dandri/matrix-authentication-service
1
0
Fork 0
mirror of https://github.com/element-hq/matrix-authentication-service.git synced 2026-06-07 04:31:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,405 Commits 96 Branches 90 Tags
799f80e6adbc8d9fa3f8024f400a6ff19463e68a
Commit Graph

96 Commits

Author SHA1 Message Date
Quentin Gliech 5a4807cd5f Replace data-encoding with base64ct 2025-03-25 13:41:58 +01:00
Quentin Gliech 62a4aba08b Better error pages when a user is deactivated or locked 2025-03-11 17:35:13 +01:00
Quentin Gliech 3d2b67a0b2 Upgrade to Rust 1.85 and edition 2024 2025-02-21 16:15:02 +01:00
Quentin Gliech 11b5355590 Upgrade axum to 0.8 2025-01-27 15:11:10 +01:00
Quentin Gliech 5851584c1c Link the registration to the browser through a signed cookie 2025-01-15 16:50:32 +01:00
Quentin Gliech 662f199572 Mark access token as used when calling the userinfo endpoint 2024-12-11 14:15:01 +01:00
Quentin Gliech 7296364cd3 Avoid using SameSite=None by re-submitting incoming form data 2024-11-22 08:48:00 +01:00
Quentin Gliech a4421aad0b Support receiving parameters through a form POST 2024-11-22 08:48:00 +01:00
Quentin Gliech 69684bb1e0 Handle error responses from the OAuth 2.0 provider better 2024-10-28 13:46:38 +01:00
Quentin Gliech 14948c35cb Replace all the manual HTTP clients with reqwest 2024-10-28 13:46:38 +01:00
Quentin Gliech ed4b6c42a7 Remove (C) 2024-09-10 14:28:55 +02:00
Quentin Gliech f6bb100c0a License headers change 2024-09-05 13:25:42 +02:00
Quentin Gliech a1b13288ab axum-utils: make the ErrorWrapper implement std::error::Error 2024-07-26 11:36:55 +02:00
Quentin Gliech 07c9989e63 Upgrade async-graphql, fix mas-handlers & mas-axum-utils tests 
This also replaces the init_tracing test helper with a general setup
test helper, so that it also initializes the rustls crypto backend.
 2024-07-05 10:07:40 +02:00
Quentin Gliech e7f50a92d6 Move tower-http dep to the workspace and adapt mas-axum-utils 
We removed here the Timeout layer on the HTTP client service, because it
required the body to be Default, which isn't the case anymore. Not sure
what to do about it.
 2024-07-05 10:07:40 +02:00
reivilibre 49e8fe57f4 Improve errors when MAS contacts the Synapse homeserver (#2794) 
* Add some drive-by docstrings

* Change text rendering of catch_http_codes::HttpError

Using `#[source]` is unnatural here because it makes it look like
two distinct errors (one being a cause of the other),
when in reality it is just one error, with 2 parts.

Using `Display` formatting for that leads to a more natural error.

* Add constraints to `catch_http_code{,s}` methods

Not strictly required, but does two things:

- documents what kind of function is expected
- provides a small extra amount of type enforcement at the call site,
  rather than later on when you find the result doesn't implement Service

* Add a `catch_http_errors` shorthand

Nothing major, just a quality of life improvement so you don't have to
repetitively write out what a HTTP error is

* Unexpected error page: remove leading whitespace from preformatted 'details' section

The extra whitespace was probably unintentional and makes the error harder to read,
particularly when it wraps onto a new line unnecessarily

* Capture and log Matrix errors received from Synapse

* Drive-by clippy fix: use clamp instead of min().max()

