dandri/matrix-authentication-service
1
0
Fork 0
mirror of https://github.com/element-hq/matrix-authentication-service.git synced 2026-06-06 12:11:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,791 Commits 96 Branches 90 Tags
3959bc2aeea8796d4cee05bff00aec6bb88c34d7
Commit Graph

1844 Commits

Author SHA1 Message Date
dependabot[bot] 308579398f build(deps): bump psl from 2.1.84 to 2.1.85 
Bumps [psl](https://github.com/addr-rs/psl) from 2.1.84 to 2.1.85.
- [Release notes](https://github.com/addr-rs/psl/releases)
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.84...v2.1.85)

---
updated-dependencies:
- dependency-name: psl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 13:41:59 +00:00
Quentin Gliech 9504174812 Only expire sessions from dynamic clients 2025-02-12 17:31:21 +01:00
Quentin Gliech dab640aa51 Allow filtering sessions by client kind (dynamic or static) 2025-02-12 17:31:21 +01:00
Quentin Gliech 935400d87b Experimental feature to timeout inactive sessions 2025-02-12 17:31:21 +01:00
Quentin Gliech 2ae36b4a84 Setup job to expire inactive browser sessions 2025-02-12 14:03:41 +01:00
Quentin Gliech 4353185802 Setup a job to expire compatibility sessions 2025-02-12 13:57:36 +01:00
Quentin Gliech 34f7e49a54 Setup a job to expire OAuth 2.0 sessions 2025-02-12 13:47:48 +01:00
Quentin Gliech 917f4d1817 Allow filtering OAuth sessions with any/no user 2025-02-12 13:00:22 +01:00
Quentin Gliech a7ae36e1ce Allow filtering by subject in the upstream OAuth links admin API 2025-02-12 11:07:11 +01:00
Quentin Gliech 0e3d10ee45 storage: allow filtering upstream OAuth links by subject 2025-02-12 11:01:53 +01:00
Quentin Gliech c880a3dbac Admin API to list and get upstream OAuth links 2025-02-12 10:51:31 +01:00
Quentin Gliech 9216d547ea Fix the user session admin API docs 2025-02-11 17:09:33 +01:00
Quentin Gliech 3792cd4f3b Admin API to list and get user sessions (#4004) 
Similar to #4002, this adds an admin API to list and get user (browser
cookies) sessions
 2025-02-11 16:38:21 +01:00
Quentin Gliech b0bc692289 Fix the upstream OAuth 2.0 callback form deserialisation (#4010) 
Fixes #3957

This was broken since #3893
 2025-02-11 15:36:43 +01:00
dependabot[bot] 80a528ac13 build(deps): bump psl from 2.1.83 to 2.1.84 
Bumps [psl](https://github.com/addr-rs/psl) from 2.1.83 to 2.1.84.
- [Release notes](https://github.com/addr-rs/psl/releases)
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.83...v2.1.84)

