matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00
Code Activity
2,760 Commits 59 Branches 22 Tags
ee9a01ef4037e8170a19fd149b453ae9bbfb8e91
Commit Graph

82 Commits

Author SHA1 Message Date
Quentin Gliech
7e30daf83e Replace parse-display with manual Display/FromStr impls 2024-03-19 16:38:46 +01:00
Kévin Commaille
4eeedbef31 Add account management URL for clients 
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
 2024-03-19 15:05:27 +01:00
Quentin Gliech
61a69f5af4 Upgrade chrono and replace deprecated methods usage 2024-03-18 17:26:40 +01:00
Quentin Gliech
7d9d97a006 Implement the device access token request 2024-02-02 18:01:51 +01:00
Quentin Gliech
50654d2e40 Implement the device code authorisation request 2024-02-02 18:01:51 +01:00
Quentin Gliech
a0f5f3c642 Enable clippy lints on a workspace level 
This enables a lot more lints than before in some crates, so this fixed a lot of warnings as well.
 2023-12-05 17:20:42 +01:00
Quentin Gliech
aeb379eee9 oauth2-types: Only require redirect_uris & change the default response type for the auth code grant and implicit grant 2023-09-06 09:35:34 +02:00
Quentin Gliech
542d0a6073 Implement the client credentials grant 2023-09-06 09:35:34 +02:00
Quentin Gliech
17e28f56c1 Upgrade Rust to 1.72.0 
Fixes new clippy errors and upgrade other tools
 2023-08-28 18:05:56 +02:00
Kévin Commaille
7c2e691175 Add client-side support for software statement, ID and version 
According to RFC7591

Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
 2023-08-08 18:20:22 +02:00
Kévin Commaille
ba7d17f25c Add client-side support for RP-Initiated logout 
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
 2023-08-08 18:14:04 +02:00
Doug
7aae66e182 Make ClientErrorCode.error_description optional. 2023-05-09 19:10:19 +02:00
Quentin Gliech
d34e01fc67 Provision and delete Matrix devices in OAuth sessions 2023-04-24 10:42:38 +02:00
Quentin Gliech
17471c651e handlers: add tests for the token endpoint 
This also simplifies the way we issue tokens in tests
 2023-02-22 19:38:01 +01:00
Quentin Gliech
543b4b229f Support for token revocation 2023-02-21 12:06:30 +01:00
Quentin Gliech
792d3c793b Convert many match/if expressions to let-else 2023-02-01 10:37:04 +01:00
Quentin Gliech
09a567ab17 storage: OAuth2 client repository 2023-01-04 16:30:32 +01:00
Kévin Commaille
01a7febee2 Don't enforce RS256 ID Token signing alg in provider metadata 2022-12-18 16:02:48 +01:00
Quentin Gliech
ca112d45e1 ci: Update clippy to 1.66 and fix new warnings 2022-12-16 18:16:18 +01:00
Quentin Gliech
bd93074076 clippy: fix warnings in tests 2022-12-08 15:29:15 +01:00
Quentin Gliech
d58dab702b oauth2-types: urn:ietf:params:oauth:grant-type:jwt-bearer 2022-12-05 19:39:51 +01:00
Quentin Gliech
bedcf44741 WIP: upstream OIDC provider support 2022-12-05 19:39:51 +01:00
Quentin Gliech
95a879585b Make the OIDC issuer a string instead of a URL 2022-12-02 18:04:07 +01:00
Kévin Commaille
db25574a96 Make sure Scope and InvalidScope are reexported from mas-oidc-client 2022-12-01 10:45:38 +01:00
Kévin Commaille
66055b044e Make sure all types of oauth2-types are documented 2022-12-01 10:45:38 +01:00
Kévin Commaille
c590e8df92 Don't leak secrets in requests Debug format 2022-11-21 16:12:35 +01:00
Kévin Commaille
51515358f7 Make more enum types accept unknown values 2022-10-17 14:15:35 +02:00
Kévin Commaille
10297d29bb Make Scope use a BTreeSet internally 2022-10-17 14:12:59 +02:00
Kévin Commaille
99f2ca3d57 Derive Clone for http requests structs 
So they don't prevent a Service from implementing Clone.
 2022-10-17 12:47:43 +02:00
Kévin Commaille
954e163936 Fix parsing and deserialization of AuthenticationMethodOrAccessTokenType 2022-09-28 13:43:39 +02:00
Kévin Commaille
80d317f23c Add variants for unknown values on mas-iana types 
Remove the Copy derive and mark enums as non-exhaustive.
 2022-09-28 13:43:39 +02:00
Kévin Commaille
1bbd2c2970 Allow access token types in introspection auth methods 2022-09-27 19:11:32 +02:00
Kévin Commaille
940ab48819 Add types for the Device Authorization flow 2022-09-16 11:47:31 +02:00
Kévin Commaille
fca6cfa393 Use ResponseType that doesn't care about tokens order 2022-09-13 15:15:30 +02:00
Kévin Commaille
c4e495a84a Properly implement Display and FromStr for oauth2-types enums 
Use SerializeDisplay and DeserializeFromStr derives.
Add tests for serialize and deserialize implemntations.
 2022-09-12 15:44:15 +02:00
Kévin Commaille
94ba03a273 Add more variants to GrantType 2022-09-12 11:06:45 +02:00
Kévin Commaille
940965287b Allow to get verified provider metadata with minimal checks 2022-09-07 08:56:10 +02:00
Kévin Commaille
91ce8ff5fe Add Pushed Authorization Request response type 2022-09-05 11:29:17 +02:00
Quentin Gliech
29f1b134ae Make the JWK generic over the parameters 2022-09-02 15:37:46 +02:00
Kévin Commaille
7b281f4c21 Improve docs and spec compliance of oauth2-types requests 2022-09-02 11:25:21 +02:00
Kévin Commaille
bffbf63992 Add a constructor for a basic AuthorizationRequest 2022-09-02 11:25:21 +02:00
Kévin Commaille
7a931925fa Basic improvements to oauth2-types requests 
Make sure all types implement Serialize, Deserialize, Debug and Clone.
Make sure all types can be constructed and all fields can be accessed.
 2022-09-02 11:25:21 +02:00
Kévin Commaille
ee47c821e3 Use an enum for client error codes 
Replace the ClientError constants with From<ClientErrorCode>.
 2022-09-01 17:59:37 +02:00
Kévin Commaille
e202c3dd6d Allow to validate client metadata 
According to OpenID Connect Dynamic Client Registration Spec 1.0.
Introduce VerifiedClientMetadata.
 2022-08-19 13:58:43 +02:00
Kévin Commaille
78f41c7d86 Improve docs for the prompt_values_supported field 2022-08-12 12:19:17 +02:00
Kévin Commaille
5c8b442747 Fix new clippy 0.1.63 warnings 2022-08-12 11:05:21 +02:00
Kévin Commaille
759809b7fd Document field requirements in ProviderMetadata docs 2022-08-11 17:20:17 +02:00
Kévin Commaille
f6fc51a76f Use LanguageTag for lists of locales in ProviderMetadata 2022-08-11 17:20:17 +02:00
Kévin Commaille
222551ad7f Allow to validate provider metadata 
According to the OpenID Connect Discovery 1.0 spec.
Provide the default values for fields when they are defined.
Introduce VerifiedProviderMetadata.
Rename Metadata to ProviderMetadata.
Implement Deserialize for ProviderMetadata.
 2022-08-11 17:20:17 +02:00
Kévin Commaille
c63345fe31 Fix type of metadata pushed authorization request endpoint 2022-08-11 17:20:17 +02:00