6cff677550
Properly advertise all the supported JWT verification algorithms
2022-09-13 15:19:19 +02:00
fca6cfa393
Use ResponseType that doesn't care about tokens order
2022-09-13 15:15:30 +02:00
3c3f9aa920
Bump axum from 0.6.0-rc.1 to 0.6.0-rc.2
...
Bumps [axum](https://github.com/tokio-rs/axum ) from 0.6.0-rc.1 to 0.6.0-rc.2.
- [Release notes](https://github.com/tokio-rs/axum/releases )
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md )
- [Commits](https://github.com/tokio-rs/axum/compare/axum-v0.6.0-rc.1...axum-v0.6.0-rc.2 )
---
updated-dependencies:
- dependency-name: axum
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-13 11:38:49 +02:00
5fcdbe67c6
Bump serde_with from 2.0.0 to 2.0.1
...
Bumps [serde_with](https://github.com/jonasbb/serde_with ) from 2.0.0 to 2.0.1.
- [Release notes](https://github.com/jonasbb/serde_with/releases )
- [Commits](https://github.com/jonasbb/serde_with/compare/v2.0.0...v2.0.1 )
---
updated-dependencies:
- dependency-name: serde_with
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-12 23:00:26 +02:00
9ae7e2216d
Bump url from 2.3.0 to 2.3.1
...
Bumps [url](https://github.com/servo/rust-url ) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/servo/rust-url/releases )
- [Commits](https://github.com/servo/rust-url/compare/v2.3.0...v2.3.1 )
---
updated-dependencies:
- dependency-name: url
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-08 23:18:54 +02:00
db0360948d
Bump url from 2.2.2 to 2.3.0
...
Bumps [url](https://github.com/servo/rust-url ) from 2.2.2 to 2.3.0.
- [Release notes](https://github.com/servo/rust-url/releases )
- [Commits](https://github.com/servo/rust-url/compare/v2.2.2...v2.3.0 )
---
updated-dependencies:
- dependency-name: url
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-08 01:20:45 +02:00
0452ac10e6
Move claim hash token function to mas-jose crate
...
Change the hash function according to the signature algorithm,
according to the OpendID Connect spec.
2022-09-06 14:15:05 +02:00
36668d9b91
Move the healthcheck route to the API router
2022-09-06 13:11:54 +02:00
fa47f6e150
Upgrade axum to 0.6.0-rc.1
2022-09-06 13:11:54 +02:00
36c643cb8e
Bump thiserror from 1.0.33 to 1.0.34
...
Bumps [thiserror](https://github.com/dtolnay/thiserror ) from 1.0.33 to 1.0.34.
- [Release notes](https://github.com/dtolnay/thiserror/releases )
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.33...1.0.34 )
---
updated-dependencies:
- dependency-name: thiserror
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-06 00:17:05 +02:00
7f485c0c92
Bump anyhow from 1.0.63 to 1.0.64
...
Bumps [anyhow](https://github.com/dtolnay/anyhow ) from 1.0.63 to 1.0.64.
- [Release notes](https://github.com/dtolnay/anyhow/releases )
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.63...1.0.64 )
---
updated-dependencies:
- dependency-name: anyhow
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-05 23:53:36 +02:00
ba63673552
Bump sha2 from 0.10.4 to 0.10.5
...
Bumps [sha2](https://github.com/RustCrypto/hashes ) from 0.10.4 to 0.10.5.
- [Release notes](https://github.com/RustCrypto/hashes/releases )
- [Commits](https://github.com/RustCrypto/hashes/compare/sha2-v0.10.4...sha2-v0.10.5 )
---
updated-dependencies:
- dependency-name: sha2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-03 02:54:55 +02:00
95063ea251
Bump headers from 0.3.7 to 0.3.8
...
Bumps [headers](https://github.com/hyperium/headers ) from 0.3.7 to 0.3.8.
- [Release notes](https://github.com/hyperium/headers/releases )
- [Commits](https://github.com/hyperium/headers/compare/headers-v0.3.7...headers-v0.3.8 )
---
updated-dependencies:
- dependency-name: headers
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-03 01:16:46 +02:00
f274e2884b
Bump sha2 from 0.10.3 to 0.10.4
...
Bumps [sha2](https://github.com/RustCrypto/hashes ) from 0.10.3 to 0.10.4.
- [Release notes](https://github.com/RustCrypto/hashes/releases )
- [Commits](https://github.com/RustCrypto/hashes/compare/sha2-v0.10.3...sha2-v0.10.4 )
---
updated-dependencies:
- dependency-name: sha2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-02 23:40:26 +02:00
dca662da65
Bump sha2 from 0.10.2 to 0.10.3
...
