Gliech
d9a12de8a3 Save the authentication method on each authorization 
This will help us logging out of the upstream.
 2023-08-28 17:14:59 +02:00
Quentin Gliech
096386e9b9 Save the application_type and the contacts in the OAuth 2.0 clients 
This also removes the dedicated "redirect_uris" table and makes it a field of the "oauth2_clients" table
 2023-08-28 14:41:49 +02:00
Quentin Gliech
9289922dfb Grab a database lock when syncing the config 
Fixes #1475
 2023-08-25 15:48:47 +02:00
Quentin Gliech
652a2784ce Remove the pgcrypto extension requirement 
Fixes #1557
 2023-08-23 18:46:45 +02:00
Quentin Gliech
cc2bce7b03 Show and log the policy violations better 2023-08-03 14:06:34 +02:00
Quentin Gliech
182df73578 storage-pg: add tests for user locking 2023-08-03 14:06:34 +02:00
Quentin Gliech
40b49cdd10 Add a way to lock users 2023-08-03 14:06:34 +02:00
Quentin Gliech
e79da4a949 Bump Rust dependencies and remove unused ones 2023-07-27 17:23:08 +02:00
Quentin Gliech
bbc50edb60 Better upstream OAuth links pagination and filtering 2023-07-21 19:50:30 +02:00
Quentin Gliech
517438471c Better upstream OAuth provider pagination and filtering 2023-07-21 19:50:30 +02:00
Quentin Gliech
6767c93a75 Better OAuth 2.0 sessions pagination and filtering 2023-07-21 19:50:30 +02:00
Quentin Gliech
59c79276bc Fix doc generation by removing mentions of LookupResultExt::to_option 2023-07-21 19:50:30 +02:00
Quentin Gliech
a75a53cc24 Better user emails pagination and filtering 2023-07-21 19:50:30 +02:00
Quentin Gliech
12ad572db8 Better SSO login pagination and filtering 2023-07-21 19:50:30 +02:00
Quentin Gliech
24b29498a7 Better compatibility sessions pagination and filtering 2023-07-21 19:50:30 +02:00
Quentin Gliech
b60121346f mas-storage-pg: use fetch_optional instead of fetch_one and matching on the error 2023-07-21 19:50:30 +02:00
Quentin Gliech
802cf142fd Remove the last authentication from the browser session model 2023-07-21 19:50:30 +02:00
Quentin Gliech
7e82ae845c WIP: use sea-query for dynamic paginated queries 2023-07-21 19:50:30 +02:00
Quentin Gliech
ca520dfd9a frontend: Show all compatibilities sessions, not just SSO logins 
Also cleans up a bunch of things in the frontend
 2023-07-06 18:12:34 +02:00
Quentin Gliech
4f8b87fbfe Apply cargo fmt following changes in nightly rustfmt 
rustfmt now formats `let … else { … }` expressions
 2023-07-03 14:50:59 +02:00
Quentin Gliech
dec9310a32 Sync the OAuth2 clients with CLI and remove redundant CLI tools 2023-06-26 17:24:56 +02:00
Quentin Gliech
9caf6251b5 Ensure we're deleting rows in related tables when deleting upstream providers 2023-06-26 17:24:56 +02:00
Quentin Gliech
de13d3ef19 CLI tool to sync the upstream IDPs with the config 2023-06-26 17:24:56 +02:00
Quentin Gliech
9d5c2a40a1 Pass the claims import preferences on the storage layer 2023-06-26 17:24:56 +02:00
Quentin Gliech
c183830489 Ground work to import upstream OIDC claims on registration. 2023-06-26 17:24:56 +02:00
Quentin Gliech
2a514cf452 Add a admin flag to the compatibility session 
Also adds a CLI tool to issue a compatibility token.
 2023-06-16 15:24:38 +02:00
Quentin Gliech
3979e9f46a Update Rust to 1.69.0 2023-04-24 11:42:01 +02:00
Quentin Gliech
1f748f7d1e Schedule jobs through the repository 2023-04-14 10:22:22 +02:00
Quentin Gliech
f2d5f26e86 Fix the session list paginated query 
It was broken, and not covered by tests. Both are fixed now.
 2023-03-15 19:51:30 +01:00
Quentin Gliech
17471c651e handlers: add tests for the token endpoint 
This also simplifies the way we issue tokens in tests
 2023-02-22 19:38:01 +01:00
Quentin Gliech
6ad8b82a35 storage{,-pg}: better documentation of both crates 2023-01-26 18:13:14 +01:00
Quentin Gliech
0bf1a1998e storage-pg: add tests for most remaining repositories 
Also fixes all the list_paginated() repository methods
 2023-01-26 15:51:53 +01:00
Quentin Gliech
3f4ad789bf storage-pg: write tests for the OAuth2 repositories 2023-01-25 17:24:34 +01:00
Quentin Gliech
90dbc5d6ff storage: document all the repository traits and methods 2023-01-25 16:09:36 +01:00
Quentin Gliech
d14ca156ad storage: split the repository trait 2023-01-24 16:05:14 +01:00
Quentin Gliech
a9facab131 Box the repository everywhere 2023-01-20 17:53:04 +01:00