matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-21 23:00:50 +03:00
Code Activity
1,305 Commits 59 Branches 22 Tags
e3b51c09faac79d6c900b947029c68defb53056c
Commit Graph

1305 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Quentin Gliech
59df55c2f9 Handle auth errors on the userinfo endpoint 2021-09-17 16:20:10 +02:00
Quentin Gliech
463184bbb1 Make the template contexts a bit more clear 2021-09-17 14:30:06 +02:00
Quentin Gliech
7afd82be8f ci: better job dependencies 2021-09-17 12:55:10 +02:00
Quentin Gliech
3159a9972f Allow loading multiple configuration files 2021-09-17 12:22:03 +02:00
Quentin Gliech
bd441ceef7 Allow splitting database connection options 2021-09-17 12:03:00 +02:00
Quentin Gliech
789ace84fd Ability to run migrations on startup 
Also adds a bunch of logging information on startup
 2021-09-17 11:27:06 +02:00
Quentin Gliech
4fbac80898 Docker image and CI 2021-09-17 10:40:08 +02:00
Quentin Gliech
76c69485e9 Embed templates in binary & add command to export them 2021-09-16 23:39:07 +02:00
Quentin Gliech
e44197a2cc Bump MSRV to 1.54 
clap 4.0.0-beta4 broke <1.54 compatibility
 2021-09-16 15:05:07 +02:00
Quentin Gliech
721b67fe48 Fix minor code style issues 2021-09-16 14:54:17 +02:00
Quentin Gliech
a44e33931c Split the service in multiple crates 2021-09-16 14:43:56 +02:00
Quentin Gliech
da91564bf9 Upgrade dependencies 2021-09-16 12:33:04 +02:00
Quentin Gliech
41e3945496 Fix signing key in tests 2021-09-16 12:23:45 +02:00
Quentin Gliech
bb11ab7af8 more error handling in token endpoint 
Also adds some OP metadatas to help with conformance
 2021-09-11 00:53:21 +02:00
Quentin Gliech
f8c51f67e8 WIP error management in authorization request 2021-09-10 22:53:21 +02:00
Quentin Gliech
fb421a6139 disabled bogus clippy lint 2021-09-09 23:27:51 +02:00
Quentin Gliech
dad0360ffb implement userinfo endpoint 
Also fix some responses to pass more compliance tests
 2021-09-09 23:11:09 +02:00
Quentin Gliech
ac6875172f Add c_hash, at_hash and nonce claims to id_token 2021-09-09 16:52:08 +02:00
Quentin Gliech
5b1abb6a17 Properly block on hashing and signing operations 
This moves those operations on Tokio "blocking" threads, which avoids
that they block the async executor while running. It also makes the
config generation asynchronous with better logging of what is happening.
 2021-09-09 14:15:42 +02:00
Quentin Gliech
afbae31487 Basic id_token signing 2021-09-09 13:18:53 +02:00
Quentin Gliech
63dfd86552 Implement refresh tokens 2021-08-27 15:27:19 +02:00
Quentin Gliech
2a8c38c181 Simple task scheduler to remove old access tokens 2021-08-27 12:06:03 +02:00
Quentin Gliech
c00c962de2 Simplify client authentication logic 2021-08-26 20:16:38 +02:00
Quentin Gliech
c64273afc3 Recover gracefully from login errors 
Fixes #5
 2021-08-26 18:08:28 +02:00
Quentin Gliech
47e79307a6 Simplify saving encrypted cookies 2021-08-26 17:39:33 +02:00
Quentin Gliech
a1d78eae55 WIP: handle errors in forms 2021-08-26 11:49:22 +02:00
Quentin Gliech
705d253322 Use custom error types for CSRF and login errors 2021-08-26 11:49:22 +02:00
Quentin Gliech
5fdd833b26 Better handle .env file loading error 
Previously it would crash if the file did not exist
 2021-08-26 11:14:49 +02:00
Quentin Gliech
c3087ac925 Display the OIDC discovery document on the index 2021-08-15 11:27:00 +00:00
Quentin Gliech
d056c6ef93 Add registration view 2021-08-15 09:56:28 +00:00
Quentin Gliech
bac4125d8c Load environment variables from .env files 
This allows to properly set the OAuth 2.0 Issuer base in the Codespace
 2021-08-15 09:21:15 +00:00
Quentin Gliech
2361791951 Setup GitHub Codespaces 2021-08-14 20:50:07 +00:00
Quentin Gliech
c4950318dd Commit transaction after exchanging the auth code 2021-08-14 14:35:52 +02:00
Quentin Gliech
d5d9cfe337 ci: Download deps with MSRV 2021-08-14 13:28:03 +02:00
Quentin Gliech
69035e4fb8 Set MSRV and let beta & nightly fail in CI 2021-08-14 13:18:08 +02:00
Quentin Gliech
b5adc80838 Implement code exchange endpoint 
Also implement proper client authentication and fix introspection
endpoint
 2021-08-14 12:31:19 +02:00
Quentin Gliech
3bdfd68f9d Rework warp top-filters to get proper 404 errors 
Before, some had `warp::get().and(warp::path!("foo"))`, which resulted
to a `405 Method not allowed` instead of a 404.

It also uses the `wrap::path!` macro instead of the function to ensure
we're not setting a prefix
 2021-08-13 16:20:09 +02:00
Quentin Gliech
787ff192fe Implement basic token introspection endpoint 2021-08-13 15:45:51 +02:00
Quentin Gliech
0596b65f12 Implement proper access token generation 2021-08-13 14:15:20 +02:00
Quentin Gliech
da13e24789 Acquire DB conns and txns on filter level 
This avoids having the pool everywhere and instead have connections and
transactions as parameters
 2021-08-13 09:38:41 +02:00
Quentin Gliech
4eb1b5d4f8 allow completing an oauth2 session after login 2021-08-06 16:57:49 +02:00
Quentin Gliech
274251ceda wrap HTML responses with warp::reply::html 
This sets the Content-Type in responses
 2021-08-06 13:57:51 +02:00
Quentin Gliech
66f0605c15 set the response_{modes,types}_supported fields in the discovery document 2021-08-06 13:55:45 +02:00
Quentin Gliech
0e68061f7f support the form_post response mode 
also clarify the `register_templates` macro
 2021-08-06 12:17:19 +02:00
Quentin Gliech
88c0a80f64 Continue implementing the authorization code grant 2021-08-05 23:44:35 +02:00
Quentin Gliech
bbeef9151d Document some of the templates related structures 2021-08-05 17:48:41 +02:00
Quentin Gliech
f5333da0d2 Remove unnecessary boxing of filters 
This might help with error handling, knowing what filter are fallible or not
 2021-08-05 17:46:46 +02:00
Quentin Gliech
7a3bcd210d Strongly-typed templates 2021-08-05 14:43:42 +02:00
Quentin Gliech
dcc84e1083 starting the oauth2 authorization flow 
also enable compile-time validation of queries
 2021-07-31 23:22:41 +02:00
Quentin Gliech
1cfd74dae5 move all IDs in DB to 64bit integers 2021-07-31 15:11:35 +02:00