matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00
Code Activity
2,294 Commits 59 Branches 22 Tags
1c19bc6e54cfb1bb547bbf99942d2edfb60c86df
Commit Graph

112 Commits

Author SHA1 Message Date
Quentin Gliech
896ed3f024 Check for username availability upon registration 2024-02-29 11:21:24 +01:00
Quentin Gliech
4aeb446061 Make the HomeserverConnection available in handlers 2024-02-29 11:21:24 +01:00
Quentin Gliech
0beb842195 Make the user agree to T&C during registration 2024-02-07 17:21:22 +01:00
Quentin Gliech
67ab42155c Implement the device consent logic 2024-02-02 18:01:51 +01:00
Quentin Gliech
50654d2e40 Implement the device code authorisation request 2024-02-02 18:01:51 +01:00
Quentin Gliech
4301fd9378 Setup the device link form page 2024-02-02 18:01:51 +01:00
Quentin Gliech
a0f5f3c642 Enable clippy lints on a workspace level 
This enables a lot more lints than before in some crates, so this fixed a lot of warnings as well.
 2023-12-05 17:20:42 +01:00
Quentin Gliech
9b5c8fb44b Allow running the authentication service on a different base path 2023-10-06 14:07:55 +02:00
Quentin Gliech
1feafc1d13 handlers/templates: infer the language from the Accept-Language browser header 2023-10-05 19:29:23 +02:00
Quentin Gliech
995bdfc13b templates: replace tera with minijinja 2023-10-05 19:29:23 +02:00
Quentin Gliech
3303e74123 Add a way to discover the GraphQL endpoint in the .well-known/openid-configuration 
This adds a `org.matrix.matrix-authentication-service.graphql_endpoint` key to it
 2023-10-05 16:43:13 +02:00
Quentin Gliech
f20c8d8ef3 Infer client IP address from the peer address and the X-Forwarded-Proxy header 2023-09-20 20:24:30 +02:00
Quentin Gliech
407c78a7be Record the user session activity for most routes 2023-09-19 21:57:54 +02:00
Quentin Gliech
cf5510a1a2 Add an ActivityTracker which tracks session activity and regularly flush them to the database 2023-09-19 21:57:54 +02:00
Hugh Nimmo-Smith
bca3ab5eb6 Add CORS headers for /graphql 2023-09-01 17:30:33 +02:00
Kerry
17f8dc4e00 Implement MSC2965 action parameter (#1673) 
* redirect session_end action to session detail

* fix react key warning in oauth session detail

* move Route type to /routing

* test getRouteActionRedirection

* comment

* frontend: Split the routing-related stuff in multiple files under routing/

* frontend: Cover all the redirections defined by MSC2965

* frontend: fix test

* Make the backend keep query parameters through login to the /account/ interface

* Fix frontend tests & clippy lints

---------

Co-authored-by: Quentin Gliech <quenting@element.io>
 2023-09-01 09:42:50 +00:00
Quentin Gliech
bc04860afb Make the access tokens TTL configurable 2023-08-31 18:05:00 +02:00
Quentin Gliech
7fcd022eea Make sure we validate passwords & emails by the policy at all stages 
Also refactors the way we get the policy engines in requests
 2023-08-30 19:39:39 +02:00
Quentin Gliech
07ca145174 Cache the upstream OAuth 2.0 provider metadata 2023-08-28 18:30:40 +02:00
Quentin Gliech
a39f71c181 Handle cookies better by setting the right flags & expiration 2023-08-25 14:35:46 +02:00
Quentin Gliech
4ef3bcf336 Make the GraphQL interface accessible for OAuth clients 2023-08-11 14:56:21 +02:00
Quentin Gliech
3e6ea9a158 Add a 404 HTMl fallback 2023-08-09 16:56:11 +02:00
Quentin Gliech
dc711f8ecb Allow a trailing slash on the compat SSO route 2023-08-08 19:23:07 +02:00
Quentin Gliech
ca520dfd9a frontend: Show all compatibilities sessions, not just SSO logins 
Also cleans up a bunch of things in the frontend
 2023-07-06 18:12:34 +02:00
Quentin Gliech
76653f9638 Better frontend assets handling and move the react app to /account/ (#1324) 
This makes the Vite assets handling better, namely:

