matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-21 23:00:50 +03:00
Code Activity
572 Commits 59 Branches 22 Tags
372b32a780476e24b54636c8ef5ef1af8fe722ae
Commit Graph

59 Commits

Author SHA1 Message Date
Quentin Gliech
372b32a780 Make PKCE implementation compliant with RFC7636 
This checks for the PKCE code_verifier length as well as the characters
used. It also give better errors when the PKCE verifier is invalid.

Fixes #316
 2022-08-03 13:57:31 +02:00
Quentin Gliech
44b2708f7a Bump serde_with 2022-08-01 19:38:22 +02:00
Quentin Gliech
d4c718ef4b Bump Rust dependencies 2022-08-01 17:50:33 +02:00
Quentin Gliech
ba90ee2614 Bump dependencies 2022-07-04 18:27:18 +02:00
dependabot[bot]
52a400eb9e Bump serde_json from 1.0.81 to 1.0.82 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.81 to 1.0.82.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.81...v1.0.82)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-30 19:12:20 +02:00
dependabot[bot]
909091a401 Bump http from 0.2.7 to 0.2.8 
Bumps [http](https://github.com/hyperium/http) from 0.2.7 to 0.2.8.
- [Release notes](https://github.com/hyperium/http/releases)
- [Changelog](https://github.com/hyperium/http/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/http/compare/v0.2.7...v0.2.8)

---
updated-dependencies:
- dependency-name: http
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-07 15:37:29 +02:00
dependabot[bot]
959466a5ba Bump serde_with from 1.13.0 to 1.14.0 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v1.13.0...v1.14.0)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-02 16:29:41 +02:00
dependabot[bot]
65596eb6a4 Bump indoc from 1.0.5 to 1.0.6 
Bumps [indoc](https://github.com/dtolnay/indoc) from 1.0.5 to 1.0.6.
- [Release notes](https://github.com/dtolnay/indoc/releases)
- [Commits](https://github.com/dtolnay/indoc/compare/1.0.5...1.0.6)

---
updated-dependencies:
- dependency-name: indoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-09 22:05:16 +02:00
Quentin Gliech
407ed412f1 Bump dependencies 2022-05-06 17:17:49 +02:00
dependabot[bot]
a132d76ae4 Bump serde_json from 1.0.80 to 1.0.81 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.80 to 1.0.81.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.80...v1.0.81)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-05 11:06:20 +02:00
dependabot[bot]
44d9000299 Bump serde from 1.0.136 to 1.0.137 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.136 to 1.0.137.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.136...v1.0.137)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-02 14:59:21 +02:00
dependabot[bot]
4ed0551c9b Bump serde_json from 1.0.79 to 1.0.80 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.79 to 1.0.80.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.79...v1.0.80)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-02 13:18:03 +02:00
dependabot[bot]
f0c19a17b2 Bump thiserror from 1.0.30 to 1.0.31 
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.30 to 1.0.31.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.30...1.0.31)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-02 12:42:20 +02:00
dependabot[bot]
8ca23f8ca1 Bump http from 0.2.6 to 0.2.7 
Bumps [http](https://github.com/hyperium/http) from 0.2.6 to 0.2.7.
- [Release notes](https://github.com/hyperium/http/releases)
- [Changelog](https://github.com/hyperium/http/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/http/compare/v0.2.6...v0.2.7)

---
updated-dependencies:
- dependency-name: http
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-02 12:08:06 +02:00
Quentin Gliech
28ff912029 Simple consent screen and storage 2022-04-29 12:16:39 +02:00
dependabot[bot]
a942ee4a7a Bump serde_with from 1.12.1 to 1.13.0 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 1.12.1 to 1.13.0.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v1.12.1...v1.13.0)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-25 22:11:13 +02:00
Quentin Gliech
ee05543944 Check some metadata on client registration 2022-04-21 13:34:07 +02:00
Quentin Gliech
5c14611b96 Simple dynamic client registration 2022-04-19 12:23:19 +02:00
Quentin Gliech
d43a8f1a00 Basic Webfinger support 2022-04-08 10:43:48 +02:00
dependabot[bot]
19f6cf851a Bump serde_with from 1.12.0 to 1.12.1 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 1.12.0 to 1.12.1.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v1.12.0...v1.12.1)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-08 00:19:31 +02:00
Quentin Gliech
bbcd03fa73 Simplify OAuth2 error types 2022-04-07 10:08:10 +02:00
Quentin Gliech
9cd63f6cf1 Fix tests in oauth2 errors serialization 2022-04-06 17:35:29 +02:00
Quentin Gliech
51160faf48 Axum migration: /oauth2/authorize 2022-04-06 17:35:29 +02:00
Quentin Gliech
35310849c7 Axum migration: /oauth2/token 2022-04-06 17:35:29 +02:00
Quentin Gliech
64900ef1d9 Axum migration: /oauth2/keys.json and /.well-known/openid-configuration 2022-04-06 17:35:29 +02:00
Quentin Gliech
8e9bda654f Support prompt=create 
Allows RPs to ask for account creation

