56d43b0166
storage: finish cleaning up the errors
2022-12-08 15:29:15 +01:00
a836cc864a
storage: unify most of the remaining errors
2022-12-08 15:29:15 +01:00
102571512e
storage: unify most oauth2 related errors
2022-12-08 15:29:15 +01:00
b7cad48bbd
storage: unify user operations errors
2022-12-08 15:29:15 +01:00
f7f65e314b
storage: unify the compat login errors
2022-12-08 15:29:15 +01:00
1ddc05ff01
storage: start unifying database errors
2022-12-08 15:29:15 +01:00
12ce2a3d04
data-model: simplify the authorization grants and sessions
2022-12-08 15:29:15 +01:00
92d6f5b087
data-model: simplify the oauth2 clients
2022-12-08 15:29:15 +01:00
479e009931
data-model: simplify the compat sessions
2022-12-08 15:29:15 +01:00
feebbd0e97
data-model: simplify users and sessions
2022-12-08 15:29:15 +01:00
dff2f98167
data-model: simplify tokens
2022-12-08 15:29:15 +01:00
1655080b8f
GraphQL: query upstream links from users
2022-12-05 19:39:51 +01:00
989e464dd0
WIP: Provider list on the login page
2022-12-05 19:39:51 +01:00
2e7112ef13
GraphQL API
2022-12-05 19:39:51 +01:00
28bfce7e45
Save the ID token during an upstream authorization
2022-12-05 19:39:51 +01:00
bf432a31e1
OIDC account linking and login
2022-12-05 19:39:51 +01:00
22a337cd45
WIP: handle account linking
2022-12-05 19:39:51 +01:00
cde9187adc
Lookup and save upstream links
2022-12-05 19:39:51 +01:00
bedcf44741
WIP: upstream OIDC provider support
2022-12-05 19:39:51 +01:00
78778648ca
Allow fetching more nodes by their IDs
2022-11-18 13:43:01 +01:00
4f01c123c3
GraphQL schema documentation
2022-11-09 19:17:12 +01:00
4918440c3a
Use the sqlx QueryBuilder to build the paginated queries
2022-11-09 19:17:12 +01:00
08421b6fbe
GraphQL API: query oauth2 sessions and clients
2022-11-09 19:17:12 +01:00
bb8160c541
GraphQL API: compat sessions
2022-11-09 19:17:12 +01:00
e8e7e75514
Allow querying browser sessions
2022-11-09 19:17:12 +01:00
ac40367c5f
Basic current session/user query + user emails connection
2022-11-09 19:17:12 +01:00
577d5e4952
Minor fixes
2022-11-02 18:59:00 +01:00
2d2127dcdb
More cleanups
2022-11-02 18:59:00 +01:00
368a9282a1
Cleanups
2022-11-02 18:59:00 +01:00
f1aa42fae4
Disallow Ulid generation without explicit timestamp and rng
2022-11-02 18:59:00 +01:00
559181c2c3
Pass the rng and clock around
2022-11-02 18:59:00 +01:00
02c30d9916
Insert client redirect_uris in one query
2022-11-02 18:59:00 +01:00
770541eb38
Better DB operations tracing
2022-11-02 18:59:00 +01:00
5580179537
Better logging of user-related DB operations
...
Also fixes a bug where the user would get redirected to the wrong URL
for verifying their email address
2022-11-02 18:59:00 +01:00
27ace2aaca
Do not check for token expiration from the database directly
2022-11-02 18:59:00 +01:00
16e50899e5
Remove trailing spaces
2022-11-02 18:59:00 +01:00
e2142f9cd4
Database refactoring
2022-11-02 18:59:00 +01:00
d1a4262fd0
Fix clippy warning
2022-10-17 11:39:45 +02:00
80d317f23c
Add variants for unknown values on mas-iana types
...
Remove the Copy derive and mark enums as non-exhaustive.
2022-09-28 13:43:39 +02:00
fca6cfa393
Use ResponseType that doesn't care about tokens order
2022-09-13 15:15:30 +02:00
29f1b134ae
Make the JWK generic over the parameters
2022-09-02 15:37:46 +02:00
495285162b
Remove support for the token response type
2022-09-02 13:59:10 +02:00
5c8b442747
Fix new clippy 0.1.63 warnings
2022-08-12 11:05:21 +02:00
c1ed726dc8
Enable the clippy::str_to_string lint
2022-08-08 10:06:20 +02:00
646a0f26d6
Database testing
2022-08-05 09:48:02 +02:00
e0c4b39482
Add an email field in the registration form
2022-06-02 16:18:55 +02:00
89597dbf81
Switch email verification to a code-based flow
2022-06-02 16:18:55 +02:00
bfc20b6faa
Have a better error on registration if the username is already taken
2022-05-23 14:36:38 +02:00
af4f01b769
Check timings when validating an SSO login
...
- exchanging a token twice should not work
- exchanging a token more than 30s after its fullfillment should not
work
- exchanging a pending token should not work
- fullfilling a login more than 30min after its creation should not
work
- also have better errors in some cases
2022-05-23 10:42:25 +02:00
033d60eb73
Legacy login via m.login.sso
2022-05-23 10:42:25 +02:00
