matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00
Code Activity
2,802 Commits 59 Branches 22 Tags
d03dd41345d74ba9c784ea79500318b33ebca16c
Commit Graph

1549 Commits

Author SHA1 Message Date
dependabot[bot]
909091a401 Bump http from 0.2.7 to 0.2.8 
Bumps [http](https://github.com/hyperium/http) from 0.2.7 to 0.2.8.
- [Release notes](https://github.com/hyperium/http/releases)
- [Changelog](https://github.com/hyperium/http/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/http/compare/v0.2.7...v0.2.8)

---
updated-dependencies:
- dependency-name: http
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-07 15:37:29 +02:00
dependabot[bot]
bfd49f5684 Bump cssnano from 5.1.10 to 5.1.11 in /crates/static-files 
Bumps [cssnano](https://github.com/cssnano/cssnano) from 5.1.10 to 5.1.11.
- [Release notes](https://github.com/cssnano/cssnano/releases)
- [Commits](https://github.com/cssnano/cssnano/compare/cssnano@5.1.10...cssnano@5.1.11)

---
updated-dependencies:
- dependency-name: cssnano
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-07 14:06:05 +02:00
dependabot[bot]
f9f2fab46b Bump tokio-stream from 0.1.8 to 0.1.9 
Bumps [tokio-stream](https://github.com/tokio-rs/tokio) from 0.1.8 to 0.1.9.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-stream-0.1.8...tokio-stream-0.1.9)

---
updated-dependencies:
- dependency-name: tokio-stream
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-07 14:05:58 +02:00
dependabot[bot]
a0573feedb Bump tower-http from 0.3.3 to 0.3.4 
Bumps [tower-http](https://github.com/tower-rs/tower-http) from 0.3.3 to 0.3.4.
- [Release notes](https://github.com/tower-rs/tower-http/releases)
- [Commits](https://github.com/tower-rs/tower-http/compare/tower-http-0.3.3...tower-http-0.3.4)

---
updated-dependencies:
- dependency-name: tower-http
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-07 14:05:50 +02:00
dependabot[bot]
274739b537 Bump tokio from 1.19.0 to 1.19.2 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.19.0 to 1.19.2.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/commits)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-07 14:05:45 +02:00
dependabot[bot]
13e78e3caf Bump lettre from 0.10.0-rc.6 to 0.10.0-rc.7 
Bumps [lettre](https://github.com/lettre/lettre) from 0.10.0-rc.6 to 0.10.0-rc.7.
- [Release notes](https://github.com/lettre/lettre/releases)
- [Changelog](https://github.com/lettre/lettre/blob/master/CHANGELOG.md)
- [Commits](https://github.com/lettre/lettre/compare/v0.10.0-rc.6...v0.10.0-rc.7)

---
updated-dependencies:
- dependency-name: lettre
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-07 14:05:39 +02:00
dependabot[bot]
478f62fa9b Bump async-trait from 0.1.53 to 0.1.56 
Bumps [async-trait](https://github.com/dtolnay/async-trait) from 0.1.53 to 0.1.56.
- [Release notes](https://github.com/dtolnay/async-trait/releases)
- [Commits](https://github.com/dtolnay/async-trait/compare/0.1.53...0.1.56)