See https://openid.net/specs/openid-connect-prompt-create-1_0.html
 2022-03-14 16:34:10 +01:00
dependabot[bot]
d9aeadde0e Bump parse-display from 0.5.4 to 0.5.5 
Bumps [parse-display](https://github.com/frozenlib/parse-display) from 0.5.4 to 0.5.5.
- [Release notes](https://github.com/frozenlib/parse-display/releases)
- [Commits](https://github.com/frozenlib/parse-display/compare/v0.5.4...v0.5.5)

---
updated-dependencies:
- dependency-name: parse-display
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-11 10:34:02 +01:00
Quentin Gliech
62f633a716 Move clients to the database 2022-03-08 19:07:46 +01:00
dependabot[bot]
e4ef5788fa Bump indoc from 1.0.3 to 1.0.4 
Bumps [indoc](https://github.com/dtolnay/indoc) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/dtolnay/indoc/releases)
- [Commits](https://github.com/dtolnay/indoc/compare/1.0.3...1.0.4)

---
updated-dependencies:
- dependency-name: indoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-20 16:41:19 +01:00
Quentin Gliech
fa92d6498f Bump dependencies 2022-02-17 15:53:48 +01:00
Quentin Gliech
a45381828c Loads of docs & enabling more clippy lints 2022-02-01 12:02:32 +01:00
Quentin Gliech
9af8820564 Bump dependencies 2022-02-01 10:13:11 +01:00
Quentin Gliech
d43af81238 Upgrade dependencies 2022-01-25 12:47:17 +01:00
Quentin Gliech
f876d6a134 Upgrade dependencies 2022-01-14 10:51:12 +01:00
Quentin Gliech
5b9c35a079 Use iana generated types in more places 2022-01-12 12:22:54 +01:00
Quentin Gliech
2844706bb1 Multiple IANA codegen enhancement 
- JWS/JWE algorithms are properly splitted
 - Enums now have a proper description
 - They implement FromStr and Display
 - mas-jose does not reexport mas-iana anymore
 2022-01-12 10:58:27 +01:00
Quentin Gliech
9003eaf0c2 Use new generated enums & query supported signing algs from the keystore 2022-01-11 18:46:26 +01:00
Quentin Gliech
97ab75fb15 Add loads of server metadata in the discovery document 2022-01-11 12:54:26 +01:00
Quentin Gliech
b4f0f0d0be Have all server metadata from the IANA registry 2022-01-11 11:20:17 +01:00
Quentin Gliech
1377e09dbe Upgrade dependencies 2022-01-04 22:35:18 +01:00
Quentin Gliech
2f97ca685d Split the core crate 2021-12-17 18:04:30 +01:00
Quentin Gliech
d558b74bad Upgrade dependencies 2021-12-09 23:34:36 +01:00
Quentin Gliech
c4a979245b Move to Rust edition 2021 
Also bump MSRV to 1.56 and use the same clippy lints in every crate
 2021-12-09 22:54:35 +01:00
Quentin Gliech
c857ff90ec Upgrade dependencies 2021-12-06 10:01:37 +01:00
Quentin Gliech
de2e078e18 Match the spec on handling request/registration params 
Raise a (request|request_uri|registration)_unsupported error when one of
those parameters are in an authorization request
 2021-11-22 16:14:25 +01:00
Quentin Gliech
d78f64d077 Support the prompt param in authorization requests 2021-11-22 15:54:52 +01:00
Quentin Gliech
5a4d3f6c94 Generate a scope with a random device ID 2021-11-22 14:06:25 +01:00
Quentin Gliech
6a69ef8456 Fix post-auth redirects & support max_age 
This also displays some context on login and reauth page about the next
step
 2021-11-16 19:16:52 +01:00
Quentin Gliech
16fe5a8d76 Implement client_secret_jwt authentication method 2021-11-05 17:18:48 +01:00
Quentin Gliech
bca8b11e46 Upgrade all dependencies 2021-10-25 17:40:54 -04:00