letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
1,632 Commits 2 Branches 1 Tag
00a4508d87670cb2dca91a2a7436c6ee3236a05d
Commit Graph

165 Commits

Author SHA1 Message Date
Quentin Gliech
00a4508d87 Rename the 'hack' configuration section to 'experimental' 2023-08-31 18:05:00 +02:00
Quentin Gliech
8d0cf9fdbf Make the access tokens TTL configurable 2023-08-31 18:05:00 +02:00
Quentin Gliech
80b3398424 Make the email verification state more configurable on upstream OAuth 2.0 registration 
This also marks the email as primary
 2023-08-31 14:20:06 +02:00
Quentin Gliech
86d40b0345 Make sure we validate passwords & emails by the policy at all stages 
Also refactors the way we get the policy engines in requests
 2023-08-30 19:39:39 +02:00
Quentin Gliech
3c33923d2c policies: split the email & password policies and add jsonschema validation of the input 2023-08-30 19:39:39 +02:00
Quentin Gliech
b783b5457e tracing: set the parent context from the incoming request again 2023-08-29 18:50:54 +02:00
Quentin Gliech
6c6f121146 Fix sentry transport post-upgrade 2023-08-29 08:23:26 +02:00
Quentin Gliech
1283e78f18 Cache the upstream OAuth 2.0 provider metadata 2023-08-28 18:30:40 +02:00
Quentin Gliech
ea7299a14a Upgrade Rust to 1.72.0 
Fixes new clippy errors and upgrade other tools
 2023-08-28 18:05:56 +02:00
Quentin Gliech
d06061c14d Save the application_type and the contacts in the OAuth 2.0 clients 
This also removes the dedicated "redirect_uris" table and makes it a field of the "oauth2_clients" table
 2023-08-28 14:41:49 +02:00
Quentin Gliech
c840e3ec55 Grab a database lock when syncing the config 
Fixes #1475
 2023-08-25 15:48:47 +02:00
Quentin Gliech
d054d72fee Handle cookies better by setting the right flags & expiration 2023-08-25 14:35:46 +02:00
Quentin Gliech
a6dc094f09 Move some common dependencies on the workspace level 
Also deprecates the AWS SESv2 transport for emails
 2023-08-14 13:00:01 +02:00
Quentin Gliech
0ad4c68268 Setup cargo-deny 
Also try to remove a bunch of duplicate crates
 2023-08-14 11:22:52 +02:00
Quentin Gliech
2061cdc4d6 OpenTelemetry upgrade 2023-08-11 16:12:58 +02:00
Quentin Gliech
863cd74207 Add a 404 HTMl fallback 2023-08-09 16:56:11 +02:00
Quentin Gliech
99c7ee1d18 cli: always include all OTEL exporters 2023-08-03 17:13:37 +02:00
Quentin Gliech
bea8e4eff4 Call the homeserver for user deactivation 2023-08-03 14:06:34 +02:00
Quentin Gliech
7f3aa06153 Add a way to lock users 2023-08-03 14:06:34 +02:00
Quentin Gliech
a9b3445493 Bump Rust dependencies and remove unused ones 2023-07-27 17:23:08 +02:00
Quentin Gliech
af46088507 Upgrade all Rust dependencies 
This includes breaking changes of sqlx 0.7.0
 2023-07-17 19:04:06 +02:00
Quentin Gliech
4e74a7102d Reimplementation of a postgres-backed storage with a shared PG listener 2023-07-17 19:04:06 +02:00
Quentin Gliech
01ba7abc2a Track the database connection acquisition time and pool usage 2023-07-06 18:54:29 +02:00
Quentin Gliech
82afe9471c Better frontend assets handling and move the react app to /account/ (#1324) 
This makes the Vite assets handling better, namely:

 - make it possible to include any vite assets in the templates
 - include the right `<link rel="preload">` tags for assets
 - include Subresource Integrity hashes
 - pre-compress assets and remove on-the-fly compression by the Rust server
 - build the CSS used by templates through Vite