Bumps [sha2](https://github.com/RustCrypto/hashes ) from 0.10.2 to 0.10.3.
- [Release notes](https://github.com/RustCrypto/hashes/releases )
- [Commits](https://github.com/RustCrypto/hashes/compare/sha2-v0.10.2...sha2-v0.10.3 )
---
updated-dependencies:
- dependency-name: sha2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-09-02 16:10:24 +02:00
cc6c6e8bdb
Remove the config dependency from the email, templates & handlers crates
2022-09-02 16:01:11 +02:00
1f0e273ac3
JWT response wrapper
...
Helps replying with a JWT to a request, with a
`Content-Type: application/jwt` header
2022-09-02 15:37:46 +02:00
b9e46dfc55
Some cleanups
2022-09-02 15:37:46 +02:00
8c25dc03ce
Move the Encrypter from the config to the keystore
2022-09-02 15:37:46 +02:00
e1d50b818e
Add a dedicated keystore crate
2022-09-02 15:37:46 +02:00
2c400d4cc1
Get rid of legacy JWKS store
2022-09-02 15:37:46 +02:00
ca125a14c5
WIP: better JOSE
2022-09-02 15:37:46 +02:00
495285162b
Remove support for the token response type
2022-09-02 13:59:10 +02:00
7b281f4c21
Improve docs and spec compliance of oauth2-types requests
2022-09-02 11:25:21 +02:00
ee47c821e3
Use an enum for client error codes
...
Replace the ClientError constants with From<ClientErrorCode>.
2022-09-01 17:59:37 +02:00
14ab53ddfc
Bump serde_json from 1.0.83 to 1.0.85
...
Bumps [serde_json](https://github.com/serde-rs/json ) from 1.0.83 to 1.0.85.
- [Release notes](https://github.com/serde-rs/json/releases )
- [Commits](https://github.com/serde-rs/json/compare/v1.0.83...v1.0.85 )
---
updated-dependencies:
- dependency-name: serde_json
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-08-22 15:44:03 +02:00
2eed13639f
Bump serde from 1.0.143 to 1.0.144
...
Bumps [serde](https://github.com/serde-rs/serde ) from 1.0.143 to 1.0.144.
- [Release notes](https://github.com/serde-rs/serde/releases )
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.143...v1.0.144 )
---
updated-dependencies:
- dependency-name: serde
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-08-22 15:22:04 +02:00
e202c3dd6d
Allow to validate client metadata
...
According to OpenID Connect Dynamic Client Registration Spec 1.0.
Introduce VerifiedClientMetadata.
2022-08-19 13:58:43 +02:00
22b1406279
Bump chrono from 0.4.20 to 0.4.22
...
Bumps [chrono](https://github.com/chronotope/chrono ) from 0.4.20 to 0.4.22.
- [Release notes](https://github.com/chronotope/chrono/releases )
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md )
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.20...v0.4.22 )
---
updated-dependencies:
- dependency-name: chrono
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-08-19 12:21:07 +02:00
f0efc2c695
Bump axum-extra from 0.3.6 to 0.3.7
...
Bumps [axum-extra](https://github.com/tokio-rs/axum ) from 0.3.6 to 0.3.7.
- [Release notes](https://github.com/tokio-rs/axum/releases )
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md )
- [Commits](https://github.com/tokio-rs/axum/compare/axum-extra-v0.3.6...axum-extra-v0.3.7 )
---
updated-dependencies:
- dependency-name: axum-extra
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-08-19 12:18:16 +02:00
b64812d77c
Bump axum from 0.5.13 to 0.5.15
...
Bumps [axum](https://github.com/tokio-rs/axum ) from 0.5.13 to 0.5.15.
- [Release notes](https://github.com/tokio-rs/axum/releases )
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md )
- [Commits](https://github.com/tokio-rs/axum/compare/axum-v0.5.13...axum-v0.5.15 )
---
updated-dependencies:
- dependency-name: axum
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-08-19 11:47:07 +02:00
31aa7b6913
Bump anyhow from 1.0.59 to 1.0.62
...
Bumps [anyhow](https://github.com/dtolnay/anyhow ) from 1.0.59 to 1.0.62.
- [Release notes](https://github.com/dtolnay/anyhow/releases )
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.59...1.0.62 )
---
updated-dependencies:
- dependency-name: anyhow
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-08-19 10:23:21 +02:00
222551ad7f
Allow to validate provider metadata
...
According to the OpenID Connect Discovery 1.0 spec.