---
updated-dependencies:
- dependency-name: async-trait
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-04 16:43:35 +02:00
dependabot[bot]
b94983ca41 Bump tokio from 1.18.2 to 1.19.0 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.18.2 to 1.19.0.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.18.2...tokio-1.19.0)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-04 15:52:31 +02:00
Quentin Gliech
581e011c7b Fix policy test 2022-06-04 12:47:36 +02:00
Quentin Gliech
5a4a4ed21e Fix policies test 2022-06-03 17:03:25 +02:00
Quentin Gliech
e694932daf Handle password strength verification through OPA 2022-06-03 16:14:26 +02:00
Quentin Gliech
eb22c33a7d Remove the login policy (since it is not implemented yet) 2022-06-03 13:37:20 +02:00
Quentin Gliech
7c8893e596 Switch the policies to a violation list based approach 
This allows policies to give proper feedback on form fields
 2022-06-03 13:37:20 +02:00
Quentin Gliech
88c2625dc0 Compile and check OPA policies in CI 2022-06-03 13:37:20 +02:00
Quentin Gliech
071055ad18 Embed the default policy in the binary 2022-06-03 13:37:20 +02:00
Quentin Gliech
a2b53f0395 Run OPA policies during registration 2022-06-03 13:37:20 +02:00
Quentin Gliech
9ebff410d1 Generate spans for policy evaluations 2022-06-03 13:37:20 +02:00
Quentin Gliech
aab1f49374 Support for applying OPA policies during client registration 2022-06-03 13:37:20 +02:00
dependabot[bot]
959466a5ba Bump serde_with from 1.13.0 to 1.14.0 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v1.13.0...v1.14.0)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-02 16:29:41 +02:00
dependabot[bot]
7cba5f7e67 Bump hyper from 0.14.18 to 0.14.19 
Bumps [hyper](https://github.com/hyperium/hyper) from 0.14.18 to 0.14.19.
- [Release notes](https://github.com/hyperium/hyper/releases)
- [Changelog](https://github.com/hyperium/hyper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/hyper/compare/v0.14.18...v0.14.19)

---
updated-dependencies:
- dependency-name: hyper
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-02 16:29:30 +02:00
dependabot[bot]
59e338102b Bump cssnano from 5.1.9 to 5.1.10 in /crates/static-files 
Bumps [cssnano](https://github.com/cssnano/cssnano) from 5.1.9 to 5.1.10.
- [Release notes](https://github.com/cssnano/cssnano/releases)
- [Commits](https://github.com/cssnano/cssnano/compare/cssnano@5.1.9...cssnano@5.1.10)

---
updated-dependencies:
- dependency-name: cssnano
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-02 16:29:19 +02:00
Quentin Gliech
e0c4b39482 Add an email field in the registration form 2022-06-02 16:18:55 +02:00
Quentin Gliech
f88ff5517d Update sqlx-data.json 2022-06-02 16:18:55 +02:00
Quentin Gliech
125afd61c0 Make email verification mandatory 2022-06-02 16:18:55 +02:00
Quentin Gliech
89597dbf81 Switch email verification to a code-based flow 2022-06-02 16:18:55 +02:00
Hugh Nimmo-Smith
35fa7c732a Implementation of MSC3824 actions for compat (#221) 
Co-authored-by: Quentin Gliech <quenting@element.io>
 2022-05-31 09:49:52 +00:00
dependabot[bot]
0a32ba3431 Bump once_cell from 1.11.0 to 1.12.0 
Bumps [once_cell](https://github.com/matklad/once_cell) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/matklad/once_cell/releases)
- [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md)
- [Commits](https://github.com/matklad/once_cell/compare/v1.11.0...v1.12.0)

---
updated-dependencies:
- dependency-name: once_cell
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-23 22:46:53 +02:00
dependabot[bot]
6a8e069618 Bump http-body from 0.4.4 to 0.4.5 
Bumps [http-body](https://github.com/hyperium/http-body) from 0.4.4 to 0.4.5.
- [Release notes](https://github.com/hyperium/http-body/releases)
- [Changelog](https://github.com/hyperium/http-body/blob/v0.4.5/CHANGELOG.md)
- [Commits](https://github.com/hyperium/http-body/compare/v0.4.4...v0.4.5)

---
updated-dependencies:
- dependency-name: http-body
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-23 22:01:21 +02:00
dependabot[bot]
9229f36809 Bump cssnano from 5.1.8 to 5.1.9 in /crates/static-files 
Bumps [cssnano](https://github.com/cssnano/cssnano) from 5.1.8 to 5.1.9.
- [Release notes](https://github.com/cssnano/cssnano/releases)
- [Commits](https://github.com/cssnano/cssnano/compare/cssnano@5.1.8...cssnano@5.1.9)

