matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00
Code Activity
2,125 Commits 59 Branches 22 Tags
ef23b062619701ee1fe9a901b35031448ee3d33b
Commit Graph

157 Commits

Author SHA1 Message Date
Quentin Gliech
78778648ca Allow fetching more nodes by their IDs 2022-11-18 13:43:01 +01:00
Quentin Gliech
4f01c123c3 GraphQL schema documentation 2022-11-09 19:17:12 +01:00
Quentin Gliech
4918440c3a Use the sqlx QueryBuilder to build the paginated queries 2022-11-09 19:17:12 +01:00
Quentin Gliech
08421b6fbe GraphQL API: query oauth2 sessions and clients 2022-11-09 19:17:12 +01:00
Quentin Gliech
bb8160c541 GraphQL API: compat sessions 2022-11-09 19:17:12 +01:00
Quentin Gliech
e8e7e75514 Allow querying browser sessions 2022-11-09 19:17:12 +01:00
Quentin Gliech
ac40367c5f Basic current session/user query + user emails connection 2022-11-09 19:17:12 +01:00
Quentin Gliech
577d5e4952 Minor fixes 2022-11-02 18:59:00 +01:00
Quentin Gliech
2d2127dcdb More cleanups 2022-11-02 18:59:00 +01:00
Quentin Gliech
368a9282a1 Cleanups 2022-11-02 18:59:00 +01:00
Quentin Gliech
f1aa42fae4 Disallow Ulid generation without explicit timestamp and rng 2022-11-02 18:59:00 +01:00
Quentin Gliech
559181c2c3 Pass the rng and clock around 2022-11-02 18:59:00 +01:00
Quentin Gliech
02c30d9916 Insert client redirect_uris in one query 2022-11-02 18:59:00 +01:00
Quentin Gliech
770541eb38 Better DB operations tracing 2022-11-02 18:59:00 +01:00
Quentin Gliech
5580179537 Better logging of user-related DB operations 
Also fixes a bug where the user would get redirected to the wrong URL
for verifying their email address
 2022-11-02 18:59:00 +01:00
Quentin Gliech
27ace2aaca Do not check for token expiration from the database directly 2022-11-02 18:59:00 +01:00
Quentin Gliech
16e50899e5 Remove trailing spaces 2022-11-02 18:59:00 +01:00
Quentin Gliech
e2142f9cd4 Database refactoring 2022-11-02 18:59:00 +01:00
Quentin Gliech
d1a4262fd0 Fix clippy warning 2022-10-17 11:39:45 +02:00
Kévin Commaille
80d317f23c Add variants for unknown values on mas-iana types 
Remove the Copy derive and mark enums as non-exhaustive.
 2022-09-28 13:43:39 +02:00
Kévin Commaille
fca6cfa393 Use ResponseType that doesn't care about tokens order 2022-09-13 15:15:30 +02:00
Quentin Gliech
29f1b134ae Make the JWK generic over the parameters 2022-09-02 15:37:46 +02:00
Quentin Gliech
495285162b Remove support for the token response type 2022-09-02 13:59:10 +02:00
Kévin Commaille
5c8b442747 Fix new clippy 0.1.63 warnings 2022-08-12 11:05:21 +02:00
Quentin Gliech
c1ed726dc8 Enable the clippy::str_to_string lint 2022-08-08 10:06:20 +02:00
Quentin Gliech
646a0f26d6 Database testing 2022-08-05 09:48:02 +02:00
Quentin Gliech
e0c4b39482 Add an email field in the registration form 2022-06-02 16:18:55 +02:00
Quentin Gliech
89597dbf81 Switch email verification to a code-based flow 2022-06-02 16:18:55 +02:00
Quentin Gliech
bfc20b6faa Have a better error on registration if the username is already taken 2022-05-23 14:36:38 +02:00
Quentin Gliech
af4f01b769 Check timings when validating an SSO login 
- exchanging a token twice should not work
 - exchanging a token more than 30s after its fullfillment should not
   work
 - exchanging a pending token should not work
 - fullfilling a login more than 30min after its creation should not
   work
 - also have better errors in some cases
 2022-05-23 10:42:25 +02:00
Quentin Gliech
033d60eb73 Legacy login via m.login.sso 2022-05-23 10:42:25 +02:00
Quentin Gliech
0fcecfa7fb Handle legacy /refresh 2022-05-19 10:17:49 +02:00
Quentin Gliech
309c89fc4f Handle legacy token expiration & refresh tokens 2022-05-19 10:17:49 +02:00
Quentin Gliech
c4fa87e457 Better data-model for compat sessions & devices 2022-05-19 10:17:49 +02:00
Quentin Gliech
33204b7cf8 Prepare the storage layer for legacy refresh tkoens 2022-05-19 10:17:49 +02:00
Quentin Gliech
660b2d5232 Handle legacy /logout 2022-05-19 10:17:49 +02:00
Quentin Gliech
1aff98bdb3 Working legacy login endpoint 2022-05-19 10:17:49 +02:00
Quentin Gliech
185562c866 Form error state overhaul 
This adds a new FormState structure here to hold the state of an errored
from, including retaining field value and better error codes.

It also adds error recovery for the registration form, and properly
loads the post_login_action context in case of errors.
 2022-05-12 13:35:58 +02:00
Quentin Gliech
436c0dcb19 Rewrite the authorization grant logic 2022-05-06 17:12:39 +02:00
Quentin Gliech
28ff912029 Simple consent screen and storage 2022-04-29 12:16:39 +02:00
Quentin Gliech
bfb00e281d Fix formatting 2022-04-28 18:53:33 +02:00
Quentin Gliech
ead7e4804a Make the client_id a foreign key 2022-04-28 18:39:45 +02:00
Quentin Gliech
25193ebaa5 Support signed userinfo responses 2022-04-21 11:49:49 +02:00
Quentin Gliech
5c14611b96 Simple dynamic client registration 2022-04-19 12:23:19 +02:00
Quentin Gliech
4e31fc6c84 Get rid of warp 2022-04-06 17:35:29 +02:00
Quentin Gliech
9dad21475e Axum migration: /oauth2/userinfo & UserAuthorization util 2022-04-06 17:35:29 +02:00
Quentin Gliech
62f633a716 Move clients to the database 2022-03-08 19:07:46 +01:00
Quentin Gliech
cad6d54ddb Reply with proper errors on the OAuth token endpoint 2022-02-25 11:28:23 +01:00
Quentin Gliech
a45381828c Loads of docs & enabling more clippy lints 2022-02-01 12:02:32 +01:00
Quentin Gliech
54e9dc0712 Database model to save user email verification codes 2022-01-21 17:41:11 +01:00