matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-12-06 22:40:58 +03:00
Code Activity
766 Commits 59 Branches 22 Tags
d40e0dc1c8d131b70e1bd5e90c3b52eaeea2a4a2
Commit Graph

41 Commits

Author SHA1 Message Date
Quentin Gliech
e63a21b9f9 Be consistent when constructing signers/verifier from JWK and from the keystore 2022-10-18 10:33:06 +02:00
Quentin Gliech
c2a198b821 Fix RSA JWT signature and add snapshot tests for JWT signature 2022-10-18 10:33:06 +02:00
Kévin Commaille
80d317f23c Add variants for unknown values on mas-iana types 
Remove the Copy derive and mark enums as non-exhaustive.
 2022-09-28 13:43:39 +02:00
Quentin Gliech
348912b3fb Bump Crypto crates 2022-09-27 18:27:52 +02:00
Kévin Commaille
19721959f8 Export list of supported algorithms from mas-jose 2022-09-16 11:48:06 +02:00
Kévin Commaille
2e8f233ac5 Fix intra-doc broken link in mas-jose 2022-09-16 11:45:53 +02:00
Kévin Commaille
67b3b0e370 Add TokenHash validator to hash claim definitions 2022-09-06 16:35:36 +02:00
Kévin Commaille
0452ac10e6 Move claim hash token function to mas-jose crate 
Change the hash function according to the signature algorithm,
according to the OpendID Connect spec.
 2022-09-06 14:15:05 +02:00
Kévin Commaille
b15b2d0c21 Allow to split JWT into parts 2022-09-06 11:22:08 +02:00
Quentin Gliech
1f0e273ac3 JWT response wrapper 
Helps replying with a JWT to a request, with a
`Content-Type: application/jwt` header
 2022-09-02 15:37:46 +02:00
Quentin Gliech
b9e46dfc55 Some cleanups 2022-09-02 15:37:46 +02:00
Quentin Gliech
97ed342ca0 Use a published version of RSA again 2022-09-02 15:37:46 +02:00
Quentin Gliech
a70032c8e1 Split the asymmetric and symmetric keys enums 2022-09-02 15:37:46 +02:00
Quentin Gliech
dc56358184 Remove unnecessary dependencies from mas-jose 2022-09-02 15:37:46 +02:00
Quentin Gliech
e1d50b818e Add a dedicated keystore crate 2022-09-02 15:37:46 +02:00
Quentin Gliech
768c48234a Remove unnecessary dependencies 2022-09-02 15:37:46 +02:00
Quentin Gliech
2c400d4cc1 Get rid of legacy JWKS store 2022-09-02 15:37:46 +02:00
Quentin Gliech
84c793dae0 Reorganise algorithms under the jwa module 2022-09-02 15:37:46 +02:00
Quentin Gliech
945719a5a1 JWK signer 2022-09-02 15:37:46 +02:00
Quentin Gliech
dd51c4a51b Private to public JWKS conversion 2022-09-02 15:37:46 +02:00
Quentin Gliech
0b6e4cdece Fix EC key conversion & constraints 2022-09-02 15:37:46 +02:00
Quentin Gliech
7ea61ca257 cargo fmt 2022-09-02 15:37:46 +02:00
Quentin Gliech
29f1b134ae Make the JWK generic over the parameters 2022-09-02 15:37:46 +02:00
Quentin Gliech
6636cdcf49 Prepare the private JWK 2022-09-02 15:37:46 +02:00
Quentin Gliech
956556b0ff Sign all the things 2022-09-02 15:37:46 +02:00
Quentin Gliech
ca125a14c5 WIP: better JOSE 2022-09-02 15:37:46 +02:00
Quentin Gliech
c1ed726dc8 Enable the clippy::str_to_string lint 2022-08-08 10:06:20 +02:00
Quentin Gliech
5c14611b96 Simple dynamic client registration 2022-04-19 12:23:19 +02:00
Quentin Gliech
0f7484beee Axum migration: /oauth2/introspection 2022-04-06 17:35:29 +02:00
Quentin Gliech
ed49624c3a Axum migration: WIP client authentication 2022-04-06 17:35:29 +02:00
Quentin Gliech
62f633a716 Move clients to the database 2022-03-08 19:07:46 +01:00
Quentin Gliech
035e2d7829 Implement private_key_jwks client authentication 
This involves a lot of things, including:
 - better VerifyingKeystore trait
 - better errors in the JOSE crate
 - getting rid of async_trait in some JOSE traits
 2022-02-17 15:42:44 +01:00
Quentin Gliech
a45381828c Loads of docs & enabling more clippy lints 2022-02-01 12:02:32 +01:00
Quentin Gliech
2844706bb1 Multiple IANA codegen enhancement 
- JWS/JWE algorithms are properly splitted
 - Enums now have a proper description
 - They implement FromStr and Display
 - mas-jose does not reexport mas-iana anymore
 2022-01-12 10:58:27 +01:00
Quentin Gliech
9003eaf0c2 Use new generated enums & query supported signing algs from the keystore 2022-01-11 18:46:26 +01:00
Quentin Gliech
5631300dc3 Claims handling in JOSE library 2022-01-10 17:41:48 +01:00
Quentin Gliech
f0a7e96875 Add tests for private_key_jwt client auth 2022-01-06 10:04:43 +01:00
Quentin Gliech
a965e488e2 Support private_key_jwt client auth 
Which includes having a verifying keystore out of JWKS (and soon out of
a JWKS URI)
 2022-01-05 21:07:18 +01:00
Quentin Gliech
f7706f2351 jose: split the keystores in different modules 2022-01-05 11:43:26 +01:00
Quentin Gliech
767d7649ce Upgrade more crypto crates 2022-01-05 10:57:18 +01:00
Quentin Gliech
f933ace007 New JWT/JOSE crate 
Still WIP, needs to handle time related claims
 2022-01-04 22:28:00 +01:00