matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00
Code Activity
1,488 Commits 59 Branches 22 Tags
ba4ba75f73a07d1fe9c199e258a1549f87005f56
Commit Graph

255 Commits

Author SHA1 Message Date
Kévin Commaille
ba4ba75f73 Merge data structs and use builder pattern 
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
 2023-08-09 12:10:45 +02:00
Kévin Commaille
c67a00ddd6 Add support for all authorization request parameters 
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
 2023-08-09 12:10:45 +02:00
Quentin Gliech
dc711f8ecb Allow a trailing slash on the compat SSO route 2023-08-08 19:23:07 +02:00
Quentin Gliech
8456640b0d mas-matrix: fix clippy warnings 2023-08-03 15:06:45 +02:00
Quentin Gliech
cc2bce7b03 Show and log the policy violations better 2023-08-03 14:06:34 +02:00
Quentin Gliech
fcf6885916 Implement a mocked HomeserverConnection which keeps state around 2023-08-03 14:06:34 +02:00
Quentin Gliech
40b49cdd10 Add a way to lock users 2023-08-03 14:06:34 +02:00
Quentin Gliech
802cf142fd Remove the last authentication from the browser session model 2023-07-21 19:50:30 +02:00
Quentin Gliech
016c65c9f8 Add metric which tracks the maximum number of connections to the database. 2023-07-18 19:10:57 +02:00
Quentin Gliech
ba0f7ea62c Upgrade all Rust dependencies 
This includes breaking changes of sqlx 0.7.0
 2023-07-17 19:04:06 +02:00
Quentin Gliech
f5143c045e Track the database connection acquisition time and pool usage 2023-07-06 18:54:29 +02:00
Quentin Gliech
ca520dfd9a frontend: Show all compatibilities sessions, not just SSO logins 
Also cleans up a bunch of things in the frontend
 2023-07-06 18:12:34 +02:00
Quentin Gliech
76653f9638 Better frontend assets handling and move the react app to /account/ (#1324) 
This makes the Vite assets handling better, namely:

 - make it possible to include any vite assets in the templates
 - include the right `<link rel="preload">` tags for assets
 - include Subresource Integrity hashes
 - pre-compress assets and remove on-the-fly compression by the Rust server
 - build the CSS used by templates through Vite

It also moves the React app from /app/ to /account/, and remove some of the old SSR account screens.
 2023-07-06 15:30:26 +02:00
Quentin Gliech
4f8b87fbfe Apply cargo fmt following changes in nightly rustfmt 
rustfmt now formats `let … else { … }` expressions
 2023-07-03 14:50:59 +02:00
Quentin Gliech
e1a5471262 Fix the upstream oauth registration form 2023-06-30 11:24:26 +02:00
Quentin Gliech
125a6bdf11 Allow setting a different issuer from the public base URL 2023-06-27 12:53:15 +02:00
Quentin Gliech
4f1b201c74 Define upstream OAuth providers in the config 
And adds CLI tool to sync them with the database (WIP)
 2023-06-26 17:24:56 +02:00
Quentin Gliech
9d5c2a40a1 Pass the claims import preferences on the storage layer 2023-06-26 17:24:56 +02:00
Quentin Gliech
31788a95f2 Save the imported attributes 2023-06-26 17:24:56 +02:00
Quentin Gliech
c183830489 Ground work to import upstream OIDC claims on registration. 2023-06-26 17:24:56 +02:00
Quentin Gliech
4181cbc9d5 Refactor the matrix connection logic 
Also make the display name available through the graphql api
 2023-06-16 19:52:39 +02:00
Quentin Gliech
2a514cf452 Add a admin flag to the compatibility session 
Also adds a CLI tool to issue a compatibility token.
 2023-06-16 15:24:38 +02:00
Quentin Gliech
7e90564d16 Bump Rust dependencies 2023-06-14 12:02:16 +02:00
Quentin Gliech
56bbc31a89 Fix the compat SSO redirect URL generation 2023-06-07 15:09:04 +02:00
Quentin Gliech
d2d68e9a27 Make password-based login optional 2023-05-23 17:02:02 +02:00
Quentin Gliech
c2d8243586 Have a Requester in the GraphQL API, in preparation for accessing it with OAuth credentials 2023-04-25 16:39:15 +02:00
Quentin Gliech
be765fe04f Setup GraphQL mutations to add and verify email addresses 
This refactors a bit how the connection to the repository is done in the
graphql handler, so that we can properly commit transactions.
 2023-04-25 16:39:15 +02:00
Quentin Gliech
3979e9f46a Update Rust to 1.69.0 2023-04-24 11:42:01 +02:00
Quentin Gliech
77fc67c29b Silence clippy warning about a function being too long 2023-04-24 10:42:38 +02:00
Quentin Gliech
d34e01fc67 Provision and delete Matrix devices in OAuth sessions 2023-04-24 10:42:38 +02:00
Quentin Gliech
08f58db08b Replace the OTEL-based tracing layer with tracing based layers 2023-04-18 14:45:43 +02:00
Quentin Gliech
1974786209 Proactively provision devices & delete them when using the compat Matrix API 2023-04-14 10:22:22 +02:00
Quentin Gliech
8a2be43fe7 Proactively provision users on registration & sync threepids 2023-04-14 10:22:22 +02:00
Quentin Gliech
1f748f7d1e Schedule jobs through the repository 2023-04-14 10:22:22 +02:00
Quentin Gliech
cdd535ddc4 WIP: use apalis to schedule jobs 2023-04-14 10:22:22 +02:00
Quentin Gliech
83cb9158a0 Fix clippy errors 2023-03-14 10:47:35 +01:00
Quentin Gliech
c6f31d0102 Bump Rust dependencies 2023-03-14 10:47:35 +01:00
Quentin Gliech
a79b4060d4 Check that an OAuth session is valid before revoking it 2023-03-02 16:31:36 +01:00
Quentin Gliech
67753c0e26 handlers: add tests for introspection endpoint 2023-02-24 17:45:50 +01:00
Quentin Gliech
97635375cc handlers: Add test for the compatibility login API 2023-02-24 15:52:21 +01:00
Quentin Gliech
17471c651e handlers: add tests for the token endpoint 
This also simplifies the way we issue tokens in tests
 2023-02-22 19:38:01 +01:00
Quentin Gliech
03583d2936 handlers: add a test for OIDC discovery 2023-02-22 16:38:48 +01:00
Quentin Gliech
1e9ce8d6d6 handlers: add tests for client registration 2023-02-22 14:29:53 +01:00
Quentin Gliech
64ce271d08 Add test helpers for handlers and use them 
Also expands the test coverage of the revoke handler.
 2023-02-21 12:06:30 +01:00
Quentin Gliech
a6cd4412c1 Write tests for the token revocation endpoint 2023-02-21 12:06:30 +01:00
Quentin Gliech
543b4b229f Support for token revocation 2023-02-21 12:06:30 +01:00
Quentin Gliech
792d3c793b Convert many match/if expressions to let-else 2023-02-01 10:37:04 +01:00
Quentin Gliech
ba2471d637 Fix the compat login_sso_redirect handler not committing the transaction 2023-01-31 17:11:13 +01:00
Quentin Gliech
39c126318f Fix the authorization grant template 
It previously relied on the client being in the authorization grant,
which is not the case anymore. This commit also adds a test to ensure
we're not breaking this template in the future.
 2023-01-31 16:50:48 +01:00
Quentin Gliech
87914cbcb3 Capture better errors in Sentry 2023-01-31 16:25:15 +01:00