matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-08-07 17:03:01 +03:00
Code Activity
2,847 Commits 59 Branches 22 Tags
rei/rate_limiting_configuration
Commit Graph

1563 Commits

Author SHA1 Message Date
dependabot[bot]
fa1752e4be build(deps): bump itertools from 0.12.1 to 0.13.0 
Bumps [itertools](https://github.com/rust-itertools/itertools) from 0.12.1 to 0.13.0.
- [Changelog](https://github.com/rust-itertools/itertools/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-itertools/itertools/compare/v0.12.1...v0.13.0)

---
updated-dependencies:
- dependency-name: itertools
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 12:46:21 +02:00
dependabot[bot]
a9cf0c33c8 build(deps): bump serde_with from 3.8.1 to 3.8.2 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.8.1 to 3.8.2.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.8.1...v3.8.2)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 12:35:29 +02:00
dependabot[bot]
0aca818be2 build(deps): bump insta from 1.38.0 to 1.39.0 
Bumps [insta](https://github.com/mitsuhiko/insta) from 1.38.0 to 1.39.0.
- [Release notes](https://github.com/mitsuhiko/insta/releases)
- [Changelog](https://github.com/mitsuhiko/insta/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mitsuhiko/insta/compare/1.38.0...1.39.0)

---
updated-dependencies:
- dependency-name: insta
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 12:35:15 +02:00
Quentin Gliech
12623233b2 Use a released version of opa-wasm 2024-07-01 12:35:08 +02:00
dependabot[bot]
9a65655b40 build(deps): bump bitflags from 2.5.0 to 2.6.0 
Bumps [bitflags](https://github.com/bitflags/bitflags) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/bitflags/bitflags/releases)
- [Changelog](https://github.com/bitflags/bitflags/blob/main/CHANGELOG.md)
- [Commits](https://github.com/bitflags/bitflags/compare/2.5.0...2.6.0)

---
updated-dependencies:
- dependency-name: bitflags
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 10:38:29 +02:00
dependabot[bot]
5339b19f38 build(deps): bump event-listener from 5.3.0 to 5.3.1 
Bumps [event-listener](https://github.com/smol-rs/event-listener) from 5.3.0 to 5.3.1.
- [Release notes](https://github.com/smol-rs/event-listener/releases)
- [Changelog](https://github.com/smol-rs/event-listener/blob/master/CHANGELOG.md)
- [Commits](https://github.com/smol-rs/event-listener/compare/v5.3.0...v5.3.1)

---
updated-dependencies:
- dependency-name: event-listener
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 10:35:46 +02:00
Quentin Gliech
4bc425b415 Use re-exported wasmtime to avoid dependencies conflicts 2024-07-01 10:20:33 +02:00
dependabot[bot]
78c8ff3916 build(deps): bump regex from 1.10.4 to 1.10.5 
Bumps [regex](https://github.com/rust-lang/regex) from 1.10.4 to 1.10.5.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.4...1.10.5)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-29 05:41:05 +02:00
dependabot[bot]
c7b40baf9a build(deps): bump uuid from 1.8.0 to 1.9.1 
Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.8.0 to 1.9.1.
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](https://github.com/uuid-rs/uuid/compare/1.8.0...1.9.1)

---
updated-dependencies:
- dependency-name: uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-28 19:07:56 +02:00
dependabot[bot]
97ffc1dd10 build(deps): bump writeable from 0.5.4 to 0.5.5 
Bumps [writeable](https://github.com/unicode-org/icu4x) from 0.5.4 to 0.5.5.
- [Release notes](https://github.com/unicode-org/icu4x/releases)
- [Changelog](https://github.com/unicode-org/icu4x/blob/main/CHANGELOG.md)
- [Commits](https://github.com/unicode-org/icu4x/commits)

---
updated-dependencies:
- dependency-name: writeable
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-28 18:44:54 +02:00
dependabot[bot]
e7afd0ac53 build(deps): bump libc from 0.2.154 to 0.2.155 
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.154 to 0.2.155.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.154...0.2.155)

---
updated-dependencies:
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-28 18:35:29 +02:00
Quentin Gliech
c37fcfd786 Bump the other opentelemetry crates 2024-06-28 17:22:02 +02:00
dependabot[bot]
438ac63ce3 build(deps): bump the opentelemetry group with 5 updates 
Bumps the opentelemetry group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [opentelemetry-jaeger-propagator](https://github.com/open-telemetry/opentelemetry-rust) | `0.1.0` | `0.2.0` |
| [opentelemetry-otlp](https://github.com/open-telemetry/opentelemetry-rust) | `0.15.0` | `0.16.0` |
| [opentelemetry-prometheus](https://github.com/open-telemetry/opentelemetry-rust) | `0.15.0` | `0.16.0` |
| [opentelemetry-stdout](https://github.com/open-telemetry/opentelemetry-rust) | `0.3.0` | `0.4.0` |
| [opentelemetry_sdk](https://github.com/open-telemetry/opentelemetry-rust) | `0.22.1` | `0.23.0` |


