matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-19 00:26:27 +03:00
Code Activity
1,614 Commits 59 Branches 22 Tags
23571e87ea3891ec3f8ba3d699d58f09df10366d
Commit Graph

1614 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Quentin Gliech
23571e87ea Run the registration policy on upstream OAuth registration 2023-08-30 19:39:39 +02:00
Quentin Gliech
7fcd022eea Make sure we validate passwords & emails by the policy at all stages 
Also refactors the way we get the policy engines in requests
 2023-08-30 19:39:39 +02:00
Quentin Gliech
23151ef092 policies: split the email & password policies and add jsonschema validation of the input 2023-08-30 19:39:39 +02:00
Quentin Gliech
6589f06d79 tracing: set the parent context from the incoming request again 2023-08-29 18:50:54 +02:00
dependabot[bot]
a0373207a8 build(deps): bump the opentelemetry group with 1 update 
Bumps the opentelemetry group with 1 update: [tracing-opentelemetry](https://github.com/tokio-rs/tracing-opentelemetry).

- [Release notes](https://github.com/tokio-rs/tracing-opentelemetry/releases)
- [Changelog](https://github.com/tokio-rs/tracing-opentelemetry/blob/v0.1.x/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/tracing-opentelemetry/compare/v0.20.0...v0.21.0)

---
updated-dependencies:
- dependency-name: tracing-opentelemetry
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: opentelemetry
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 18:50:54 +02:00
Quentin Gliech
1e52c5cbee frontend: fix a flaky test 2023-08-29 18:32:19 +02:00
Quentin Gliech
a19f405e53 graphql: Expose the BrowserSession User-Agent 2023-08-29 17:38:01 +02:00
Quentin Gliech
5d3b8cd92f Store the browser user-agent when starting a browser session 2023-08-29 17:38:01 +02:00
Quentin Gliech
1849b86a7d graphql: Always make the associated SSO login available in compatibility sessions 2023-08-29 16:53:38 +02:00
Quentin Gliech
ba98b7c448 graphql: API to query client sessions out of a device_id and a user ID 2023-08-29 16:53:38 +02:00
Quentin Gliech
8402a75a7d storage: Look up compat sessions by device_id 2023-08-29 16:53:38 +02:00
Quentin Gliech
d7abdccc0a storage: Allow filtering oauth2 sessions by scope 2023-08-29 16:53:38 +02:00
Kerry
1826120f10 Allow user to view and change display name in My Account UI (#1628) 
Co-authored-by: Quentin Gliech <quenting@element.io>
 2023-08-29 13:40:00 +02:00
Quentin Gliech
438a10332a Add the user_id directly on oauth2_sessions and make the scope a text list 2023-08-29 12:52:24 +02:00
Kerry Archibald
feb59344f3 add finishedAt to browser sessions 2023-08-29 12:43:04 +02:00
Quentin Gliech
85629820fd api: Add a finishedAt property to the BrowserSession and a state property to all 3 session types 2023-08-29 08:34:07 +02:00
Quentin Gliech
f295d2df77 Fix sentry transport post-upgrade 2023-08-29 08:23:26 +02:00
dependabot[bot]
111c119732 build(deps): bump the sentry group with 1 update 
Bumps the sentry group with 1 update: [sentry](https://github.com/getsentry/sentry-rust).

- [Release notes](https://github.com/getsentry/sentry-rust/releases)
- [Changelog](https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-rust/compare/0.31.5...0.31.6)

---
updated-dependencies:
- dependency-name: sentry
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: sentry
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 08:23:26 +02:00
dependabot[bot]
79d9d7c08b build(deps): bump schemars from 0.8.12 to 0.8.13 
Bumps [schemars](https://github.com/GREsau/schemars) from 0.8.12 to 0.8.13.
- [Release notes](https://github.com/GREsau/schemars/releases)
- [Changelog](https://github.com/GREsau/schemars/blob/master/CHANGELOG.md)
- [Commits](https://github.com/GREsau/schemars/compare/v0.8.12...v0.8.13)

---
updated-dependencies:
- dependency-name: schemars
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 08:00:46 +02:00
dependabot[bot]
9f58be0bcb build(deps): bump rustls from 0.21.6 to 0.21.7 
Bumps [rustls](https://github.com/rustls/rustls) from 0.21.6 to 0.21.7.
- [Release notes](https://github.com/rustls/rustls/releases)
- [Commits](https://github.com/rustls/rustls/compare/v/0.21.6...v/0.21.7)

