matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-21 23:00:50 +03:00
Code Activity
1,854 Commits 59 Branches 22 Tags
02b136e34de4ac4356f53345dba3e738a3e81aba
Commit Graph

1185 Commits

Author SHA1 Message Date
Quentin Gliech
071055ad18 Embed the default policy in the binary 2022-06-03 13:37:20 +02:00
Quentin Gliech
a2b53f0395 Run OPA policies during registration 2022-06-03 13:37:20 +02:00
Quentin Gliech
9ebff410d1 Generate spans for policy evaluations 2022-06-03 13:37:20 +02:00
Quentin Gliech
aab1f49374 Support for applying OPA policies during client registration 2022-06-03 13:37:20 +02:00
dependabot[bot]
959466a5ba Bump serde_with from 1.13.0 to 1.14.0 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v1.13.0...v1.14.0)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-02 16:29:41 +02:00
dependabot[bot]
7cba5f7e67 Bump hyper from 0.14.18 to 0.14.19 
Bumps [hyper](https://github.com/hyperium/hyper) from 0.14.18 to 0.14.19.
- [Release notes](https://github.com/hyperium/hyper/releases)
- [Changelog](https://github.com/hyperium/hyper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/hyper/compare/v0.14.18...v0.14.19)

---
updated-dependencies:
- dependency-name: hyper
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-02 16:29:30 +02:00
dependabot[bot]
59e338102b Bump cssnano from 5.1.9 to 5.1.10 in /crates/static-files 
Bumps [cssnano](https://github.com/cssnano/cssnano) from 5.1.9 to 5.1.10.
- [Release notes](https://github.com/cssnano/cssnano/releases)
- [Commits](https://github.com/cssnano/cssnano/compare/cssnano@5.1.9...cssnano@5.1.10)

---
updated-dependencies:
- dependency-name: cssnano
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-02 16:29:19 +02:00
Quentin Gliech
e0c4b39482 Add an email field in the registration form 2022-06-02 16:18:55 +02:00
Quentin Gliech
f88ff5517d Update sqlx-data.json 2022-06-02 16:18:55 +02:00
Quentin Gliech
125afd61c0 Make email verification mandatory 2022-06-02 16:18:55 +02:00
Quentin Gliech
89597dbf81 Switch email verification to a code-based flow 2022-06-02 16:18:55 +02:00
Hugh Nimmo-Smith
35fa7c732a Implementation of MSC3824 actions for compat (#221) 
Co-authored-by: Quentin Gliech <quenting@element.io>
 2022-05-31 09:49:52 +00:00
dependabot[bot]
0a32ba3431 Bump once_cell from 1.11.0 to 1.12.0 
Bumps [once_cell](https://github.com/matklad/once_cell) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/matklad/once_cell/releases)
- [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md)
- [Commits](https://github.com/matklad/once_cell/compare/v1.11.0...v1.12.0)

---
updated-dependencies:
- dependency-name: once_cell
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-23 22:46:53 +02:00
dependabot[bot]
6a8e069618 Bump http-body from 0.4.4 to 0.4.5 
Bumps [http-body](https://github.com/hyperium/http-body) from 0.4.4 to 0.4.5.
- [Release notes](https://github.com/hyperium/http-body/releases)
- [Changelog](https://github.com/hyperium/http-body/blob/v0.4.5/CHANGELOG.md)
- [Commits](https://github.com/hyperium/http-body/compare/v0.4.4...v0.4.5)

---
updated-dependencies:
- dependency-name: http-body
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-23 22:01:21 +02:00
dependabot[bot]
9229f36809 Bump cssnano from 5.1.8 to 5.1.9 in /crates/static-files 
Bumps [cssnano](https://github.com/cssnano/cssnano) from 5.1.8 to 5.1.9.
- [Release notes](https://github.com/cssnano/cssnano/releases)
- [Commits](https://github.com/cssnano/cssnano/compare/cssnano@5.1.8...cssnano@5.1.9)

---
updated-dependencies:
- dependency-name: cssnano
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-23 21:43:05 +02:00
Quentin Gliech
bfc20b6faa Have a better error on registration if the username is already taken 2022-05-23 14:36:38 +02:00
dependabot[bot]
dd8eea7da3 Bump once_cell from 1.10.0 to 1.11.0 
Bumps [once_cell](https://github.com/matklad/once_cell) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/matklad/once_cell/releases)
- [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md)
- [Commits](https://github.com/matklad/once_cell/compare/v1.10.0...v1.11.0)