Updates `opentelemetry-jaeger-propagator` from 0.1.0 to 0.2.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-rust/releases)
- [Commits](https://github.com/open-telemetry/opentelemetry-rust/compare/opentelemetry-jaeger-propagator-0.1.0...opentelemetry-jaeger-propagator-0.2.0)

Updates `opentelemetry-otlp` from 0.15.0 to 0.16.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-rust/releases)
- [Commits](https://github.com/open-telemetry/opentelemetry-rust/compare/opentelemetry-otlp-0.15.0...opentelemetry-otlp-0.16.0)

Updates `opentelemetry-prometheus` from 0.15.0 to 0.16.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-rust/releases)
- [Commits](https://github.com/open-telemetry/opentelemetry-rust/compare/opentelemetry-prometheus-0.15.0...opentelemetry-prometheus-0.16.0)

Updates `opentelemetry-stdout` from 0.3.0 to 0.4.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-rust/releases)
- [Commits](https://github.com/open-telemetry/opentelemetry-rust/compare/opentelemetry-stdout-0.3.0...opentelemetry-stdout-0.4.0)

Updates `opentelemetry_sdk` from 0.22.1 to 0.23.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-rust/releases)
- [Commits](https://github.com/open-telemetry/opentelemetry-rust/compare/v0.22.1...opentelemetry-0.23.0)

---
updated-dependencies:
- dependency-name: opentelemetry-jaeger-propagator
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
- dependency-name: opentelemetry-otlp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
- dependency-name: opentelemetry-prometheus
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
- dependency-name: opentelemetry-stdout
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
- dependency-name: opentelemetry_sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-28 17:22:02 +02:00
Quentin Gliech
8e0bfa73f0 Make the b64decode filter try multiple base64 encoding variants 2024-06-28 17:10:13 +02:00
Quentin Gliech
756f2c01f8 Separate error page when the recovery link was already used 2024-06-28 15:59:21 +02:00
Quentin Gliech
96df94104e Show a proper 'link expired' page 2024-06-28 15:59:21 +02:00
Quentin Gliech
f9f2f4a3be Gate account recovery behing a configuration flag 2024-06-28 15:59:21 +02:00
Quentin Gliech
09fca9fd75 Implement the password change form 2024-06-28 15:59:21 +02:00
Quentin Gliech
d633d33ab2 Allow re-sending emails for a recovery session 2024-06-28 15:59:21 +02:00
Quentin Gliech
2e4d868385 Recovery progress page 2024-06-28 15:59:21 +02:00
Quentin Gliech
c156a3891e Actually send emails for recovery 2024-06-28 15:59:21 +02:00
Quentin Gliech
4a60f5d32f Job to generate codes for all emails in a recovery session 2024-06-28 15:59:21 +02:00
Quentin Gliech
b2ee5de050 storage: Add an email filter on the user email list 2024-06-28 15:59:21 +02:00
Quentin Gliech
319c43abc5 Start recovery view 2024-06-28 15:59:21 +02:00
Quentin Gliech
43582e7eca Data model and repository for the user recovery flow 2024-06-28 15:59:21 +02:00
dependabot[bot]
ec6cd4fe34 build(deps): bump psl from 2.1.37 to 2.1.48 
Bumps [psl](https://github.com/addr-rs/psl) from 2.1.37 to 2.1.48.
- [Release notes](https://github.com/addr-rs/psl/releases)
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.37...v2.1.48)

---
updated-dependencies:
- dependency-name: psl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-28 15:29:18 +02:00
reivilibre
7c67630c95 Remove the old password change page (#2874) 2024-06-27 13:41:24 +01:00
reivilibre
aaa7cf3fe9 Add Self-service Password Change (#2863) 
Co-authored-by: Quentin Gliech <quenting@element.io>
 2024-06-25 13:25:33 +00:00
reivilibre
121966ccce GraphQL API: Add password_change_allowed to SiteConfig (#2857) 2024-06-20 15:16:50 +01:00
Quentin Gliech
90fc8e842a Fix param name in error messages on the compatibility SSO login errors 2024-06-18 18:06:00 +02:00
Quentin Gliech
8a3b7f79f3 Inject custom Jinja2 environment when rendering the subject template 
This was missing when rendering the subject for upstream OAuth 2.0
callbacks.
 2024-06-18 18:05:43 +02:00
reivilibre
49e8fe57f4 Improve errors when MAS contacts the Synapse homeserver (#2794) 
* Add some drive-by docstrings

* Change text rendering of catch_http_codes::HttpError

Using `#[source]` is unnatural here because it makes it look like
two distinct errors (one being a cause of the other),
when in reality it is just one error, with 2 parts.

