matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00
Code Activity
1,488 Commits 59 Branches 22 Tags
ba4ba75f73a07d1fe9c199e258a1549f87005f56
Commit Graph

255 Commits

Author SHA1 Message Date
Quentin Gliech
9681948aa8 Show consent page on prompt=consent 2022-04-29 14:10:45 +02:00
Quentin Gliech
28ff912029 Simple consent screen and storage 2022-04-29 12:16:39 +02:00
Quentin Gliech
8a256596d7 Serve static files live from disk in dev mode 2022-04-28 16:08:50 +02:00
Quentin Gliech
687c2a97b8 Allow more safe headers on CORS-protected resources 2022-04-22 15:14:14 +02:00
Quentin Gliech
ee05543944 Check some metadata on client registration 2022-04-21 13:34:07 +02:00
Quentin Gliech
25193ebaa5 Support signed userinfo responses 2022-04-21 11:49:49 +02:00
Quentin Gliech
5c14611b96 Simple dynamic client registration 2022-04-19 12:23:19 +02:00
Quentin Gliech
d43a8f1a00 Basic Webfinger support 2022-04-08 10:43:48 +02:00
Quentin Gliech
bc24e30867 Add CORS headers to API-like routes 2022-04-07 16:25:42 +02:00
Quentin Gliech
9a76139bb4 Return proper errors on the OAuth token endpoint 2022-04-06 17:35:29 +02:00
Quentin Gliech
31bc8504c9 Upgrade axum to 0.5 2022-04-06 17:35:29 +02:00
Quentin Gliech
4e31fc6c84 Get rid of warp 2022-04-06 17:35:29 +02:00
Quentin Gliech
51160faf48 Axum migration: /oauth2/authorize 2022-04-06 17:35:29 +02:00
Quentin Gliech
35310849c7 Axum migration: /oauth2/token 2022-04-06 17:35:29 +02:00
Quentin Gliech
0f7484beee Axum migration: /oauth2/introspection 2022-04-06 17:35:29 +02:00
Quentin Gliech
9dad21475e Axum migration: /oauth2/userinfo & UserAuthorization util 2022-04-06 17:35:29 +02:00
Quentin Gliech
64900ef1d9 Axum migration: /oauth2/keys.json and /.well-known/openid-configuration 2022-04-06 17:35:29 +02:00
Quentin Gliech
9cb5650167 Axum migration: /account/* routes 2022-04-06 17:35:29 +02:00
Quentin Gliech
b4d0906e75 Axum migration: /verify route 2022-04-06 17:35:29 +02:00
Quentin Gliech
6fb4d27046 Axum migration: /register route 2022-04-06 17:35:29 +02:00
Quentin Gliech
b4dc2b38d0 Axum migration: /reauth route 2022-04-06 17:35:29 +02:00
Quentin Gliech
6e7d0a6cfd Axum migration: logout route 2022-04-06 17:35:29 +02:00
Quentin Gliech
5e95c705d4 Axum migration: CSRF token and login page 2022-04-06 17:35:29 +02:00
Quentin Gliech
5d3b4aa182 Migrate /health 2022-04-06 17:35:29 +02:00
Quentin Gliech
7c8f8722cd Axum migration: signed cookies, errors, CSRF tokens, sessions 2022-04-06 17:35:29 +02:00
Quentin Gliech
797257cce7 Start migrating to Axum 
Now with the homepage and the static files
 2022-04-06 17:35:29 +02:00
Quentin Gliech
8e9bda654f Support prompt=create 
Allows RPs to ask for account creation

See https://openid.net/specs/openid-connect-prompt-create-1_0.html
 2022-03-14 16:34:10 +01:00
Hugh Nimmo-Smith
3d3b14093c fix: allow authorization in Access-Control-Request-Headers (#88) 
* fix: allow authorization in Access-Control-Request-Headers

* chore: fix clippy style

* style: use constant version of Authorization header

* chore: fix code style with cargo fmt

Co-authored-by: Quentin Gliech <quenting@element.io>
 2022-03-11 11:44:23 +00:00
Quentin Gliech
62f633a716 Move clients to the database 2022-03-08 19:07:46 +01:00
Quentin Gliech
8c97c98206 Fix compilation on older rust version 2022-02-28 10:07:32 +01:00
Quentin Gliech
beef393bc8 Support the email scope 2022-02-25 16:19:38 +01:00
Quentin Gliech
cad6d54ddb Reply with proper errors on the OAuth token endpoint 2022-02-25 11:28:23 +01:00
Quentin Gliech
035e2d7829 Implement private_key_jwks client authentication 
This involves a lot of things, including:
 - better VerifyingKeystore trait
 - better errors in the JOSE crate
 - getting rid of async_trait in some JOSE traits
 2022-02-17 15:42:44 +01:00
Quentin Gliech
2df40762a2 Dedicated HTTP server/client crate 
Also have better names for the HTTP routes
 2022-02-10 16:38:16 +01:00
Quentin Gliech
a45381828c Loads of docs & enabling more clippy lints 2022-02-01 12:02:32 +01:00
Quentin Gliech
7e24cd0948 Move secrets and oauth2 clients config 2022-02-01 09:34:55 +01:00
Quentin Gliech
c0e5b66ea4 Move public base URL from oauth2 config to http config 2022-02-01 09:34:55 +01:00
Quentin Gliech
7b487e184a Finish implementing email verification 
Fixes #30
 2022-01-21 18:22:02 +01:00
Quentin Gliech
93cbad34f5 Actually send emails 2022-01-19 18:00:45 +01:00
Quentin Gliech
6e50921626 Email management UI 
Also simplify a bunch of query strings
 2022-01-18 18:16:56 +01:00
Quentin Gliech
0c2950a160 Remove unnecessary boxing of warp filters 
This was needed because of a compiler regression. Now that we're using
Rust 1.58 there is no benefit to boxing them
 2022-01-18 12:07:29 +01:00
Quentin Gliech
1b35f96f29 Move password change to its own page 
Also restructure the templates structure a bit
 2022-01-18 11:58:42 +01:00
Quentin Gliech
565f5cda1b Save user emails in database 2022-01-14 18:42:37 +01:00
Quentin Gliech
571f484894 Revoke OAuth session on code reuse 2022-01-14 13:20:14 +01:00
Quentin Gliech
5b9c35a079 Use iana generated types in more places 2022-01-12 12:22:54 +01:00
Quentin Gliech
2844706bb1 Multiple IANA codegen enhancement 
- JWS/JWE algorithms are properly splitted
 - Enums now have a proper description
 - They implement FromStr and Display
 - mas-jose does not reexport mas-iana anymore
 2022-01-12 10:58:27 +01:00
Quentin Gliech
9003eaf0c2 Use new generated enums & query supported signing algs from the keystore 2022-01-11 18:46:26 +01:00
Quentin Gliech
97ab75fb15 Add loads of server metadata in the discovery document 2022-01-11 12:54:26 +01:00
Quentin Gliech
b4f0f0d0be Have all server metadata from the IANA registry 2022-01-11 11:20:17 +01:00
Quentin Gliech
a30d4b58f0 Add exp claim in id_tokens 2022-01-10 17:59:57 +01:00