---
updated-dependencies:
- dependency-name: once_cell
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-23 10:42:52 +02:00
Quentin Gliech
f05bd80e14 Advertise m.login.token as compat login method 2022-05-23 10:42:25 +02:00
Quentin Gliech
99ac59bc5d Make the sign out buttons keep the current action context 2022-05-23 10:42:25 +02:00
Quentin Gliech
af4f01b769 Check timings when validating an SSO login 
- exchanging a token twice should not work
 - exchanging a token more than 30s after its fullfillment should not
   work
 - exchanging a pending token should not work
 - fullfilling a login more than 30min after its creation should not
   work
 - also have better errors in some cases
 2022-05-23 10:42:25 +02:00
Quentin Gliech
7ce0d894f7 Perform some checks on the redirectUrl 2022-05-23 10:42:25 +02:00
Quentin Gliech
1d61a94da4 Have a consent screen before continuing the SSO login 2022-05-23 10:42:25 +02:00
Quentin Gliech
033d60eb73 Legacy login via m.login.sso 2022-05-23 10:42:25 +02:00
Quentin Gliech
57e16e217d Upgrade AWS crates 2022-05-19 10:23:40 +02:00
dependabot[bot]
8e731c49d9 Bump axum-extra from 0.3.2 to 0.3.3 
Bumps [axum-extra](https://github.com/tokio-rs/axum) from 0.3.2 to 0.3.3.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-extra-v0.3.2...axum-extra-v0.3.3)

---
updated-dependencies:
- dependency-name: axum-extra
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-19 10:22:57 +02:00
Quentin Gliech
0fcecfa7fb Handle legacy /refresh 2022-05-19 10:17:49 +02:00
Quentin Gliech
309c89fc4f Handle legacy token expiration & refresh tokens 2022-05-19 10:17:49 +02:00
Quentin Gliech
c4fa87e457 Better data-model for compat sessions & devices 2022-05-19 10:17:49 +02:00
Quentin Gliech
33204b7cf8 Prepare the storage layer for legacy refresh tkoens 2022-05-19 10:17:49 +02:00
Quentin Gliech
076d4b8d13 Split compat and api routers 2022-05-19 10:17:49 +02:00
Quentin Gliech
01cdb9a02a Appease cargo fmt 2022-05-19 10:17:49 +02:00
Quentin Gliech
660b2d5232 Handle legacy /logout 2022-05-19 10:17:49 +02:00
Quentin Gliech
1aff98bdb3 Working legacy login endpoint 2022-05-19 10:17:49 +02:00
Quentin Gliech
1ebdd0b731 WIP: Handle /login 2022-05-19 10:17:49 +02:00
dependabot[bot]
0527af073d Bump postcss from 8.4.13 to 8.4.14 in /crates/static-files 
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.13 to 8.4.14.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.13...8.4.14)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-19 09:42:53 +02:00
dependabot[bot]
05ee73725f Bump @tailwindcss/forms from 0.5.1 to 0.5.2 in /crates/static-files 
Bumps [@tailwindcss/forms](https://github.com/tailwindlabs/tailwindcss-forms) from 0.5.1 to 0.5.2.
- [Release notes](https://github.com/tailwindlabs/tailwindcss-forms/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss-forms/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss-forms/compare/v0.5.1...v0.5.2)

---
updated-dependencies:
- dependency-name: "@tailwindcss/forms"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-19 09:02:53 +02:00
dependabot[bot]
31ff47ef2a Bump rustls from 0.20.5 to 0.20.6 
Bumps [rustls](https://github.com/rustls/rustls) from 0.20.5 to 0.20.6.
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/RELEASE_NOTES.md)
- [Commits](https://github.com/rustls/rustls/compare/v/0.20.5...v/0.20.6)

---
updated-dependencies:
- dependency-name: rustls
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-19 09:02:46 +02:00
dependabot[bot]
b288b32011 Bump axum-macros from 0.2.1 to 0.2.2 
Bumps [axum-macros](https://github.com/tokio-rs/axum) from 0.2.1 to 0.2.2.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-macros-v0.2.1...axum-macros-v0.2.2)

