matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00
Code Activity
1,555 Commits 59 Branches 22 Tags
105f6e980867ea9a23dc8f0624dba25dc464f94f
Commit Graph

468 Commits

Author SHA1 Message Date
dependabot[bot]
88b52a41ba build(deps): bump time from 0.3.25 to 0.3.27 
Bumps [time](https://github.com/time-rs/time) from 0.3.25 to 0.3.27.
- [Release notes](https://github.com/time-rs/time/releases)
- [Changelog](https://github.com/time-rs/time/blob/main/CHANGELOG.md)
- [Commits](https://github.com/time-rs/time/compare/v0.3.25...v0.3.27)

---
updated-dependencies:
- dependency-name: time
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-23 19:39:47 +02:00
dependabot[bot]
6a2f1367d1 build(deps): bump serde_with from 3.2.0 to 3.3.0 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.2.0...v3.3.0)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-23 16:05:37 +02:00
dependabot[bot]
34ed7e505d build(deps): bump async-graphql from 6.0.1 to 6.0.4 
Bumps [async-graphql](https://github.com/async-graphql/async-graphql) from 6.0.1 to 6.0.4.
- [Release notes](https://github.com/async-graphql/async-graphql/releases)
- [Changelog](https://github.com/async-graphql/async-graphql/blob/master/CHANGELOG.md)
- [Commits](https://github.com/async-graphql/async-graphql/commits)

---
updated-dependencies:
- dependency-name: async-graphql
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-23 12:04:08 +02:00
dependabot[bot]
1ef1db2ae1 build(deps): bump tokio from 1.30.0 to 1.32.0 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.30.0 to 1.32.0.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.30.0...tokio-1.32.0)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-23 12:02:56 +02:00
Quentin Gliech
7c83dce66e Move some common dependencies on the workspace level 
Also deprecates the AWS SESv2 transport for emails
 2023-08-14 13:00:01 +02:00
Quentin Gliech
21964cbeab Setup cargo-deny 
Also try to remove a bunch of duplicate crates
 2023-08-14 11:22:52 +02:00
Quentin Gliech
699dfba55f OpenTelemetry upgrade 2023-08-11 16:12:58 +02:00
dependabot[bot]
6e8222c765 build(deps): bump the opentelemetry group with 7 updates 
Bumps the opentelemetry group with 7 updates:

| Package | Update |
| --- | --- |
| [tracing-opentelemetry](https://github.com/tokio-rs/tracing-opentelemetry) | 0.19.0 to 0.20.0 |
| [opentelemetry](https://github.com/open-telemetry/opentelemetry-rust) | 0.19.0 to 0.20.0 |
| [opentelemetry-semantic-conventions](https://github.com/open-telemetry/opentelemetry-rust) | 0.11.0 to 0.12.0 |
| [opentelemetry-jaeger](https://github.com/open-telemetry/opentelemetry-rust) | 0.18.0 to 0.19.0 |
| [opentelemetry-otlp](https://github.com/open-telemetry/opentelemetry-rust) | 0.12.0 to 0.13.0 |
| [opentelemetry-http](https://github.com/open-telemetry/opentelemetry-rust) | 0.8.0 to 0.9.0 |
| [opentelemetry-prometheus](https://github.com/open-telemetry/opentelemetry-rust) | 0.12.0 to 0.13.0 |


Updates `tracing-opentelemetry` from 0.19.0 to 0.20.0
- [Release notes](https://github.com/tokio-rs/tracing-opentelemetry/releases)
- [Changelog](https://github.com/tokio-rs/tracing-opentelemetry/blob/v0.1.x/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/tracing-opentelemetry/compare/v0.19.0...v0.20.0)

Updates `opentelemetry` from 0.19.0 to 0.20.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-rust/releases)
- [Commits](https://github.com/open-telemetry/opentelemetry-rust/compare/v0.19.0...v0.20.0)

Updates `opentelemetry-semantic-conventions` from 0.11.0 to 0.12.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-rust/releases)
- [Commits](https://github.com/open-telemetry/opentelemetry-rust/compare/v0.11.0...v0.12.0)

Updates `opentelemetry-jaeger` from 0.18.0 to 0.19.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-rust/releases)
- [Commits](https://github.com/open-telemetry/opentelemetry-rust/compare/v0.18.0...v0.19.0)

Updates `opentelemetry-otlp` from 0.12.0 to 0.13.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-rust/releases)
- [Commits](https://github.com/open-telemetry/opentelemetry-rust/compare/v0.12.0...v0.13.0)

Updates `opentelemetry-http` from 0.8.0 to 0.9.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-rust/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-rust/blob/v0.9.0/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-rust/compare/v0.8.0...v0.9.0)

Updates `opentelemetry-prometheus` from 0.12.0 to 0.13.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-rust/releases)
- [Commits](https://github.com/open-telemetry/opentelemetry-rust/compare/v0.12.0...v0.13.0)