---
updated-dependencies:
- dependency-name: psl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-11 14:15:49 +00:00
Quentin Gliech 8dac005678 Fix the upstream OAuth 2.0 callback form deserialisation 2025-02-11 15:13:43 +01:00
Quentin Gliech 2a9fb26265 Admin API to list and get user sessions 2025-02-11 14:24:16 +01:00
Quentin Gliech c881fb24f5 Fix the definition of the set-password success response in the OpenAPI spec 2025-02-11 13:54:15 +01:00
Quentin Gliech 42841cea3e Admin API to list and get compatibility sessions 2025-02-11 12:01:54 +01:00
Quentin Gliech 863a433303 build(deps): bump psl from 2.1.82 to 2.1.83 (#3986) 
Bumps [psl](https://github.com/addr-rs/psl) from 2.1.82 to 2.1.83.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/addr-rs/psl/commit/ce4c61043f70ce45a17b9252ef55b7668453bcf2"><code>ce4c610</code></a>
bump version</li>
<li><a
href="https://github.com/addr-rs/psl/commit/b460f6bbf54715546858b4abb7a5f4f9938159ac"><code>b460f6b</code></a>
update the list</li>
<li>See full diff in <a
href="https://github.com/addr-rs/psl/compare/v2.1.82...v2.1.83">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=psl&package-manager=cargo&previous-version=2.1.82&new-version=2.1.83)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
 2025-02-10 17:26:47 +01:00
Quentin Gliech defb2ba5a1 build(deps): bump p384 from 0.13.0 to 0.13.1 (#3987) 
Bumps [p384](https://github.com/RustCrypto/elliptic-curves) from 0.13.0
to 0.13.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/RustCrypto/elliptic-curves/commit/d4396085630f6b22a3b4ba6be068cc72b6620c0b"><code>d439608</code></a>
sm2 v0.13.1 (<a
href="https://redirect.github.com/RustCrypto/elliptic-curves/issues/864">#864</a>)</li>
<li><a
href="https://github.com/RustCrypto/elliptic-curves/commit/6e6886563bb066cbaea4f59f89459341af6879af"><code>6e68865</code></a>
p256 v0.13.2 (<a
href="https://redirect.github.com/RustCrypto/elliptic-curves/issues/863">#863</a>)</li>
<li><a
href="https://github.com/RustCrypto/elliptic-curves/commit/b9fcdd3b8ac41a8b9abadeb79dd0fcdc8dfdfe4b"><code>b9fcdd3</code></a>
sm2: enable <code>dsa</code> feature by default (<a
href="https://redirect.github.com/RustCrypto/elliptic-curves/issues/862">#862</a>)</li>
<li><a
href="https://github.com/RustCrypto/elliptic-curves/commit/c17e54adc77f33789dd3e7acb98df30e657fa65d"><code>c17e54a</code></a>
p192/p224/p384/p521/sm2: add <code>all-features = true</code> on docsrs
(<a
href="https://redirect.github.com/RustCrypto/elliptic-curves/issues/861">#861</a>)</li>
<li><a
href="https://github.com/RustCrypto/elliptic-curves/commit/c7019c1a669c7a3590114fc51d7bb1e06b6bb8f4"><code>c7019c1</code></a>
Update fiat crypto docs (<a
href="https://redirect.github.com/RustCrypto/elliptic-curves/issues/860">#860</a>)</li>
<li><a
href="https://github.com/RustCrypto/elliptic-curves/commit/a0931eeb4dd8c02e2952ca5adb277a76365b4903"><code>a0931ee</code></a>
p224 v0.13.2 (<a
href="https://redirect.github.com/RustCrypto/elliptic-curves/issues/859">#859</a>)</li>
<li><a
href="https://github.com/RustCrypto/elliptic-curves/commit/0f9dfa440f31ea9df056adc5d6409402a11990ab"><code>0f9dfa4</code></a>
sm2 v0.13.0 (<a
href="https://redirect.github.com/RustCrypto/elliptic-curves/issues/858">#858</a>)</li>
<li><a
href="https://github.com/RustCrypto/elliptic-curves/commit/0e0a1a597744663fd184453e8a195d65df07d8f5"><code>0e0a1a5</code></a>
p192 v0.13.0 (<a
href="https://redirect.github.com/RustCrypto/elliptic-curves/issues/856">#856</a>)</li>
<li><a
