7aae66e182
Make ClientErrorCode.error_description optional.
2023-05-09 19:10:19 +02:00
d34e01fc67
Provision and delete Matrix devices in OAuth sessions
2023-04-24 10:42:38 +02:00
17471c651e
handlers: add tests for the token endpoint
...
This also simplifies the way we issue tokens in tests
2023-02-22 19:38:01 +01:00
543b4b229f
Support for token revocation
2023-02-21 12:06:30 +01:00
792d3c793b
Convert many match/if expressions to let-else
2023-02-01 10:37:04 +01:00
09a567ab17
storage: OAuth2 client repository
2023-01-04 16:30:32 +01:00
01a7febee2
Don't enforce RS256 ID Token signing alg in provider metadata
2022-12-18 16:02:48 +01:00
ca112d45e1
ci: Update clippy to 1.66 and fix new warnings
2022-12-16 18:16:18 +01:00
bd93074076
clippy: fix warnings in tests
2022-12-08 15:29:15 +01:00
d58dab702b
oauth2-types: urn:ietf:params:oauth:grant-type:jwt-bearer
2022-12-05 19:39:51 +01:00
bedcf44741
WIP: upstream OIDC provider support
2022-12-05 19:39:51 +01:00
95a879585b
Make the OIDC issuer a string instead of a URL
2022-12-02 18:04:07 +01:00
db25574a96
Make sure Scope and InvalidScope are reexported from mas-oidc-client
2022-12-01 10:45:38 +01:00
66055b044e
Make sure all types of oauth2-types are documented
2022-12-01 10:45:38 +01:00
c590e8df92
Don't leak secrets in requests Debug format
2022-11-21 16:12:35 +01:00
51515358f7
Make more enum types accept unknown values
2022-10-17 14:15:35 +02:00
10297d29bb
Make Scope use a BTreeSet internally
2022-10-17 14:12:59 +02:00
99f2ca3d57
Derive Clone for http requests structs
...
So they don't prevent a Service from implementing Clone.
2022-10-17 12:47:43 +02:00
954e163936
Fix parsing and deserialization of AuthenticationMethodOrAccessTokenType
2022-09-28 13:43:39 +02:00
80d317f23c
Add variants for unknown values on mas-iana types
...
Remove the Copy derive and mark enums as non-exhaustive.
2022-09-28 13:43:39 +02:00
1bbd2c2970
Allow access token types in introspection auth methods
2022-09-27 19:11:32 +02:00
940ab48819
Add types for the Device Authorization flow
2022-09-16 11:47:31 +02:00
fca6cfa393
Use ResponseType that doesn't care about tokens order
2022-09-13 15:15:30 +02:00
c4e495a84a
Properly implement Display and FromStr for oauth2-types enums
...
Use SerializeDisplay and DeserializeFromStr derives.
Add tests for serialize and deserialize implemntations.
2022-09-12 15:44:15 +02:00
94ba03a273
Add more variants to GrantType
2022-09-12 11:06:45 +02:00
940965287b
Allow to get verified provider metadata with minimal checks
2022-09-07 08:56:10 +02:00
91ce8ff5fe
Add Pushed Authorization Request response type
2022-09-05 11:29:17 +02:00
29f1b134ae
Make the JWK generic over the parameters
2022-09-02 15:37:46 +02:00
7b281f4c21
Improve docs and spec compliance of oauth2-types requests
2022-09-02 11:25:21 +02:00
bffbf63992
Add a constructor for a basic AuthorizationRequest
2022-09-02 11:25:21 +02:00
7a931925fa
Basic improvements to oauth2-types requests
...
Make sure all types implement Serialize, Deserialize, Debug and Clone.
Make sure all types can be constructed and all fields can be accessed.
2022-09-02 11:25:21 +02:00
ee47c821e3
Use an enum for client error codes
...
Replace the ClientError constants with From<ClientErrorCode>.
2022-09-01 17:59:37 +02:00
e202c3dd6d
Allow to validate client metadata
...
According to OpenID Connect Dynamic Client Registration Spec 1.0.
Introduce VerifiedClientMetadata.
2022-08-19 13:58:43 +02:00
78f41c7d86
Improve docs for the prompt_values_supported field
2022-08-12 12:19:17 +02:00
5c8b442747
Fix new clippy 0.1.63 warnings
2022-08-12 11:05:21 +02:00
759809b7fd
Document field requirements in ProviderMetadata docs
2022-08-11 17:20:17 +02:00
f6fc51a76f
Use LanguageTag for lists of locales in ProviderMetadata
2022-08-11 17:20:17 +02:00
222551ad7f
Allow to validate provider metadata
...
According to the OpenID Connect Discovery 1.0 spec.
Provide the default values for fields when they are defined.
Introduce VerifiedProviderMetadata.
Rename Metadata to ProviderMetadata.
Implement Deserialize for ProviderMetadata.
2022-08-11 17:20:17 +02:00
c63345fe31
Fix type of metadata pushed authorization request endpoint
2022-08-11 17:20:17 +02:00
c1ed726dc8
Enable the clippy::str_to_string lint
2022-08-08 10:06:20 +02:00
3215e86eaa
Use unstable prefixes for scope names ( #337 )
2022-08-05 17:58:22 +00:00
649e5cd645
Move the PKCE validation logic to oauth2-types
2022-08-03 13:57:31 +02:00
372b32a780
Make PKCE implementation compliant with RFC7636
...
This checks for the PKCE code_verifier length as well as the characters
used. It also give better errors when the PKCE verifier is invalid.
Fixes #316
2022-08-03 13:57:31 +02:00
44b2708f7a
Bump serde_with
2022-08-01 19:38:22 +02:00
28ff912029
Simple consent screen and storage
2022-04-29 12:16:39 +02:00
ee05543944
Check some metadata on client registration
2022-04-21 13:34:07 +02:00
5c14611b96
Simple dynamic client registration
2022-04-19 12:23:19 +02:00
d43a8f1a00
Basic Webfinger support
2022-04-08 10:43:48 +02:00
bbcd03fa73
Simplify OAuth2 error types
2022-04-07 10:08:10 +02:00
9cd63f6cf1
Fix tests in oauth2 errors serialization
2022-04-06 17:35:29 +02:00
