authentication-service

mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00

Author	SHA1	Message	Date
Quentin Gliech	649e5cd645	Move the PKCE validation logic to oauth2-types	2022-08-03 13:57:31 +02:00
Quentin Gliech	f7361f871e	Fix PKCE characters verification rules & add tests	2022-08-03 13:57:31 +02:00
Quentin Gliech	51848bf89d	Update crates/data-model/src/oauth2/authorization_grant.rs Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>	2022-08-03 13:57:31 +02:00
Quentin Gliech	372b32a780	Make PKCE implementation compliant with RFC7636 This checks for the PKCE code_verifier length as well as the characters used. It also give better errors when the PKCE verifier is invalid. Fixes #316	2022-08-03 13:57:31 +02:00
Quentin Gliech	23360bc233	Support the autocorrect and autocapitalize attributes in the field macro	2022-08-01 20:27:27 +02:00
Doug	669773ae4d	Disable autocorrection/captialisation on username text fields	2022-08-01 20:27:27 +02:00
Quentin Gliech	e3e659b701	Switch back rsa crate to a published pre-version	2022-08-01 19:41:38 +02:00
Quentin Gliech	44b2708f7a	Bump serde_with	2022-08-01 19:38:22 +02:00
dependabot[bot]	97eb6a44e0	Bump tailwindcss from 3.1.5 to 3.1.7 in /crates/static-files Bumps [tailwindcss](https://github.com/tailwindlabs/tailwindcss) from 3.1.5 to 3.1.7. - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/master/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/compare/v3.1.5...v3.1.7) --- updated-dependencies: - dependency-name: tailwindcss dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-01 17:50:58 +02:00
dependabot[bot]	501182f5f0	Bump autoprefixer from 10.4.7 to 10.4.8 in /crates/static-files Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 10.4.7 to 10.4.8. - [Release notes](https://github.com/postcss/autoprefixer/releases) - [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/autoprefixer/compare/10.4.7...10.4.8) --- updated-dependencies: - dependency-name: autoprefixer dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-01 17:50:51 +02:00
Quentin Gliech	d4c718ef4b	Bump Rust dependencies	2022-08-01 17:50:33 +02:00
Quentin Gliech	ba6a382f2c	Authorization grant policy (#288 ) Co-authored-by: Hugh Nimmo-Smith <hughns@matrix.org>	2022-07-21 16:18:59 +00:00
Quentin Gliech	a263330ea5	Stop generating the device ID automatically (#285 )	2022-07-21 16:34:55 +01:00
Hugh Nimmo-Smith	fa1f71452c	Document client registration policy config and improve error messages (#299 )	2022-07-09 12:47:40 +00:00
Hugh Nimmo-Smith	0e21f00d17	Return reason for invalid_client_metadata in HTTP response (#298 )	2022-07-08 21:11:54 +00:00
Quentin Gliech	b6d26fff27	Enforce redirect_uris verifications in client registration (#276 )	2022-07-08 12:41:00 +01:00
dependabot[bot]	f383f2c8bd	Bump tailwindcss from 3.1.4 to 3.1.5 in /crates/static-files Bumps [tailwindcss](https://github.com/tailwindlabs/tailwindcss) from 3.1.4 to 3.1.5. - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/master/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/compare/v3.1.4...v3.1.5) --- updated-dependencies: - dependency-name: tailwindcss dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-07-07 15:14:32 -05:00
dependabot[bot]	3d76f4eab5	Bump once_cell from 1.12.1 to 1.13.0 Bumps [once_cell](https://github.com/matklad/once_cell) from 1.12.1 to 1.13.0. - [Release notes](https://github.com/matklad/once_cell/releases) - [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md) - [Commits](https://github.com/matklad/once_cell/compare/v1.12.1...v1.13.0) --- updated-dependencies: - dependency-name: once_cell dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-07-07 15:14:12 -05:00
Quentin Gliech	29c5357b18	Fix error introduced by crypto crate upgrade	2022-07-04 18:46:29 +02:00
Quentin Gliech	ba90ee2614	Bump dependencies	2022-07-04 18:27:18 +02:00
Quentin Gliech	af67fb34e0	Bump AWS dependencies	2022-07-04 18:18:26 +02:00
dependabot[bot]	be3662d7dc	Bump lettre from 0.10.0-rc.7 to 0.10.0 Bumps [lettre](https://github.com/lettre/lettre) from 0.10.0-rc.7 to 0.10.0. - [Release notes](https://github.com/lettre/lettre/releases) - [Changelog](https://github.com/lettre/lettre/blob/master/CHANGELOG.md) - [Commits](https://github.com/lettre/lettre/compare/v0.10.0-rc.7...v0.10.0) --- updated-dependencies: - dependency-name: lettre dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-07-04 18:17:07 +02:00
