dandri/matrix-authentication-service
1
0
Fork 0
mirror of https://github.com/element-hq/matrix-authentication-service.git synced 2026-06-08 23:53:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,042 Commits 96 Branches 90 Tags
339a1a0efcd60310a97035cb376e08992f8ff049
Commit Graph

94 Commits

Author SHA1 Message Date
Quentin Gliech 3cb8a26d95 "Can request admin" flag on user 2023-10-09 18:52:30 +02:00
Quentin Gliech 894957934d Test the activity tracker on the introspection endpoint 2023-09-19 21:57:54 +02:00
Quentin Gliech 50558a7319 Make the last activity timestamp and IP available through the API 2023-09-19 21:57:54 +02:00
Quentin Gliech 9a77f67fbe Make the error on introspection failure more explicit in the logs 2023-09-13 18:24:52 +02:00
Quentin Gliech e6b91c1ce4 data-model: make the access token expiration optional 2023-09-11 12:03:42 +02:00
Quentin Gliech 7e247830c9 data-model: Make the user_id optional in the OAuth 2.0 sessions 2023-09-06 09:35:34 +02:00
Quentin Gliech ae3213fe87 Make the email verification state more configurable on upstream OAuth 2.0 registration 
This also marks the email as primary
 2023-08-31 14:20:06 +02:00
Quentin Gliech 5d3b8cd92f Store the browser user-agent when starting a browser session 2023-08-29 17:38:01 +02:00
Quentin Gliech 438a10332a Add the user_id directly on oauth2_sessions and make the scope a text list 2023-08-29 12:52:24 +02:00
Quentin Gliech 17e28f56c1 Upgrade Rust to 1.72.0 
Fixes new clippy errors and upgrade other tools
 2023-08-28 18:05:56 +02:00
Quentin Gliech d9a12de8a3 Save the authentication method on each authorization 
This will help us logging out of the upstream.
 2023-08-28 17:14:59 +02:00
Quentin Gliech 096386e9b9 Save the application_type and the contacts in the OAuth 2.0 clients 
This also removes the dedicated "redirect_uris" table and makes it a field of the "oauth2_clients" table
 2023-08-28 14:41:49 +02:00
Quentin Gliech 40b49cdd10 Add a way to lock users 2023-08-03 14:06:34 +02:00
Quentin Gliech 802cf142fd Remove the last authentication from the browser session model 2023-07-21 19:50:30 +02:00
Quentin Gliech de13d3ef19 CLI tool to sync the upstream IDPs with the config 2023-06-26 17:24:56 +02:00
Quentin Gliech 9d5c2a40a1 Pass the claims import preferences on the storage layer 2023-06-26 17:24:56 +02:00
Quentin Gliech c183830489 Ground work to import upstream OIDC claims on registration. 2023-06-26 17:24:56 +02:00
Quentin Gliech 2a514cf452 Add a admin flag to the compatibility session 
Also adds a CLI tool to issue a compatibility token.
 2023-06-16 15:24:38 +02:00
Quentin Gliech 047a91907d Split the mutations and make them use an input object instead of different parameters 2023-04-25 16:39:15 +02:00
Quentin Gliech a55976eeeb Fix Device to ScopeToken conversion and test it 2023-04-24 10:42:38 +02:00
Quentin Gliech d34e01fc67 Provision and delete Matrix devices in OAuth sessions 2023-04-24 10:42:38 +02:00
Kévin Commaille ccc9884726 Allow redirect URIs with any port for loopback interfaces 2023-04-14 10:22:49 +02:00
Hugh Nimmo-Smith 43bcaf5308 Lint 2023-04-06 16:24:18 +02:00
Hugh Nimmo-Smith f53369aeae Handle imported Synapse access/refresh tokens 2023-04-06 16:24:18 +02:00
Quentin Gliech 83cb9158a0 Fix clippy errors 2023-03-14 10:47:35 +01:00
Quentin Gliech 97635375cc handlers: Add test for the compatibility login API 2023-02-24 15:52:21 +01:00
Quentin Gliech 39c126318f Fix the authorization grant template 
It previously relied on the client being in the authorization grant,
which is not the case anymore. This commit also adds a test to ensure
we're not breaking this template in the future.
 2023-01-31 16:50:48 +01:00
Quentin Gliech 3f4ad789bf storage-pg: write tests for the OAuth2 repositories 2023-01-25 17:24:34 +01:00
Quentin Gliech d14ca156ad storage: split the repository trait 2023-01-24 16:05:14 +01:00
Quentin Gliech 876bc9fcb3 handlers: extract the PgRepository from the request 
Also fix a bunch of clippy errors & doctests
 2023-01-18 18:22:13 +01:00
Quentin Gliech 9005931e2a handlers: box the rng and clock, and extract it from the state 2023-01-18 17:49:59 +01:00
Quentin Gliech 3798f25f7d Fix rustdoc lints 2023-01-18 12:25:49 +01:00
Quentin Gliech 488a666a8d storage: remaining oauth2 repositories 
- authorization grants
 - access tokens
 - refresh tokens
 2023-01-12 18:26:04 +01:00
Quentin Gliech 36396c0b45 storage: repository pattern for the compat layer 2023-01-12 15:41:26 +01:00
Quentin Gliech 9f0c9f1466 storage: cleanup access/refresh token lookups 2023-01-11 12:14:52 +01:00
Quentin Gliech 920869b583 storage: do less joins in compat sessions 2023-01-10 18:49:35 +01:00
Quentin Gliech 35787aa072 data-model: have more structs use a state machine 2023-01-09 18:02:32 +01:00
Quentin Gliech 39cd9a2578 data-model: don't embed the client in the auth grant 2023-01-09 10:49:51 +01:00
Quentin Gliech fb7c6f4dd1 storage: do less joins on authorization grants and refresh tokens 2023-01-05 16:49:19 +01:00
Quentin Gliech 603a26eabd storage: oauth2 session repository 2023-01-05 16:44:56 +01:00
Quentin Gliech e26f75246d storage: Load with less joins 
This is done to simplify some queries, to avoid loading more data than
necessary, and in preparation of a proper cache layer
 2023-01-04 18:06:17 +01:00
Quentin Gliech 53172d6a3f strorage: browser session and user password repositories 2023-01-03 15:58:01 +01:00
Quentin Gliech 13a9d03647 storage: user and user email repository 2023-01-02 15:28:44 +01:00
Quentin Gliech ca112d45e1 ci: Update clippy to 1.66 and fix new warnings 2022-12-16 18:16:18 +01:00
Quentin Gliech 533cabe005 Use the new password manager 2022-12-14 16:04:36 +01:00
Quentin Gliech 12ce2a3d04 data-model: simplify the authorization grants and sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech 92d6f5b087 data-model: simplify the oauth2 clients 2022-12-08 15:29:15 +01:00
Quentin Gliech 479e009931 data-model: simplify the compat sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech feebbd0e97 data-model: simplify users and sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech dff2f98167 data-model: simplify tokens 2022-12-08 15:29:15 +01:00