matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00
Code Activity
2,571 Commits 59 Branches 22 Tags
d76b54b13f0f115bca38a7bfb80b554debc187a4
Commit Graph

620 Commits

Author SHA1 Message Date
reivilibre
d76b54b13f Add a setPassword GraphQL mutation for setting a user's password (#2820) 
* Feed `PasswordManager` through to the GraphQL `State`

* Add `setPassword` GraphQL mutation to update a user's password
 2024-06-05 18:04:17 +01:00
reivilibre
206d45bb31 Merge the mas_graphql crate into the mas_handlers crate (#2783) 2024-05-17 17:22:34 +01:00
Quentin Gliech
d061d7f6b3 Move tokio to a workspace dependency 2024-05-15 14:54:34 +02:00
Quentin Gliech
098f7fba03 Move async-graphql to workspace deps & disable apollo tracing 2024-05-15 14:54:34 +02:00
Quentin Gliech
c8e074c8e2 Don't panic when the repository fails on the introspection endpoint 2024-05-15 14:15:11 +02:00
Quentin Gliech
359da66b88 Display a user-friendly error on CAPTCHA failures 2024-05-15 09:38:10 +02:00
Quentin Gliech
e4d6bbee14 Disable hCaptcha compatibility with reCAPTCHA 2024-05-15 09:38:10 +02:00
Quentin Gliech
4d9d8a8ba3 Actually verify the CAPTCHA during registration 2024-05-15 09:38:10 +02:00
Quentin Gliech
a3beeb2398 Render reCAPTCHA challenge on the registration form 2024-05-15 09:38:10 +02:00
dependabot[bot]
ba7b029128 build(deps): bump psl from 2.1.36 to 2.1.37 
Bumps [psl](https://github.com/addr-rs/psl) from 2.1.36 to 2.1.37.
- [Release notes](https://github.com/addr-rs/psl/releases)
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.36...v2.1.37)

---
updated-dependencies:
- dependency-name: psl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-10 10:20:16 +02:00
Quentin Gliech
353815bc6f Skip the device code form when using the full verification URI 
This changes the form to use a GET method, as it is only really doing
a redirect.
 2024-05-07 12:19:10 +02:00
dependabot[bot]
736faf1738 build(deps): bump psl from 2.1.35 to 2.1.36 
Bumps [psl](https://github.com/addr-rs/psl) from 2.1.35 to 2.1.36.
- [Release notes](https://github.com/addr-rs/psl/releases)
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.35...v2.1.36)

---
updated-dependencies:
- dependency-name: psl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-07 07:32:38 +02:00
Quentin Gliech
3978acd94e Fix recently added Clippy lints 
This also ignores the clippy::blocks_in_conditions lint in two crates,
until tracing gets fixed: https://github.com/tokio-rs/tracing/issues/2876
 2024-05-07 07:32:02 +02:00
Quentin Gliech
8e513ea3cc Update Cargo.lock and update cargo-deny exceptions 2024-05-02 14:32:05 +02:00
Quentin Gliech
a99427e942 Move lettre to a workspace dependency 2024-05-02 14:32:05 +02:00
Quentin Gliech
3567f7c445 Upgrade minijinja to 2.0.1 2024-05-02 14:04:14 +02:00
dependabot[bot]
ce617f624f build(deps): bump psl from 2.1.34 to 2.1.35 
Bumps [psl](https://github.com/addr-rs/psl) from 2.1.34 to 2.1.35.
- [Release notes](https://github.com/addr-rs/psl/releases)
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.34...v2.1.35)

---
updated-dependencies:
- dependency-name: psl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-02 09:35:10 +02:00
dependabot[bot]
efaf407f9d build(deps): bump insta from 1.36.1 to 1.38.0 
Bumps [insta](https://github.com/mitsuhiko/insta) from 1.36.1 to 1.38.0.
- [Release notes](https://github.com/mitsuhiko/insta/releases)
- [Changelog](https://github.com/mitsuhiko/insta/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mitsuhiko/insta/compare/1.36.1...1.38.0)

---
updated-dependencies:
- dependency-name: insta
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-30 19:13:29 +02:00
dependabot[bot]
fd985943d3 build(deps): bump psl from 2.1.28 to 2.1.34 
Bumps [psl](https://github.com/addr-rs/psl) from 2.1.28 to 2.1.34.
- [Release notes](https://github.com/addr-rs/psl/releases)
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.28...v2.1.34)

