letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
598 Commits 2 Branches 1 Tag
06ebf8a3ef55c03da2534456223723596fecb0fc
Commit Graph

598 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kévin Commaille
06ebf8a3ef Fix new clippy 0.1.63 warnings 2022-08-12 11:05:21 +02:00
Kévin Commaille
4d83a1f08a Document field requirements in ProviderMetadata docs 2022-08-11 17:20:17 +02:00
Kévin Commaille
2714e34092 Use LanguageTag for lists of locales in ProviderMetadata 2022-08-11 17:20:17 +02:00
Kévin Commaille
56c49be587 Allow to validate provider metadata 
According to the OpenID Connect Discovery 1.0 spec.
Provide the default values for fields when they are defined.
Introduce VerifiedProviderMetadata.
Rename Metadata to ProviderMetadata.
Implement Deserialize for ProviderMetadata.
 2022-08-11 17:20:17 +02:00
Kévin Commaille
3eaf2fac6d Fix type of metadata pushed authorization request endpoint 2022-08-11 17:20:17 +02:00
Quentin Gliech
8fd4f3d658 Disable wasmtime cache in the Docker image 2022-08-08 16:36:47 +02:00
Quentin Gliech
c1e0f84953 Add missing clippy lints in mas-axum-utils 2022-08-08 10:06:20 +02:00
Quentin Gliech
c1adcd6690 Enable the clippy::str_to_string lint 2022-08-08 10:06:20 +02:00
dependabot[bot]
78c795d94f Bump tailwindcss from 3.1.7 to 3.1.8 in /crates/static-files 
Bumps [tailwindcss](https://github.com/tailwindlabs/tailwindcss) from 3.1.7 to 3.1.8.
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/compare/v3.1.7...v3.1.8)

---
updated-dependencies:
- dependency-name: tailwindcss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-08 09:58:00 +02:00
Hugh Nimmo-Smith
6a7b12913b Use unstable prefixes for scope names (#337) 2022-08-05 17:58:22 +00:00
dependabot[bot]
9874b5496c Bump chrono from 0.4.19 to 0.4.20 
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.19 to 0.4.20.
- [Release notes](https://github.com/chronotope/chrono/releases)
- [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md)
- [Commits](https://github.com/chronotope/chrono/compare/v0.4.19...v0.4.20)

---
updated-dependencies:
- dependency-name: chrono
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-05 09:48:09 +02:00
Quentin Gliech
db4d00264c Test HTTP handlers 2022-08-05 09:48:02 +02:00
Quentin Gliech
596bd51857 Run the Postgres database as a service in the CI 2022-08-05 09:48:02 +02:00
Quentin Gliech
9cb26765a9 Build in CI with SQLX_OFFLINE=1 2022-08-05 09:48:02 +02:00
Quentin Gliech
c495814754 Database testing 2022-08-05 09:48:02 +02:00
dependabot[bot]
dfba96014c Bump serde from 1.0.141 to 1.0.142 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.141 to 1.0.142.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.141...v1.0.142)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-04 11:30:39 +02:00
dependabot[bot]
912d8a1f67 Bump serde_json from 1.0.82 to 1.0.83 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.82 to 1.0.83.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.82...v1.0.83)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-04 10:43:50 +02:00
dependabot[bot]
03962a46e8 Bump sqlx from 0.6.0 to 0.6.1 
Bumps [sqlx](https://github.com/launchbadge/sqlx) from 0.6.0 to 0.6.1.
- [Release notes](https://github.com/launchbadge/sqlx/releases)
- [Changelog](https://github.com/launchbadge/sqlx/blob/main/CHANGELOG.md)
- [Commits](https://github.com/launchbadge/sqlx/commits)

---
updated-dependencies:
- dependency-name: sqlx
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-04 10:03:39 +02:00
dependabot[bot]
d779f2ec0b Bump thiserror from 1.0.31 to 1.0.32 
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.31 to 1.0.32.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.31...1.0.32)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-04 09:21:37 +02:00
dependabot[bot]
2649b9242f Bump elliptic-curve from 0.12.2 to 0.12.3 
Bumps [elliptic-curve](https://github.com/RustCrypto/traits) from 0.12.2 to 0.12.3.
- [Release notes](https://github.com/RustCrypto/traits/releases)
- [Commits](https://github.com/RustCrypto/traits/compare/elliptic-curve-v0.12.2...elliptic-curve-v0.12.3)

---
updated-dependencies:
- dependency-name: elliptic-curve
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-03 19:08:56 +02:00
dependabot[bot]
5dba6b5ff8 Bump serde_yaml from 0.9.2 to 0.9.4 
Bumps [serde_yaml](https://github.com/dtolnay/serde-yaml) from 0.9.2 to 0.9.4.
- [Release notes](https://github.com/dtolnay/serde-yaml/releases)
- [Commits](https://github.com/dtolnay/serde-yaml/compare/0.9.2...0.9.4)

---
updated-dependencies:
- dependency-name: serde_yaml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-03 16:29:48 +02:00
dependabot[bot]
b9794aea67 Bump indoc from 1.0.6 to 1.0.7 
Bumps [indoc](https://github.com/dtolnay/indoc) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/dtolnay/indoc/releases)
- [Commits](https://github.com/dtolnay/indoc/compare/1.0.6...1.0.7)

---
updated-dependencies:
- dependency-name: indoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-03 16:29:39 +02:00
Quentin Gliech
59da12e6d6 ci: ignore errors on the nightly toolchain 2022-08-03 15:20:21 +02:00
Quentin Gliech
4e267f45d8 Move the PKCE validation logic to oauth2-types 2022-08-03 13:57:31 +02:00
Quentin Gliech
9479ad5ff9 Fix PKCE characters verification rules & add tests 2022-08-03 13:57:31 +02:00
Quentin Gliech
ecbba3967b Update crates/data-model/src/oauth2/authorization_grant.rs 
Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
 2022-08-03 13:57:31 +02:00
Quentin Gliech
deceea0c62 Make PKCE implementation compliant with RFC7636 
This checks for the PKCE code_verifier length as well as the characters
used. It also give better errors when the PKCE verifier is invalid.

