letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
NaN Commits 2 Branches 1 Tag
main
Commit Graph

708 Commits

Author SHA1 Message Date
Letro Bot
def6fa6539 Integrate postnumber resolver across MAS flows 2026-04-08 17:58:30 +03:30
Olivier 'reivilibre
c33880d54f Schedule ProvisionUserJob after locking/unlocking user 2026-03-16 13:44:34 +00:00
Jason Robinson
720c77b331 Add syn2mas flag to ignore missing auth providers 
Currently `syn2mas` will always error in the Synapse checks phase if it finds auth providers in the `user_external_ids` database table, that are not configured in Synapse config. While normally this the right thing to do, we may have situations where we know what we're doing, and want to ignore invalid looking data in the external identifiers table. If the flag is given, ignore errors and output them as warnings instead.
 2026-01-26 14:57:31 +02:00
Hugh Nimmo-Smith
28b0f77543 Support for stable MSC3824 names 2025-12-19 18:13:01 +00:00
Quentin Gliech
926721c279 Only serve pre-compressed gzip and brotli files 2025-12-18 14:39:58 +01:00
Quentin Gliech
cc67f515a6 Merge remote-tracking branch 'origin/main' into quenting/process-metrics 2025-12-16 13:23:10 +01:00
Quentin Gliech
74899939bf Switch to opentelemetry-instrumentation-tokio crate for Tokio instrumentation 2025-12-15 12:17:31 +01:00
Quentin Gliech
4a79fdc5be Expose process metrics on Linux 2025-12-10 16:45:48 +01:00
Quentin Gliech
eb2284ba7c Better lock and handle missing and modified migrations 
This rewrites the database migration code to:

 - avoid deadlocks when running multiple migration processes at the same
   time with a `CREATE INDEX CONCURRENTLY` statement
 - allow us to remove some migrations from the code base and mark them as
   intentionally removed
 - allow us to modify some migrations and declare alternate checksums
   for previous versions of the migration
 2025-12-04 14:44:16 +01:00
Quentin Gliech
5efd963707 Merge remote-tracking branch 'origin/main' into quenting/upstream-oauth/skip-interactive 2025-12-03 10:48:31 +01:00
Quentin Gliech
1b77b5ce4b Add more options to deal with localpart conflicts on upstream OAuth 2.0 logins (#5295) 2025-12-03 10:39:05 +01:00
Quentin Gliech
a56482cf60 Merge branch 'quenting/upstream-oauth/better-conflict-options' into quenting/upstream-oauth/skip-interactive 2025-11-28 18:08:09 +01:00
Quentin Gliech
d38662e395 Option to skip confirmation when registering through an upstream OAuth provider 2025-11-28 15:51:43 +01:00
Quentin Gliech
f97f56ed11 Add more options to deal with localpart conflicts on upstream OAuth 2.0 logins 2025-11-28 10:53:28 +01:00
Olivier 'reivilibre
2c95c0a9a0 Expose the compat login policy from the policy engine 2025-11-25 18:41:14 +00:00
Olivier 'reivilibre
1d2f7fecf8 Add experimental and preliminary policy-driven session limiting when logging in OAuth 2 sessions. (#5221) 2025-11-25 15:24:02 +00:00
reivilibre
96b596fa0c templates check: Add --stabilise flag to make renders reproducible (#5214) 2025-11-24 16:16:11 +00:00
Quentin Gliech
aec28a2f42 Add upstream_oauth2.providers.[].client_secret_file config option (#4882) 2025-11-18 11:29:21 +01:00
Olivier 'reivilibre
236de8f071 Merge branch 'main' into rei/policy_driven_session_limit 2025-11-13 15:54:48 +00:00
networkException
23322cfc28 Add upstream_oauth2.providers.[].client_secret_file config option 
This patch factors out the previously introduced config
wrapper for client secrets to also use it for upstream oauth
providers.