* Convert `err(Display)` to `err(Debug)` for `anyhow::Error`s in matrix-synapse support module
 2024-06-07 11:14:04 +00:00
Quentin Gliech 61a69f5af4 Upgrade chrono and replace deprecated methods usage 2024-03-18 17:26:40 +01:00
Quentin Gliech 6eb6209bd8 Use rustls-platform-verifier for cert validation 
This simplifies by removing the mutually exclusive `native-roots` and
`webpki-roots` features with something that is suitable for all
platforms.
 2024-03-06 14:03:59 +01:00
Quentin Gliech a0f5f3c642 Enable clippy lints on a workspace level 
This enables a lot more lints than before in some crates, so this fixed a lot of warnings as well.
 2023-12-05 17:20:42 +01:00
Quentin Gliech 89420a2cfc Refactor the upstream link provider template logic 
Also adds tests for new account registration through an upstream oauth2
provider
 2023-11-13 14:11:30 +01:00
Quentin Gliech 8984cc703b Add instance privacy policy, TOS and imprint, and loads of design cleanups 2023-10-30 15:55:15 +01:00
Quentin Gliech efbd7b5e91 Better errors on client authorization failures 
Before it would just return a 500, now it displays a proper error
message
 2023-10-06 15:20:27 +02:00
Quentin Gliech 6ff549f5df templates: fix the _ function not working in macros 2023-10-05 19:29:23 +02:00
Quentin Gliech 1feafc1d13 handlers/templates: infer the language from the Accept-Language browser header 2023-10-05 19:29:23 +02:00
Quentin Gliech 730ad4674b axum-utils: Accept-Language header encoder and decoder 2023-10-05 19:29:23 +02:00
Quentin Gliech f20c8d8ef3 Infer client IP address from the peer address and the X-Forwarded-Proxy header 2023-09-20 20:24:30 +02:00
Quentin Gliech 54071c4969 Make the HTTP client factory reuse the underlying client 
This avoids duplicating clients, and makes it so that they all share the same connection pool.
 2023-09-14 16:52:01 +02:00
Quentin Gliech 0bb34ed3e0 Add the Sentry event ID in error response headers 2023-09-08 15:19:43 +02:00
Quentin Gliech 23571e87ea Run the registration policy on upstream OAuth registration 2023-08-30 19:39:39 +02:00
Quentin Gliech 7fcd022eea Make sure we validate passwords & emails by the policy at all stages 
Also refactors the way we get the policy engines in requests
 2023-08-30 19:39:39 +02:00
Quentin Gliech 17e28f56c1 Upgrade Rust to 1.72.0 
Fixes new clippy errors and upgrade other tools
 2023-08-28 18:05:56 +02:00
Quentin Gliech a39f71c181 Handle cookies better by setting the right flags & expiration 2023-08-25 14:35:46 +02:00
Quentin Gliech 68db56c2a2 Reimplementation of a postgres-backed storage with a shared PG listener 2023-07-17 19:04:06 +02:00
Quentin Gliech 08f58db08b Replace the OTEL-based tracing layer with tracing based layers 2023-04-18 14:45:43 +02:00
Quentin Gliech 8a2be43fe7 Proactively provision users on registration & sync threepids 2023-04-14 10:22:22 +02:00
Quentin Gliech 792d3c793b Convert many match/if expressions to let-else 2023-02-01 10:37:04 +01:00
Quentin Gliech 87914cbcb3 Capture better errors in Sentry 2023-01-31 16:25:15 +01:00
Quentin Gliech 875025467e Log more errors and setup Sentry integration 2023-01-30 18:04:44 +01:00
Quentin Gliech 4d53e210b3 axum-utils: remove an unnecessary ?Sized bound 2023-01-27 10:30:59 +01:00
Quentin Gliech d14ca156ad storage: split the repository trait 2023-01-24 16:05:14 +01:00
Quentin Gliech a9facab131 Box the repository everywhere 2023-01-20 17:53:04 +01:00
Quentin Gliech 9005931e2a handlers: box the rng and clock, and extract it from the state 2023-01-18 17:49:59 +01:00
Quentin Gliech 3798f25f7d Fix rustdoc lints 2023-01-18 12:25:49 +01:00
Quentin Gliech 195203823a storage: wrap the postgres repository in a struct 2023-01-13 18:03:37 +01:00
Quentin Gliech 488a666a8d storage: remaining oauth2 repositories 
- authorization grants
 - access tokens
 - refresh tokens
 2023-01-12 18:26:04 +01:00
Quentin Gliech 9f0c9f1466 storage: cleanup access/refresh token lookups 2023-01-11 12:14:52 +01:00
Quentin Gliech 603a26eabd storage: oauth2 session repository 2023-01-05 16:44:56 +01:00
Quentin Gliech 09a567ab17 storage: OAuth2 client repository 2023-01-04 16:30:32 +01:00
Quentin Gliech 53172d6a3f strorage: browser session and user password repositories 2023-01-03 15:58:01 +01:00
Quentin Gliech ca112d45e1 ci: Update clippy to 1.66 and fix new warnings 2022-12-16 18:16:18 +01:00