---
updated-dependencies:
- dependency-name: rustls
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 08:00:31 +02:00
dependabot[bot]
36484e13e1 build(deps-dev): bump @types/node from 20.5.6 to 20.5.7 in /frontend 
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.5.6 to 20.5.7.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 07:27:04 +02:00
Kerry
fd22d6e26e Browser session UI (#1616) 
* tweak blocklist spacing

* use same session design for browser sessions

* remove change to session

* remove unused class
 2023-08-29 00:07:48 +00:00
dependabot[bot]
ab8ae09b7b build(deps): bump clap from 4.4.0 to 4.4.1 
Bumps [clap](https://github.com/clap-rs/clap) from 4.4.0 to 4.4.1.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.4.0...v4.4.1)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 00:10:05 +02:00
dependabot[bot]
89f78f3db4 build(deps): bump docker/setup-buildx-action from 2.9.1 to 2.10.0 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.9.1 to 2.10.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2.9.1...v2.10.0)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 00:09:30 +02:00
dependabot[bot]
d89ec10be1 build(deps-dev): bump happy-dom from 10.11.0 to 10.11.1 in /frontend 
Bumps [happy-dom](https://github.com/capricorn86/happy-dom) from 10.11.0 to 10.11.1.
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v10.11.0...v10.11.1)

---
updated-dependencies:
- dependency-name: happy-dom
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-29 00:09:10 +02:00
Quentin Gliech
07ca145174 Cache the upstream OAuth 2.0 provider metadata 2023-08-28 18:30:40 +02:00
Quentin Gliech
17e28f56c1 Upgrade Rust to 1.72.0 
Fixes new clippy errors and upgrade other tools
 2023-08-28 18:05:56 +02:00
Quentin Gliech
d9a12de8a3 Save the authentication method on each authorization 
This will help us logging out of the upstream.
 2023-08-28 17:14:59 +02:00
Quentin Gliech
096386e9b9 Save the application_type and the contacts in the OAuth 2.0 clients 
This also removes the dedicated "redirect_uris" table and makes it a field of the "oauth2_clients" table
 2023-08-28 14:41:49 +02:00
dependabot[bot]
f9dabf0bbc build(deps): bump url from 2.4.0 to 2.4.1 
Bumps [url](https://github.com/servo/rust-url) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/servo/rust-url/releases)
- [Commits](https://github.com/servo/rust-url/compare/v2.4.0...v2.4.1)

---
updated-dependencies:
- dependency-name: url
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-28 14:21:20 +02:00
dependabot[bot]
23717d8a23 build(deps): bump sea-query from 0.30.0 to 0.30.1 
Bumps [sea-query](https://github.com/SeaQL/sea-query) from 0.30.0 to 0.30.1.
- [Release notes](https://github.com/SeaQL/sea-query/releases)
- [Changelog](https://github.com/SeaQL/sea-query/blob/master/CHANGELOG.md)
- [Commits](https://github.com/SeaQL/sea-query/compare/0.30.0...0.30.1)

---
updated-dependencies:
- dependency-name: sea-query
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-27 19:12:56 +02:00
dependabot[bot]
8551f59fab build(deps-dev): bump the eslint group in /frontend with 1 update 
Bumps the eslint group in /frontend with 1 update: [eslint](https://github.com/eslint/eslint).

- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.47.0...v8.48.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-27 19:12:25 +02:00
dependabot[bot]
e9d49b542c build(deps): bump serde from 1.0.187 to 1.0.188 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.187 to 1.0.188.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.187...v1.0.188)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-27 19:11:57 +02:00
dependabot[bot]
329bd401b3 build(deps): bump time from 0.3.27 to 0.3.28 
Bumps [time](https://github.com/time-rs/time) from 0.3.27 to 0.3.28.
- [Release notes](https://github.com/time-rs/time/releases)
- [Changelog](https://github.com/time-rs/time/blob/main/CHANGELOG.md)
- [Commits](https://github.com/time-rs/time/compare/v0.3.27...v0.3.28)

---
updated-dependencies:
- dependency-name: time
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-27 19:11:35 +02:00
dependabot[bot]
50dcfed805 build(deps-dev): bump @types/node from 20.5.3 to 20.5.6 in /frontend 
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.5.3 to 20.5.6.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-27 18:06:26 +02:00
dependabot[bot]
bb753dbddd build(deps-dev): bump the vitest group in /frontend with 2 updates 
Bumps the vitest group in /frontend with 2 updates: [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).


