matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-19 00:26:27 +03:00
Code Activity
1,614 Commits 59 Branches 22 Tags
23571e87ea3891ec3f8ba3d699d58f09df10366d
Commit Graph

1614 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Quentin Gliech
2cfaff737e Simplify session-related filters 2021-09-23 19:16:30 +02:00
Quentin Gliech
d06cdb6e02 Make database-related warp filters generic over the DB type 2021-09-23 17:40:50 +02:00
Quentin Gliech
4a927861b0 Proper error when submitting invalid authorization code 2021-09-23 14:48:12 +02:00
Quentin Gliech
a9f1f8bb71 Refactor token generation a bit 2021-09-23 14:24:44 +02:00
Quentin Gliech
29126e336e Clean up some warp filters and add documentation 2021-09-23 14:02:44 +02:00
Quentin Gliech
9cd7dec070 ci: simplify workflow and enhance cache restore 
This stops building on Windows and macOS and changes the cache key a bit
for better cache restore when the lockfiles or toolchain change
 2021-09-23 10:27:25 +02:00
Quentin Gliech
e08dae27b1 Consume authorization code on use 2021-09-17 18:24:43 +02:00
Quentin Gliech
1813984a1c Include "state" in authorization request errors 2021-09-17 18:13:30 +02:00
Quentin Gliech
dc0d54aaf5 Better error handling in cookies, session and csrf filters 2021-09-17 18:12:34 +02:00
Quentin Gliech
59df55c2f9 Handle auth errors on the userinfo endpoint 2021-09-17 16:20:10 +02:00
Quentin Gliech
463184bbb1 Make the template contexts a bit more clear 2021-09-17 14:30:06 +02:00
Quentin Gliech
7afd82be8f ci: better job dependencies 2021-09-17 12:55:10 +02:00
Quentin Gliech
3159a9972f Allow loading multiple configuration files 2021-09-17 12:22:03 +02:00
Quentin Gliech
bd441ceef7 Allow splitting database connection options 2021-09-17 12:03:00 +02:00
Quentin Gliech
789ace84fd Ability to run migrations on startup 
Also adds a bunch of logging information on startup
 2021-09-17 11:27:06 +02:00
Quentin Gliech
4fbac80898 Docker image and CI 2021-09-17 10:40:08 +02:00
Quentin Gliech
76c69485e9 Embed templates in binary & add command to export them 2021-09-16 23:39:07 +02:00
Quentin Gliech
e44197a2cc Bump MSRV to 1.54 
clap 4.0.0-beta4 broke <1.54 compatibility
 2021-09-16 15:05:07 +02:00
Quentin Gliech
721b67fe48 Fix minor code style issues 2021-09-16 14:54:17 +02:00
Quentin Gliech
a44e33931c Split the service in multiple crates 2021-09-16 14:43:56 +02:00
Quentin Gliech
da91564bf9 Upgrade dependencies 2021-09-16 12:33:04 +02:00
Quentin Gliech
41e3945496 Fix signing key in tests 2021-09-16 12:23:45 +02:00
Quentin Gliech
bb11ab7af8 more error handling in token endpoint 
Also adds some OP metadatas to help with conformance
 2021-09-11 00:53:21 +02:00
Quentin Gliech
f8c51f67e8 WIP error management in authorization request 2021-09-10 22:53:21 +02:00
Quentin Gliech
fb421a6139 disabled bogus clippy lint 2021-09-09 23:27:51 +02:00
Quentin Gliech
dad0360ffb implement userinfo endpoint 
Also fix some responses to pass more compliance tests
 2021-09-09 23:11:09 +02:00
Quentin Gliech
ac6875172f Add c_hash, at_hash and nonce claims to id_token 2021-09-09 16:52:08 +02:00
Quentin Gliech
5b1abb6a17 Properly block on hashing and signing operations 
This moves those operations on Tokio "blocking" threads, which avoids
that they block the async executor while running. It also makes the
config generation asynchronous with better logging of what is happening.
 2021-09-09 14:15:42 +02:00
Quentin Gliech
afbae31487 Basic id_token signing 2021-09-09 13:18:53 +02:00
Quentin Gliech
63dfd86552 Implement refresh tokens 2021-08-27 15:27:19 +02:00
Quentin Gliech
2a8c38c181 Simple task scheduler to remove old access tokens 2021-08-27 12:06:03 +02:00
Quentin Gliech
c00c962de2 Simplify client authentication logic 2021-08-26 20:16:38 +02:00
Quentin Gliech
c64273afc3 Recover gracefully from login errors 
Fixes #5
 2021-08-26 18:08:28 +02:00
Quentin Gliech
47e79307a6 Simplify saving encrypted cookies 2021-08-26 17:39:33 +02:00
Quentin Gliech
a1d78eae55 WIP: handle errors in forms 2021-08-26 11:49:22 +02:00
Quentin Gliech
705d253322 Use custom error types for CSRF and login errors 2021-08-26 11:49:22 +02:00
Quentin Gliech
5fdd833b26 Better handle .env file loading error 
Previously it would crash if the file did not exist
 2021-08-26 11:14:49 +02:00
Quentin Gliech
c3087ac925 Display the OIDC discovery document on the index 2021-08-15 11:27:00 +00:00
Quentin Gliech
d056c6ef93 Add registration view 2021-08-15 09:56:28 +00:00
Quentin Gliech
bac4125d8c Load environment variables from .env files 
This allows to properly set the OAuth 2.0 Issuer base in the Codespace
 2021-08-15 09:21:15 +00:00
Quentin Gliech
2361791951 Setup GitHub Codespaces 2021-08-14 20:50:07 +00:00
Quentin Gliech
c4950318dd Commit transaction after exchanging the auth code 2021-08-14 14:35:52 +02:00
Quentin Gliech
d5d9cfe337 ci: Download deps with MSRV 2021-08-14 13:28:03 +02:00
Quentin Gliech
69035e4fb8 Set MSRV and let beta & nightly fail in CI 2021-08-14 13:18:08 +02:00
Quentin Gliech
b5adc80838 Implement code exchange endpoint 
Also implement proper client authentication and fix introspection
endpoint
 2021-08-14 12:31:19 +02:00
Quentin Gliech
3bdfd68f9d Rework warp top-filters to get proper 404 errors 
Before, some had `warp::get().and(warp::path!("foo"))`, which resulted
to a `405 Method not allowed` instead of a 404.

It also uses the `wrap::path!` macro instead of the function to ensure
we're not setting a prefix
 2021-08-13 16:20:09 +02:00
Quentin Gliech
787ff192fe Implement basic token introspection endpoint 2021-08-13 15:45:51 +02:00
Quentin Gliech
0596b65f12 Implement proper access token generation 2021-08-13 14:15:20 +02:00
Quentin Gliech
da13e24789 Acquire DB conns and txns on filter level 
This avoids having the pool everywhere and instead have connections and
transactions as parameters
 2021-08-13 09:38:41 +02:00
Quentin Gliech
4eb1b5d4f8 allow completing an oauth2 session after login 2021-08-06 16:57:49 +02:00