letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
NaN Commits 2 Branches 1 Tag
main
Commit Graph

139 Commits

Author SHA1 Message Date
Quentin Gliech
8eff88e9e8 Flatten the database config 2024-03-22 13:33:09 +01:00
Quentin Gliech
f61bdbba72 Flatten the clients config 2024-03-22 13:33:09 +01:00
Quentin Gliech
771b6a2f8b Upgrade OTEL and remove support for Jaeger and Zipkin exporters 2024-03-18 17:26:40 +01:00
Quentin Gliech
dd15135915 Load the additional OAuth parameters from the config 2024-03-01 14:36:37 +01:00
Quentin Gliech
34ce0f3e37 Move schemars to workspace dependencies 
Also enables the `preserve_order` feature, hence the big schema output diff.
 2024-03-01 14:36:37 +01:00
Quentin Gliech
bcf2452c39 Update config schema 
Because enabled the serde_json feature which preserves the order in
dicts, keys moved around in the generated schema.
 2024-02-08 15:28:43 +01:00
Quentin Gliech
36a793b971 Make the claims_imports optional in the config 2023-11-22 15:13:28 +01:00
Quentin Gliech
b7f509532e Add upstream OAuth 2.0 providers name and branding 2023-11-20 17:23:02 +01:00
Quentin Gliech
6942fc4570 Allow endpoints and discovery mode override for upstream oauth2 providers 
This time, at the configuration and database level
 2023-11-17 16:18:39 +01:00
Quentin Gliech
097f314d8b Use minijinja templates to map OIDC claims to user attributes 2023-11-08 12:05:58 +01:00
Quentin Gliech
b96d95792d Add instance privacy policy, TOS and imprint, and loads of design cleanups 2023-10-30 15:55:15 +01:00
Quentin Gliech
fd4481713b Allow running the authentication service on a different base path 2023-10-06 14:07:55 +02:00
Quentin Gliech
ad8cc6be9e templates: add translations function 2023-10-05 19:29:23 +02:00
Quentin Gliech
baaa725fcd Infer client IP address from the peer address and the X-Forwarded-Proxy header 2023-09-20 20:24:30 +02:00
Quentin Gliech
00a4508d87 Rename the 'hack' configuration section to 'experimental' 2023-08-31 18:05:00 +02:00
Quentin Gliech
8d0cf9fdbf Make the access tokens TTL configurable 2023-08-31 18:05:00 +02:00
Quentin Gliech
80b3398424 Make the email verification state more configurable on upstream OAuth 2.0 registration 
This also marks the email as primary
 2023-08-31 14:20:06 +02:00
Quentin Gliech
86d40b0345 Make sure we validate passwords & emails by the policy at all stages 
Also refactors the way we get the policy engines in requests
 2023-08-30 19:39:39 +02:00
Quentin Gliech
a6dc094f09 Move some common dependencies on the workspace level 
Also deprecates the AWS SESv2 transport for emails
 2023-08-14 13:00:01 +02:00
Quentin Gliech
82afe9471c Better frontend assets handling and move the react app to /account/ (#1324) 
This makes the Vite assets handling better, namely:

 - make it possible to include any vite assets in the templates
 - include the right `<link rel="preload">` tags for assets
 - include Subresource Integrity hashes
 - pre-compress assets and remove on-the-fly compression by the Rust server
 - build the CSS used by templates through Vite

It also moves the React app from /app/ to /account/, and remove some of the old SSR account screens.
 2023-07-06 15:30:26 +02:00
Quentin Gliech
439e51ca80 Allow setting a different issuer from the public base URL 2023-06-27 12:53:15 +02:00
Quentin Gliech
086c2c8a8e CLI tool to sync the upstream IDPs with the config 2023-06-26 17:24:56 +02:00
Quentin Gliech
cef7efca8c Define upstream OAuth providers in the config 
And adds CLI tool to sync them with the database (WIP)
 2023-06-26 17:24:56 +02:00
Quentin Gliech
f767130e1b Update the JSON schema 2023-06-14 12:53:48 +02:00
Quentin Gliech
5d14582686 Make password-based login optional 2023-05-23 17:02:02 +02:00
Quentin Gliech
cef2064e99 Lint 2023-04-14 10:22:22 +02:00
Quentin Gliech
9675b64313 Fix the default listener configuration 2023-03-14 12:14:06 +01:00
Quentin Gliech
3e2dd767d2 iana: manually implement JsonSchema/Display/FromStr/Serialize/Deserialize 
This removes the dependency on serde_with and parse-display, and makes
the serde & schemars dependencies optional
 2023-02-01 15:11:45 +01:00
Quentin Gliech
cb4bfe5b6b Log more errors and setup Sentry integration 2023-01-30 18:04:44 +01:00
Quentin Gliech
549f8bf952 Remove the dependency on sqlx in the config crate 2022-12-15 16:51:43 +01:00
Quentin Gliech
f3a9fd8bc0 Password schemes configuration 2022-12-14 16:04:36 +01:00
Hugh Nimmo-Smith
004824849c Config schema is auto-generated 2022-12-09 23:27:13 +01:00
Hugh Nimmo-Smith
c4d4bbc40f client_ids are required to be ULIDs 2022-12-09 23:27:13 +01:00
Quentin Gliech
c1aad59e18 Do not embed the templates and static files in the binary 2022-11-18 22:37:55 +01:00
Quentin Gliech
44d397b54c Do not embed the WASM-compiled policies in the binary 2022-11-18 22:37:55 +01:00
Quentin Gliech
28a9d54072 Serve the SPA by the server 2022-11-18 13:43:01 +01:00
Quentin Gliech
8f4fba544e Update schemas 2022-11-09 19:17:12 +01:00
Quentin Gliech
6f4de9636c Update the config schema 2022-10-17 12:09:33 +02:00
Quentin Gliech
e3e376f577 Drop the config schema generation subcommand & include it in the docs 2022-10-17 10:43:07 +02:00