matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00
Code Activity
2,629 Commits 59 Branches 22 Tags
c7b40baf9a37058448c7d0e42e19c70293a239df
Commit Graph

43 Commits

Author SHA1 Message Date
Quentin Gliech
3978acd94e Fix recently added Clippy lints 
This also ignores the clippy::blocks_in_conditions lint in two crates,
until tracing gets fixed: https://github.com/tokio-rs/tracing/issues/2876
 2024-05-07 07:32:02 +02:00
Quentin Gliech
61a69f5af4 Upgrade chrono and replace deprecated methods usage 2024-03-18 17:26:40 +01:00
Quentin Gliech
f3cbd3b315 Parse User Agents on the backend side (#2388) 
* Parse user agents on the server side

* Parse and expose user agents on the backend

* Use the parsed user agent in the device consent page

* Fix the device icon tests

* Fix clippy warnings

* Box stuff to avoid large enum variants

* Ignore a clippy warning

* Fix the requester boxing
 2024-02-23 16:47:48 +01:00
Quentin Gliech
f171d76dc5 Record user agents on OAuth 2.0 and compat sessions (#2386) 
* Record user agents on OAuth 2.0 and compat sessions

* Add tests for recording user agent in sessions
 2024-02-22 10:01:32 +01:00
Quentin Gliech
17e968f7cc Record the user agent and IP in the device code grant 2024-02-02 18:01:51 +01:00
Quentin Gliech
286fc57103 Add a repository for device code grants 2024-02-02 18:01:51 +01:00
Quentin Gliech
ae05cbc1f1 Setup the data model for the device code grant 2024-02-02 18:01:51 +01:00
Quentin Gliech
a0f5f3c642 Enable clippy lints on a workspace level 
This enables a lot more lints than before in some crates, so this fixed a lot of warnings as well.
 2023-12-05 17:20:42 +01:00
Quentin Gliech
894957934d Test the activity tracker on the introspection endpoint 2023-09-19 21:57:54 +02:00
Quentin Gliech
50558a7319 Make the last activity timestamp and IP available through the API 2023-09-19 21:57:54 +02:00
Quentin Gliech
e6b91c1ce4 data-model: make the access token expiration optional 2023-09-11 12:03:42 +02:00
Quentin Gliech
7e247830c9 data-model: Make the user_id optional in the OAuth 2.0 sessions 2023-09-06 09:35:34 +02:00
Quentin Gliech
438a10332a Add the user_id directly on oauth2_sessions and make the scope a text list 2023-08-29 12:52:24 +02:00
Quentin Gliech
17e28f56c1 Upgrade Rust to 1.72.0 
Fixes new clippy errors and upgrade other tools
 2023-08-28 18:05:56 +02:00
Quentin Gliech
096386e9b9 Save the application_type and the contacts in the OAuth 2.0 clients 
This also removes the dedicated "redirect_uris" table and makes it a field of the "oauth2_clients" table
 2023-08-28 14:41:49 +02:00
Kévin Commaille
ccc9884726 Allow redirect URIs with any port for loopback interfaces 2023-04-14 10:22:49 +02:00
Quentin Gliech
39c126318f Fix the authorization grant template 
It previously relied on the client being in the authorization grant,
which is not the case anymore. This commit also adds a test to ensure
we're not breaking this template in the future.
 2023-01-31 16:50:48 +01:00
Quentin Gliech
3f4ad789bf storage-pg: write tests for the OAuth2 repositories 2023-01-25 17:24:34 +01:00
Quentin Gliech
488a666a8d storage: remaining oauth2 repositories 
- authorization grants
 - access tokens
 - refresh tokens
 2023-01-12 18:26:04 +01:00
Quentin Gliech
35787aa072 data-model: have more structs use a state machine 2023-01-09 18:02:32 +01:00
Quentin Gliech
39cd9a2578 data-model: don't embed the client in the auth grant 2023-01-09 10:49:51 +01:00
Quentin Gliech
fb7c6f4dd1 storage: do less joins on authorization grants and refresh tokens 2023-01-05 16:49:19 +01:00
Quentin Gliech
603a26eabd storage: oauth2 session repository 2023-01-05 16:44:56 +01:00
Quentin Gliech
e26f75246d storage: Load with less joins 
This is done to simplify some queries, to avoid loading more data than
necessary, and in preparation of a proper cache layer
 2023-01-04 18:06:17 +01:00
Quentin Gliech
12ce2a3d04 data-model: simplify the authorization grants and sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech
92d6f5b087 data-model: simplify the oauth2 clients 2022-12-08 15:29:15 +01:00
Quentin Gliech
feebbd0e97 data-model: simplify users and sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech
e2142f9cd4 Database refactoring 2022-11-02 18:59:00 +01:00
Quentin Gliech
29f1b134ae Make the JWK generic over the parameters 2022-09-02 15:37:46 +02:00
Quentin Gliech
495285162b Remove support for the token response type 2022-09-02 13:59:10 +02:00
Kévin Commaille
5c8b442747 Fix new clippy 0.1.63 warnings 2022-08-12 11:05:21 +02:00
Quentin Gliech
649e5cd645 Move the PKCE validation logic to oauth2-types 2022-08-03 13:57:31 +02:00
Quentin Gliech
f7361f871e Fix PKCE characters verification rules & add tests 2022-08-03 13:57:31 +02:00
Quentin Gliech
51848bf89d Update crates/data-model/src/oauth2/authorization_grant.rs 
Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
 2022-08-03 13:57:31 +02:00
Quentin Gliech
372b32a780 Make PKCE implementation compliant with RFC7636 
This checks for the PKCE code_verifier length as well as the characters
used. It also give better errors when the PKCE verifier is invalid.

Fixes #316
 2022-08-03 13:57:31 +02:00
Quentin Gliech
436c0dcb19 Rewrite the authorization grant logic 2022-05-06 17:12:39 +02:00
Quentin Gliech
7a4dbd2910 Rewrite authorization code grant callback logic 2022-05-04 16:36:59 +02:00
Quentin Gliech
25193ebaa5 Support signed userinfo responses 2022-04-21 11:49:49 +02:00
Quentin Gliech
62f633a716 Move clients to the database 2022-03-08 19:07:46 +01:00
Quentin Gliech
5b9c35a079 Use iana generated types in more places 2022-01-12 12:22:54 +01:00
Quentin Gliech
c4a979245b Move to Rust edition 2021 
Also bump MSRV to 1.56 and use the same clippy lints in every crate
 2021-12-09 22:54:35 +01:00
Quentin Gliech
6a69ef8456 Fix post-auth redirects & support max_age 
This also displays some context on login and reauth page about the next
step
 2021-11-16 19:16:52 +01:00
Quentin Gliech
a4e9ad3d0b Split the data-model in different modules 2021-11-02 12:58:13 +01:00