Quentin Gliech	4870d1e899	Fix some false-positive clippy lints Those were introduced in clippy 1.62 (under clippy::pedantic) and are in proc-macro generated code	2022-07-01 16:36:35 +02:00
dependabot[bot]	52a400eb9e	Bump serde_json from 1.0.81 to 1.0.82 Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.81 to 1.0.82. - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](https://github.com/serde-rs/json/compare/v1.0.81...v1.0.82) --- updated-dependencies: - dependency-name: serde_json dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-30 19:12:20 +02:00
Quentin Gliech	70ae9732e0	ci: send OPA policies coverage to codecov	2022-06-29 14:00:52 +02:00
dependabot[bot]	2b0d021590	Bump password-hash from 0.4.1 to 0.4.2 Bumps [password-hash](https://github.com/RustCrypto/traits) from 0.4.1 to 0.4.2. - [Release notes](https://github.com/RustCrypto/traits/releases) - [Commits](https://github.com/RustCrypto/traits/compare/password-hash-v0.4.1...password-hash-v0.4.2) --- updated-dependencies: - dependency-name: password-hash dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-29 09:36:29 +02:00
dependabot[bot]	a39900b5e0	Bump clap from 3.2.6 to 3.2.7 Bumps [clap](https://github.com/clap-rs/clap) from 3.2.6 to 3.2.7. - [Release notes](https://github.com/clap-rs/clap/releases) - [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md) - [Commits](https://github.com/clap-rs/clap/compare/v3.2.6...v3.2.7) --- updated-dependencies: - dependency-name: clap dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-29 09:36:12 +02:00
dependabot[bot]	3ee11176b5	Bump wasmtime from 0.38.0 to 0.38.1 Bumps [wasmtime](https://github.com/bytecodealliance/wasmtime) from 0.38.0 to 0.38.1. - [Release notes](https://github.com/bytecodealliance/wasmtime/releases) - [Changelog](https://github.com/bytecodealliance/wasmtime/blob/main/docs/WASI-some-possible-changes.md) - [Commits](https://github.com/bytecodealliance/wasmtime/compare/v0.38.0...v0.38.1) --- updated-dependencies: - dependency-name: wasmtime dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-29 09:36:07 +02:00
dependabot[bot]	43f0336b92	Bump axum from 0.5.9 to 0.5.10 Bumps [axum](https://github.com/tokio-rs/axum) from 0.5.9 to 0.5.10. - [Release notes](https://github.com/tokio-rs/axum/releases) - [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md) - [Commits](https://github.com/tokio-rs/axum/compare/axum-v0.5.9...axum-v0.5.10) --- updated-dependencies: - dependency-name: axum dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-29 09:35:58 +02:00
Quentin Gliech	821182acd1	Bump dependencies and bumps MSRV to 1.60	2022-06-27 23:37:21 +02:00
Quentin Gliech	27fa4fef4f	Bump dependencies	2022-06-27 11:33:21 +02:00
Quentin Gliech	fee9d46dfc	Bump sqlx from 0.5.13 to 0.6.0	2022-06-27 11:11:29 +02:00
Quentin Gliech	3ac3ff3c69	Upgrade AWS crates	2022-06-27 11:05:29 +02:00
dependabot[bot]	aa87c29ebf	Bump reqwest from 0.11.10 to 0.11.11 Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.10 to 0.11.11. - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](https://github.com/seanmonstar/reqwest/compare/v0.11.10...v0.11.11) --- updated-dependencies: - dependency-name: reqwest dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-24 00:11:57 +02:00
dependabot[bot]	cca5f70c69	Bump clap from 3.1.18 to 3.2.6 Bumps [clap](https://github.com/clap-rs/clap) from 3.1.18 to 3.2.6. - [Release notes](https://github.com/clap-rs/clap/releases) - [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md) - [Commits](https://github.com/clap-rs/clap/compare/v3.1.18...v3.2.6) --- updated-dependencies: - dependency-name: clap dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-23 20:27:32 +02:00
dependabot[bot]	2ed22a618a	Bump anyhow from 1.0.57 to 1.0.58 Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.57 to 1.0.58. - [Release notes](https://github.com/dtolnay/anyhow/releases) - [Commits](https://github.com/dtolnay/anyhow/compare/1.0.57...1.0.58) --- updated-dependencies: - dependency-name: anyhow dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-23 18:33:39 +02:00
dependabot[bot]	98b248f959	Bump tera from 1.15.0 to 1.16.0 Bumps [tera](https://github.com/Keats/tera) from 1.15.0 to 1.16.0. - [Release notes](https://github.com/Keats/tera/releases) - [Changelog](https://github.com/Keats/tera/blob/master/CHANGELOG.md) - [Commits](https://github.com/Keats/tera/compare/v1.15.0...v1.16.0) --- updated-dependencies: - dependency-name: tera dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-23 17:46:54 +02:00