---
updated-dependencies:
- dependency-name: cssnano
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-23 21:43:05 +02:00
Quentin Gliech
bfc20b6faa Have a better error on registration if the username is already taken 2022-05-23 14:36:38 +02:00
dependabot[bot]
dd8eea7da3 Bump once_cell from 1.10.0 to 1.11.0 
Bumps [once_cell](https://github.com/matklad/once_cell) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/matklad/once_cell/releases)
- [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md)
- [Commits](https://github.com/matklad/once_cell/compare/v1.10.0...v1.11.0)

---
updated-dependencies:
- dependency-name: once_cell
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-23 10:42:52 +02:00
Quentin Gliech
f05bd80e14 Advertise m.login.token as compat login method 2022-05-23 10:42:25 +02:00
Quentin Gliech
99ac59bc5d Make the sign out buttons keep the current action context 2022-05-23 10:42:25 +02:00
Quentin Gliech
af4f01b769 Check timings when validating an SSO login 
- exchanging a token twice should not work
 - exchanging a token more than 30s after its fullfillment should not
   work
 - exchanging a pending token should not work
 - fullfilling a login more than 30min after its creation should not
   work
 - also have better errors in some cases
 2022-05-23 10:42:25 +02:00
Quentin Gliech
7ce0d894f7 Perform some checks on the redirectUrl 2022-05-23 10:42:25 +02:00
Quentin Gliech
1d61a94da4 Have a consent screen before continuing the SSO login 2022-05-23 10:42:25 +02:00
Quentin Gliech
033d60eb73 Legacy login via m.login.sso 2022-05-23 10:42:25 +02:00
Quentin Gliech
57e16e217d Upgrade AWS crates 2022-05-19 10:23:40 +02:00
dependabot[bot]
8e731c49d9 Bump axum-extra from 0.3.2 to 0.3.3 
Bumps [axum-extra](https://github.com/tokio-rs/axum) from 0.3.2 to 0.3.3.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-extra-v0.3.2...axum-extra-v0.3.3)

---
updated-dependencies:
- dependency-name: axum-extra
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-19 10:22:57 +02:00
Quentin Gliech
0fcecfa7fb Handle legacy /refresh 2022-05-19 10:17:49 +02:00
Quentin Gliech
309c89fc4f Handle legacy token expiration & refresh tokens 2022-05-19 10:17:49 +02:00
Quentin Gliech
c4fa87e457 Better data-model for compat sessions & devices 2022-05-19 10:17:49 +02:00
Quentin Gliech
33204b7cf8 Prepare the storage layer for legacy refresh tkoens 2022-05-19 10:17:49 +02:00
Quentin Gliech
076d4b8d13 Split compat and api routers 2022-05-19 10:17:49 +02:00
Quentin Gliech
01cdb9a02a Appease cargo fmt 2022-05-19 10:17:49 +02:00
Quentin Gliech
660b2d5232 Handle legacy /logout 2022-05-19 10:17:49 +02:00
Quentin Gliech
1aff98bdb3 Working legacy login endpoint 2022-05-19 10:17:49 +02:00
Quentin Gliech
1ebdd0b731 WIP: Handle /login 2022-05-19 10:17:49 +02:00
dependabot[bot]
0527af073d Bump postcss from 8.4.13 to 8.4.14 in /crates/static-files 
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.13 to 8.4.14.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.13...8.4.14)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-19 09:42:53 +02:00
dependabot[bot]
05ee73725f Bump @tailwindcss/forms from 0.5.1 to 0.5.2 in /crates/static-files 
Bumps [@tailwindcss/forms](https://github.com/tailwindlabs/tailwindcss-forms) from 0.5.1 to 0.5.2.
- [Release notes](https://github.com/tailwindlabs/tailwindcss-forms/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss-forms/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss-forms/compare/v0.5.1...v0.5.2)

---
updated-dependencies:
- dependency-name: "@tailwindcss/forms"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-19 09:02:53 +02:00