Updates `@vitest/coverage-v8` from 0.34.2 to 0.34.3
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v0.34.3/packages/coverage-v8)

Updates `vitest` from 0.34.2 to 0.34.3
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v0.34.3/packages/vitest)

---
updated-dependencies:
- dependency-name: "@vitest/coverage-v8"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: vitest
- dependency-name: vitest
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: vitest
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-27 18:05:43 +02:00
dependabot[bot]
651dd63c21 build(deps): bump serde from 1.0.186 to 1.0.187 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.186 to 1.0.187.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.186...v1.0.187)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-27 17:42:22 +02:00
dependabot[bot]
245a91b9ee build(deps): bump pin-project-lite from 0.2.12 to 0.2.13 
Bumps [pin-project-lite](https://github.com/taiki-e/pin-project-lite) from 0.2.12 to 0.2.13.
- [Release notes](https://github.com/taiki-e/pin-project-lite/releases)
- [Changelog](https://github.com/taiki-e/pin-project-lite/blob/main/CHANGELOG.md)
- [Commits](https://github.com/taiki-e/pin-project-lite/compare/v0.2.12...v0.2.13)

---
updated-dependencies:
- dependency-name: pin-project-lite
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-27 17:42:03 +02:00
Kerry
63fdc07793 Rename Home tab to Sessions (#1568) 
* rename /account/emails route to profile

* rename tab to sessions

* quick design pass and new session labels

* align copy on list pages with home page

* comment

* remove support for /emails

* bad unit test for Layout

* update snapshots, fix layout test

* fix snapshots from old version of compound

* better layout test

* coverage?

* userhome styles

* move no primary email alert to email list

* update snapshots

* Remove obselete snapshot & remove unnecessary logs

---------

Co-authored-by: Quentin Gliech <quenting@element.io>
 2023-08-25 16:17:46 +02:00
dependabot[bot]
2e9a2d6e70 build(deps-dev): bump typescript from 5.1.6 to 5.2.2 in /frontend 
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.1.6 to 5.2.2.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/commits)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-25 15:59:36 +02:00
Quentin Gliech
9289922dfb Grab a database lock when syncing the config 
Fixes #1475
 2023-08-25 15:48:47 +02:00
Quentin Gliech
7ff9be99db Add a basic login test to check session & CSRF cookies are correctly handled 2023-08-25 14:35:46 +02:00
Quentin Gliech
a39f71c181 Handle cookies better by setting the right flags & expiration 2023-08-25 14:35:46 +02:00
dependabot[bot]
2405a3c061 build(deps): bump actions/checkout from 3.5.3 to 3.6.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 3.6.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3.5.3...v3.6.0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-25 12:33:48 +02:00
dependabot[bot]
c8aa2a1d25 build(deps): bump @vector-im/compound-web in /frontend 
Bumps [@vector-im/compound-web](https://github.com/vector-im/compound-web) from 0.2.12 to 0.2.15.
- [Release notes](https://github.com/vector-im/compound-web/releases)
- [Commits](https://github.com/vector-im/compound-web/compare/v0.2.12...v0.2.15)

---
updated-dependencies:
- dependency-name: "@vector-im/compound-web"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-25 12:33:31 +02:00
dependabot[bot]
00b0283b71 build(deps): bump serde from 1.0.185 to 1.0.186 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.185 to 1.0.186.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.185...v1.0.186)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-25 12:32:17 +02:00
dependabot[bot]
f1e716ef90 build(deps): bump clap from 4.3.24 to 4.4.0 
Bumps [clap](https://github.com/clap-rs/clap) from 4.3.24 to 4.4.0.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v4.3.24...clap_complete-v4.4.0)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-25 12:32:06 +02:00
dependabot[bot]
f9440fd52e build(deps): bump wasmtime from 12.0.0 to 12.0.1 
Bumps [wasmtime](https://github.com/bytecodealliance/wasmtime) from 12.0.0 to 12.0.1.
- [Release notes](https://github.com/bytecodealliance/wasmtime/releases)
- [Changelog](https://github.com/bytecodealliance/wasmtime/blob/main/docs/WASI-some-possible-changes.md)
- [Commits](https://github.com/bytecodealliance/wasmtime/compare/v12.0.0...v12.0.1)

---
updated-dependencies:
- dependency-name: wasmtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-25 12:31:57 +02:00
Quentin Gliech
ca3460b49e Skip the "continue" screens on upstream IDP logins for new accounts 2023-08-25 10:56:10 +02:00
Kerry
c7311eea79 Rename 'Emails' route to 'Profile' (#1567) 
* rename /account/emails route to profile

* remove support for /emails

* bad unit test for Layout

* update snapshots, fix layout test

* fix snapshots from old version of compound

* better layout test

* coverage?
 2023-08-25 17:10:34 +12:00