matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-19 00:26:27 +03:00
Code Activity
2,802 Commits 59 Branches 22 Tags
d03dd41345d74ba9c784ea79500318b33ebca16c
Commit Graph

676 Commits

Author SHA1 Message Date
Quentin Gliech
687c2a97b8 Allow more safe headers on CORS-protected resources 2022-04-22 15:14:14 +02:00
dependabot[bot]
f3a0aabbb7 Bump axum from 0.5.1 to 0.5.3 
Bumps [axum](https://github.com/tokio-rs/axum) from 0.5.1 to 0.5.3.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-v0.5.1...axum-v0.5.3)

---
updated-dependencies:
- dependency-name: axum
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-21 15:08:33 +02:00
Quentin Gliech
ee05543944 Check some metadata on client registration 2022-04-21 13:34:07 +02:00
Quentin Gliech
25193ebaa5 Support signed userinfo responses 2022-04-21 11:49:49 +02:00
Quentin Gliech
5c14611b96 Simple dynamic client registration 2022-04-19 12:23:19 +02:00
dependabot[bot]
433ee5a73a Bump tracing from 0.1.33 to 0.1.34 
Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.33 to 0.1.34.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.33...tracing-0.1.34)

---
updated-dependencies:
- dependency-name: tracing
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-18 15:02:47 +02:00
dependabot[bot]
3756f0da4a Bump sqlx from 0.5.11 to 0.5.13 
Bumps [sqlx](https://github.com/launchbadge/sqlx) from 0.5.11 to 0.5.13.
- [Release notes](https://github.com/launchbadge/sqlx/releases)
- [Changelog](https://github.com/launchbadge/sqlx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/launchbadge/sqlx/compare/v0.5.11...v0.5.13)

---
updated-dependencies:
- dependency-name: sqlx
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-17 09:23:41 +02:00
dependabot[bot]
bf4fb726bc Bump tracing from 0.1.32 to 0.1.33 
Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.32 to 0.1.33.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.32...tracing-0.1.33)

---
updated-dependencies:
- dependency-name: tracing
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-11 23:12:39 +02:00
dependabot[bot]
467211b90d Bump rsa from 0.6.0 to 0.6.1 
Bumps [rsa](https://github.com/RustCrypto/RSA) from 0.6.0 to 0.6.1.
- [Release notes](https://github.com/RustCrypto/RSA/releases)
- [Commits](https://github.com/RustCrypto/RSA/commits)

---
updated-dependencies:
- dependency-name: rsa
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-11 23:12:27 +02:00
dependabot[bot]
8335eef099 Bump rsa from 0.6.0-pre to 0.6.0 
Bumps [rsa](https://github.com/RustCrypto/RSA) from 0.6.0-pre to 0.6.0.
- [Release notes](https://github.com/RustCrypto/RSA/releases)
- [Commits](https://github.com/RustCrypto/RSA/compare/v0.6.0-pre...v0.6.0)

---
updated-dependencies:
- dependency-name: rsa
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-08 22:34:35 +02:00
Quentin Gliech
d43a8f1a00 Basic Webfinger support 2022-04-08 10:43:48 +02:00
dependabot[bot]
19f6cf851a Bump serde_with from 1.12.0 to 1.12.1 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 1.12.0 to 1.12.1.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v1.12.0...v1.12.1)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-08 00:19:31 +02:00
Quentin Gliech
bc24e30867 Add CORS headers to API-like routes 2022-04-07 16:25:42 +02:00
Quentin Gliech
9bbb60bcdd Bump Rust dependencies 2022-04-06 19:47:12 +02:00
Quentin Gliech
9a76139bb4 Return proper errors on the OAuth token endpoint 2022-04-06 17:35:29 +02:00
Quentin Gliech
31bc8504c9 Upgrade axum to 0.5 2022-04-06 17:35:29 +02:00
Quentin Gliech
4e31fc6c84 Get rid of warp 2022-04-06 17:35:29 +02:00
Quentin Gliech
51160faf48 Axum migration: /oauth2/authorize 2022-04-06 17:35:29 +02:00
Quentin Gliech
35310849c7 Axum migration: /oauth2/token 2022-04-06 17:35:29 +02:00
Quentin Gliech
0f7484beee Axum migration: /oauth2/introspection 2022-04-06 17:35:29 +02:00
Quentin Gliech
9dad21475e Axum migration: /oauth2/userinfo & UserAuthorization util 2022-04-06 17:35:29 +02:00
Quentin Gliech
64900ef1d9 Axum migration: /oauth2/keys.json and /.well-known/openid-configuration 2022-04-06 17:35:29 +02:00
Quentin Gliech
9cb5650167 Axum migration: /account/* routes 2022-04-06 17:35:29 +02:00
Quentin Gliech
b4d0906e75 Axum migration: /verify route 2022-04-06 17:35:29 +02:00
Quentin Gliech
6fb4d27046 Axum migration: /register route 2022-04-06 17:35:29 +02:00
Quentin Gliech
b4dc2b38d0 Axum migration: /reauth route 2022-04-06 17:35:29 +02:00
Quentin Gliech
6e7d0a6cfd Axum migration: logout route 2022-04-06 17:35:29 +02:00
Quentin Gliech
5e95c705d4 Axum migration: CSRF token and login page 2022-04-06 17:35:29 +02:00
Quentin Gliech
5d3b4aa182 Migrate /health 2022-04-06 17:35:29 +02:00
Quentin Gliech
9b5ecd5bc4 Make the ServerLayer work properly with axum 2022-04-06 17:35:29 +02:00
Quentin Gliech
7c8f8722cd Axum migration: signed cookies, errors, CSRF tokens, sessions 2022-04-06 17:35:29 +02:00
Quentin Gliech
797257cce7 Start migrating to Axum 
Now with the homepage and the static files
 2022-04-06 17:35:29 +02:00
Quentin Gliech
8e9bda654f Support prompt=create 
Allows RPs to ask for account creation