Fixes #316
 2022-08-03 13:57:31 +02:00
Quentin Gliech
208ad7fb14 Support the autocorrect and autocapitalize attributes in the field macro 2022-08-01 20:27:27 +02:00
Doug
753131750c Disable autocorrection/captialisation on username text fields 2022-08-01 20:27:27 +02:00
Quentin Gliech
98c2541067 Switch back rsa crate to a published pre-version 2022-08-01 19:41:38 +02:00
Quentin Gliech
779ee82fa6 Bump serde_with 2022-08-01 19:38:22 +02:00
dependabot[bot]
25e8012135 Bump actions/cache from 3.0.4 to 3.0.5 
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.4 to 3.0.5.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.0.4...v3.0.5)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-01 17:52:40 +02:00
dependabot[bot]
580b17f4c3 Bump sigstore/cosign-installer from 2.4.1 to 2.5.0 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.4.1 to 2.5.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v2.4.1...v2.5.0)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-01 17:51:05 +02:00
dependabot[bot]
7a8d26ceba Bump tailwindcss from 3.1.5 to 3.1.7 in /crates/static-files 
Bumps [tailwindcss](https://github.com/tailwindlabs/tailwindcss) from 3.1.5 to 3.1.7.
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/compare/v3.1.5...v3.1.7)

---
updated-dependencies:
- dependency-name: tailwindcss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-01 17:50:58 +02:00
dependabot[bot]
ee6b98cb75 Bump autoprefixer from 10.4.7 to 10.4.8 in /crates/static-files 
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 10.4.7 to 10.4.8.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/10.4.7...10.4.8)

---
updated-dependencies:
- dependency-name: autoprefixer
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-01 17:50:51 +02:00
Quentin Gliech
21b630e022 Bump Rust dependencies 2022-08-01 17:50:33 +02:00
Quentin Gliech
65fb374b00 Authorization grant policy (#288) 
Co-authored-by: Hugh Nimmo-Smith <hughns@matrix.org>
 2022-07-21 16:18:59 +00:00
Quentin Gliech
7d1f3a269c Stop generating the device ID automatically (#285) 2022-07-21 16:34:55 +01:00
Hugh Nimmo-Smith
c9f03490aa Document client registration policy config and improve error messages (#299) 2022-07-09 12:47:40 +00:00
Hugh Nimmo-Smith
f35228de5f Return reason for invalid_client_metadata in HTTP response (#298) 2022-07-08 21:11:54 +00:00
Quentin Gliech
50412f193d Enforce redirect_uris verifications in client registration (#276) 2022-07-08 12:41:00 +01:00
dependabot[bot]
4dcb1949dc Bump tailwindcss from 3.1.4 to 3.1.5 in /crates/static-files 
Bumps [tailwindcss](https://github.com/tailwindlabs/tailwindcss) from 3.1.4 to 3.1.5.
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/compare/v3.1.4...v3.1.5)

---
updated-dependencies:
- dependency-name: tailwindcss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-07 15:14:32 -05:00
dependabot[bot]
9b80e7c748 Bump once_cell from 1.12.1 to 1.13.0 
Bumps [once_cell](https://github.com/matklad/once_cell) from 1.12.1 to 1.13.0.
- [Release notes](https://github.com/matklad/once_cell/releases)
- [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md)
- [Commits](https://github.com/matklad/once_cell/compare/v1.12.1...v1.13.0)

---
updated-dependencies:
- dependency-name: once_cell
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-07 15:14:12 -05:00
Quentin Gliech
1d22e9b0f6 Fix error introduced by crypto crate upgrade 2022-07-04 18:46:29 +02:00
Quentin Gliech
9abb4798c1 Bump dependencies 2022-07-04 18:27:18 +02:00
Quentin Gliech
26bc480d8c Bump AWS dependencies 2022-07-04 18:18:26 +02:00
dependabot[bot]
8669ff3f22 Bump lettre from 0.10.0-rc.7 to 0.10.0 
Bumps [lettre](https://github.com/lettre/lettre) from 0.10.0-rc.7 to 0.10.0.
- [Release notes](https://github.com/lettre/lettre/releases)
- [Changelog](https://github.com/lettre/lettre/blob/master/CHANGELOG.md)
- [Commits](https://github.com/lettre/lettre/compare/v0.10.0-rc.7...v0.10.0)

---
updated-dependencies:
- dependency-name: lettre
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-04 18:17:07 +02:00
Quentin Gliech
68f631c127 Reduce GitHub Actions usage 
This removes the run on push for branches other than main, and
preemptively stops runs on the same ref
 2022-07-04 16:02:03 +02:00
Quentin Gliech
6f7996da09 Tweak the codecov setup 2022-07-04 15:49:58 +02:00
dependabot[bot]
2743724e8f Bump sigstore/cosign-installer from 2.4.0 to 2.4.1 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v2.4.0...v2.4.1)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-04 15:18:54 +02:00