dandri/matrix-authentication-service
1
0
Fork 0
mirror of https://github.com/element-hq/matrix-authentication-service.git synced 2026-05-12 13:05:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,274 Commits 91 Branches 87 Tags
f67cc0d6d080c30fe34e1ee98ee82c071c8564bf
Commit Graph

28 Commits

Author SHA1 Message Date
Kévin Commaille ccc9884726 Allow redirect URIs with any port for loopback interfaces 2023-04-14 10:22:49 +02:00
Quentin Gliech 39c126318f Fix the authorization grant template 
It previously relied on the client being in the authorization grant,
which is not the case anymore. This commit also adds a test to ensure
we're not breaking this template in the future.
 2023-01-31 16:50:48 +01:00
Quentin Gliech 3f4ad789bf storage-pg: write tests for the OAuth2 repositories 2023-01-25 17:24:34 +01:00
Quentin Gliech 488a666a8d storage: remaining oauth2 repositories 
- authorization grants
 - access tokens
 - refresh tokens
 2023-01-12 18:26:04 +01:00
Quentin Gliech 35787aa072 data-model: have more structs use a state machine 2023-01-09 18:02:32 +01:00
Quentin Gliech 39cd9a2578 data-model: don't embed the client in the auth grant 2023-01-09 10:49:51 +01:00
Quentin Gliech fb7c6f4dd1 storage: do less joins on authorization grants and refresh tokens 2023-01-05 16:49:19 +01:00
Quentin Gliech 603a26eabd storage: oauth2 session repository 2023-01-05 16:44:56 +01:00
Quentin Gliech e26f75246d storage: Load with less joins 
This is done to simplify some queries, to avoid loading more data than
necessary, and in preparation of a proper cache layer
 2023-01-04 18:06:17 +01:00
Quentin Gliech 12ce2a3d04 data-model: simplify the authorization grants and sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech 92d6f5b087 data-model: simplify the oauth2 clients 2022-12-08 15:29:15 +01:00
Quentin Gliech feebbd0e97 data-model: simplify users and sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech e2142f9cd4 Database refactoring 2022-11-02 18:59:00 +01:00
Quentin Gliech 29f1b134ae Make the JWK generic over the parameters 2022-09-02 15:37:46 +02:00
Quentin Gliech 495285162b Remove support for the token response type 2022-09-02 13:59:10 +02:00
Kévin Commaille 5c8b442747 Fix new clippy 0.1.63 warnings 2022-08-12 11:05:21 +02:00
Quentin Gliech 649e5cd645 Move the PKCE validation logic to oauth2-types 2022-08-03 13:57:31 +02:00
Quentin Gliech f7361f871e Fix PKCE characters verification rules & add tests 2022-08-03 13:57:31 +02:00
Quentin Gliech 51848bf89d Update crates/data-model/src/oauth2/authorization_grant.rs 
Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
 2022-08-03 13:57:31 +02:00
Quentin Gliech 372b32a780 Make PKCE implementation compliant with RFC7636 
This checks for the PKCE code_verifier length as well as the characters
used. It also give better errors when the PKCE verifier is invalid.

Fixes #316
 2022-08-03 13:57:31 +02:00
Quentin Gliech 436c0dcb19 Rewrite the authorization grant logic 2022-05-06 17:12:39 +02:00
Quentin Gliech 7a4dbd2910 Rewrite authorization code grant callback logic 2022-05-04 16:36:59 +02:00
Quentin Gliech 25193ebaa5 Support signed userinfo responses 2022-04-21 11:49:49 +02:00
Quentin Gliech 62f633a716 Move clients to the database 2022-03-08 19:07:46 +01:00
Quentin Gliech 5b9c35a079 Use iana generated types in more places 2022-01-12 12:22:54 +01:00
Quentin Gliech c4a979245b Move to Rust edition 2021 
Also bump MSRV to 1.56 and use the same clippy lints in every crate
 2021-12-09 22:54:35 +01:00
Quentin Gliech 6a69ef8456 Fix post-auth redirects & support max_age 
This also displays some context on login and reauth page about the next
step
 2021-11-16 19:16:52 +01:00
Quentin Gliech a4e9ad3d0b Split the data-model in different modules 2021-11-02 12:58:13 +01:00