matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-21 23:00:50 +03:00
Code Activity
2,587 Commits 59 Branches 22 Tags
a48bbf7c85c93b5cc3cc91e10cdedc01737d206f
Commit Graph

133 Commits

Author SHA1 Message Date
Quentin Gliech
3978acd94e Fix recently added Clippy lints 
This also ignores the clippy::blocks_in_conditions lint in two crates,
until tracing gets fixed: https://github.com/tokio-rs/tracing/issues/2876
 2024-05-07 07:32:02 +02:00
Quentin Gliech
cd0ec35d2f Soft-delete upstream OAuth 2.0 providers on config sync 2024-04-03 09:51:22 +02:00
Quentin Gliech
4e3823fe4f Add a soft-deletion column on upstream OAuth 2.0 providers 2024-04-03 09:51:22 +02:00
Quentin Gliech
dde907758e Use OTEL semantic conventions constants for most attributes 2024-03-19 17:15:14 +01:00
Quentin Gliech
7e30daf83e Replace parse-display with manual Display/FromStr impls 2024-03-19 16:38:46 +01:00
Quentin Gliech
d8f5fdaf5c Moved some dependencies in the workspace and upgrade some dependencies 2024-03-19 14:54:35 +01:00
Quentin Gliech
eb950151af Upgrade OTEL and remove support for Jaeger and Zipkin exporters 2024-03-18 17:26:40 +01:00
Quentin Gliech
61a69f5af4 Upgrade chrono and replace deprecated methods usage 2024-03-18 17:26:40 +01:00
Quentin Gliech
1821136e3f Additional parameters from upstream OAuth2 providers in the data model 2024-03-01 14:36:37 +01:00
Quentin Gliech
2c9b8a446d Bump Clippy to 1.75 and Rust to 1.76 2024-02-27 16:58:43 +01:00
Quentin Gliech
f3cbd3b315 Parse User Agents on the backend side (#2388) 
* Parse user agents on the server side

* Parse and expose user agents on the backend

* Use the parsed user agent in the device consent page

* Fix the device icon tests

* Fix clippy warnings

* Box stuff to avoid large enum variants

* Ignore a clippy warning

* Fix the requester boxing
 2024-02-23 16:47:48 +01:00
Quentin Gliech
f171d76dc5 Record user agents on OAuth 2.0 and compat sessions (#2386) 
* Record user agents on OAuth 2.0 and compat sessions

* Add tests for recording user agent in sessions
 2024-02-22 10:01:32 +01:00
Quentin Gliech
ed5893eb20 Save which user session created a compat session 
This also exposes the user session in the GraphQL API, and allow
filtering on browser session ID on the app session list.
 2024-02-21 11:55:58 +01:00
Quentin Gliech
03b6ad7138 Remove the unique constraint on device IDs on compatibility sessions 
In OAuth 2.0 sessions, we can have multiple sessions for the same device
anyway, so this constraint doesn't exactly make sense.

Fixes #2033
Fixes #2312
 2024-02-20 15:50:20 +01:00
Quentin Gliech
90c386847a Setup a repository to track user terms agreements 2024-02-07 17:21:22 +01:00
Quentin Gliech
17e968f7cc Record the user agent and IP in the device code grant 2024-02-02 18:01:51 +01:00
Quentin Gliech
b0042eb0c3 Clippy thinks I have too many bools in my structs 2024-02-02 18:01:51 +01:00
Quentin Gliech
31936bcc00 Save whether the client supports the device code grant in the database 2024-02-02 18:01:51 +01:00
Quentin Gliech
50654d2e40 Implement the device code authorisation request 2024-02-02 18:01:51 +01:00
Quentin Gliech
286fc57103 Add a repository for device code grants 2024-02-02 18:01:51 +01:00
Quentin Gliech
b927d330c9 Bump most Rust dependencies 2024-02-02 15:37:05 +01:00
Quentin Gliech
49963b26f8 Prepare workspace to publish OIDC crates 2023-12-07 16:02:55 +01:00
Quentin Gliech
a0f5f3c642 Enable clippy lints on a workspace level 
This enables a lot more lints than before in some crates, so this fixed a lot of warnings as well.
 2023-12-05 17:20:42 +01:00
Quentin Gliech
30247448d5 Bump Rust dependencies 2023-11-24 13:04:37 +01:00
Quentin Gliech
5126d36b2e Add upstream OAuth 2.0 providers name and branding 2023-11-20 17:23:02 +01:00
Quentin Gliech
7315dd9a7a Allow endpoints and discovery mode override for upstream oauth2 providers 
This time, at the configuration and database level
 2023-11-17 16:18:39 +01:00
Quentin Gliech
364093f12f Allow overriding usptream OAuth2 providers endpoints 
Also have a way to disable OIDC discovery when all the endpoints are known.
 2023-11-17 16:18:39 +01:00
dependabot[bot]
ecabe90237 build(deps): bump uuid from 1.4.1 to 1.5.0 
Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.4.1 to 1.5.0.
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](https://github.com/uuid-rs/uuid/compare/1.4.1...1.5.0)

