158 Commits

Author	SHA1	Message	Date
Eric Eastwood	3afca38251	Merge branch 'main' into madlittlemods/soft-limit-account-session-management	2026-05-13 17:43:11 -05:00
Quentin Gliech	aecb172209	Add oauth.device_code_grant_enabled configuration option (#5612)	2026-05-13 21:40:02 +02:00
Eric Eastwood	94a1394d65	Merge branch 'main' into madlittlemods/soft-limit-account-session-management ... Conflicts: docs/config.schema.json	2026-05-12 12:17:25 -05:00
Eric Eastwood	1a0cd80556	Merge branch 'madlittlemods/hard_limit_eviction' into madlittlemods/soft-limit-account-session-management ... Conflicts: crates/config/src/sections/experimental.rs	2026-04-28 14:00:11 -05:00
Eric Eastwood	54e8f83ec3	Merge branch 'madlittlemods/hard_limit_eviction' into madlittlemods/session-soft-limit-for-interactive-contexts	2026-04-28 13:58:51 -05:00
Eric Eastwood	8ab60954cf	Rename option dangerous_hard_limit_eviction	2026-04-24 19:12:58 -05:00
Eric Eastwood	6b59e35583	Automatic formatting/linting and more at least typos	2026-04-21 18:09:19 -05:00
Eric Eastwood	8cd3b451be	catastrophically typo ... See https://github.com/element-hq/matrix-authentication-service/pull/5607#discussion_r3119473807	2026-04-21 15:23:54 -05:00
Eric Eastwood	d1edf64dda	Add header showing total number of devices	2026-04-17 17:49:20 -05:00
Eric Eastwood	beac162d8b	Run automatic updates and lints ... From https://github.com/element-hq/matrix-authentication-service/blob/main/docs/development/contributing.md#7-test-test-test	2026-04-17 15:59:46 -05:00
Eric Eastwood	260ad7abd1	m.login.token is part of m.login.sso ... No need to mention it	2026-04-14 19:23:57 -05:00
Eric Eastwood	73085e0c95	Update docs as I understand interactive vs non-interactive better	2026-04-14 15:07:00 -05:00
Eric Eastwood	fe2ce41009	Run sh misc/update.sh	2026-04-07 15:49:02 -05:00
Hugh Nimmo-Smith	53e6d05f40	Add oauth.device_code_grant_enabled configuration option	2026-04-07 11:13:56 +01:00
Eric Eastwood	8964793f31	Draft: Evict old devices	2026-04-06 14:51:18 -05:00
Eric Eastwood	5532c0cda9	Better rustdoc links	2026-04-03 17:42:09 -05:00
Eric Eastwood	e4c1be96fc	Disabled by default	2026-04-03 16:03:49 -05:00
Eric Eastwood	0927f68d76	More refined figment error	2026-04-03 16:01:17 -05:00
Eric Eastwood	65ae2b6a35	Update session limit doc strings and add hard_limit_eviction	2026-04-03 15:01:19 -05:00
Quentin Gliech	c09898c9f5	Merge remote-tracking branch 'origin/main' into quenting/upstream-oauth/skip-interactive	2025-12-03 10:48:31 +01:00
Quentin Gliech	ee4d1304ab	Add more options to deal with localpart conflicts on upstream OAuth 2.0 logins (#5295)	2025-12-03 10:39:05 +01:00
Quentin Gliech	df14076dd0	Merge branch 'quenting/upstream-oauth/better-conflict-options' into quenting/upstream-oauth/skip-interactive	2025-11-28 18:08:09 +01:00
Quentin Gliech	47d411f641	Option to skip confirmation when registering through an upstream OAuth provider	2025-11-28 15:51:43 +01:00
Quentin Gliech	ffb86f6558	Add more options to deal with localpart conflicts on upstream OAuth 2.0 logins	2025-11-28 10:53:28 +01:00
Olivier 'reivilibre	f670577feb	Expose the compat login policy from the policy engine	2025-11-25 18:41:14 +00:00
Olivier 'reivilibre	0c8017fc80	Add experimental and preliminary policy-driven session limiting when logging in OAuth 2 sessions. (#5221)	2025-11-25 15:24:02 +00:00
Kai A. Hiller	a93fa72477	Merge branch 'main' into keys_dir	2025-11-18 18:12:14 +01:00
Olivier 'reivilibre	1690570015	(update files after merge)	2025-11-13 15:55:25 +00:00
Olivier 'reivilibre	16f443eba0	Merge branch 'main' into rei/policy_driven_session_limit	2025-11-13 15:54:48 +00:00
networkException	b5a0834faa	Add upstream_oauth2.providers.[].client_secret_file config option ... This patch factors out the previously introduced config wrapper for client secrets to also use it for upstream oauth providers. See a7e7c3caa1	2025-11-08 16:10:19 +01:00
Quentin Gliech	3d3412ab55	Remove the nullable transformation for the config schema.	2025-11-07 11:08:59 +01:00
Quentin Gliech	e2490688a5	Merge remote-tracking branch 'origin/main' into quenting/schemars-0.9	2025-11-06 17:34:43 +01:00
reivilibre	a9de093d1a	Update crates/config/src/sections/experimental.rs ... Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-11-06 15:29:54 +00:00
Olivier 'reivilibre	87c897c51a	Add configuration for session limiting	2025-11-06 10:12:14 +00:00
Quentin Gliech	e4844968d3	Add a configuration option to make email optional for password registration	2025-10-07 17:28:01 +02:00
Kai A. Hiller	6a28950d8e	Add secrets.keys_dir config option	2025-09-08 16:02:38 +02:00
Quentin Gliech	6eac7ed2d7	Automatically derive the kid from the key fingerprint if missing (#4876)	2025-09-02 17:04:35 +02:00
Kai A. Hiller	a65c9afb29	Switch to JWK Thumbprints	2025-08-20 18:22:21 +02:00
Quentin Gliech	a3d1148055	Fix a few more clippy lints	2025-08-18 10:45:20 +02:00
Kai A. Hiller	1b7b43b559	Auto-generate kid if not given	2025-08-08 11:38:45 +02:00
Quentin Gliech	9969898031	Merge branch 'main' into secret_file	2025-08-05 15:37:32 +02:00
Quentin Gliech	f302711a37	Make MAS use the modern Synapse API by default	2025-08-05 15:03:32 +02:00
Quentin Gliech	884c66891a	Merge branch 'main' into secret_file	2025-08-05 11:17:39 +02:00
Kai A. Hiller	a7e7c3caa1	Add clients.[].client_secret_file config option	2025-08-04 19:32:39 +02:00
Kai A. Hiller	d4a318a8ae	Add matrix.secret_file config option	2025-07-29 19:46:07 +02:00
Quentin Gliech	cfa9a23d86	Merge branch 'main' into feat/allow_override_user	2025-07-21 17:03:35 +02:00
Quentin Gliech	832244675d	Threaten to switch to using the modern API in a few releases.	2025-07-21 13:15:48 +02:00
mcalinghee	98912f4ada	allow importing existing users when the localpart matches in upstream OAuth 2.0 logins	2025-07-21 09:52:24 +02:00
Quentin Gliech	c649603830	Use the new dedicated Synapse API	2025-07-18 16:39:24 +02:00
Quentin Gliech	8d6621f00e	Log out oauth & compat sessions when receiving a backchannel logout request	2025-07-04 16:27:10 +02:00