matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-11-20 12:02:22 +03:00
Code Activity
2,368 Commits 59 Branches 22 Tags
f229ced40e11d9c9a24d35126a200b17aa176c03
Commit Graph

165 Commits

Author SHA1 Message Date
Michael Telatynski
70d688913f Add Electron user-agent parsing for Element Desktop/Nightly (#2461) 2024-03-18 18:42:31 +01:00
Quentin Gliech
61a69f5af4 Upgrade chrono and replace deprecated methods usage 2024-03-18 17:26:40 +01:00
Quentin Gliech
1821136e3f Additional parameters from upstream OAuth2 providers in the data model 2024-03-01 14:36:37 +01:00
Quentin Gliech
f3cbd3b315 Parse User Agents on the backend side (#2388) 
* Parse user agents on the server side

* Parse and expose user agents on the backend

* Use the parsed user agent in the device consent page

* Fix the device icon tests

* Fix clippy warnings

* Box stuff to avoid large enum variants

* Ignore a clippy warning

* Fix the requester boxing
 2024-02-23 16:47:48 +01:00
Quentin Gliech
f171d76dc5 Record user agents on OAuth 2.0 and compat sessions (#2386) 
* Record user agents on OAuth 2.0 and compat sessions

* Add tests for recording user agent in sessions
 2024-02-22 10:01:32 +01:00
Quentin Gliech
ed5893eb20 Save which user session created a compat session 
This also exposes the user session in the GraphQL API, and allow
filtering on browser session ID on the app session list.
 2024-02-21 11:55:58 +01:00
Quentin Gliech
17e968f7cc Record the user agent and IP in the device code grant 2024-02-02 18:01:51 +01:00
Quentin Gliech
286fc57103 Add a repository for device code grants 2024-02-02 18:01:51 +01:00
Quentin Gliech
ae05cbc1f1 Setup the data model for the device code grant 2024-02-02 18:01:51 +01:00
Quentin Gliech
49963b26f8 Prepare workspace to publish OIDC crates 2023-12-07 16:02:55 +01:00
Quentin Gliech
a0f5f3c642 Enable clippy lints on a workspace level 
This enables a lot more lints than before in some crates, so this fixed a lot of warnings as well.
 2023-12-05 17:20:42 +01:00
Quentin Gliech
5126d36b2e Add upstream OAuth 2.0 providers name and branding 2023-11-20 17:23:02 +01:00
Quentin Gliech
7315dd9a7a Allow endpoints and discovery mode override for upstream oauth2 providers 
This time, at the configuration and database level
 2023-11-17 16:18:39 +01:00
Quentin Gliech
364093f12f Allow overriding usptream OAuth2 providers endpoints 
Also have a way to disable OIDC discovery when all the endpoints are known.
 2023-11-17 16:18:39 +01:00
Quentin Gliech
89420a2cfc Refactor the upstream link provider template logic 
Also adds tests for new account registration through an upstream oauth2
provider
 2023-11-13 14:11:30 +01:00
Quentin Gliech
6ded397977 Use minijinja templates to map OIDC claims to user attributes 2023-11-08 12:05:58 +01:00
Quentin Gliech
3cb8a26d95 "Can request admin" flag on user 2023-10-09 18:52:30 +02:00
Quentin Gliech
894957934d Test the activity tracker on the introspection endpoint 2023-09-19 21:57:54 +02:00
Quentin Gliech
50558a7319 Make the last activity timestamp and IP available through the API 2023-09-19 21:57:54 +02:00
Quentin Gliech
c9155ef0cf Rust dependencies housekeeping 
Including:
 - package upgrades
 - stop using the patched version of `ulid`
 - update cargo deny duplicate exception list
 2023-09-14 23:43:00 +02:00
Quentin Gliech
9a77f67fbe Make the error on introspection failure more explicit in the logs 2023-09-13 18:24:52 +02:00
Quentin Gliech
e6b91c1ce4 data-model: make the access token expiration optional 2023-09-11 12:03:42 +02:00
Quentin Gliech
7e247830c9 data-model: Make the user_id optional in the OAuth 2.0 sessions 2023-09-06 09:35:34 +02:00
Quentin Gliech
a01c53019f Define common crates metadata on the workspace level 2023-09-01 16:27:22 +02:00
Quentin Gliech
ae3213fe87 Make the email verification state more configurable on upstream OAuth 2.0 registration 
This also marks the email as primary
 2023-08-31 14:20:06 +02:00
Quentin Gliech
5d3b8cd92f Store the browser user-agent when starting a browser session 2023-08-29 17:38:01 +02:00
Quentin Gliech
438a10332a Add the user_id directly on oauth2_sessions and make the scope a text list 2023-08-29 12:52:24 +02:00