---
updated-dependencies:
- dependency-name: uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-19 18:11:01 +02:00
dependabot[bot]
75a94c34ff build(deps): bump async-trait from 0.1.73 to 0.1.74 
Bumps [async-trait](https://github.com/dtolnay/async-trait) from 0.1.73 to 0.1.74.
- [Release notes](https://github.com/dtolnay/async-trait/releases)
- [Commits](https://github.com/dtolnay/async-trait/compare/0.1.73...0.1.74)

---
updated-dependencies:
- dependency-name: async-trait
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-19 17:41:02 +02:00
Quentin Gliech
3cb8a26d95 "Can request admin" flag on user 2023-10-09 18:52:30 +02:00
Quentin Gliech
2a100ab927 graphql: allow filtering appsessions on device_id 2023-10-06 16:05:26 +02:00
dependabot[bot]
fe92203f59 build(deps): bump sqlx from 0.7.1 to 0.7.2 
Bumps [sqlx](https://github.com/launchbadge/sqlx) from 0.7.1 to 0.7.2.
- [Changelog](https://github.com/launchbadge/sqlx/blob/main/CHANGELOG.md)
- [Commits](https://github.com/launchbadge/sqlx/commits)

---
updated-dependencies:
- dependency-name: sqlx
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-05 19:36:48 +02:00
dependabot[bot]
4e4b3c0a86 build(deps): bump sea-query from 0.30.1 to 0.30.2 
Bumps [sea-query](https://github.com/SeaQL/sea-query) from 0.30.1 to 0.30.2.
- [Release notes](https://github.com/SeaQL/sea-query/releases)
- [Changelog](https://github.com/SeaQL/sea-query/blob/master/CHANGELOG.md)
- [Commits](https://github.com/SeaQL/sea-query/compare/0.30.1...0.30.2)

---
updated-dependencies:
- dependency-name: sea-query
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-26 14:37:45 +02:00
Quentin Gliech
15134b37af Add missing tracing to app session storage 2023-09-20 20:29:16 +02:00
Quentin Gliech
f1d420f381 Storage layer for a unified session list 2023-09-20 20:27:08 +02:00
Quentin Gliech
50558a7319 Make the last activity timestamp and IP available through the API 2023-09-19 21:57:54 +02:00
Quentin Gliech
b85655b944 Save the session activity in the database 2023-09-19 21:57:54 +02:00
Quentin Gliech
c9155ef0cf Rust dependencies housekeeping 
Including:
 - package upgrades
 - stop using the patched version of `ulid`
 - update cargo deny duplicate exception list
 2023-09-14 23:43:00 +02:00
Quentin Gliech
9c97a0c37a storage: make the access token expiration optional 2023-09-11 12:03:42 +02:00
Quentin Gliech
e6b91c1ce4 data-model: make the access token expiration optional 2023-09-11 12:03:42 +02:00
Quentin Gliech
83ca90ee3d Add a GraphQL mutation to create arbitrary OAuth2 sessions. 2023-09-11 12:03:42 +02:00
Quentin Gliech
542d0a6073 Implement the client credentials grant 2023-09-06 09:35:34 +02:00
Quentin Gliech
00fe5f902b storage: add a method to create an OAuth 2.0 session for a client credentials grant 2023-09-06 09:35:34 +02:00
Quentin Gliech
7a9197f222 storage-pg: make the user_id in oauth2_sessions nullable 2023-09-06 09:35:34 +02:00
Quentin Gliech
7e247830c9 data-model: Make the user_id optional in the OAuth 2.0 sessions 2023-09-06 09:35:34 +02:00
Quentin Gliech
a01c53019f Define common crates metadata on the workspace level 2023-09-01 16:27:22 +02:00
Quentin Gliech
5d3b8cd92f Store the browser user-agent when starting a browser session 2023-08-29 17:38:01 +02:00
Quentin Gliech
1849b86a7d graphql: Always make the associated SSO login available in compatibility sessions 2023-08-29 16:53:38 +02:00
Quentin Gliech
8402a75a7d storage: Look up compat sessions by device_id 2023-08-29 16:53:38 +02:00
Quentin Gliech
d7abdccc0a storage: Allow filtering oauth2 sessions by scope 2023-08-29 16:53:38 +02:00