---
updated-dependencies:
- dependency-name: tracing-opentelemetry
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
- dependency-name: opentelemetry
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
- dependency-name: opentelemetry-semantic-conventions
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
- dependency-name: opentelemetry-jaeger
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
- dependency-name: opentelemetry-otlp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
- dependency-name: opentelemetry-http
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
- dependency-name: opentelemetry-prometheus
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-11 16:12:58 +02:00
Quentin Gliech
904722643f Test the admin scope on the GraphQL API 2023-08-11 14:56:21 +02:00
Quentin Gliech
1fcab9709f Basic tests of the GraphQL API 2023-08-11 14:56:21 +02:00
Quentin Gliech
4ef3bcf336 Make the GraphQL interface accessible for OAuth clients 2023-08-11 14:56:21 +02:00
dependabot[bot]
f09f6b7c2f build(deps): bump tokio from 1.29.1 to 1.30.0 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.29.1 to 1.30.0.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.29.1...tokio-1.30.0)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-10 07:59:09 +02:00
Quentin Gliech
3e6ea9a158 Add a 404 HTMl fallback 2023-08-09 16:56:11 +02:00
Kévin Commaille
bbd0956f2d Put code challenge methods in AuthorizationRequestData 
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
 2023-08-09 12:10:45 +02:00
Kévin Commaille
ba4ba75f73 Merge data structs and use builder pattern 
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
 2023-08-09 12:10:45 +02:00
Kévin Commaille
c67a00ddd6 Add support for all authorization request parameters 
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
 2023-08-09 12:10:45 +02:00
dependabot[bot]
bcc988beff build(deps): bump serde_with from 3.1.0 to 3.2.0 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.1.0...v3.2.0)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-09 11:35:00 +02:00
dependabot[bot]
84ca78cf6f build(deps): bump serde from 1.0.181 to 1.0.183 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.181 to 1.0.183.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.181...v1.0.183)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-08 20:35:57 +02:00
Quentin Gliech
dc711f8ecb Allow a trailing slash on the compat SSO route 2023-08-08 19:23:07 +02:00
dependabot[bot]
79ad2dbc65 build(deps): bump axum from 0.6.19 to 0.6.20 
Bumps [axum](https://github.com/tokio-rs/axum) from 0.6.19 to 0.6.20.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-v0.6.19...axum-v0.6.20)

---
updated-dependencies:
- dependency-name: axum
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-08 19:21:47 +02:00
dependabot[bot]
989c50b5b4 build(deps): bump axum-extra from 0.7.5 to 0.7.7 
Bumps [axum-extra](https://github.com/tokio-rs/axum) from 0.7.5 to 0.7.7.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-extra-v0.7.5...axum-extra-v0.7.7)

---
updated-dependencies:
- dependency-name: axum-extra
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-08 18:46:39 +02:00
dependabot[bot]
4cdb24ffe4 build(deps): bump serde from 1.0.180 to 1.0.181 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.180 to 1.0.181.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.180...v1.0.181)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-04 23:18:07 +02:00
dependabot[bot]
9ea20a75c0 build(deps): bump time from 0.3.24 to 0.3.25 
Bumps [time](https://github.com/time-rs/time) from 0.3.24 to 0.3.25.
- [Release notes](https://github.com/time-rs/time/releases)
- [Changelog](https://github.com/time-rs/time/blob/main/CHANGELOG.md)
- [Commits](https://github.com/time-rs/time/compare/v0.3.24...v0.3.25)

---
updated-dependencies:
- dependency-name: time
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-04 22:50:01 +02:00
dependabot[bot]
815d7e23b2 build(deps): bump async-graphql from 5.0.10 to 6.0.1 
Bumps [async-graphql](https://github.com/async-graphql/async-graphql) from 5.0.10 to 6.0.1.
- [Release notes](https://github.com/async-graphql/async-graphql/releases)
- [Changelog](https://github.com/async-graphql/async-graphql/blob/master/CHANGELOG.md)
- [Commits](https://github.com/async-graphql/async-graphql/commits)

---
updated-dependencies:
- dependency-name: async-graphql
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-03 17:22:10 +02:00
Quentin Gliech
9b5eddbf97 Merge branch 'main' into quenting/user-lock 2023-08-03 15:20:05 +02:00
dependabot[bot]
ddb45b02ea build(deps): bump serde from 1.0.177 to 1.0.180 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.177 to 1.0.180.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.177...v1.0.180)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-03 15:18:17 +02:00
dependabot[bot]
dcdb05dc0a build(deps): bump time from 0.3.23 to 0.3.24 
Bumps [time](https://github.com/time-rs/time) from 0.3.23 to 0.3.24.
- [Release notes](https://github.com/time-rs/time/releases)
- [Changelog](https://github.com/time-rs/time/blob/main/CHANGELOG.md)
- [Commits](https://github.com/time-rs/time/compare/v0.3.23...v0.3.24)