Provide the default values for fields when they are defined.
Introduce VerifiedProviderMetadata.
Rename Metadata to ProviderMetadata.
Implement Deserialize for ProviderMetadata.
2022-08-11 17:20:17 +02:00
c1ed726dc8
Enable the clippy::str_to_string lint
2022-08-08 10:06:20 +02:00
3215e86eaa
Use unstable prefixes for scope names ( #337 )
2022-08-05 17:58:22 +00:00
2568720106
Bump chrono from 0.4.19 to 0.4.20
...
Bumps [chrono](https://github.com/chronotope/chrono ) from 0.4.19 to 0.4.20.
- [Release notes](https://github.com/chronotope/chrono/releases )
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md )
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.19...v0.4.20 )
---
updated-dependencies:
- dependency-name: chrono
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-08-05 09:48:09 +02:00
2e2c3d54a6
Test HTTP handlers
2022-08-05 09:48:02 +02:00
3cfd0f1553
Bump serde from 1.0.141 to 1.0.142
...
Bumps [serde](https://github.com/serde-rs/serde ) from 1.0.141 to 1.0.142.
- [Release notes](https://github.com/serde-rs/serde/releases )
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.141...v1.0.142 )
---
updated-dependencies:
- dependency-name: serde
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-08-04 11:30:39 +02:00
25a7d6cba5
Bump serde_json from 1.0.82 to 1.0.83
...
Bumps [serde_json](https://github.com/serde-rs/json ) from 1.0.82 to 1.0.83.
- [Release notes](https://github.com/serde-rs/json/releases )
- [Commits](https://github.com/serde-rs/json/compare/v1.0.82...v1.0.83 )
---
updated-dependencies:
- dependency-name: serde_json
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-08-04 10:43:50 +02:00
2e8f180675
Bump sqlx from 0.6.0 to 0.6.1
...
Bumps [sqlx](https://github.com/launchbadge/sqlx ) from 0.6.0 to 0.6.1.
- [Release notes](https://github.com/launchbadge/sqlx/releases )
- [Changelog](https://github.com/launchbadge/sqlx/blob/main/CHANGELOG.md )
- [Commits](https://github.com/launchbadge/sqlx/commits )
---
updated-dependencies:
- dependency-name: sqlx
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-08-04 10:03:39 +02:00
3b56287c99
Bump thiserror from 1.0.31 to 1.0.32
...
Bumps [thiserror](https://github.com/dtolnay/thiserror ) from 1.0.31 to 1.0.32.
- [Release notes](https://github.com/dtolnay/thiserror/releases )
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.31...1.0.32 )
---
updated-dependencies:
- dependency-name: thiserror
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-08-04 09:21:37 +02:00
b3486cc373
Bump elliptic-curve from 0.12.2 to 0.12.3
...
Bumps [elliptic-curve](https://github.com/RustCrypto/traits ) from 0.12.2 to 0.12.3.
- [Release notes](https://github.com/RustCrypto/traits/releases )
- [Commits](https://github.com/RustCrypto/traits/compare/elliptic-curve-v0.12.2...elliptic-curve-v0.12.3 )
---
updated-dependencies:
- dependency-name: elliptic-curve
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-08-03 19:08:56 +02:00
20f2b5db74
Bump indoc from 1.0.6 to 1.0.7
...
Bumps [indoc](https://github.com/dtolnay/indoc ) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/dtolnay/indoc/releases )
- [Commits](https://github.com/dtolnay/indoc/compare/1.0.6...1.0.7 )
---
updated-dependencies:
- dependency-name: indoc
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2022-08-03 16:29:39 +02:00
649e5cd645
Move the PKCE validation logic to oauth2-types
2022-08-03 13:57:31 +02:00
372b32a780
Make PKCE implementation compliant with RFC7636
...
This checks for the PKCE code_verifier length as well as the characters
used. It also give better errors when the PKCE verifier is invalid.
Fixes #316
2022-08-03 13:57:31 +02:00
e3e659b701
Switch back rsa crate to a published pre-version
2022-08-01 19:41:38 +02:00
44b2708f7a
Bump serde_with
2022-08-01 19:38:22 +02:00
d4c718ef4b
Bump Rust dependencies
2022-08-01 17:50:33 +02:00
ba6a382f2c
Authorization grant policy ( #288 )
...
Co-authored-by: Hugh Nimmo-Smith <hughns@matrix.org >
2022-07-21 16:18:59 +00:00
a263330ea5
Stop generating the device ID automatically ( #285 )
2022-07-21 16:34:55 +01:00
