matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2026-01-03 17:02:28 +03:00
Code Activity
2,598 Commits 59 Branches 22 Tags
43582e7eca752fe607c554af1e80a50c8c3de3c2
Commit Graph

81 Commits

Author SHA1 Message Date
reivilibre
49e8fe57f4 Improve errors when MAS contacts the Synapse homeserver (#2794) 
* Add some drive-by docstrings

* Change text rendering of catch_http_codes::HttpError

Using `#[source]` is unnatural here because it makes it look like
two distinct errors (one being a cause of the other),
when in reality it is just one error, with 2 parts.

Using `Display` formatting for that leads to a more natural error.

* Add constraints to `catch_http_code{,s}` methods

Not strictly required, but does two things:

- documents what kind of function is expected
- provides a small extra amount of type enforcement at the call site,
  rather than later on when you find the result doesn't implement Service

* Add a `catch_http_errors` shorthand

Nothing major, just a quality of life improvement so you don't have to
repetitively write out what a HTTP error is

* Unexpected error page: remove leading whitespace from preformatted 'details' section

The extra whitespace was probably unintentional and makes the error harder to read,
particularly when it wraps onto a new line unnecessarily

* Capture and log Matrix errors received from Synapse

* Drive-by clippy fix: use clamp instead of min().max()

