9cb5650167
Axum migration: /account/* routes
2022-04-06 17:35:29 +02:00
b4d0906e75
Axum migration: /verify route
2022-04-06 17:35:29 +02:00
6fb4d27046
Axum migration: /register route
2022-04-06 17:35:29 +02:00
b4dc2b38d0
Axum migration: /reauth route
2022-04-06 17:35:29 +02:00
6e7d0a6cfd
Axum migration: logout route
2022-04-06 17:35:29 +02:00
5e95c705d4
Axum migration: CSRF token and login page
2022-04-06 17:35:29 +02:00
5d3b4aa182
Migrate /health
2022-04-06 17:35:29 +02:00
9b5ecd5bc4
Make the ServerLayer work properly with axum
2022-04-06 17:35:29 +02:00
7c8f8722cd
Axum migration: signed cookies, errors, CSRF tokens, sessions
2022-04-06 17:35:29 +02:00
797257cce7
Start migrating to Axum
...
Now with the homepage and the static files
2022-04-06 17:35:29 +02:00
8e9bda654f
Support prompt=create
...
Allows RPs to ask for account creation
See https://openid.net/specs/openid-connect-prompt-create-1_0.html
2022-03-14 16:34:10 +01:00
3d3b14093c
fix: allow authorization in Access-Control-Request-Headers ( #88 )
...
* fix: allow authorization in Access-Control-Request-Headers
* chore: fix clippy style
* style: use constant version of Authorization header
* chore: fix code style with cargo fmt
Co-authored-by: Quentin Gliech <quenting@element.io >
2022-03-11 11:44:23 +00:00
c71800a8d1
Bump tracing from 0.1.31 to 0.1.32
...
Bumps [tracing](https://github.com/tokio-rs/tracing ) from 0.1.31 to 0.1.32.
- [Release notes](https://github.com/tokio-rs/tracing/releases )
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.31...tracing-0.1.32 )
---
updated-dependencies:
- dependency-name: tracing
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-03-11 11:41:04 +01:00
d0807e9b3c
Bump anyhow from 1.0.55 to 1.0.56
...
Bumps [anyhow](https://github.com/dtolnay/anyhow ) from 1.0.55 to 1.0.56.
- [Release notes](https://github.com/dtolnay/anyhow/releases )
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.55...1.0.56 )
---
updated-dependencies:
- dependency-name: anyhow
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-03-11 10:34:26 +01:00
62f633a716
Move clients to the database
2022-03-08 19:07:46 +01:00
8c97c98206
Fix compilation on older rust version
2022-02-28 10:07:32 +01:00
beef393bc8
Support the email scope
2022-02-25 16:19:38 +01:00
cad6d54ddb
Reply with proper errors on the OAuth token endpoint
2022-02-25 11:28:23 +01:00
1e5e755693
Bump anyhow from 1.0.53 to 1.0.55
...
Bumps [anyhow](https://github.com/dtolnay/anyhow ) from 1.0.53 to 1.0.55.
- [Release notes](https://github.com/dtolnay/anyhow/releases )
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.53...1.0.55 )
---
updated-dependencies:
- dependency-name: anyhow
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-02-22 10:43:31 +01:00
c4b5859591
Bump sqlx from 0.5.10 to 0.5.11
...
Bumps [sqlx](https://github.com/launchbadge/sqlx ) from 0.5.10 to 0.5.11.
- [Release notes](https://github.com/launchbadge/sqlx/releases )
- [Changelog](https://github.com/launchbadge/sqlx/blob/master/CHANGELOG.md )
- [Commits](https://github.com/launchbadge/sqlx/compare/v0.5.10...v0.5.11 )
---
updated-dependencies:
- dependency-name: sqlx
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-02-22 09:51:19 +01:00
e48c74a74a
Bump tracing from 0.1.30 to 0.1.31
...
Bumps [tracing](https://github.com/tokio-rs/tracing ) from 0.1.30 to 0.1.31.
- [Release notes](https://github.com/tokio-rs/tracing/releases )
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.30...tracing-0.1.31 )
---
updated-dependencies:
- dependency-name: tracing
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-02-20 17:37:02 +01:00
e1d7f78b69
Bump argon2 from 0.3.3 to 0.3.4
...
