matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-21 23:00:50 +03:00
Code Activity
374 Commits 59 Branches 22 Tags
d6ea0f8da1ab28b494ea3a9ca33e70554dcc22b5
Commit Graph

24 Commits

Author SHA1 Message Date
Quentin Gliech
d43a8f1a00 Basic Webfinger support 2022-04-08 10:43:48 +02:00
Quentin Gliech
bbcd03fa73 Simplify OAuth2 error types 2022-04-07 10:08:10 +02:00
Quentin Gliech
9cd63f6cf1 Fix tests in oauth2 errors serialization 2022-04-06 17:35:29 +02:00
Quentin Gliech
51160faf48 Axum migration: /oauth2/authorize 2022-04-06 17:35:29 +02:00
Quentin Gliech
35310849c7 Axum migration: /oauth2/token 2022-04-06 17:35:29 +02:00
Quentin Gliech
64900ef1d9 Axum migration: /oauth2/keys.json and /.well-known/openid-configuration 2022-04-06 17:35:29 +02:00
Quentin Gliech
8e9bda654f Support prompt=create 
Allows RPs to ask for account creation

See https://openid.net/specs/openid-connect-prompt-create-1_0.html
 2022-03-14 16:34:10 +01:00
Quentin Gliech
62f633a716 Move clients to the database 2022-03-08 19:07:46 +01:00
Quentin Gliech
a45381828c Loads of docs & enabling more clippy lints 2022-02-01 12:02:32 +01:00
Quentin Gliech
5b9c35a079 Use iana generated types in more places 2022-01-12 12:22:54 +01:00
Quentin Gliech
2844706bb1 Multiple IANA codegen enhancement 
- JWS/JWE algorithms are properly splitted
 - Enums now have a proper description
 - They implement FromStr and Display
 - mas-jose does not reexport mas-iana anymore
 2022-01-12 10:58:27 +01:00
Quentin Gliech
9003eaf0c2 Use new generated enums & query supported signing algs from the keystore 2022-01-11 18:46:26 +01:00
Quentin Gliech
97ab75fb15 Add loads of server metadata in the discovery document 2022-01-11 12:54:26 +01:00
Quentin Gliech
b4f0f0d0be Have all server metadata from the IANA registry 2022-01-11 11:20:17 +01:00
Quentin Gliech
de2e078e18 Match the spec on handling request/registration params 
Raise a (request|request_uri|registration)_unsupported error when one of
those parameters are in an authorization request
 2021-11-22 16:14:25 +01:00
Quentin Gliech
d78f64d077 Support the prompt param in authorization requests 2021-11-22 15:54:52 +01:00
Quentin Gliech
5a4d3f6c94 Generate a scope with a random device ID 2021-11-22 14:06:25 +01:00
Quentin Gliech
6a69ef8456 Fix post-auth redirects & support max_age 
This also displays some context on login and reauth page about the next
step
 2021-11-16 19:16:52 +01:00
Quentin Gliech
16fe5a8d76 Implement client_secret_jwt authentication method 2021-11-05 17:18:48 +01:00
Quentin Gliech
004821f4f2 Refactor authorization grant 
The authorization grant is now properly separated from the OAuth2
session, which helps avoiding a lot of potential database
inconsistencies
 2021-10-25 17:27:19 -04:00
Quentin Gliech
ec7d936b10 Better data structure to handle scopes 2021-10-05 20:36:36 +02:00
Quentin Gliech
8ecdf7c6c8 PKCE support 2021-10-05 14:08:47 +02:00
Quentin Gliech
1813984a1c Include "state" in authorization request errors 2021-09-17 18:13:30 +02:00
Quentin Gliech
a44e33931c Split the service in multiple crates 2021-09-16 14:43:56 +02:00