It also moves the React app from /app/ to /account/, and remove some of the old SSR account screens.
 2023-07-06 15:30:26 +02:00
Quentin Gliech
e26b418aaf Add a CLI tool to kill all sessions of a user 2023-06-30 15:54:06 +02:00
Quentin Gliech
e83b99a94a Add a CLI tool to trigger a provisioning job for all users 2023-06-29 10:55:48 +02:00
Quentin Gliech
439e51ca80 Allow setting a different issuer from the public base URL 2023-06-27 12:53:15 +02:00
Quentin Gliech
f82277bf15 Split the full config with partial configs used by some sub-commands 2023-06-26 17:24:56 +02:00
Quentin Gliech
752f8b837b Sync the OAuth2 clients with CLI and remove redundant CLI tools 2023-06-26 17:24:56 +02:00
Quentin Gliech
086c2c8a8e CLI tool to sync the upstream IDPs with the config 2023-06-26 17:24:56 +02:00
Quentin Gliech
cef7efca8c Define upstream OAuth providers in the config 
And adds CLI tool to sync them with the database (WIP)
 2023-06-26 17:24:56 +02:00
Quentin Gliech
6b9b699ed4 Pass the claims import preferences on the storage layer 2023-06-26 17:24:56 +02:00
Quentin Gliech
f5ed39fa42 Refactor the matrix connection logic 
Also make the display name available through the graphql api
 2023-06-16 19:52:39 +02:00
Quentin Gliech
e5d5243c6d Add a admin flag to the compatibility session 
Also adds a CLI tool to issue a compatibility token.
 2023-06-16 15:24:38 +02:00
Quentin Gliech
5d14582686 Make password-based login optional 2023-05-23 17:02:02 +02:00
Quentin Gliech
665487db40 Setup GraphQL mutations to add and verify email addresses 
This refactors a bit how the connection to the repository is done in the
graphql handler, so that we can properly commit transactions.
 2023-04-25 16:39:15 +02:00
Quentin Gliech
3ea8668e39 Bump the OTEL crates to 0.19.0 (#1132) 
* Bump the OTEL crates to 0.19.0

Also pins a bunch of versions in the Dockerfile and fixes the docker build in CI
 2023-04-24 17:10:55 +00:00
Quentin Gliech
e62a3592d5 Update Rust to 1.69.0 2023-04-24 11:42:01 +02:00
Quentin Gliech
ca79c1b584 Remove clippy lints in files copied from the sentry crate 2023-04-18 23:01:43 +02:00
Quentin Gliech
f12a6218e9 Sentry transport based on hyper to get rid of reqwest 2023-04-18 23:01:43 +02:00
Quentin Gliech
cec23b93aa Better tracing attributes in the HTTP client 2023-04-18 14:45:43 +02:00
Quentin Gliech
3cc4749979 Replace the OTEL-based tracing layer with tracing based layers 2023-04-18 14:45:43 +02:00
Quentin Gliech
d943848d7d Proactively provision users on registration & sync threepids 2023-04-14 10:22:22 +02:00
Quentin Gliech
4ba39341b2 Extract the job tracing span logic to a layer 2023-04-14 10:22:22 +02:00
Quentin Gliech
5e0c5d09fd Properly propagate trace contexts 
This also fixes a long-running issue where the OTEL context was not properly set in the tracing spans.
 2023-04-14 10:22:22 +02:00
Quentin Gliech
ca13827dec WIP: use apalis to schedule jobs 2023-04-14 10:22:22 +02:00
Quentin Gliech
b5ba81e260 Fix clippy errors 2023-03-14 10:47:35 +01:00
Quentin Gliech
275c67863b Capture better errors in Sentry 2023-01-31 16:25:15 +01:00
Quentin Gliech
cb4bfe5b6b Log more errors and setup Sentry integration 2023-01-30 18:04:44 +01:00
Quentin Gliech
59ce524586 storage: split the repository trait 2023-01-24 16:05:14 +01:00