2a514cf452
Add a admin flag to the compatibility session
...
Also adds a CLI tool to issue a compatibility token.
2023-06-16 15:24:38 +02:00
047a91907d
Split the mutations and make them use an input object instead of different parameters
2023-04-25 16:39:15 +02:00
a55976eeeb
Fix Device to ScopeToken conversion and test it
2023-04-24 10:42:38 +02:00
d34e01fc67
Provision and delete Matrix devices in OAuth sessions
2023-04-24 10:42:38 +02:00
ccc9884726
Allow redirect URIs with any port for loopback interfaces
2023-04-14 10:22:49 +02:00
43bcaf5308
Lint
2023-04-06 16:24:18 +02:00
f53369aeae
Handle imported Synapse access/refresh tokens
2023-04-06 16:24:18 +02:00
83cb9158a0
Fix clippy errors
2023-03-14 10:47:35 +01:00
97635375cc
handlers: Add test for the compatibility login API
2023-02-24 15:52:21 +01:00
39c126318f
Fix the authorization grant template
...
It previously relied on the client being in the authorization grant,
which is not the case anymore. This commit also adds a test to ensure
we're not breaking this template in the future.
2023-01-31 16:50:48 +01:00
3f4ad789bf
storage-pg: write tests for the OAuth2 repositories
2023-01-25 17:24:34 +01:00
d14ca156ad
storage: split the repository trait
2023-01-24 16:05:14 +01:00
876bc9fcb3
handlers: extract the PgRepository from the request
...
Also fix a bunch of clippy errors & doctests
2023-01-18 18:22:13 +01:00
9005931e2a
handlers: box the rng and clock, and extract it from the state
2023-01-18 17:49:59 +01:00
3798f25f7d
Fix rustdoc lints
2023-01-18 12:25:49 +01:00
488a666a8d
storage: remaining oauth2 repositories
...
- authorization grants
- access tokens
- refresh tokens
2023-01-12 18:26:04 +01:00
36396c0b45
storage: repository pattern for the compat layer
2023-01-12 15:41:26 +01:00
9f0c9f1466
storage: cleanup access/refresh token lookups
2023-01-11 12:14:52 +01:00
920869b583
storage: do less joins in compat sessions
2023-01-10 18:49:35 +01:00
35787aa072
data-model: have more structs use a state machine
2023-01-09 18:02:32 +01:00
39cd9a2578
data-model: don't embed the client in the auth grant
2023-01-09 10:49:51 +01:00
fb7c6f4dd1
storage: do less joins on authorization grants and refresh tokens
2023-01-05 16:49:19 +01:00
603a26eabd
storage: oauth2 session repository
2023-01-05 16:44:56 +01:00
e26f75246d
storage: Load with less joins
...
This is done to simplify some queries, to avoid loading more data than
necessary, and in preparation of a proper cache layer
2023-01-04 18:06:17 +01:00
53172d6a3f
strorage: browser session and user password repositories
2023-01-03 15:58:01 +01:00
13a9d03647
storage: user and user email repository
2023-01-02 15:28:44 +01:00
ca112d45e1
ci: Update clippy to 1.66 and fix new warnings
2022-12-16 18:16:18 +01:00
533cabe005
Use the new password manager
2022-12-14 16:04:36 +01:00
12ce2a3d04
data-model: simplify the authorization grants and sessions
2022-12-08 15:29:15 +01:00
92d6f5b087
data-model: simplify the oauth2 clients
2022-12-08 15:29:15 +01:00
479e009931
data-model: simplify the compat sessions
2022-12-08 15:29:15 +01:00
feebbd0e97
data-model: simplify users and sessions
2022-12-08 15:29:15 +01:00
dff2f98167
data-model: simplify tokens
2022-12-08 15:29:15 +01:00
2e7112ef13
GraphQL API
2022-12-05 19:39:51 +01:00
28bfce7e45
Save the ID token during an upstream authorization
2022-12-05 19:39:51 +01:00
bf432a31e1
OIDC account linking and login
2022-12-05 19:39:51 +01:00
cde9187adc
Lookup and save upstream links
2022-12-05 19:39:51 +01:00
bedcf44741
WIP: upstream OIDC provider support
2022-12-05 19:39:51 +01:00
2d2127dcdb
More cleanups
2022-11-02 18:59:00 +01:00
368a9282a1
Cleanups
2022-11-02 18:59:00 +01:00
f0d95a7613
Stop using Utc::now in templates samples
2022-11-02 18:59:00 +01:00
559181c2c3
Pass the rng and clock around
2022-11-02 18:59:00 +01:00
e2142f9cd4
Database refactoring
2022-11-02 18:59:00 +01:00
29f1b134ae
Make the JWK generic over the parameters
2022-09-02 15:37:46 +02:00
495285162b
Remove support for the token response type
2022-09-02 13:59:10 +02:00
5c8b442747
Fix new clippy 0.1.63 warnings
2022-08-12 11:05:21 +02:00
c1ed726dc8
Enable the clippy::str_to_string lint
2022-08-08 10:06:20 +02:00
3215e86eaa
Use unstable prefixes for scope names ( #337 )
2022-08-05 17:58:22 +00:00
649e5cd645
Move the PKCE validation logic to oauth2-types
2022-08-03 13:57:31 +02:00
f7361f871e
Fix PKCE characters verification rules & add tests
2022-08-03 13:57:31 +02:00
Quentin Gliech