matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00
Code Activity
1,308 Commits 59 Branches 22 Tags
859c4486bbcb35e5ffb10a9c1cf7a338409d24e6
Commit Graph

240 Commits

Author SHA1 Message Date
Quentin Gliech
9dad21475e Axum migration: /oauth2/userinfo & UserAuthorization util 2022-04-06 17:35:29 +02:00
Quentin Gliech
64900ef1d9 Axum migration: /oauth2/keys.json and /.well-known/openid-configuration 2022-04-06 17:35:29 +02:00
Quentin Gliech
9cb5650167 Axum migration: /account/* routes 2022-04-06 17:35:29 +02:00
Quentin Gliech
b4d0906e75 Axum migration: /verify route 2022-04-06 17:35:29 +02:00
Quentin Gliech
6fb4d27046 Axum migration: /register route 2022-04-06 17:35:29 +02:00
Quentin Gliech
b4dc2b38d0 Axum migration: /reauth route 2022-04-06 17:35:29 +02:00
Quentin Gliech
6e7d0a6cfd Axum migration: logout route 2022-04-06 17:35:29 +02:00
Quentin Gliech
5e95c705d4 Axum migration: CSRF token and login page 2022-04-06 17:35:29 +02:00
Quentin Gliech
5d3b4aa182 Migrate /health 2022-04-06 17:35:29 +02:00
Quentin Gliech
7c8f8722cd Axum migration: signed cookies, errors, CSRF tokens, sessions 2022-04-06 17:35:29 +02:00
Quentin Gliech
797257cce7 Start migrating to Axum 
Now with the homepage and the static files
 2022-04-06 17:35:29 +02:00
Quentin Gliech
8e9bda654f Support prompt=create 
Allows RPs to ask for account creation

See https://openid.net/specs/openid-connect-prompt-create-1_0.html
 2022-03-14 16:34:10 +01:00
Hugh Nimmo-Smith
3d3b14093c fix: allow authorization in Access-Control-Request-Headers (#88) 
* fix: allow authorization in Access-Control-Request-Headers

* chore: fix clippy style

* style: use constant version of Authorization header

* chore: fix code style with cargo fmt

Co-authored-by: Quentin Gliech <quenting@element.io>
 2022-03-11 11:44:23 +00:00
Quentin Gliech
62f633a716 Move clients to the database 2022-03-08 19:07:46 +01:00
Quentin Gliech
8c97c98206 Fix compilation on older rust version 2022-02-28 10:07:32 +01:00
Quentin Gliech
beef393bc8 Support the email scope 2022-02-25 16:19:38 +01:00
Quentin Gliech
cad6d54ddb Reply with proper errors on the OAuth token endpoint 2022-02-25 11:28:23 +01:00
Quentin Gliech
035e2d7829 Implement private_key_jwks client authentication 
This involves a lot of things, including:
 - better VerifyingKeystore trait
 - better errors in the JOSE crate
 - getting rid of async_trait in some JOSE traits
 2022-02-17 15:42:44 +01:00
Quentin Gliech
2df40762a2 Dedicated HTTP server/client crate 
Also have better names for the HTTP routes
 2022-02-10 16:38:16 +01:00
Quentin Gliech
a45381828c Loads of docs & enabling more clippy lints 2022-02-01 12:02:32 +01:00
Quentin Gliech
7e24cd0948 Move secrets and oauth2 clients config 2022-02-01 09:34:55 +01:00
Quentin Gliech
c0e5b66ea4 Move public base URL from oauth2 config to http config 2022-02-01 09:34:55 +01:00
Quentin Gliech
7b487e184a Finish implementing email verification 
Fixes #30
 2022-01-21 18:22:02 +01:00
Quentin Gliech
93cbad34f5 Actually send emails 2022-01-19 18:00:45 +01:00
Quentin Gliech
6e50921626 Email management UI 
Also simplify a bunch of query strings
 2022-01-18 18:16:56 +01:00
Quentin Gliech
0c2950a160 Remove unnecessary boxing of warp filters 
This was needed because of a compiler regression. Now that we're using
Rust 1.58 there is no benefit to boxing them
 2022-01-18 12:07:29 +01:00
Quentin Gliech
1b35f96f29 Move password change to its own page 
Also restructure the templates structure a bit
 2022-01-18 11:58:42 +01:00
Quentin Gliech
565f5cda1b Save user emails in database 2022-01-14 18:42:37 +01:00
Quentin Gliech
571f484894 Revoke OAuth session on code reuse 2022-01-14 13:20:14 +01:00
Quentin Gliech
5b9c35a079 Use iana generated types in more places 2022-01-12 12:22:54 +01:00
Quentin Gliech
2844706bb1 Multiple IANA codegen enhancement 
- JWS/JWE algorithms are properly splitted
 - Enums now have a proper description
 - They implement FromStr and Display
 - mas-jose does not reexport mas-iana anymore
 2022-01-12 10:58:27 +01:00
Quentin Gliech
9003eaf0c2 Use new generated enums & query supported signing algs from the keystore 2022-01-11 18:46:26 +01:00
Quentin Gliech
97ab75fb15 Add loads of server metadata in the discovery document 2022-01-11 12:54:26 +01:00
Quentin Gliech
b4f0f0d0be Have all server metadata from the IANA registry 2022-01-11 11:20:17 +01:00
Quentin Gliech
a30d4b58f0 Add exp claim in id_tokens 2022-01-10 17:59:57 +01:00
Quentin Gliech
5631300dc3 Claims handling in JOSE library 2022-01-10 17:41:48 +01:00
Quentin Gliech
a965e488e2 Support private_key_jwt client auth 
Which includes having a verifying keystore out of JWKS (and soon out of
a JWKS URI)
 2022-01-05 21:07:18 +01:00
Quentin Gliech
f933ace007 New JWT/JOSE crate 
Still WIP, needs to handle time related claims
 2022-01-04 22:28:00 +01:00
Quentin Gliech
a55e8af2c8 Cut down a lot on compilation time 2021-12-17 19:55:22 +01:00
Quentin Gliech
2f97ca685d Split the core crate 2021-12-17 18:04:30 +01:00