matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00
Code Activity
1,980 Commits 59 Branches 22 Tags
b5ceed2376f43d331c93c77b15c90019e698be4d
Commit Graph

94 Commits

Author SHA1 Message Date
Quentin Gliech
3cb8a26d95 "Can request admin" flag on user 2023-10-09 18:52:30 +02:00
Quentin Gliech
894957934d Test the activity tracker on the introspection endpoint 2023-09-19 21:57:54 +02:00
Quentin Gliech
50558a7319 Make the last activity timestamp and IP available through the API 2023-09-19 21:57:54 +02:00
Quentin Gliech
9a77f67fbe Make the error on introspection failure more explicit in the logs 2023-09-13 18:24:52 +02:00
Quentin Gliech
e6b91c1ce4 data-model: make the access token expiration optional 2023-09-11 12:03:42 +02:00
Quentin Gliech
7e247830c9 data-model: Make the user_id optional in the OAuth 2.0 sessions 2023-09-06 09:35:34 +02:00
Quentin Gliech
ae3213fe87 Make the email verification state more configurable on upstream OAuth 2.0 registration 
This also marks the email as primary
 2023-08-31 14:20:06 +02:00
Quentin Gliech
5d3b8cd92f Store the browser user-agent when starting a browser session 2023-08-29 17:38:01 +02:00
Quentin Gliech
438a10332a Add the user_id directly on oauth2_sessions and make the scope a text list 2023-08-29 12:52:24 +02:00
Quentin Gliech
17e28f56c1 Upgrade Rust to 1.72.0 
Fixes new clippy errors and upgrade other tools
 2023-08-28 18:05:56 +02:00
Quentin Gliech
d9a12de8a3 Save the authentication method on each authorization 
This will help us logging out of the upstream.
 2023-08-28 17:14:59 +02:00
Quentin Gliech
096386e9b9 Save the application_type and the contacts in the OAuth 2.0 clients 
This also removes the dedicated "redirect_uris" table and makes it a field of the "oauth2_clients" table
 2023-08-28 14:41:49 +02:00
Quentin Gliech
40b49cdd10 Add a way to lock users 2023-08-03 14:06:34 +02:00
Quentin Gliech
802cf142fd Remove the last authentication from the browser session model 2023-07-21 19:50:30 +02:00
Quentin Gliech
de13d3ef19 CLI tool to sync the upstream IDPs with the config 2023-06-26 17:24:56 +02:00
Quentin Gliech
9d5c2a40a1 Pass the claims import preferences on the storage layer 2023-06-26 17:24:56 +02:00
Quentin Gliech
c183830489 Ground work to import upstream OIDC claims on registration. 2023-06-26 17:24:56 +02:00
Quentin Gliech
2a514cf452 Add a admin flag to the compatibility session 
Also adds a CLI tool to issue a compatibility token.
 2023-06-16 15:24:38 +02:00
Quentin Gliech
047a91907d Split the mutations and make them use an input object instead of different parameters 2023-04-25 16:39:15 +02:00
Quentin Gliech
a55976eeeb Fix Device to ScopeToken conversion and test it 2023-04-24 10:42:38 +02:00
Quentin Gliech
d34e01fc67 Provision and delete Matrix devices in OAuth sessions 2023-04-24 10:42:38 +02:00
Kévin Commaille
ccc9884726 Allow redirect URIs with any port for loopback interfaces 2023-04-14 10:22:49 +02:00
Hugh Nimmo-Smith
43bcaf5308 Lint 2023-04-06 16:24:18 +02:00
Hugh Nimmo-Smith
f53369aeae Handle imported Synapse access/refresh tokens 2023-04-06 16:24:18 +02:00
Quentin Gliech
83cb9158a0 Fix clippy errors 2023-03-14 10:47:35 +01:00
Quentin Gliech
97635375cc handlers: Add test for the compatibility login API 2023-02-24 15:52:21 +01:00
Quentin Gliech
39c126318f Fix the authorization grant template 
It previously relied on the client being in the authorization grant,
which is not the case anymore. This commit also adds a test to ensure
we're not breaking this template in the future.
 2023-01-31 16:50:48 +01:00
Quentin Gliech
3f4ad789bf storage-pg: write tests for the OAuth2 repositories 2023-01-25 17:24:34 +01:00
Quentin Gliech
d14ca156ad storage: split the repository trait 2023-01-24 16:05:14 +01:00
Quentin Gliech
876bc9fcb3 handlers: extract the PgRepository from the request 
Also fix a bunch of clippy errors & doctests
 2023-01-18 18:22:13 +01:00
Quentin Gliech
9005931e2a handlers: box the rng and clock, and extract it from the state 2023-01-18 17:49:59 +01:00
Quentin Gliech
3798f25f7d Fix rustdoc lints 2023-01-18 12:25:49 +01:00
Quentin Gliech
488a666a8d storage: remaining oauth2 repositories 
- authorization grants
 - access tokens
 - refresh tokens
 2023-01-12 18:26:04 +01:00
Quentin Gliech
36396c0b45 storage: repository pattern for the compat layer 2023-01-12 15:41:26 +01:00
Quentin Gliech
9f0c9f1466 storage: cleanup access/refresh token lookups 2023-01-11 12:14:52 +01:00
Quentin Gliech
920869b583 storage: do less joins in compat sessions 2023-01-10 18:49:35 +01:00
Quentin Gliech
35787aa072 data-model: have more structs use a state machine 2023-01-09 18:02:32 +01:00
Quentin Gliech
39cd9a2578 data-model: don't embed the client in the auth grant 2023-01-09 10:49:51 +01:00
Quentin Gliech
fb7c6f4dd1 storage: do less joins on authorization grants and refresh tokens 2023-01-05 16:49:19 +01:00
Quentin Gliech
603a26eabd storage: oauth2 session repository 2023-01-05 16:44:56 +01:00
Quentin Gliech
e26f75246d storage: Load with less joins 
This is done to simplify some queries, to avoid loading more data than
necessary, and in preparation of a proper cache layer
 2023-01-04 18:06:17 +01:00
Quentin Gliech
53172d6a3f strorage: browser session and user password repositories 2023-01-03 15:58:01 +01:00
Quentin Gliech
13a9d03647 storage: user and user email repository 2023-01-02 15:28:44 +01:00
Quentin Gliech
ca112d45e1 ci: Update clippy to 1.66 and fix new warnings 2022-12-16 18:16:18 +01:00
Quentin Gliech
533cabe005 Use the new password manager 2022-12-14 16:04:36 +01:00
Quentin Gliech
12ce2a3d04 data-model: simplify the authorization grants and sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech
92d6f5b087 data-model: simplify the oauth2 clients 2022-12-08 15:29:15 +01:00
Quentin Gliech
479e009931 data-model: simplify the compat sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech
feebbd0e97 data-model: simplify users and sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech
dff2f98167 data-model: simplify tokens 2022-12-08 15:29:15 +01:00