href="https://github.com/RustCrypto/elliptic-curves/commit/fbc5d26ee76fcbcdcd3ea8663c4585f80b38389f"><code>fbc5d26</code></a>
p192/p224/p256/p384/p521/sm2: use <code>dep:primeorder</code> (<a
href="https://redirect.github.com/RustCrypto/elliptic-curves/issues/857">#857</a>)</li>
<li><a
href="https://github.com/RustCrypto/elliptic-curves/commit/655a7d6da5c26af0743fc4a11b1ee86ccd6c0e57"><code>655a7d6</code></a>
sm2: add <code>dsa</code> feature (<a
href="https://redirect.github.com/RustCrypto/elliptic-curves/issues/855">#855</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/RustCrypto/elliptic-curves/compare/p384/v0.13.0...sm2/v0.13.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=p384&package-manager=cargo&previous-version=0.13.0&new-version=0.13.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
 2025-02-10 17:26:36 +01:00
Quentin Gliech 02abf1cc90 build(deps): bump data-encoding from 2.7.0 to 2.8.0 (#4000) 
Bumps [data-encoding](https://github.com/ia0/data-encoding) from 2.7.0
to 2.8.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ia0/data-encoding/commit/284f84626abdf0169a060fcc8d3199d6f09acefa"><code>284f846</code></a>
Release 2.8.0 (<a
href="https://redirect.github.com/ia0/data-encoding/issues/134">#134</a>)</li>
<li><a
href="https://github.com/ia0/data-encoding/commit/b6f9f3b9d602ca03643047a7e2ad2241b6e33d35"><code>b6f9f3b</code></a>
Remove MSRV for unpublished crates (<a
href="https://redirect.github.com/ia0/data-encoding/issues/133">#133</a>)</li>
<li><a
href="https://github.com/ia0/data-encoding/commit/c060e6873ca210c6dd443562e15c613b64434356"><code>c060e68</code></a>
Delete outdated cargo cache to force save (<a
href="https://redirect.github.com/ia0/data-encoding/issues/132">#132</a>)</li>
<li><a
href="https://github.com/ia0/data-encoding/commit/d62d722222b825d476a5e8e4061f1fbcdfe957e3"><code>d62d722</code></a>
Remove top-level Makefile (<a
href="https://redirect.github.com/ia0/data-encoding/issues/131">#131</a>)</li>
<li><a
href="https://github.com/ia0/data-encoding/commit/5e86676a3444967f183f9772c91bd17370265ba1"><code>5e86676</code></a>
Improve CI workflow (<a
href="https://redirect.github.com/ia0/data-encoding/issues/130">#130</a>)</li>
<li><a
href="https://github.com/ia0/data-encoding/commit/8a9537cf6473b6260ec7dfa321cd38509c561d24"><code>8a9537c</code></a>
Improve fuzzing (<a
href="https://redirect.github.com/ia0/data-encoding/issues/129">#129</a>)</li>
<li><a
href="https://github.com/ia0/data-encoding/commit/27a68f43cd92b6cb0bd9a15a09cedc79b5759843"><code>27a68f4</code></a>
Add missing safety documentation and assertions for testing and fuzzing
(<a
href="https://redirect.github.com/ia0/data-encoding/issues/128">#128</a>)</li>
<li><a
href="https://github.com/ia0/data-encoding/commit/06b0d89b115c25937f0564a00df4cc21c33f2239"><code>06b0d89</code></a>
Add BASE32_NOPAD_NOCASE and BASE32_NOPAD_VISUAL (<a
href="https://redirect.github.com/ia0/data-encoding/issues/127">#127</a>)</li>
<li>See full diff in <a
href="https://github.com/ia0/data-encoding/compare/v2.7.0...v2.8.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=data-encoding&package-manager=cargo&previous-version=2.7.0&new-version=2.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
 2025-02-10 17:25:14 +01:00
Quentin Gliech 7ade439ac3 Admin API to list and get user emails 2025-02-10 17:13:55 +01:00
dependabot[bot] a2c6543bb1 build(deps): bump data-encoding from 2.7.0 to 2.8.0 
Bumps [data-encoding](https://github.com/ia0/data-encoding) from 2.7.0 to 2.8.0.
- [Commits](https://github.com/ia0/data-encoding/compare/v2.7.0...v2.8.0)

