matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00
Code Activity
1,429 Commits 59 Branches 22 Tags
40b49cdd100d0947defb511d44aa5380c187a25f
Commit Graph

139 Commits

Author SHA1 Message Date
Quentin Gliech
40b49cdd10 Add a way to lock users 2023-08-03 14:06:34 +02:00
Quentin Gliech
802cf142fd Remove the last authentication from the browser session model 2023-07-21 19:50:30 +02:00
Quentin Gliech
4f1b201c74 Define upstream OAuth providers in the config 
And adds CLI tool to sync them with the database (WIP)
 2023-06-26 17:24:56 +02:00
Quentin Gliech
2a514cf452 Add a admin flag to the compatibility session 
Also adds a CLI tool to issue a compatibility token.
 2023-06-16 15:24:38 +02:00
Quentin Gliech
77fc67c29b Silence clippy warning about a function being too long 2023-04-24 10:42:38 +02:00
Quentin Gliech
d34e01fc67 Provision and delete Matrix devices in OAuth sessions 2023-04-24 10:42:38 +02:00
Quentin Gliech
a79b4060d4 Check that an OAuth session is valid before revoking it 2023-03-02 16:31:36 +01:00
Quentin Gliech
67753c0e26 handlers: add tests for introspection endpoint 2023-02-24 17:45:50 +01:00
Quentin Gliech
17471c651e handlers: add tests for the token endpoint 
This also simplifies the way we issue tokens in tests
 2023-02-22 19:38:01 +01:00
Quentin Gliech
03583d2936 handlers: add a test for OIDC discovery 2023-02-22 16:38:48 +01:00
Quentin Gliech
1e9ce8d6d6 handlers: add tests for client registration 2023-02-22 14:29:53 +01:00
Quentin Gliech
64ce271d08 Add test helpers for handlers and use them 
Also expands the test coverage of the revoke handler.
 2023-02-21 12:06:30 +01:00
Quentin Gliech
a6cd4412c1 Write tests for the token revocation endpoint 2023-02-21 12:06:30 +01:00
Quentin Gliech
543b4b229f Support for token revocation 2023-02-21 12:06:30 +01:00
Quentin Gliech
792d3c793b Convert many match/if expressions to let-else 2023-02-01 10:37:04 +01:00
Quentin Gliech
39c126318f Fix the authorization grant template 
It previously relied on the client being in the authorization grant,
which is not the case anymore. This commit also adds a test to ensure
we're not breaking this template in the future.
 2023-01-31 16:50:48 +01:00
Quentin Gliech
87914cbcb3 Capture better errors in Sentry 2023-01-31 16:25:15 +01:00
Quentin Gliech
875025467e Log more errors and setup Sentry integration 2023-01-30 18:04:44 +01:00
Quentin Gliech
6a8c79c497 storage: impl Repository for Box<impl Repository + ?Sized> 2023-01-24 09:51:49 +01:00
Quentin Gliech
a9facab131 Box the repository everywhere 2023-01-20 17:53:04 +01:00
Quentin Gliech
f4c64c2171 storage: ensure the repository trait can be boxed 
and define some wrappers to map the errors
 2023-01-19 19:10:35 +01:00
Quentin Gliech
876bc9fcb3 handlers: extract the PgRepository from the request 
Also fix a bunch of clippy errors & doctests
 2023-01-18 18:22:13 +01:00
Quentin Gliech
9005931e2a handlers: box the rng and clock, and extract it from the state 2023-01-18 17:49:59 +01:00
Quentin Gliech
142fdbd45a storage: make the Clock a trait 2023-01-18 12:20:30 +01:00
Quentin Gliech
73a921cc30 Split the storage trait from the implementation 2023-01-18 10:38:22 +01:00
Quentin Gliech
195203823a storage: wrap the postgres repository in a struct 2023-01-13 18:03:37 +01:00
Quentin Gliech
488a666a8d storage: remaining oauth2 repositories 
- authorization grants
 - access tokens
 - refresh tokens
 2023-01-12 18:26:04 +01:00
Quentin Gliech
36396c0b45 storage: repository pattern for the compat layer 2023-01-12 15:41:26 +01:00
Quentin Gliech
9f0c9f1466 storage: cleanup access/refresh token lookups 2023-01-11 12:14:52 +01:00
Quentin Gliech
920869b583 storage: do less joins in compat sessions 2023-01-10 18:49:35 +01:00
Quentin Gliech
39cd9a2578 data-model: don't embed the client in the auth grant 2023-01-09 10:49:51 +01:00
Quentin Gliech
fb7c6f4dd1 storage: do less joins on authorization grants and refresh tokens 2023-01-05 16:49:19 +01:00
Quentin Gliech
603a26eabd storage: oauth2 session repository 2023-01-05 16:44:56 +01:00
Quentin Gliech
e26f75246d storage: Load with less joins 
This is done to simplify some queries, to avoid loading more data than
necessary, and in preparation of a proper cache layer
 2023-01-04 18:06:17 +01:00
Quentin Gliech
09a567ab17 storage: OAuth2 client repository 2023-01-04 16:30:32 +01:00
Quentin Gliech
13a9d03647 storage: user and user email repository 2023-01-02 15:28:44 +01:00
Quentin Gliech
3bca5ab9be Add the standard API scope to the compat token introspection 2022-12-28 11:33:53 +01:00
Quentin Gliech
ca112d45e1 ci: Update clippy to 1.66 and fix new warnings 2022-12-16 18:16:18 +01:00
Hugh Nimmo-Smith
61b14a08b3 Make the introspection endpoint return JSON error responses 2022-12-14 16:33:27 +01:00
Quentin Gliech
0ea9089f7f template: more cleanups 2022-12-08 15:29:15 +01:00
Quentin Gliech
13b1ac7c83 policy: define custom errors and ditch anyhow 2022-12-08 15:29:15 +01:00
Quentin Gliech
68890b7291 handlers: remove most usage of anyhow 2022-12-08 15:29:15 +01:00
Quentin Gliech
a836cc864a storage: unify most of the remaining errors 2022-12-08 15:29:15 +01:00
Quentin Gliech
102571512e storage: unify most oauth2 related errors 2022-12-08 15:29:15 +01:00
Quentin Gliech
b7cad48bbd storage: unify user operations errors 2022-12-08 15:29:15 +01:00
Quentin Gliech
f7f65e314b storage: unify the compat login errors 2022-12-08 15:29:15 +01:00
Quentin Gliech
12ce2a3d04 data-model: simplify the authorization grants and sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech
92d6f5b087 data-model: simplify the oauth2 clients 2022-12-08 15:29:15 +01:00
Quentin Gliech
feebbd0e97 data-model: simplify users and sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech
4227fa7a83 Add a global HTTP client factory 2022-12-05 19:39:51 +01:00