---
updated-dependencies:
- dependency-name: psl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-30 18:12:49 +02:00
dependabot[bot]
9fe842d254 build(deps): bump serde_with from 3.7.0 to 3.8.1 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.7.0 to 3.8.1.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.7.0...v3.8.1)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-30 18:12:31 +02:00
dependabot[bot]
43f4768ae6 build(deps): bump tokio from 1.36.0 to 1.37.0 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.36.0 to 1.37.0.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.36.0...tokio-1.37.0)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-30 18:11:14 +02:00
Quentin Gliech
10d7ca95ae Update copyright headers 2024-04-30 13:33:47 +02:00
Quentin Gliech
db0f007afd Prevent password changes if disabled 2024-04-30 13:33:47 +02:00
Quentin Gliech
d342b2cd5b Prevent email changes if disabled 2024-04-30 13:33:47 +02:00
Quentin Gliech
e080932906 Make the SiteConfig available in the GraphQL context 2024-04-30 13:33:47 +02:00
Quentin Gliech
aa2e2229bc Finish moving the site config 2024-04-30 13:33:47 +02:00
Quentin Gliech
f0899f17bd Move the SiteConfig to the data-model crate 2024-04-30 13:33:47 +02:00
Quentin Gliech
90080235da Introduce config to restrict user capabilities 2024-04-30 13:33:47 +02:00
Quentin Gliech
4e3823fe4f Add a soft-deletion column on upstream OAuth 2.0 providers 2024-04-03 09:51:22 +02:00
Quentin Gliech
58fd6ab4c1 Allow disabling registrations (#2553) 2024-04-03 09:27:14 +02:00
Quentin Gliech
f5b34b5b18 Flatten the passwords config section 2024-03-22 13:33:09 +01:00
Quentin Gliech
dde907758e Use OTEL semantic conventions constants for most attributes 2024-03-19 17:15:14 +01:00
Quentin Gliech
7e30daf83e Replace parse-display with manual Display/FromStr impls 2024-03-19 16:38:46 +01:00
Quentin Gliech
d8f5fdaf5c Moved some dependencies in the workspace and upgrade some dependencies 2024-03-19 14:54:35 +01:00
dependabot[bot]
5dc8e73f7e build(deps): bump serde_with from 3.6.0 to 3.7.0 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.6.0 to 3.7.0.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.6.0...v3.7.0)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-19 10:40:19 +01:00
Quentin Gliech
61a69f5af4 Upgrade chrono and replace deprecated methods usage 2024-03-18 17:26:40 +01:00
Quentin Gliech
6eb6209bd8 Use rustls-platform-verifier for cert validation 
This simplifies by removing the mutually exclusive `native-roots` and
`webpki-roots` features with something that is suitable for all
platforms.
 2024-03-06 14:03:59 +01:00
dependabot[bot]
1c19bc6e54 build(deps): bump time from 0.3.32 to 0.3.34 
Bumps [time](https://github.com/time-rs/time) from 0.3.32 to 0.3.34.
- [Release notes](https://github.com/time-rs/time/releases)
- [Changelog](https://github.com/time-rs/time/blob/main/CHANGELOG.md)
- [Commits](https://github.com/time-rs/time/compare/v0.3.32...v0.3.34)

---
updated-dependencies:
- dependency-name: time
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-01 15:51:42 +01:00
Quentin Gliech
3251c5896c Append additional parameters to the OAuth2 authorize endpoint 2024-03-01 14:36:37 +01:00
Quentin Gliech
1821136e3f Additional parameters from upstream OAuth2 providers in the data model 2024-03-01 14:36:37 +01:00
Quentin Gliech
183f7bad40 Test the addUser GraphQL mutation with the new behaviour 2024-02-29 11:21:24 +01:00
Quentin Gliech
35929d48fd Test the user registration form 2024-02-29 11:21:24 +01:00
Quentin Gliech
896ed3f024 Check for username availability upon registration 2024-02-29 11:21:24 +01:00
Quentin Gliech
4aeb446061 Make the HomeserverConnection available in handlers 2024-02-29 11:21:24 +01:00
Quentin Gliech
f3cbd3b315 Parse User Agents on the backend side (#2388) 
* Parse user agents on the server side

* Parse and expose user agents on the backend

* Use the parsed user agent in the device consent page

* Fix the device icon tests

* Fix clippy warnings

* Box stuff to avoid large enum variants

* Ignore a clippy warning

* Fix the requester boxing
 2024-02-23 16:47:48 +01:00
Quentin Gliech
f171d76dc5 Record user agents on OAuth 2.0 and compat sessions (#2386) 
* Record user agents on OAuth 2.0 and compat sessions

* Add tests for recording user agent in sessions
 2024-02-22 10:01:32 +01:00
Quentin Gliech
ed5893eb20 Save which user session created a compat session 
This also exposes the user session in the GraphQL API, and allow
filtering on browser session ID on the app session list.
 2024-02-21 11:55:58 +01:00
Quentin Gliech
1c000a1fed Make sure the locale fallback works as expected 
- Also makes sure that the fallback runs in the backend and is then
   picked up by the frontend
 - and explicitely fallback zh-CN to zh-Hans
 2024-02-19 11:43:36 +01:00
Quentin Gliech
aefcc3cae2 Move the cross signing reset UI in its own page 2024-02-17 09:48:53 +01:00
Quentin Gliech
e041f47dfe Replace Jotai with @tanstack/router (#2359) 
* Start replacing jotai with @tanstack/router

* Remove jotai completely

* Move the common layout & reimplement the ?action parameter

This also makes sure everything is properly loaded in the route loader,
and we use fragment where it makes sense

* Change the default error component

* GraphQL API: make the sessions fetchable through node(id: ID!)
 2024-02-15 17:19:05 +01:00