dandri/matrix-authentication-service
1
0
Fork 0
mirror of https://github.com/element-hq/matrix-authentication-service.git synced 2026-06-07 08:52:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,103 Commits 96 Branches 90 Tags
186b54f241d891bbdfd6c1e1c8a15a8071c2fca9
Commit Graph

271 Commits

Author SHA1 Message Date
Hugh Nimmo-Smith 53e6d05f40 Add oauth.device_code_grant_enabled configuration option 2026-04-07 11:13:56 +01:00
Olivier 'reivilibre 5b7b4d61ec Schedule ProvisionUserJob after locking/unlocking user 2026-03-16 13:44:34 +00:00
Jason Robinson 6a786dccbc Add syn2mas flag to ignore missing auth providers 
Currently `syn2mas` will always error in the Synapse checks phase if it finds auth providers in the `user_external_ids` database table, that are not configured in Synapse config. While normally this the right thing to do, we may have situations where we know what we're doing, and want to ignore invalid looking data in the external identifiers table. If the flag is given, ignore errors and output them as warnings instead.
 2026-01-26 14:57:31 +02:00
Hugh Nimmo-Smith dcac8dc62a Support for stable MSC3824 names 2025-12-19 18:13:01 +00:00
Quentin Gliech f6051fdbd9 Better lock and handle missing and modified migrations 
This rewrites the database migration code to:

 - avoid deadlocks when running multiple migration processes at the same
   time with a `CREATE INDEX CONCURRENTLY` statement
 - allow us to remove some migrations from the code base and mark them as
   intentionally removed
 - allow us to modify some migrations and declare alternate checksums
   for previous versions of the migration
 2025-12-04 14:44:16 +01:00
Olivier 'reivilibre 0c8017fc80 Add experimental and preliminary policy-driven session limiting when logging in OAuth 2 sessions. (#5221) 2025-11-25 15:24:02 +00:00
Olivier 'reivilibre 37e5969374 Use less zero-y timestamp 2025-11-06 15:36:52 +00:00
Olivier 'reivilibre a73d655351 Add session limit config to policy data 2025-11-06 10:12:14 +00:00
Olivier 'reivilibre 09dd5e6d83 Stub out the vite manifest when stabilising template renders 2025-10-30 16:33:50 +00:00
Olivier 'reivilibre d3cabf4a4b cli: templates check: add option to --stabilise date and RNG 2025-10-30 15:14:49 +00:00
Olivier 'reivilibre f633e4251e Merge branch 'main' into rei/templatecheck_todisk 2025-10-30 13:52:33 +00:00
Olivier 'reivilibre e5183f600b Fix comment and change delimiter to = 2025-10-30 13:51:33 +00:00
Olivier 'reivilibre 16ec04eb95 Change the format of SampleIdentifiers and don't make a subdir per locale 2025-10-30 12:06:09 +00:00
Olivier 'reivilibre eeeec358c7 Downgrade to SemiStrict in production 2025-10-28 17:20:49 +00:00
Olivier 'reivilibre 7a24a22498 Introduce SampleIdentifiers to stably track samples 
and use these in output filenames
 2025-10-24 17:14:00 +01:00
Olivier 'reivilibre 763e236a0b cli: templates check: allow rendering to --out-dir 2025-10-24 15:43:19 +01:00
Quentin Gliech ad7fedf6ff Adapt most code to use the new edges and cursors 2025-09-29 15:08:46 +02:00
Quentin Gliech 815ce17cc5 Simple CLI commands to manage server admins 2025-09-16 12:42:32 +02:00
Quentin Gliech 0a5f05ffe9 Merge branch 'main' into quenting/stable-docs 2025-09-02 14:11:40 +02:00
Quentin Gliech 9b6aa2a970 Fix the wording about admin token vs. secret in the doctor command 2025-09-02 14:08:20 +02:00
Quentin Gliech 6a1d67f452 Merge remote-tracking branch 'origin/main' into feat/login_hint_with_email 2025-08-18 16:43:00 +02:00
Quentin Gliech 68b74db230 Reformat with rustfmt 2025-08-18 13:46:25 +02:00
Quentin Gliech 6a2d341657 Apply suggestions from code review 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-08-18 13:44:10 +02:00
Quentin Gliech c4e811a7b3 Update mas-cli doctor to suggest the stable MAS integration 2025-08-18 13:23:09 +02:00
Quentin Gliech 45b6b567db Collapse a few nested if now that we have if let chains 2025-08-18 10:29:30 +02:00
mcalinghee a55f26c53e Merge branch 'main' into feat/login_hint_with_email 2025-08-05 17:02:14 +02:00
Quentin Gliech 453e1dbef5 Fix usage of homeserver_connection_from_config 2025-08-05 11:54:28 +02:00
Quentin Gliech 884c66891a Merge branch 'main' into secret_file 2025-08-05 11:17:39 +02:00
Quentin Gliech 95af799daa Make mas-cli manage issue-compatibility-token create the device on the homeserver 2025-08-04 11:21:57 +02:00
mcalinghee c314802fcd move Clock/MockClock/SystemClock/BoxClock/BoxRng to mas-data-model 2025-07-31 11:17:33 +02:00
Quentin Gliech ea873577aa Fix many clippy warnings 
This is because the tracing-attributes update made clippy look at those
again. I've removed the `too_many_lines` lint, as it's not really useful
and we ignore it most of the time anyway.
 2025-07-30 14:49:38 +02:00
Kai A. Hiller d4a318a8ae Add matrix.secret_file config option 2025-07-29 19:46:07 +02:00
Quentin Gliech 23797eef2c Merge branch 'main' into quenting/rust-1.87 2025-07-17 09:22:28 +02:00
Andrew Ferrazzutti d807975137 Decouple (un)locking from (re/de)activation 
Unify the admin API, CLI, and GraphQL API in not having the unlock
command also reactivate, or the deactivate command also lock.