---
updated-dependencies:
- dependency-name: axum-macros
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-19 09:02:17 +02:00
dependabot[bot]
17c2e34ab8 Bump rustls from 0.20.4 to 0.20.5 
Bumps [rustls](https://github.com/rustls/rustls) from 0.20.4 to 0.20.5.
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/RELEASE_NOTES.md)
- [Commits](https://github.com/rustls/rustls/compare/v/0.20.4...v/0.20.5)

---
updated-dependencies:
- dependency-name: rustls
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-18 09:47:05 +02:00
dependabot[bot]
7d404cf349 Bump schemars from 0.8.9 to 0.8.10 
Bumps [schemars](https://github.com/GREsau/schemars) from 0.8.9 to 0.8.10.
- [Release notes](https://github.com/GREsau/schemars/releases)
- [Changelog](https://github.com/GREsau/schemars/blob/master/CHANGELOG.md)
- [Commits](https://github.com/GREsau/schemars/compare/v0.8.9...v0.8.10)

---
updated-dependencies:
- dependency-name: schemars
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-18 09:46:58 +02:00
dependabot[bot]
2ee78c4955 Bump cssnano from 5.1.7 to 5.1.8 in /crates/static-files 
Bumps [cssnano](https://github.com/cssnano/cssnano) from 5.1.7 to 5.1.8.
- [Release notes](https://github.com/cssnano/cssnano/releases)
- [Commits](https://github.com/cssnano/cssnano/compare/cssnano@5.1.7...cssnano@5.1.8)

---
updated-dependencies:
- dependency-name: cssnano
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-18 09:46:22 +02:00
dependabot[bot]
cf72728fb3 Bump schemars from 0.8.8 to 0.8.9 
Bumps [schemars](https://github.com/GREsau/schemars) from 0.8.8 to 0.8.9.
- [Release notes](https://github.com/GREsau/schemars/releases)
- [Changelog](https://github.com/GREsau/schemars/blob/master/CHANGELOG.md)
- [Commits](https://github.com/GREsau/schemars/compare/v0.8.8...v0.8.9)

---
updated-dependencies:
- dependency-name: schemars
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-17 17:45:04 +02:00
dependabot[bot]
1129448e59 Bump axum from 0.5.5 to 0.5.6 
Bumps [axum](https://github.com/tokio-rs/axum) from 0.5.5 to 0.5.6.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-v0.5.5...axum-v0.5.6)

---
updated-dependencies:
- dependency-name: axum
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-17 17:42:34 +02:00
dependabot[bot]
ae7392218a Bump axum-extra from 0.3.1 to 0.3.2 
Bumps [axum-extra](https://github.com/tokio-rs/axum) from 0.3.1 to 0.3.2.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-extra-v0.3.1...axum-extra-v0.3.2)

---
updated-dependencies:
- dependency-name: axum-extra
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-17 17:05:26 +02:00
Quentin Gliech
bf1d96fc23 Add password change discovery 
See https://web.dev/change-password-url/
 2022-05-12 15:06:37 +02:00
Quentin Gliech
a6f931840c Add autocomplete attributes to form fields 2022-05-12 14:59:53 +02:00
Quentin Gliech
185562c866 Form error state overhaul 
This adds a new FormState structure here to hold the state of an errored
from, including retaining field value and better error codes.

It also adds error recovery for the registration form, and properly
loads the post_login_action context in case of errors.
 2022-05-12 13:35:58 +02:00
dependabot[bot]
1a76bfe558 Bump clap from 3.1.17 to 3.1.18 
Bumps [clap](https://github.com/clap-rs/clap) from 3.1.17 to 3.1.18.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v3.1.17...v3.1.18)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-11 22:28:01 +02:00
dependabot[bot]
148a758cf3 Bump axum-extra from 0.3.0 to 0.3.1 
Bumps [axum-extra](https://github.com/tokio-rs/axum) from 0.3.0 to 0.3.1.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-extra-v0.3.0...axum-extra-v0.3.1)

---
updated-dependencies:
- dependency-name: axum-extra
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-11 10:51:02 +02:00
dependabot[bot]
4e3006d78d Bump axum from 0.5.4 to 0.5.5 
Bumps [axum](https://github.com/tokio-rs/axum) from 0.5.4 to 0.5.5.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-v0.5.4...axum-v0.5.5)

---
updated-dependencies:
- dependency-name: axum
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-11 10:13:20 +02:00