dandri/matrix-authentication-service
1
0
Fork 0
mirror of https://github.com/element-hq/matrix-authentication-service.git synced 2026-05-12 10:55:03 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,306 Commits 91 Branches 87 Tags
773c4d656d6beeaabc01d25c07b9eabbef9bf7a7
Commit Graph

206 Commits

Author SHA1 Message Date
Quentin Gliech 177a0f42bd Allow revoking refresh tokens 
This lets us track 'revoked' tokens separately from 'consumed' tokens.
 2024-12-11 14:15:01 +01:00
Quentin Gliech 23c73cf191 Record when access tokens are first used 2024-12-11 14:15:01 +01:00
Quentin Gliech 56cb293fbb Record the next refresh token ID when refreshing 
This will help us determine whether we had a double-refresh happening
 2024-12-11 14:15:01 +01:00
Quentin Gliech 2e3b8bdd86 Allow setting an explicit upstream account name (#3600) 2024-11-29 12:30:18 +01:00
Mathieu Velten 56edcb4e52 Add fetch_userinfo to upstream SSO provider (#3363) 2024-11-26 15:01:03 +00:00
Quentin Gliech 98f13004bc Record extra query parameters during upstream callback 
And make them available in the templates.
This is useful to get the user display name for Sign-in with Apple
 2024-11-22 08:48:00 +01:00
Quentin Gliech 6efe8bf45a Allow setting the response_mode on upstream OAuth 2.0 providers 2024-11-22 08:48:00 +01:00
Quentin Gliech ab4f438464 Support Sign in with Apple 2024-11-22 08:48:00 +01:00
dependabot[bot] 9b12442308 build(deps): bump ruma-common from 0.13.0 to 0.14.1 
Bumps [ruma-common](https://github.com/ruma/ruma) from 0.13.0 to 0.14.1.
- [Release notes](https://github.com/ruma/ruma/releases)
- [Commits](https://github.com/ruma/ruma/compare/ruma-common-0.13.0...ruma-common-0.14.1)

---
updated-dependencies:
- dependency-name: ruma-common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-18 15:42:58 +01:00
Tonkku 00432ddba8 Remove mas-matrix dependency on mas-data-model 2024-11-18 11:42:43 +01:00
Tonkku 751b6f2259 Allow use of chrono::Utc::now in the tests 
Clock cannot be used because of a circular dependency
 2024-11-18 11:42:43 +01:00
Tonkku 80fbaaa41c More format 
For some reason my cargo disagrees with the use line
 2024-11-18 11:42:43 +01:00
Tonkku 32eb5499b9 clippy 📎 2024-11-18 11:42:43 +01:00
Tonkku edc4604a6c cargo fmt 2024-11-18 11:42:43 +01:00
Tonkku c017dd0840 Implement login_hint 2024-11-18 11:42:43 +01:00
dependabot[bot] 9f22502eb2 build(deps): bump regex from 1.11.0 to 1.11.1 
Bumps [regex](https://github.com/rust-lang/regex) from 1.11.0 to 1.11.1.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.11.0...1.11.1)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-29 12:58:41 +01:00
Quentin Gliech 63e6e98083 Remove most doctests 2024-10-29 12:37:59 +01:00
dependabot[bot] c5aac3d878 build(deps): bump regex from 1.10.6 to 1.11.0 
Bumps [regex](https://github.com/rust-lang/regex) from 1.10.6 to 1.11.0.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.6...1.11.0)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-07 19:05:21 +02:00
Quentin Gliech 87f34522c8 Output the registered client metadata in the registration endpoint 
Fixes #2848
 2024-09-20 20:39:04 +02:00
Quentin Gliech 21fb01d961 Remove contacts from the data model 2024-09-20 20:39:04 +02:00
Quentin Gliech ed4b6c42a7 Remove (C) 2024-09-10 14:28:55 +02:00
Quentin Gliech f6bb100c0a License headers change 2024-09-05 13:25:42 +02:00
Quentin Gliech 19d485a68b admin: model definition for the OAuth 2.0 sessions 2024-08-07 17:41:18 +02:00
dependabot[bot] 5c72712391 build(deps): bump regex from 1.10.5 to 1.10.6 
Bumps [regex](https://github.com/rust-lang/regex) from 1.10.5 to 1.10.6.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.5...1.10.6)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 22:49:17 +02:00
reivilibre fbc360d1a9 Backend work to support minimum password complexity (#2965) 
* config: Add minimum password complexity option

* PasswordManager: add function for checking if complexity is sufficient

* Enforce password complexity on registration, change and recovery

* cli: Use exit code 1 for weak passwords

This seems preferable to exit code 0, but ideally we should choose one
and document it.

