c156a3891e
Actually send emails for recovery
2024-06-28 15:59:21 +02:00
4a60f5d32f
Job to generate codes for all emails in a recovery session
2024-06-28 15:59:21 +02:00
b2ee5de050
storage: Add an email filter on the user email list
2024-06-28 15:59:21 +02:00
43582e7eca
Data model and repository for the user recovery flow
2024-06-28 15:59:21 +02:00
cd0ec35d2f
Soft-delete upstream OAuth 2.0 providers on config sync
2024-04-03 09:51:22 +02:00
4e3823fe4f
Add a soft-deletion column on upstream OAuth 2.0 providers
2024-04-03 09:51:22 +02:00
61a69f5af4
Upgrade chrono and replace deprecated methods usage
2024-03-18 17:26:40 +01:00
1821136e3f
Additional parameters from upstream OAuth2 providers in the data model
2024-03-01 14:36:37 +01:00
f3cbd3b315
Parse User Agents on the backend side ( #2388 )
...
* Parse user agents on the server side
* Parse and expose user agents on the backend
* Use the parsed user agent in the device consent page
* Fix the device icon tests
* Fix clippy warnings
* Box stuff to avoid large enum variants
* Ignore a clippy warning
* Fix the requester boxing
2024-02-23 16:47:48 +01:00
f171d76dc5
Record user agents on OAuth 2.0 and compat sessions ( #2386 )
...
* Record user agents on OAuth 2.0 and compat sessions
* Add tests for recording user agent in sessions
2024-02-22 10:01:32 +01:00
ed5893eb20
Save which user session created a compat session
...
This also exposes the user session in the GraphQL API, and allow
filtering on browser session ID on the app session list.
2024-02-21 11:55:58 +01:00
03b6ad7138
Remove the unique constraint on device IDs on compatibility sessions
...
In OAuth 2.0 sessions, we can have multiple sessions for the same device
anyway, so this constraint doesn't exactly make sense.
Fixes #2033
Fixes #2312
2024-02-20 15:50:20 +01:00
0beb842195
Make the user agree to T&C during registration
2024-02-07 17:21:22 +01:00
90c386847a
Setup a repository to track user terms agreements
2024-02-07 17:21:22 +01:00
17e968f7cc
Record the user agent and IP in the device code grant
2024-02-02 18:01:51 +01:00
efa6af3294
Run generated files updates, fix doc links & fmt
2024-02-02 18:01:51 +01:00
286fc57103
Add a repository for device code grants
2024-02-02 18:01:51 +01:00
a0f5f3c642
Enable clippy lints on a workspace level
...
This enables a lot more lints than before in some crates, so this fixed a lot of warnings as well.
2023-12-05 17:20:42 +01:00
5126d36b2e
Add upstream OAuth 2.0 providers name and branding
2023-11-20 17:23:02 +01:00
7315dd9a7a
Allow endpoints and discovery mode override for upstream oauth2 providers
...
This time, at the configuration and database level
2023-11-17 16:18:39 +01:00
3cb8a26d95
"Can request admin" flag on user
2023-10-09 18:52:30 +02:00
2a100ab927
graphql: allow filtering appsessions on device_id
2023-10-06 16:05:26 +02:00
b2cd8d83f7
templates: translate a lot more stuff
2023-10-05 19:29:23 +02:00
f1d420f381
Storage layer for a unified session list
2023-09-20 20:27:08 +02:00
41dadcfd74
Fix broken doc links
2023-09-19 21:57:54 +02:00
b85655b944
Save the session activity in the database
2023-09-19 21:57:54 +02:00
9c97a0c37a
storage: make the access token expiration optional
2023-09-11 12:03:42 +02:00
83ca90ee3d
Add a GraphQL mutation to create arbitrary OAuth2 sessions.
2023-09-11 12:03:42 +02:00
00fe5f902b
storage: add a method to create an OAuth 2.0 session for a client credentials grant
2023-09-06 09:35:34 +02:00
5d3b8cd92f
Store the browser user-agent when starting a browser session
2023-08-29 17:38:01 +02:00
1849b86a7d
graphql: Always make the associated SSO login available in compatibility sessions
2023-08-29 16:53:38 +02:00
8402a75a7d
storage: Look up compat sessions by device_id
2023-08-29 16:53:38 +02:00
d7abdccc0a
storage: Allow filtering oauth2 sessions by scope
2023-08-29 16:53:38 +02:00
d9a12de8a3
Save the authentication method on each authorization
...
This will help us logging out of the upstream.
2023-08-28 17:14:59 +02:00
096386e9b9
Save the application_type and the contacts in the OAuth 2.0 clients
...
This also removes the dedicated "redirect_uris" table and makes it a field of the "oauth2_clients" table
2023-08-28 14:41:49 +02:00
8142cad3d6
Call the homeserver for user deactivation
2023-08-03 14:06:34 +02:00
40b49cdd10
Add a way to lock users
2023-08-03 14:06:34 +02:00
fbf0e20980
storage: remove the deperecated and unused UpstreamOAuthLinkRepository::list_paginated method
2023-07-24 13:53:57 +02:00
bbc50edb60
Better upstream OAuth links pagination and filtering
2023-07-21 19:50:30 +02:00
517438471c
Better upstream OAuth provider pagination and filtering
2023-07-21 19:50:30 +02:00
6767c93a75
Better OAuth 2.0 sessions pagination and filtering
2023-07-21 19:50:30 +02:00
a75a53cc24
Better user emails pagination and filtering
2023-07-21 19:50:30 +02:00
12ad572db8
Better SSO login pagination and filtering
2023-07-21 19:50:30 +02:00
24b29498a7
Better compatibility sessions pagination and filtering
2023-07-21 19:50:30 +02:00
802cf142fd
Remove the last authentication from the browser session model
2023-07-21 19:50:30 +02:00
7e82ae845c
WIP: use sea-query for dynamic paginated queries
2023-07-21 19:50:30 +02:00
ca520dfd9a
frontend: Show all compatibilities sessions, not just SSO logins
...
Also cleans up a bunch of things in the frontend
2023-07-06 18:12:34 +02:00
4f8b87fbfe
Apply cargo fmt following changes in nightly rustfmt
...
rustfmt now formats `let … else { … }` expressions
2023-07-03 14:50:59 +02:00
859c4486bb
Add a CLI tool to trigger a provisioning job for all users
2023-06-29 10:55:48 +02:00
dec9310a32
Sync the OAuth2 clients with CLI and remove redundant CLI tools
2023-06-26 17:24:56 +02:00
Quentin Gliech