matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00
Code Activity
1,980 Commits 59 Branches 22 Tags
b5ceed2376f43d331c93c77b15c90019e698be4d
Commit Graph

174 Commits

Author SHA1 Message Date
Quentin Gliech
9b5c8fb44b Allow running the authentication service on a different base path 2023-10-06 14:07:55 +02:00
Quentin Gliech
1feafc1d13 handlers/templates: infer the language from the Accept-Language browser header 2023-10-05 19:29:23 +02:00
Quentin Gliech
15ad89aa82 templates: add translations function 2023-10-05 19:29:23 +02:00
Quentin Gliech
995bdfc13b templates: replace tera with minijinja 2023-10-05 19:29:23 +02:00
Quentin Gliech
f20c8d8ef3 Infer client IP address from the peer address and the X-Forwarded-Proxy header 2023-09-20 20:24:30 +02:00
Quentin Gliech
b85655b944 Save the session activity in the database 2023-09-19 21:57:54 +02:00
Quentin Gliech
cf5510a1a2 Add an ActivityTracker which tracks session activity and regularly flush them to the database 2023-09-19 21:57:54 +02:00
Quentin Gliech
54071c4969 Make the HTTP client factory reuse the underlying client 
This avoids duplicating clients, and makes it so that they all share the same connection pool.
 2023-09-14 16:52:01 +02:00
Quentin Gliech
f29e4adcfa Always initialize a metric reader to avoid crashes 
Fix #1552
 2023-09-14 16:52:01 +02:00
Quentin Gliech
21d3d3a5d4 Rename the 'hack' configuration section to 'experimental' 2023-08-31 18:05:00 +02:00
Quentin Gliech
bc04860afb Make the access tokens TTL configurable 2023-08-31 18:05:00 +02:00
Quentin Gliech
ae3213fe87 Make the email verification state more configurable on upstream OAuth 2.0 registration 
This also marks the email as primary
 2023-08-31 14:20:06 +02:00
Quentin Gliech
7fcd022eea Make sure we validate passwords & emails by the policy at all stages 
Also refactors the way we get the policy engines in requests
 2023-08-30 19:39:39 +02:00
Quentin Gliech
23151ef092 policies: split the email & password policies and add jsonschema validation of the input 2023-08-30 19:39:39 +02:00
Quentin Gliech
6589f06d79 tracing: set the parent context from the incoming request again 2023-08-29 18:50:54 +02:00
Quentin Gliech
f295d2df77 Fix sentry transport post-upgrade 2023-08-29 08:23:26 +02:00
Quentin Gliech
07ca145174 Cache the upstream OAuth 2.0 provider metadata 2023-08-28 18:30:40 +02:00
Quentin Gliech
17e28f56c1 Upgrade Rust to 1.72.0 
Fixes new clippy errors and upgrade other tools
 2023-08-28 18:05:56 +02:00
Quentin Gliech
096386e9b9 Save the application_type and the contacts in the OAuth 2.0 clients 
This also removes the dedicated "redirect_uris" table and makes it a field of the "oauth2_clients" table
 2023-08-28 14:41:49 +02:00
Quentin Gliech
9289922dfb Grab a database lock when syncing the config 
Fixes #1475
 2023-08-25 15:48:47 +02:00
Quentin Gliech
a39f71c181 Handle cookies better by setting the right flags & expiration 2023-08-25 14:35:46 +02:00
Quentin Gliech
7c83dce66e Move some common dependencies on the workspace level 
Also deprecates the AWS SESv2 transport for emails
 2023-08-14 13:00:01 +02:00
Quentin Gliech
21964cbeab Setup cargo-deny 
Also try to remove a bunch of duplicate crates
 2023-08-14 11:22:52 +02:00
Quentin Gliech
699dfba55f OpenTelemetry upgrade 2023-08-11 16:12:58 +02:00
Quentin Gliech
3e6ea9a158 Add a 404 HTMl fallback 2023-08-09 16:56:11 +02:00
Quentin Gliech
033479bc57 cli: always include all OTEL exporters 2023-08-03 17:13:37 +02:00
Quentin Gliech
8142cad3d6 Call the homeserver for user deactivation 2023-08-03 14:06:34 +02:00
Quentin Gliech
40b49cdd10 Add a way to lock users 2023-08-03 14:06:34 +02:00
Quentin Gliech
e79da4a949 Bump Rust dependencies and remove unused ones 2023-07-27 17:23:08 +02:00
Quentin Gliech
ba0f7ea62c Upgrade all Rust dependencies 
This includes breaking changes of sqlx 0.7.0
 2023-07-17 19:04:06 +02:00
Quentin Gliech
68db56c2a2 Reimplementation of a postgres-backed storage with a shared PG listener 2023-07-17 19:04:06 +02:00
Quentin Gliech
f5143c045e Track the database connection acquisition time and pool usage 2023-07-06 18:54:29 +02:00
Quentin Gliech
76653f9638 Better frontend assets handling and move the react app to /account/ (#1324) 
This makes the Vite assets handling better, namely:

 - make it possible to include any vite assets in the templates
 - include the right `<link rel="preload">` tags for assets
 - include Subresource Integrity hashes
 - pre-compress assets and remove on-the-fly compression by the Rust server
 - build the CSS used by templates through Vite

It also moves the React app from /app/ to /account/, and remove some of the old SSR account screens.
 2023-07-06 15:30:26 +02:00
Quentin Gliech
297dbbb6ab Add a CLI tool to kill all sessions of a user 2023-06-30 15:54:06 +02:00
Quentin Gliech
859c4486bb Add a CLI tool to trigger a provisioning job for all users 2023-06-29 10:55:48 +02:00
Quentin Gliech
125a6bdf11 Allow setting a different issuer from the public base URL 2023-06-27 12:53:15 +02:00
Quentin Gliech
8c42563e61 Split the full config with partial configs used by some sub-commands 2023-06-26 17:24:56 +02:00
Quentin Gliech
dec9310a32 Sync the OAuth2 clients with CLI and remove redundant CLI tools 2023-06-26 17:24:56 +02:00
Quentin Gliech
de13d3ef19 CLI tool to sync the upstream IDPs with the config 2023-06-26 17:24:56 +02:00
Quentin Gliech
4f1b201c74 Define upstream OAuth providers in the config 
And adds CLI tool to sync them with the database (WIP)
 2023-06-26 17:24:56 +02:00
Quentin Gliech
9d5c2a40a1 Pass the claims import preferences on the storage layer 2023-06-26 17:24:56 +02:00
Quentin Gliech
4181cbc9d5 Refactor the matrix connection logic 
Also make the display name available through the graphql api
 2023-06-16 19:52:39 +02:00
Quentin Gliech
2a514cf452 Add a admin flag to the compatibility session 
Also adds a CLI tool to issue a compatibility token.
 2023-06-16 15:24:38 +02:00
Quentin Gliech
d2d68e9a27 Make password-based login optional 2023-05-23 17:02:02 +02:00
Quentin Gliech
be765fe04f Setup GraphQL mutations to add and verify email addresses 
This refactors a bit how the connection to the repository is done in the
graphql handler, so that we can properly commit transactions.
 2023-04-25 16:39:15 +02:00
Quentin Gliech
5cd93a5f93 Bump the OTEL crates to 0.19.0 (#1132) 
* Bump the OTEL crates to 0.19.0

Also pins a bunch of versions in the Dockerfile and fixes the docker build in CI
 2023-04-24 17:10:55 +00:00
Quentin Gliech
3979e9f46a Update Rust to 1.69.0 2023-04-24 11:42:01 +02:00
Quentin Gliech
a6704813c1 Remove clippy lints in files copied from the sentry crate 2023-04-18 23:01:43 +02:00
Quentin Gliech
c9e9130cdf Sentry transport based on hyper to get rid of reqwest 2023-04-18 23:01:43 +02:00
Quentin Gliech
09270b2493 Better tracing attributes in the HTTP client 2023-04-18 14:45:43 +02:00