404a266b0e
Merge branch 'main' into madlittlemods/max-session-threshold
2026-05-14 14:59:20 -05:00
aecb172209
Add oauth.device_code_grant_enabled configuration option ( #5612 )
2026-05-13 21:40:02 +02:00
ce3cfe73d9
Pass through max_session_threshold
2026-05-08 13:45:08 -05:00
8ab60954cf
Rename option dangerous_hard_limit_eviction
2026-04-24 19:12:58 -05:00
9b3e78909a
Fix cargo doc not being able to resolve ExperimentalSessionLimitConfig
...
Fix https://github.com/element-hq/matrix-authentication-service/pull/5607#discussion_r3047813509
2026-04-09 16:58:08 -05:00
53e6d05f40
Add oauth.device_code_grant_enabled configuration option
2026-04-07 11:13:56 +01:00
5532c0cda9
Better rustdoc links
2026-04-03 17:42:09 -05:00
673392fcc8
Support MSC4198 login_hint in account management uri
2026-02-23 13:06:59 +02:00
e1de5c5860
Simplify the consent screen ( #5310 )
2025-12-03 14:22:14 +01:00
9213a1ebcc
Get the display name of the Matrix user on the consent screens
2025-12-02 17:51:23 +01:00
df14076dd0
Merge branch 'quenting/upstream-oauth/better-conflict-options' into quenting/upstream-oauth/skip-interactive
2025-11-28 18:08:09 +01:00
47d411f641
Option to skip confirmation when registering through an upstream OAuth provider
2025-11-28 15:51:43 +01:00
ffb86f6558
Add more options to deal with localpart conflicts on upstream OAuth 2.0 logins
2025-11-28 10:53:28 +01:00
4b6c1db5a2
Unify registrations for local passwords and upstream OAuth registrations ( #5281 )
2025-11-27 16:13:03 +01:00
ac4f66920c
Store upstream OAuth sessions on user registrations
...
This will allow us creating user registrations from upstream OAuth auth
sessions
2025-11-21 19:31:37 +01:00
604ed545b0
Use NonZeroU64
2025-11-06 15:01:49 +00:00
87c897c51a
Add configuration for session limiting
2025-11-06 10:12:14 +00:00
3d80097bae
Merge branch 'main' into rei/pat_devicesync
2025-10-22 14:27:40 +01:00
c8ed12512e
Relax the validity check of the token actor
2025-10-22 13:15:12 +01:00
42f6664396
When adding or revoking personal sessions, schedule needed device syncs
2025-10-22 11:50:27 +01:00
477385fd9f
Add storage for Personal Access Tokens ( #5106 )
...
Defines a token format for PATs and implements the base storage functionality for PATs and 'Personal Sessions' which are conceptually the parent containers of PATs.
Personal Sessions survive across regenerations of PATs and are the entities associated with the device ID. In virtually every way they are functionally the same as Compat or OAuth2 Sessions.
2025-10-09 13:07:41 +01:00
72d3ea851b
Support OAuth2 clients as owners of personal sessions
2025-10-07 19:54:59 +01:00
e4844968d3
Add a configuration option to make email optional for password registration
2025-10-07 17:28:01 +02:00
b54a657c32
data model: Add personal sessions with mpt_ prefix
2025-10-07 16:08:43 +01:00
377ef1d390
Inject the version in the app state
2025-10-03 11:41:22 +02:00
5d63ee2edf
Surface the user guest flag in the admin API
2025-09-15 12:51:00 +02:00
fb5c4de881
Simplify handling of login hints
2025-08-18 16:48:21 +02:00
576b5c6e73
Remove unnecessary crate-level comment
2025-08-18 16:48:04 +02:00
6a1d67f452
Merge remote-tracking branch 'origin/main' into feat/login_hint_with_email
2025-08-18 16:43:00 +02:00
a3d1148055
Fix a few more clippy lints
2025-08-18 10:45:20 +02:00
3eaa27ce8c
Un-hide a few elidded lifetimes
2025-08-18 10:35:28 +02:00
45b6b567db
Collapse a few nested if now that we have if let chains
2025-08-18 10:29:30 +02:00
a55f26c53e
Merge branch 'main' into feat/login_hint_with_email
2025-08-05 17:02:14 +02:00
7e018a06aa
Merge remote-tracking branch 'origin/main' into quenting/stable-api
2025-08-04 16:38:49 +02:00
b189bfd7d1
use of static RNG and MockClock in tests
2025-07-31 12:48:16 +02:00
a75ca69ed0
move Clock/MockClock/SystemClock/BoxClock/BoxRng to mas-data-model : format
2025-07-31 12:35:56 +02:00
d65b70d0dc
move Clock/MockClock/SystemClock/BoxClock/BoxRng to mas-data-model : correct documentation
2025-07-31 12:34:01 +02:00
c314802fcd
move Clock/MockClock/SystemClock/BoxClock/BoxRng to mas-data-model
2025-07-31 11:17:33 +02:00
cdf53ca4a0
use of login_with_email_allowed at caller level
2025-07-30 15:19:57 +02:00
3f14589bbb
rename Login:EMAIL to Login::Email + remove use of email prefix
2025-07-30 15:19:57 +02:00
8af50a15ff
display email login_hint when login_with_email_allowed is activated
2025-07-30 15:19:57 +02:00
87ac7a1989
remove unused function
2025-07-21 10:19:57 +02:00
c7b57f7d4c
fix rust style
2025-07-21 09:52:24 +02:00
3644d4c0bf
rename is_forced to is_forced_or_required
2025-07-21 09:52:24 +02:00
3774850c94
use of UpstreamOAuthProviderLocalpartPreference
2025-07-21 09:52:24 +02:00
98912f4ada
allow importing existing users when the localpart matches in upstream OAuth 2.0 logins
2025-07-21 09:52:24 +02:00
8d6621f00e
Log out oauth & compat sessions when receiving a backchannel logout request
2025-07-04 16:27:10 +02:00
e28ffccc3a
Backchannel logout behavior settings on upstream providers
2025-07-04 16:27:10 +02:00
1c6c6ff8fa
Record the decoded ID token claims on upstream auth sessions
2025-07-04 16:27:09 +02:00
6d2dd069d8
data-model: make the device emit both stable and unstable scope tokens
2025-06-13 15:42:57 +02:00
Eric Eastwood