matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-21 23:00:50 +03:00
Code Activity
1,586 Commits 59 Branches 22 Tags
096386e9b9ba7c6cd1fb298ec8b5ab72a8466811
Commit Graph

31 Commits

Author SHA1 Message Date
Quentin Gliech
de13d3ef19 CLI tool to sync the upstream IDPs with the config 2023-06-26 17:24:56 +02:00
Quentin Gliech
c183830489 Ground work to import upstream OIDC claims on registration. 2023-06-26 17:24:56 +02:00
Quentin Gliech
83cb9158a0 Fix clippy errors 2023-03-14 10:47:35 +01:00
Quentin Gliech
9f0c9f1466 storage: cleanup access/refresh token lookups 2023-01-11 12:14:52 +01:00
Quentin Gliech
920869b583 storage: do less joins in compat sessions 2023-01-10 18:49:35 +01:00
Quentin Gliech
35787aa072 data-model: have more structs use a state machine 2023-01-09 18:02:32 +01:00
Quentin Gliech
39cd9a2578 data-model: don't embed the client in the auth grant 2023-01-09 10:49:51 +01:00
Quentin Gliech
533cabe005 Use the new password manager 2022-12-14 16:04:36 +01:00
Quentin Gliech
12ce2a3d04 data-model: simplify the authorization grants and sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech
bedcf44741 WIP: upstream OIDC provider support 2022-12-05 19:39:51 +01:00
Quentin Gliech
c1ed726dc8 Enable the clippy::str_to_string lint 2022-08-08 10:06:20 +02:00
Quentin Gliech
649e5cd645 Move the PKCE validation logic to oauth2-types 2022-08-03 13:57:31 +02:00
Quentin Gliech
372b32a780 Make PKCE implementation compliant with RFC7636 
This checks for the PKCE code_verifier length as well as the characters
used. It also give better errors when the PKCE verifier is invalid.

Fixes #316
 2022-08-03 13:57:31 +02:00
Quentin Gliech
4870d1e899 Fix some false-positive clippy lints 
Those were introduced in clippy 1.62 (under clippy::pedantic) and are in
proc-macro generated code
 2022-07-01 16:36:35 +02:00
Quentin Gliech
033d60eb73 Legacy login via m.login.sso 2022-05-23 10:42:25 +02:00
Quentin Gliech
309c89fc4f Handle legacy token expiration & refresh tokens 2022-05-19 10:17:49 +02:00
Quentin Gliech
c4fa87e457 Better data-model for compat sessions & devices 2022-05-19 10:17:49 +02:00
Quentin Gliech
1aff98bdb3 Working legacy login endpoint 2022-05-19 10:17:49 +02:00
Quentin Gliech
185562c866 Form error state overhaul 
This adds a new FormState structure here to hold the state of an errored
from, including retaining field value and better error codes.

It also adds error recovery for the registration form, and properly
loads the post_login_action context in case of errors.
 2022-05-12 13:35:58 +02:00
Quentin Gliech
7a4dbd2910 Rewrite authorization code grant callback logic 2022-05-04 16:36:59 +02:00
Quentin Gliech
62f633a716 Move clients to the database 2022-03-08 19:07:46 +01:00
Quentin Gliech
a45381828c Loads of docs & enabling more clippy lints 2022-02-01 12:02:32 +01:00
Quentin Gliech
54e9dc0712 Database model to save user email verification codes 2022-01-21 17:41:11 +01:00
Quentin Gliech
565f5cda1b Save user emails in database 2022-01-14 18:42:37 +01:00
Quentin Gliech
2f97ca685d Split the core crate 2021-12-17 18:04:30 +01:00
Quentin Gliech
c4a979245b Move to Rust edition 2021 
Also bump MSRV to 1.56 and use the same clippy lints in every crate
 2021-12-09 22:54:35 +01:00
Quentin Gliech
a4e9ad3d0b Split the data-model in different modules 2021-11-02 12:58:13 +01:00
Quentin Gliech
004821f4f2 Refactor authorization grant 
The authorization grant is now properly separated from the OAuth2
session, which helps avoiding a lot of potential database
inconsistencies
 2021-10-25 17:27:19 -04:00
Quentin Gliech
4307276b0e Refactor DB interactions for OAuth code and tokens 
This ensures complex types like scopes are properly parsed back from the
database.
 2021-10-19 20:08:08 +02:00
Quentin Gliech
026bc47c27 Move templates to their own crate 2021-10-18 17:40:25 +02:00
Quentin Gliech
b3587c677c WIP: Refactor higher-level data-model to its own crate 2021-10-12 19:03:01 +02:00