* Expose minimum password complexity score over GraphQL
 2024-07-11 10:17:39 +01:00
dependabot[bot] 78c8ff3916 build(deps): bump regex from 1.10.4 to 1.10.5 
Bumps [regex](https://github.com/rust-lang/regex) from 1.10.4 to 1.10.5.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.4...1.10.5)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-29 05:41:05 +02:00
Quentin Gliech f9f2f4a3be Gate account recovery behing a configuration flag 2024-06-28 15:59:21 +02:00
Quentin Gliech 43582e7eca Data model and repository for the user recovery flow 2024-06-28 15:59:21 +02:00
Quentin Gliech 4d9d8a8ba3 Actually verify the CAPTCHA during registration 2024-05-15 09:38:10 +02:00
Quentin Gliech 0e270d5449 hCaptcha support 2024-05-15 09:38:10 +02:00
Quentin Gliech f9ae7ae313 Cloudflare Turnstile support 2024-05-15 09:38:10 +02:00
Quentin Gliech a3beeb2398 Render reCAPTCHA challenge on the registration form 2024-05-15 09:38:10 +02:00
Quentin Gliech 3978acd94e Fix recently added Clippy lints 
This also ignores the clippy::blocks_in_conditions lint in two crates,
until tracing gets fixed: https://github.com/tokio-rs/tracing/issues/2876
 2024-05-07 07:32:02 +02:00
Quentin Gliech 6db50f098d Allow more characters in device IDs 2024-05-03 16:56:56 +02:00
dependabot[bot] 89adac0873 build(deps): bump crc from 3.0.1 to 3.2.1 
Bumps [crc](https://github.com/mrhooray/crc-rs) from 3.0.1 to 3.2.1.
- [Release notes](https://github.com/mrhooray/crc-rs/releases)
- [Commits](https://github.com/mrhooray/crc-rs/compare/3.0.1...3.2.1)

---
updated-dependencies:
- dependency-name: crc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-30 22:34:40 +02:00
dependabot[bot] cd0d05cd49 build(deps): bump regex from 1.10.3 to 1.10.4 
Bumps [regex](https://github.com/rust-lang/regex) from 1.10.3 to 1.10.4.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.3...1.10.4)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-30 19:43:16 +02:00
Quentin Gliech 10d7ca95ae Update copyright headers 2024-04-30 13:33:47 +02:00
Quentin Gliech f0899f17bd Move the SiteConfig to the data-model crate 2024-04-30 13:33:47 +02:00
Quentin Gliech 1cb48b8026 Add a manage register-user utility to the CLI 2024-04-30 12:15:10 +02:00
Quentin Gliech cd0ec35d2f Soft-delete upstream OAuth 2.0 providers on config sync 2024-04-03 09:51:22 +02:00
Quentin Gliech 4e3823fe4f Add a soft-deletion column on upstream OAuth 2.0 providers 2024-04-03 09:51:22 +02:00
Michael Telatynski 70d688913f Add Electron user-agent parsing for Element Desktop/Nightly (#2461) 2024-03-18 18:42:31 +01:00
Quentin Gliech 61a69f5af4 Upgrade chrono and replace deprecated methods usage 2024-03-18 17:26:40 +01:00
Quentin Gliech 1821136e3f Additional parameters from upstream OAuth2 providers in the data model 2024-03-01 14:36:37 +01:00
Quentin Gliech f3cbd3b315 Parse User Agents on the backend side (#2388) 
* Parse user agents on the server side

* Parse and expose user agents on the backend

* Use the parsed user agent in the device consent page

* Fix the device icon tests

* Fix clippy warnings

* Box stuff to avoid large enum variants

* Ignore a clippy warning

* Fix the requester boxing
 2024-02-23 16:47:48 +01:00
Quentin Gliech f171d76dc5 Record user agents on OAuth 2.0 and compat sessions (#2386) 
* Record user agents on OAuth 2.0 and compat sessions

* Add tests for recording user agent in sessions
 2024-02-22 10:01:32 +01:00
Quentin Gliech ed5893eb20 Save which user session created a compat session 
This also exposes the user session in the GraphQL API, and allow
filtering on browser session ID on the app session list.
 2024-02-21 11:55:58 +01:00
Quentin Gliech 17e968f7cc Record the user agent and IP in the device code grant 2024-02-02 18:01:51 +01:00
Quentin Gliech 286fc57103 Add a repository for device code grants 2024-02-02 18:01:51 +01:00
Quentin Gliech ae05cbc1f1 Setup the data model for the device code grant 2024-02-02 18:01:51 +01:00