matrix-authentication-service

mirror of https://github.com/element-hq/matrix-authentication-service.git synced 2026-04-04 01:15:51 +00:00

Author	SHA1	Message	Date
Quentin Gliech	c09898c9f5	Merge remote-tracking branch 'origin/main' into quenting/upstream-oauth/skip-interactive	2025-12-03 10:48:31 +01:00
Quentin Gliech	ee4d1304ab	Add more options to deal with localpart conflicts on upstream OAuth 2.0 logins (#5295 )	2025-12-03 10:39:05 +01:00
Quentin Gliech	df14076dd0	Merge branch 'quenting/upstream-oauth/better-conflict-options' into quenting/upstream-oauth/skip-interactive	2025-11-28 18:08:09 +01:00
Quentin Gliech	47d411f641	Option to skip confirmation when registering through an upstream OAuth provider	2025-11-28 15:51:43 +01:00
Quentin Gliech	ffb86f6558	Add more options to deal with localpart conflicts on upstream OAuth 2.0 logins	2025-11-28 10:53:28 +01:00
Olivier 'reivilibre	f670577feb	Expose the compat login policy from the policy engine	2025-11-25 18:41:14 +00:00
Olivier 'reivilibre	0c8017fc80	Add experimental and preliminary policy-driven session limiting when logging in OAuth 2 sessions. (#5221 )	2025-11-25 15:24:02 +00:00
Kai A. Hiller	a93fa72477	Merge branch 'main' into keys_dir	2025-11-18 18:12:14 +01:00
Olivier 'reivilibre	1690570015	(update files after merge)	2025-11-13 15:55:25 +00:00
Olivier 'reivilibre	16f443eba0	Merge branch 'main' into rei/policy_driven_session_limit	2025-11-13 15:54:48 +00:00
networkException	b5a0834faa	Add `upstream_oauth2.providers.[].client_secret_file` config option This patch factors out the previously introduced config wrapper for client secrets to also use it for upstream oauth providers. See `a7e7c3caa1`	2025-11-08 16:10:19 +01:00
Quentin Gliech	3d3412ab55	Remove the nullable transformation for the config schema.	2025-11-07 11:08:59 +01:00
Quentin Gliech	e2490688a5	Merge remote-tracking branch 'origin/main' into quenting/schemars-0.9	2025-11-06 17:34:43 +01:00
reivilibre	a9de093d1a	Update crates/config/src/sections/experimental.rs Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-11-06 15:29:54 +00:00
Olivier 'reivilibre	87c897c51a	Add configuration for session limiting	2025-11-06 10:12:14 +00:00
Quentin Gliech	e4844968d3	Add a configuration option to make email optional for password registration	2025-10-07 17:28:01 +02:00
Kai A. Hiller	6a28950d8e	Add secrets.keys_dir config option	2025-09-08 16:02:38 +02:00
Quentin Gliech	6eac7ed2d7	Automatically derive the `kid` from the key fingerprint if missing (#4876 )	2025-09-02 17:04:35 +02:00
Kai A. Hiller	a65c9afb29	Switch to JWK Thumbprints	2025-08-20 18:22:21 +02:00
Quentin Gliech	a3d1148055	Fix a few more clippy lints	2025-08-18 10:45:20 +02:00
Kai A. Hiller	1b7b43b559	Auto-generate kid if not given	2025-08-08 11:38:45 +02:00
Quentin Gliech	9969898031	Merge branch 'main' into secret_file	2025-08-05 15:37:32 +02:00
Quentin Gliech	f302711a37	Make MAS use the modern Synapse API by default	2025-08-05 15:03:32 +02:00
Quentin Gliech	884c66891a	Merge branch 'main' into secret_file	2025-08-05 11:17:39 +02:00
Kai A. Hiller	a7e7c3caa1	Add clients.[].client_secret_file config option	2025-08-04 19:32:39 +02:00
Kai A. Hiller	d4a318a8ae	Add matrix.secret_file config option	2025-07-29 19:46:07 +02:00
Quentin Gliech	cfa9a23d86	Merge branch 'main' into feat/allow_override_user	2025-07-21 17:03:35 +02:00
Quentin Gliech	832244675d	Threaten to switch to using the modern API in a few releases.	2025-07-21 13:15:48 +02:00
mcalinghee	98912f4ada	allow importing existing users when the localpart matches in upstream OAuth 2.0 logins	2025-07-21 09:52:24 +02:00
Quentin Gliech	c649603830	Use the new dedicated Synapse API	2025-07-18 16:39:24 +02:00
Quentin Gliech	8d6621f00e	Log out oauth & compat sessions when receiving a backchannel logout request	2025-07-04 16:27:10 +02:00
Quentin Gliech	e28ffccc3a	Backchannel logout behavior settings on upstream providers	2025-07-04 16:27:10 +02:00
Quentin Gliech	a35db23b31	Upgrade schemars to 0.9	2025-06-12 15:48:24 +02:00
Quentin Gliech	1546318084	Remove optional features from mas-iana & regenerate Also ignores 'TEMPORARY' items in the IANA registry	2025-06-10 14:25:38 +02:00
Quentin Gliech	8df03bf185	Support for experimental plan management tab in UI (#4549 )	2025-06-10 14:14:24 +02:00
Hugh Nimmo-Smith	037d90bb1a	Update schemas	2025-06-06 10:45:23 +01:00
Quentin Gliech	50b41a6613	Add secrets.encryption_file config option (#4617 )	2025-06-05 15:14:55 +02:00
Quentin Gliech	ae71b75ce1	config: Refactor parsing of secrets section (#4602 )	2025-06-05 15:13:00 +02:00
Kai A. Hiller	3ac2e983bb	Skip encryption serialization if None Signed-off-by: Kai A. Hiller <git@kaialexhiller.de>	2025-06-04 11:53:43 +02:00
Quentin Gliech	685f4761cd	Add config flag to require registration tokens for password registrations	2025-06-03 17:42:53 +02:00
Kai A. Hiller	c8cbb7329e	Add secrets.encryption_file config option Signed-off-by: Kai A. Hiller <git@kaialexhiller.de>	2025-06-02 18:39:19 +02:00
Kai A. Hiller	ec693edb72	Refactor key options in secret config Signed-off-by: Kai A. Hiller <git@kaialexhiller.de>	2025-06-02 14:06:43 +02:00
Kai A. Hiller	e92d16c35c	Refactor password options in secret config Signed-off-by: Kai A. Hiller <git@kaialexhiller.de>	2025-06-02 14:06:43 +02:00
Kai A. Hiller	b0fcf0bf78	Add KeyConfig doc comment Signed-off-by: Kai A. Hiller <git@kaialexhiller.de>	2025-06-02 14:06:43 +02:00
Quentin Gliech	40cb052d1f	Allow applying unicode normalisation to passwords before hashing	2025-05-30 15:42:32 +02:00
Hugh Nimmo-Smith	25de9bcb15	Merge branch 'main' into hughns/plan-management	2025-05-09 10:33:39 +01:00
Quentin Gliech	632904a7ae	Make the default scope on upstream providers config `openid`	2025-05-07 15:34:30 +02:00
Doug	0d1caae379	Update the login schema docs.	2025-05-07 10:21:40 +01:00
Doug	6d29ebb5e7	Generate the schema (which fixes a typo amongst other things 🤦‍♂️)	2025-05-06 18:03:53 +01:00
Doug	096ce6037d	Add a configuration for forwarding the login hint to the upstream provider.	2025-05-06 17:50:33 +01:00

1 2 3

139 Commits