* Convert `err(Display)` to `err(Debug)` for `anyhow::Error`s in matrix-synapse support module
 2024-06-07 11:14:04 +00:00
Quentin Gliech
61a69f5af4 Upgrade chrono and replace deprecated methods usage 2024-03-18 17:26:40 +01:00
Quentin Gliech
6eb6209bd8 Use rustls-platform-verifier for cert validation 
This simplifies by removing the mutually exclusive `native-roots` and
`webpki-roots` features with something that is suitable for all
platforms.
 2024-03-06 14:03:59 +01:00
Quentin Gliech
a0f5f3c642 Enable clippy lints on a workspace level 
This enables a lot more lints than before in some crates, so this fixed a lot of warnings as well.
 2023-12-05 17:20:42 +01:00
Quentin Gliech
89420a2cfc Refactor the upstream link provider template logic 
Also adds tests for new account registration through an upstream oauth2
provider
 2023-11-13 14:11:30 +01:00
Quentin Gliech
8984cc703b Add instance privacy policy, TOS and imprint, and loads of design cleanups 2023-10-30 15:55:15 +01:00
Quentin Gliech
efbd7b5e91 Better errors on client authorization failures 
Before it would just return a 500, now it displays a proper error
message
 2023-10-06 15:20:27 +02:00
Quentin Gliech
6ff549f5df templates: fix the _ function not working in macros 2023-10-05 19:29:23 +02:00
Quentin Gliech
1feafc1d13 handlers/templates: infer the language from the Accept-Language browser header 2023-10-05 19:29:23 +02:00
Quentin Gliech
730ad4674b axum-utils: Accept-Language header encoder and decoder 2023-10-05 19:29:23 +02:00
Quentin Gliech
f20c8d8ef3 Infer client IP address from the peer address and the X-Forwarded-Proxy header 2023-09-20 20:24:30 +02:00
Quentin Gliech
54071c4969 Make the HTTP client factory reuse the underlying client 
This avoids duplicating clients, and makes it so that they all share the same connection pool.
 2023-09-14 16:52:01 +02:00
Quentin Gliech
0bb34ed3e0 Add the Sentry event ID in error response headers 2023-09-08 15:19:43 +02:00
Quentin Gliech
23571e87ea Run the registration policy on upstream OAuth registration 2023-08-30 19:39:39 +02:00
Quentin Gliech
7fcd022eea Make sure we validate passwords & emails by the policy at all stages 
Also refactors the way we get the policy engines in requests
 2023-08-30 19:39:39 +02:00
Quentin Gliech
17e28f56c1 Upgrade Rust to 1.72.0 
Fixes new clippy errors and upgrade other tools
 2023-08-28 18:05:56 +02:00
Quentin Gliech
a39f71c181 Handle cookies better by setting the right flags & expiration 2023-08-25 14:35:46 +02:00
Quentin Gliech
68db56c2a2 Reimplementation of a postgres-backed storage with a shared PG listener 2023-07-17 19:04:06 +02:00
Quentin Gliech
08f58db08b Replace the OTEL-based tracing layer with tracing based layers 2023-04-18 14:45:43 +02:00
Quentin Gliech
8a2be43fe7 Proactively provision users on registration & sync threepids 2023-04-14 10:22:22 +02:00
Quentin Gliech
792d3c793b Convert many match/if expressions to let-else 2023-02-01 10:37:04 +01:00
Quentin Gliech
87914cbcb3 Capture better errors in Sentry 2023-01-31 16:25:15 +01:00
Quentin Gliech
875025467e Log more errors and setup Sentry integration 2023-01-30 18:04:44 +01:00
Quentin Gliech
4d53e210b3 axum-utils: remove an unnecessary ?Sized bound 2023-01-27 10:30:59 +01:00
Quentin Gliech
d14ca156ad storage: split the repository trait 2023-01-24 16:05:14 +01:00
Quentin Gliech
a9facab131 Box the repository everywhere 2023-01-20 17:53:04 +01:00
Quentin Gliech
9005931e2a handlers: box the rng and clock, and extract it from the state 2023-01-18 17:49:59 +01:00
Quentin Gliech
3798f25f7d Fix rustdoc lints 2023-01-18 12:25:49 +01:00
Quentin Gliech
195203823a storage: wrap the postgres repository in a struct 2023-01-13 18:03:37 +01:00
Quentin Gliech
488a666a8d storage: remaining oauth2 repositories 
- authorization grants
 - access tokens
 - refresh tokens
 2023-01-12 18:26:04 +01:00
Quentin Gliech
9f0c9f1466 storage: cleanup access/refresh token lookups 2023-01-11 12:14:52 +01:00
Quentin Gliech
603a26eabd storage: oauth2 session repository 2023-01-05 16:44:56 +01:00
Quentin Gliech
09a567ab17 storage: OAuth2 client repository 2023-01-04 16:30:32 +01:00
Quentin Gliech
53172d6a3f strorage: browser session and user password repositories 2023-01-03 15:58:01 +01:00
Quentin Gliech
ca112d45e1 ci: Update clippy to 1.66 and fix new warnings 2022-12-16 18:16:18 +01:00
Quentin Gliech
102571512e storage: unify most oauth2 related errors 2022-12-08 15:29:15 +01:00
Quentin Gliech
b7cad48bbd storage: unify user operations errors 2022-12-08 15:29:15 +01:00
Quentin Gliech
f7f65e314b storage: unify the compat login errors 2022-12-08 15:29:15 +01:00
Quentin Gliech
12ce2a3d04 data-model: simplify the authorization grants and sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech
92d6f5b087 data-model: simplify the oauth2 clients 2022-12-08 15:29:15 +01:00
Quentin Gliech
feebbd0e97 data-model: simplify users and sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech
dff2f98167 data-model: simplify tokens 2022-12-08 15:29:15 +01:00
Quentin Gliech
23fd833d45 Save the post auth action during upstream OAuth login 2022-12-05 19:39:51 +01:00
Quentin Gliech
bf432a31e1 OIDC account linking and login 2022-12-05 19:39:51 +01:00
Quentin Gliech
4227fa7a83 Add a global HTTP client factory 2022-12-05 19:39:51 +01:00
Quentin Gliech
d514a8922c Cleanup HTTP client building 2022-12-05 19:39:51 +01:00
Quentin Gliech
c76a1dd2e7 Bump the latest axum rc 2022-11-18 14:57:22 +01:00
Quentin Gliech
78778648ca Allow fetching more nodes by their IDs 2022-11-18 13:43:01 +01:00
Quentin Gliech
c13b0478e6 Initial GraphQL API 2022-11-09 19:17:12 +01:00
Quentin Gliech
2d2127dcdb More cleanups 2022-11-02 18:59:00 +01:00