See https://openid.net/specs/openid-connect-prompt-create-1_0.html
 2022-03-14 16:34:10 +01:00
Hugh Nimmo-Smith
3d3b14093c fix: allow authorization in Access-Control-Request-Headers (#88) 
* fix: allow authorization in Access-Control-Request-Headers

* chore: fix clippy style

* style: use constant version of Authorization header

* chore: fix code style with cargo fmt

Co-authored-by: Quentin Gliech <quenting@element.io>
 2022-03-11 11:44:23 +00:00
dependabot[bot]
c71800a8d1 Bump tracing from 0.1.31 to 0.1.32 
Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.31 to 0.1.32.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.31...tracing-0.1.32)

---
updated-dependencies:
- dependency-name: tracing
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-11 11:41:04 +01:00
dependabot[bot]
d0807e9b3c Bump anyhow from 1.0.55 to 1.0.56 
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.55 to 1.0.56.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.55...1.0.56)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-11 10:34:26 +01:00
Quentin Gliech
62f633a716 Move clients to the database 2022-03-08 19:07:46 +01:00
Quentin Gliech
8c97c98206 Fix compilation on older rust version 2022-02-28 10:07:32 +01:00
Quentin Gliech
beef393bc8 Support the email scope 2022-02-25 16:19:38 +01:00
Quentin Gliech
cad6d54ddb Reply with proper errors on the OAuth token endpoint 2022-02-25 11:28:23 +01:00
dependabot[bot]
1e5e755693 Bump anyhow from 1.0.53 to 1.0.55 
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.53 to 1.0.55.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.53...1.0.55)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-22 10:43:31 +01:00
dependabot[bot]
c4b5859591 Bump sqlx from 0.5.10 to 0.5.11 
Bumps [sqlx](https://github.com/launchbadge/sqlx) from 0.5.10 to 0.5.11.
- [Release notes](https://github.com/launchbadge/sqlx/releases)
- [Changelog](https://github.com/launchbadge/sqlx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/launchbadge/sqlx/compare/v0.5.10...v0.5.11)

---
updated-dependencies:
- dependency-name: sqlx
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-22 09:51:19 +01:00
dependabot[bot]
e48c74a74a Bump tracing from 0.1.30 to 0.1.31 
Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.30 to 0.1.31.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.30...tracing-0.1.31)

---
updated-dependencies:
- dependency-name: tracing
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-20 17:37:02 +01:00
dependabot[bot]
e1d7f78b69 Bump argon2 from 0.3.3 to 0.3.4 
Bumps [argon2](https://github.com/RustCrypto/password-hashes) from 0.3.3 to 0.3.4.
- [Release notes](https://github.com/RustCrypto/password-hashes/releases)
- [Commits](https://github.com/RustCrypto/password-hashes/compare/argon2-v0.3.3...argon2-v0.3.4)

---
updated-dependencies:
- dependency-name: argon2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-20 16:41:31 +01:00
dependabot[bot]
e4ef5788fa Bump indoc from 1.0.3 to 1.0.4 
Bumps [indoc](https://github.com/dtolnay/indoc) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/dtolnay/indoc/releases)
- [Commits](https://github.com/dtolnay/indoc/compare/1.0.3...1.0.4)

---
updated-dependencies:
- dependency-name: indoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-20 16:41:19 +01:00
Quentin Gliech
fa92d6498f Bump dependencies 2022-02-17 15:53:48 +01:00
Quentin Gliech
035e2d7829 Implement private_key_jwks client authentication 
This involves a lot of things, including:
 - better VerifyingKeystore trait
 - better errors in the JOSE crate
 - getting rid of async_trait in some JOSE traits
 2022-02-17 15:42:44 +01:00
Quentin Gliech
2df40762a2 Dedicated HTTP server/client crate 
Also have better names for the HTTP routes
 2022-02-10 16:38:16 +01:00
Quentin Gliech
26a340d5dc Bump dependencies 2022-02-04 10:18:01 +01:00
Quentin Gliech
a45381828c Loads of docs & enabling more clippy lints 2022-02-01 12:02:32 +01:00