Bumps [argon2](https://github.com/RustCrypto/password-hashes ) from 0.3.3 to 0.3.4.
- [Release notes](https://github.com/RustCrypto/password-hashes/releases )
- [Commits](https://github.com/RustCrypto/password-hashes/compare/argon2-v0.3.3...argon2-v0.3.4 )
---
updated-dependencies:
- dependency-name: argon2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-02-20 16:41:31 +01:00
e4ef5788fa
Bump indoc from 1.0.3 to 1.0.4
...
Bumps [indoc](https://github.com/dtolnay/indoc ) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/dtolnay/indoc/releases )
- [Commits](https://github.com/dtolnay/indoc/compare/1.0.3...1.0.4 )
---
updated-dependencies:
- dependency-name: indoc
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-02-20 16:41:19 +01:00
fa92d6498f
Bump dependencies
2022-02-17 15:53:48 +01:00
035e2d7829
Implement private_key_jwks client authentication
...
This involves a lot of things, including:
- better VerifyingKeystore trait
- better errors in the JOSE crate
- getting rid of async_trait in some JOSE traits
2022-02-17 15:42:44 +01:00
2df40762a2
Dedicated HTTP server/client crate
...
Also have better names for the HTTP routes
2022-02-10 16:38:16 +01:00
26a340d5dc
Bump dependencies
2022-02-04 10:18:01 +01:00
a45381828c
Loads of docs & enabling more clippy lints
2022-02-01 12:02:32 +01:00
9af8820564
Bump dependencies
2022-02-01 10:13:11 +01:00
7e24cd0948
Move secrets and oauth2 clients config
2022-02-01 09:34:55 +01:00
c0e5b66ea4
Move public base URL from oauth2 config to http config
2022-02-01 09:34:55 +01:00
a328403ec7
Bump some dependencies
2022-01-25 15:04:08 +01:00
fa9c2d4c44
Switch RSA crate git source to RustCrypto/RSA
2022-01-25 14:55:05 +01:00
d43af81238
Upgrade dependencies
2022-01-25 12:47:17 +01:00
7b487e184a
Finish implementing email verification
...
Fixes #30
2022-01-21 18:22:02 +01:00
93cbad34f5
Actually send emails
2022-01-19 18:00:45 +01:00
6e50921626
Email management UI
...
Also simplify a bunch of query strings
2022-01-18 18:16:56 +01:00
0c2950a160
Remove unnecessary boxing of warp filters
...
This was needed because of a compiler regression. Now that we're using
Rust 1.58 there is no benefit to boxing them
2022-01-18 12:07:29 +01:00
1b35f96f29
Move password change to its own page
...
Also restructure the templates structure a bit
2022-01-18 11:58:42 +01:00
565f5cda1b
Save user emails in database
2022-01-14 18:42:37 +01:00
571f484894
Revoke OAuth session on code reuse
2022-01-14 13:20:14 +01:00
f876d6a134
Upgrade dependencies
2022-01-14 10:51:12 +01:00
5b9c35a079
Use iana generated types in more places
2022-01-12 12:22:54 +01:00
2844706bb1
Multiple IANA codegen enhancement
...
- JWS/JWE algorithms are properly splitted
- Enums now have a proper description
- They implement FromStr and Display
- mas-jose does not reexport mas-iana anymore
2022-01-12 10:58:27 +01:00
9003eaf0c2
Use new generated enums & query supported signing algs from the keystore
2022-01-11 18:46:26 +01:00
97ab75fb15
Add loads of server metadata in the discovery document
2022-01-11 12:54:26 +01:00
b4f0f0d0be
Have all server metadata from the IANA registry
2022-01-11 11:20:17 +01:00
a30d4b58f0
Add exp claim in id_tokens
2022-01-10 17:59:57 +01:00
5631300dc3
Claims handling in JOSE library
2022-01-10 17:41:48 +01:00
a965e488e2
Support private_key_jwt client auth
...
Which includes having a verifying keystore out of JWKS (and soon out of
a JWKS URI)
2022-01-05 21:07:18 +01:00