Hugh Nimmo-Smith	7207616657	Use unstable prefix for SSO redirect action param	2022-06-23 17:08:28 +02:00
dependabot[bot]	ff2e569c98	Bump watchman_client from 0.7.2 to 0.8.0 Bumps [watchman_client](https://github.com/facebook/watchman) from 0.7.2 to 0.8.0. - [Release notes](https://github.com/facebook/watchman/releases) - [Commits](https://github.com/facebook/watchman/commits) --- updated-dependencies: - dependency-name: watchman_client dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-23 17:07:36 +02:00
dependabot[bot]	65bcea97de	Bump cssnano from 5.1.11 to 5.1.12 in /crates/static-files Bumps [cssnano](https://github.com/cssnano/cssnano) from 5.1.11 to 5.1.12. - [Release notes](https://github.com/cssnano/cssnano/releases) - [Commits](https://github.com/cssnano/cssnano/compare/cssnano@5.1.11...cssnano@5.1.12) --- updated-dependencies: - dependency-name: cssnano dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-22 14:21:46 +02:00
dependabot[bot]	83d30f1722	Bump p256 from 0.11.0 to 0.11.1 Bumps [p256](https://github.com/RustCrypto/elliptic-curves) from 0.11.0 to 0.11.1. - [Release notes](https://github.com/RustCrypto/elliptic-curves/releases) - [Commits](https://github.com/RustCrypto/elliptic-curves/compare/p256/v0.11.0...p256/v0.11.1) --- updated-dependencies: - dependency-name: p256 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-22 14:21:16 +02:00
dependabot[bot]	2112fc61fa	Bump tailwindcss from 3.0.24 to 3.1.4 in /crates/static-files Bumps [tailwindcss](https://github.com/tailwindlabs/tailwindcss) from 3.0.24 to 3.1.4. - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/master/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/compare/v3.0.24...v3.1.4) --- updated-dependencies: - dependency-name: tailwindcss dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-22 14:20:45 +02:00
Quentin Gliech	54751d8563	temporary stop validating the redirect_uri	2022-06-21 11:14:15 +02:00
Hugh Nimmo-Smith	50af460e22	Use unstable prefix for MSC3824 (#251 )	2022-06-19 18:37:50 +00:00
Hugh Nimmo-Smith	9e3f43f1f0	Move from MSC3824 actions to org.matrix.msc3824.delegated_oidc_compatibility flag (#250 ) Co-authored-by: Quentin Gliech <quenting@element.io>	2022-06-15 15:49:03 +00:00
Hugh Nimmo-Smith	5632f6ba99	feat: support for MSC3824 action param on SSO redirect (#248 ) Co-authored-by: Quentin Gliech <quenting@element.io>	2022-06-14 11:34:56 +00:00
dependabot[bot]	482bfeecc2	Bump axum-extra from 0.3.3 to 0.3.4 Bumps [axum-extra](https://github.com/tokio-rs/axum) from 0.3.3 to 0.3.4. - [Release notes](https://github.com/tokio-rs/axum/releases) - [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md) - [Commits](https://github.com/tokio-rs/axum/compare/axum-extra-v0.3.3...axum-extra-v0.3.4) --- updated-dependencies: - dependency-name: axum-extra dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-09 12:39:21 +02:00
dependabot[bot]	3f9863e7d3	Bump tracing from 0.1.34 to 0.1.35 Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.34 to 0.1.35. - [Release notes](https://github.com/tokio-rs/tracing/releases) - [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.34...tracing-0.1.35) --- updated-dependencies: - dependency-name: tracing dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-09 11:40:21 +02:00
dependabot[bot]	b1a17194b7	Bump axum from 0.5.6 to 0.5.7 Bumps [axum](https://github.com/tokio-rs/axum) from 0.5.6 to 0.5.7. - [Release notes](https://github.com/tokio-rs/axum/releases) - [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md) - [Commits](https://github.com/tokio-rs/axum/compare/axum-v0.5.6...axum-v0.5.7) --- updated-dependencies: - dependency-name: axum dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-09 11:40:05 +02:00
dependabot[bot]	dc8c6a8550	Bump tracing-opentelemetry from 0.17.2 to 0.17.3 Bumps [tracing-opentelemetry](https://github.com/tokio-rs/tracing) from 0.17.2 to 0.17.3. - [Release notes](https://github.com/tokio-rs/tracing/releases) - [Commits](https://github.com/tokio-rs/tracing/compare/tracing-opentelemetry-0.17.2...tracing-opentelemetry-0.17.3) --- updated-dependencies: - dependency-name: tracing-opentelemetry dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-08 10:16:12 +02:00

... 22 23 24 25 26 ...

1549 Commits