Still let the unlock command of the CLI and GraphQL API to also
reactivate the target user, albeit as a non-default option.
 2025-07-16 14:17:01 -04:00
Andrew Ferrazzutti 6c1afee13d Separate active state from lock state in admin API 
- Allow the admin API to deactivate a user without locking it, and to
  unlock a user without reactivating it.
- Make unlock-and-reactivate flows unset the "deactivated_at" timestamp.
- Revert adding an "unlock" parameter on `ReactivateUserJob`, as the
  option is used only by the admin API which doesn't use a job.
 2025-07-16 14:17:01 -04:00
Andrew Ferrazzutti a8b8c8e31c Add admin API endpoint to reactivate user 2025-07-16 14:17:01 -04:00
Quentin Gliech 63a47aa41b Box all the figment errors to avoid large enum differences 2025-07-16 19:23:06 +02:00
Quentin Gliech 45f15e15d0 Allow setting a custom clock on the QueueWorker & add one to the 
TestState
 2025-07-09 17:24:04 +02:00
Quentin Gliech 3d96dc9d47 Update license headers to match the actual license 2025-06-12 10:32:16 +02:00
Quentin Gliech 50b41a6613 Add secrets.encryption_file config option (#4617) 2025-06-05 15:14:55 +02:00
Quentin Gliech 5d13691acd CLI tool to issue user registration tokens 2025-06-03 17:42:55 +02:00
Kai A. Hiller c8cbb7329e Add secrets.encryption_file config option 
Signed-off-by: Kai A. Hiller <git@kaialexhiller.de>
 2025-06-02 18:39:19 +02:00
Quentin Gliech 40cb052d1f Allow applying unicode normalisation to passwords before hashing 2025-05-30 15:42:32 +02:00
Quentin Gliech 345f6f2c3a Use the new RepositoryFactory everywhere 2025-05-07 17:27:59 +02:00
Quentin Gliech 626c9be760 Move the pool acquisition metric logic to the PgRepositoryFactory 2025-05-07 17:09:20 +02:00
Quentin Gliech 03bad37070 Introduce a RepositoryFactory 2025-05-07 17:00:49 +02:00
Quentin Gliech 73cfc2c6fd syn2mas: allow setting the db name via the database field 
This is supported (but deprecated) by psycopg2, which Synapse uses
 2025-05-05 09:58:46 +02:00
Quentin Gliech 60a0285d36 storage: allow setting the human_name when creating compat sessions 2025-04-25 12:55:10 +02:00
Quentin Gliech b9ae5228e5 Merge branch 'main' into quenting/better-logging 2025-04-23 18:37:30 +02:00
Olivier 'reivilibre 281da18155 Fix cargo doc choking on invalid [DEPRECATED] 'link' 
Could have escaped with a backslash but I thought just using round
brackets would be more readable than that.
 2025-04-23 16:54:10 +01:00