Quentin Gliech
17e28f56c1 Upgrade Rust to 1.72.0 
Fixes new clippy errors and upgrade other tools
 2023-08-28 18:05:56 +02:00
Quentin Gliech
d9a12de8a3 Save the authentication method on each authorization 
This will help us logging out of the upstream.
 2023-08-28 17:14:59 +02:00
Quentin Gliech
096386e9b9 Save the application_type and the contacts in the OAuth 2.0 clients 
This also removes the dedicated "redirect_uris" table and makes it a field of the "oauth2_clients" table
 2023-08-28 14:41:49 +02:00
Quentin Gliech
7c83dce66e Move some common dependencies on the workspace level 
Also deprecates the AWS SESv2 transport for emails
 2023-08-14 13:00:01 +02:00
Quentin Gliech
21964cbeab Setup cargo-deny 
Also try to remove a bunch of duplicate crates
 2023-08-14 11:22:52 +02:00
dependabot[bot]
84ca78cf6f build(deps): bump serde from 1.0.181 to 1.0.183 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.181 to 1.0.183.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.181...v1.0.183)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-08 20:35:57 +02:00
dependabot[bot]
4cdb24ffe4 build(deps): bump serde from 1.0.180 to 1.0.181 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.180 to 1.0.181.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.180...v1.0.181)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-04 23:18:07 +02:00
Quentin Gliech
9b5eddbf97 Merge branch 'main' into quenting/user-lock 2023-08-03 15:20:05 +02:00
dependabot[bot]
ddb45b02ea build(deps): bump serde from 1.0.177 to 1.0.180 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.177 to 1.0.180.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.177...v1.0.180)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-03 15:18:17 +02:00
Quentin Gliech
40b49cdd10 Add a way to lock users 2023-08-03 14:06:34 +02:00
dependabot[bot]
31159c0907 build(deps): bump serde from 1.0.176 to 1.0.177 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.176 to 1.0.177.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.176...v1.0.177)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-27 23:28:07 +02:00
Quentin Gliech
e79da4a949 Bump Rust dependencies and remove unused ones 2023-07-27 17:23:08 +02:00
dependabot[bot]
85659c6c36 build(deps): bump serde from 1.0.171 to 1.0.174 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.171 to 1.0.174.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.171...v1.0.174)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-22 00:17:55 +02:00
Quentin Gliech
802cf142fd Remove the last authentication from the browser session model 2023-07-21 19:50:30 +02:00
Quentin Gliech
ba0f7ea62c Upgrade all Rust dependencies 
This includes breaking changes of sqlx 0.7.0
 2023-07-17 19:04:06 +02:00
dependabot[bot]
c068460cd7 build(deps): bump thiserror from 1.0.40 to 1.0.41 
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.40 to 1.0.41.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.40...1.0.41)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-05 01:15:00 +02:00
dependabot[bot]
725078941a build(deps): bump serde from 1.0.165 to 1.0.166 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.165 to 1.0.166.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.165...v1.0.166)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-04 00:59:48 +02:00
dependabot[bot]
88e1a677e5 build(deps): bump serde from 1.0.164 to 1.0.165 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.164 to 1.0.165.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.164...v1.0.165)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-03 15:43:13 +02:00
Quentin Gliech
de13d3ef19 CLI tool to sync the upstream IDPs with the config 2023-06-26 17:24:56 +02:00
Quentin Gliech
9d5c2a40a1 Pass the claims import preferences on the storage layer 2023-06-26 17:24:56 +02:00
Quentin Gliech
c183830489 Ground work to import upstream OIDC claims on registration. 2023-06-26 17:24:56 +02:00
Quentin Gliech
2a514cf452 Add a admin flag to the compatibility session 
Also adds a CLI tool to issue a compatibility token.
 2023-06-16 15:24:38 +02:00
Quentin Gliech
7e90564d16 Bump Rust dependencies 2023-06-14 12:02:16 +02:00