 - make it possible to include any vite assets in the templates
 - include the right `<link rel="preload">` tags for assets
 - include Subresource Integrity hashes
 - pre-compress assets and remove on-the-fly compression by the Rust server
 - build the CSS used by templates through Vite

It also moves the React app from /app/ to /account/, and remove some of the old SSR account screens.
 2023-07-06 15:30:26 +02:00
Quentin Gliech
7e90564d16 Bump Rust dependencies 2023-06-14 12:02:16 +02:00
Quentin Gliech
1f748f7d1e Schedule jobs through the repository 2023-04-14 10:22:22 +02:00
Quentin Gliech
cdd535ddc4 WIP: use apalis to schedule jobs 2023-04-14 10:22:22 +02:00
Quentin Gliech
83cb9158a0 Fix clippy errors 2023-03-14 10:47:35 +01:00
Quentin Gliech
64ce271d08 Add test helpers for handlers and use them 
Also expands the test coverage of the revoke handler.
 2023-02-21 12:06:30 +01:00
Quentin Gliech
a6cd4412c1 Write tests for the token revocation endpoint 2023-02-21 12:06:30 +01:00
Quentin Gliech
543b4b229f Support for token revocation 2023-02-21 12:06:30 +01:00
Quentin Gliech
a9facab131 Box the repository everywhere 2023-01-20 17:53:04 +01:00
Quentin Gliech
876bc9fcb3 handlers: extract the PgRepository from the request 
Also fix a bunch of clippy errors & doctests
 2023-01-18 18:22:13 +01:00
Quentin Gliech
9005931e2a handlers: box the rng and clock, and extract it from the state 2023-01-18 17:49:59 +01:00
Quentin Gliech
142fdbd45a storage: make the Clock a trait 2023-01-18 12:20:30 +01:00
Quentin Gliech
82421c493c Remove the dependency mas-axum-utils <- mas-graphql 
This is done by loading the browser session earlier
Also removes the GraphQL subscription logic
 2022-12-15 16:51:43 +01:00
Quentin Gliech
fbbb842255 Remove dependency on mas-email and lettre in mas-config 2022-12-15 16:51:43 +01:00
Quentin Gliech
a475a9a164 Make the compat login use the new password manager 2022-12-14 16:04:36 +01:00
Quentin Gliech
533cabe005 Use the new password manager 2022-12-14 16:04:36 +01:00
Quentin Gliech
a6c3951d8c Start a modular password manager 2022-12-14 16:04:36 +01:00
Quentin Gliech
68890b7291 handlers: remove most usage of anyhow 2022-12-08 15:29:15 +01:00
Quentin Gliech
b7cad48bbd storage: unify user operations errors 2022-12-08 15:29:15 +01:00
Quentin Gliech
f7f65e314b storage: unify the compat login errors 2022-12-08 15:29:15 +01:00
Quentin Gliech
fcb6190a56 Simplify route error handling 2022-12-05 19:39:51 +01:00
Quentin Gliech
22a337cd45 WIP: handle account linking 2022-12-05 19:39:51 +01:00
Quentin Gliech
4227fa7a83 Add a global HTTP client factory 2022-12-05 19:39:51 +01:00
Quentin Gliech
bedcf44741 WIP: upstream OIDC provider support 2022-12-05 19:39:51 +01:00
Quentin Gliech
809f836bb4 Migrate to axum 0.6.0-rc.5 2022-11-21 15:04:16 +01:00
Quentin Gliech
9c0ece7512 Do not embed the templates and static files in the binary 2022-11-18 22:37:55 +01:00