---
updated-dependencies:
- dependency-name: data-encoding
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-10 14:14:02 +00:00
Quentin Gliech ca651cebd9 Pass the migration state as owned to the various stages 2025-02-10 10:14:20 +01:00
Quentin Gliech 8e9919b381 Encapsulate migration state in a single structure 2025-02-07 15:02:30 +01:00
dependabot[bot] 74a3cdd54d build(deps): bump p384 from 0.13.0 to 0.13.1 
Bumps [p384](https://github.com/RustCrypto/elliptic-curves) from 0.13.0 to 0.13.1.
- [Commits](https://github.com/RustCrypto/elliptic-curves/compare/p384/v0.13.0...sm2/v0.13.1)

---
updated-dependencies:
- dependency-name: p384
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-07 13:17:14 +00:00
dependabot[bot] 9510a3ca09 build(deps): bump psl from 2.1.82 to 2.1.83 
Bumps [psl](https://github.com/addr-rs/psl) from 2.1.82 to 2.1.83.
- [Release notes](https://github.com/addr-rs/psl/releases)
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.82...v2.1.83)

---
updated-dependencies:
- dependency-name: psl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-07 13:16:35 +00:00
Quentin Gliech 919c86c86e Remove the lifetime parameter from MasWriter 2025-02-07 12:57:21 +01:00
Quentin Gliech e46cd724f4 Make the MAS connection owned in the locked database struct 2025-02-07 12:53:51 +01:00
Quentin Gliech 33fc45605f Update most Rust dependencies & disable some unused features 2025-02-06 12:50:50 +01:00
dependabot[bot] e1a2c49a84 build(deps): bump uuid from 1.12.1 to 1.13.1 
Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.12.1 to 1.13.1.
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](https://github.com/uuid-rs/uuid/compare/1.12.1...1.13.1)

---
updated-dependencies:
- dependency-name: uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-05 13:31:06 +00:00
Quentin Gliech f0e14ee6af Merge pull request #3926 from element-hq/rei/syn2mas_8_atrtdevs 
syn2mas: migrate access tokens, refresh tokens and devices
 2025-02-05 11:57:59 +01:00
Olivier 'reivilibre 7181cc82d5 Don't return errors when finding rows dependent upon appservice users 2025-02-05 11:42:04 +01:00
Olivier 'reivilibre b7bb27bdda Support reading and writing guests 2025-02-05 11:41:52 +01:00
Olivier 'reivilibre e308882eb4 Split access tokens between refreshable and unrefreshable ones 2025-02-05 11:41:45 +01:00
Olivier 'reivilibre ca32c5ebff Add MasWriter support for compat refresh tokens + some migration progress 2025-02-05 11:38:50 +01:00
Olivier 'reivilibre 8577d3f9fe Add MasWriter support for compat access tokens 2025-02-05 11:38:06 +01:00
Olivier 'reivilibre aef2dc3789 Add MasWriter support for compat sessions 2025-02-05 11:37:59 +01:00
Olivier 'reivilibre 1a6932214f Introduce optional human_name column on compat_sessions 2025-02-05 11:36:51 +01:00
Olivier 'reivilibre 9863c88216 Add SynapseReader support for devices 2025-02-05 11:36:46 +01:00
Olivier 'reivilibre 62c21e46a3 Add stubs for migrating devices, access tokens and refresh tokens 2025-02-05 11:36:42 +01:00
Olivier 'reivilibre 0f3b2d2d89 When consuming a compat refresh token, consume others in the session 2025-02-05 11:36:27 +01:00
Olivier 'reivilibre 5ce953b319 Add SynapseReader support for access tokens and refresh tokens 2025-02-05 11:36:16 +01:00
Quentin Gliech 50c15ebed0 Merge pull request #3946 from element-hq/dependabot/cargo/psl-2.1.82 
build(deps): bump psl from 2.1.81 to 2.1.82
 2025-02-05 09:33:31 +01:00
Quentin Gliech 911aecb165 Merge remote-tracking branch 'origin/main' into ref-merge/cb559012b7b4abd4232d3d2bb3b9f76779e114d5 2025-02-04 16:21:10 +01:00
dependabot[bot] 23f702d0f4 build(deps): bump psl from 2.1.81 to 2.1.82 
Bumps [psl](https://github.com/addr-rs/psl) from 2.1.81 to 2.1.82.
- [Release notes](https://github.com/addr-rs/psl/releases)
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.81...v2.1.82)

---
updated-dependencies:
- dependency-name: psl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-03 13:31:16 +00:00
Quentin Gliech 453fdcf9b6 Fetch the upstream OIDC metadata in the background on startup 2025-01-30 15:24:45 +01:00
Quentin Gliech 226684fec9 Merge pull request #3920 from element-hq/quenting/fix-missing-query-params 
Fix the account page crash introduced in #3893
 2025-01-30 11:38:19 +01:00
reivilibre fec4efd9d8 syn2mas: Support migrating external IDs as upstream OAuth2 providers (#3917) 
* Add `SynapseReader` support and test for external IDs

* Run database migrations and do a config sync before syn2mas

* FullUserId: implement Display

* Add `MasWriter` support and test for upstream OAuth provider links

* Remove special-purpose write buffers and use only the generic one

* Build the provider ID mapping
 2025-01-30 10:34:20 +00:00