Using `Display` formatting for that leads to a more natural error.

* Add constraints to `catch_http_code{,s}` methods

Not strictly required, but does two things:

- documents what kind of function is expected
- provides a small extra amount of type enforcement at the call site,
  rather than later on when you find the result doesn't implement Service

* Add a `catch_http_errors` shorthand

Nothing major, just a quality of life improvement so you don't have to
repetitively write out what a HTTP error is

* Unexpected error page: remove leading whitespace from preformatted 'details' section

The extra whitespace was probably unintentional and makes the error harder to read,
particularly when it wraps onto a new line unnecessarily

* Capture and log Matrix errors received from Synapse

* Drive-by clippy fix: use clamp instead of min().max()

* Convert `err(Display)` to `err(Debug)` for `anyhow::Error`s in matrix-synapse support module
 2024-06-07 11:14:04 +00:00
reivilibre
d76b54b13f Add a setPassword GraphQL mutation for setting a user's password (#2820) 
* Feed `PasswordManager` through to the GraphQL `State`

* Add `setPassword` GraphQL mutation to update a user's password
 2024-06-05 18:04:17 +01:00
Kévin Commaille
fa0dec737b Use headers API 
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
 2024-05-30 10:52:53 +02:00
Kévin Commaille
683516bb66 Allow parameters in UserInfo endpoint's response's content-type 
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
 2024-05-30 10:52:53 +02:00
reivilibre
206d45bb31 Merge the mas_graphql crate into the mas_handlers crate (#2783) 2024-05-17 17:22:34 +01:00
Olivier 'reivilibre
37a10aea96 Use Reverse() helper instead of sorting then reversing 2024-05-16 16:39:57 +02:00
Olivier 'reivilibre
d20b0a04fe 'migration' -> 'database migration' in startup output 2024-05-16 16:39:57 +02:00
Olivier 'reivilibre
f8bfad37a1 Fix typos in doctor command output 2024-05-16 16:39:57 +02:00
Quentin Gliech
d061d7f6b3 Move tokio to a workspace dependency 2024-05-15 14:54:34 +02:00
Quentin Gliech
098f7fba03 Move async-graphql to workspace deps & disable apollo tracing 2024-05-15 14:54:34 +02:00
Quentin Gliech
c8e074c8e2 Don't panic when the repository fails on the introspection endpoint 2024-05-15 14:15:11 +02:00
Quentin Gliech
359da66b88 Display a user-friendly error on CAPTCHA failures 2024-05-15 09:38:10 +02:00
Quentin Gliech
e4d6bbee14 Disable hCaptcha compatibility with reCAPTCHA 2024-05-15 09:38:10 +02:00
Quentin Gliech
4d9d8a8ba3 Actually verify the CAPTCHA during registration 2024-05-15 09:38:10 +02:00
Quentin Gliech
0e270d5449 hCaptcha support 2024-05-15 09:38:10 +02:00
Quentin Gliech
f9ae7ae313 Cloudflare Turnstile support 2024-05-15 09:38:10 +02:00
Quentin Gliech
a3beeb2398 Render reCAPTCHA challenge on the registration form 2024-05-15 09:38:10 +02:00
dependabot[bot]
5ed10e0e06 build(deps): bump wasmtime from 20.0.1 to 20.0.2 
Bumps [wasmtime](https://github.com/bytecodealliance/wasmtime) from 20.0.1 to 20.0.2.
- [Release notes](https://github.com/bytecodealliance/wasmtime/releases)
- [Changelog](https://github.com/bytecodealliance/wasmtime/blob/main/docs/WASI-some-possible-changes.md)
- [Commits](https://github.com/bytecodealliance/wasmtime/compare/v20.0.1...v20.0.2)

---
updated-dependencies:
- dependency-name: wasmtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-10 10:20:37 +02:00
dependabot[bot]
036a778af6 build(deps): bump rustls-pki-types from 1.5.0 to 1.7.0 
Bumps [rustls-pki-types](https://github.com/rustls/pki-types) from 1.5.0 to 1.7.0.
- [Release notes](https://github.com/rustls/pki-types/releases)
- [Commits](https://github.com/rustls/pki-types/compare/v/1.5.0...v/1.7.0)

---
updated-dependencies:
- dependency-name: rustls-pki-types
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-10 10:20:28 +02:00