See dd040220db
 2025-11-08 16:10:19 +01:00
Quentin Gliech
2eaba46e1b Don't extract the parent context if the span is disabled 2025-11-07 13:37:26 +01:00
Quentin Gliech
c7b00ebe03 Fix spurious "Failed to set parent context on span" error 
This would happen when the `info` log level is surpressed, and therefore
the request span would not be enabled and fail to set the parent OTEL
context.
 2025-11-07 11:34:42 +01:00
Olivier 'reivilibre
83844bc723 Use less zero-y timestamp 2025-11-06 15:36:52 +00:00
Olivier 'reivilibre
7ee32e796a Add session limit config to policy data 2025-11-06 10:12:14 +00:00
Olivier 'reivilibre
dc535d7451 Add configuration for session limiting 2025-11-06 10:12:14 +00:00
Olivier 'reivilibre
a33605b388 Stub out the vite manifest when stabilising template renders 2025-10-30 16:33:50 +00:00
Olivier 'reivilibre
56e2918030 cli: templates check: add option to --stabilise date and RNG 2025-10-30 15:14:49 +00:00
Olivier 'reivilibre
c69bae3311 Merge branch 'main' into rei/templatecheck_todisk 2025-10-30 13:52:33 +00:00
Olivier 'reivilibre
12b7524232 Fix comment and change delimiter to = 2025-10-30 13:51:33 +00:00
Olivier 'reivilibre
c60de0d7a8 Change the format of SampleIdentifiers and don't make a subdir per locale 2025-10-30 12:06:09 +00:00
Olivier 'reivilibre
00e051e67a Downgrade to SemiStrict in production 2025-10-28 17:20:49 +00:00
Olivier 'reivilibre
97f4caf904 Introduce SampleIdentifiers to stably track samples 
and use these in output filenames
 2025-10-24 17:14:00 +01:00
Olivier 'reivilibre
0013101623 cli: templates check: allow rendering to --out-dir 2025-10-24 15:43:19 +01:00
Quentin Gliech
885ce6a4e3 Always initialize OpenTelemetry even if no exporter is configured 2025-10-09 16:28:35 +02:00
Quentin Gliech
bcbe77c60e build(deps): bump the opentelemetry group with 2 updates (#5074) 2025-10-08 11:20:10 +02:00
Quentin Gliech
df45543e2e Adapt to the new tracing-opentelemetry API 2025-10-08 11:12:30 +02:00
Quentin Gliech
28e573b400 Add a configuration option to make email optional for password registration 2025-10-07 17:28:01 +02:00
Quentin Gliech
0f5dcc3c39 Inject the version in the app state 2025-10-03 11:41:22 +02:00
Quentin Gliech
55120c909b Adapt most code to use the new edges and cursors 2025-09-29 15:08:46 +02:00
Quentin Gliech
1644b41894 Simple CLI commands to manage server admins 2025-09-16 12:42:32 +02:00
Quentin Gliech
494de345ae Merge remote-tracking branch 'origin/main' into quenting/otel-prometheus-text 2025-09-12 15:25:41 +02:00
Quentin Gliech
6e3d2e79f1 Merge branch 'main' into quenting/stable-docs 2025-09-02 14:11:40 +02:00
Quentin Gliech
6d4747cd28 Fix the wording about admin token vs. secret in the doctor command 2025-09-02 14:08:20 +02:00
Quentin Gliech
7253ca69b0 Merge remote-tracking branch 'origin/main' into feat/login_hint_with_email 2025-08-18 16:43:00 +02:00
Quentin Gliech
a4cafa8ed0 Reformat with rustfmt 2025-08-18 13:46:25 +02:00
Quentin Gliech
4f33544eb7 Apply suggestions from code review 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-08-18 13:44:10 +02:00
Quentin Gliech
29e88691ab Update mas-cli doctor to suggest the stable MAS integration 2025-08-18 13:23:09 +02:00
Quentin Gliech
4578debdc2 Switch to opentelemetry-prometheus-text-exporter 2025-08-18 11:44:50 +02:00
Quentin Gliech
78933acb3c Collapse a few nested if now that we have if let chains 2025-08-18 10:29:30 +02:00
mcalinghee
8bad68cc34 Merge branch 'main' into feat/login_hint_with_email 2025-08-05 17:02:14 +02:00