---
updated-dependencies:
- dependency-name: time
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-03 15:18:05 +02:00
Quentin Gliech
8456640b0d mas-matrix: fix clippy warnings 2023-08-03 15:06:45 +02:00
Quentin Gliech
cc2bce7b03 Show and log the policy violations better 2023-08-03 14:06:34 +02:00
Quentin Gliech
fcf6885916 Implement a mocked HomeserverConnection which keeps state around 2023-08-03 14:06:34 +02:00
Quentin Gliech
40b49cdd10 Add a way to lock users 2023-08-03 14:06:34 +02:00
dependabot[bot]
31159c0907 build(deps): bump serde from 1.0.176 to 1.0.177 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.176 to 1.0.177.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.176...v1.0.177)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-27 23:28:07 +02:00
Quentin Gliech
e79da4a949 Bump Rust dependencies and remove unused ones 2023-07-27 17:23:08 +02:00
dependabot[bot]
85659c6c36 build(deps): bump serde from 1.0.171 to 1.0.174 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.171 to 1.0.174.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.171...v1.0.174)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-22 00:17:55 +02:00
dependabot[bot]
3a3e8bc285 build(deps): bump tower-http from 0.4.1 to 0.4.3 
Bumps [tower-http](https://github.com/tower-rs/tower-http) from 0.4.1 to 0.4.3.
- [Release notes](https://github.com/tower-rs/tower-http/releases)
- [Commits](https://github.com/tower-rs/tower-http/compare/tower-http-0.4.1...tower-http-0.4.3)

---
updated-dependencies:
- dependency-name: tower-http
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-21 23:39:20 +02:00
Quentin Gliech
802cf142fd Remove the last authentication from the browser session model 2023-07-21 19:50:30 +02:00
Quentin Gliech
016c65c9f8 Add metric which tracks the maximum number of connections to the database. 2023-07-18 19:10:57 +02:00
dependabot[bot]
feb89bfa9e build(deps): bump serde_with from 3.0.0 to 3.1.0 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.0.0...v3.1.0)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-17 22:51:58 +02:00
Quentin Gliech
ba0f7ea62c Upgrade all Rust dependencies 
This includes breaking changes of sqlx 0.7.0
 2023-07-17 19:04:06 +02:00
Quentin Gliech
f5143c045e Track the database connection acquisition time and pool usage 2023-07-06 18:54:29 +02:00
Quentin Gliech
ca520dfd9a frontend: Show all compatibilities sessions, not just SSO logins 
Also cleans up a bunch of things in the frontend
 2023-07-06 18:12:34 +02:00
Quentin Gliech
76653f9638 Better frontend assets handling and move the react app to /account/ (#1324) 
This makes the Vite assets handling better, namely:

 - make it possible to include any vite assets in the templates
 - include the right `<link rel="preload">` tags for assets
 - include Subresource Integrity hashes
 - pre-compress assets and remove on-the-fly compression by the Rust server
 - build the CSS used by templates through Vite

It also moves the React app from /app/ to /account/, and remove some of the old SSR account screens.
 2023-07-06 15:30:26 +02:00
dependabot[bot]
b125f23f87 build(deps): bump bcrypt from 0.14.0 to 0.15.0 
Bumps [bcrypt](https://github.com/Keats/rust-bcrypt) from 0.14.0 to 0.15.0.
- [Commits](https://github.com/Keats/rust-bcrypt/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: bcrypt
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-06 08:16:27 +02:00
dependabot[bot]
bd9483ec74 build(deps): bump serde_json from 1.0.99 to 1.0.100 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.99 to 1.0.100.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.99...v1.0.100)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-05 22:55:03 +02:00
dependabot[bot]
c068460cd7 build(deps): bump thiserror from 1.0.40 to 1.0.41 
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.40 to 1.0.41.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.40...1.0.41)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-05 01:15:00 +02:00
dependabot[bot]
40429fcc9e build(deps): bump indoc from 2.0.1 to 2.0.2 
Bumps [indoc](https://github.com/dtolnay/indoc) from 2.0.1 to 2.0.2.
- [Release notes](https://github.com/dtolnay/indoc/releases)
- [Commits](https://github.com/dtolnay/indoc/compare/2.0.1...2.0.2)

---
updated-dependencies:
- dependency-name: indoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-04 09:07:05 +02:00
dependabot[bot]
725078941a build(deps): bump serde from 1.0.165 to 1.0.166 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.165 to 1.0.166.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.165...v1.0.166)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-04 00:59:48 +02:00
dependabot[bot]
88e1a677e5 build(deps): bump serde from 1.0.164 to 1.0.165 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.164 to 1.0.165.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.164...v1.0.165)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-03 15:43:13 +02:00
Quentin Gliech
4f8b87fbfe Apply cargo fmt following changes in nightly rustfmt 
rustfmt now formats `let … else { … }` expressions
 2023-07-03 14:50:59 +02:00
dependabot[bot]
1a70c3a387 build(deps): bump tokio from 1.29.0 to 1.29.1 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.29.0 to 1.29.1.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.29.0...tokio-1.29.1)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-02 11:30:27 +02:00