letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
3,099 Commits 2 Branches 1 Tag
25cf5800bda473bc4bad4d64d18feaccb3c9f708
Commit Graph

189 Commits

Author SHA1 Message Date
dependabot[bot]
05c28ab318 build(deps): bump regex from 1.10.6 to 1.11.0 
Bumps [regex](https://github.com/rust-lang/regex) from 1.10.6 to 1.11.0.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.6...1.11.0)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-07 19:05:21 +02:00
Quentin Gliech
e6ddaf098b Output the registered client metadata in the registration endpoint 
Fixes #2848
 2024-09-20 20:39:04 +02:00
Quentin Gliech
03838bd909 Remove contacts from the data model 2024-09-20 20:39:04 +02:00
Quentin Gliech
9a946c19e7 Remove (C) 2024-09-10 14:28:55 +02:00
Quentin Gliech
9da19e2af0 License headers change 2024-09-05 13:25:42 +02:00
Quentin Gliech
163d7e8c93 admin: model definition for the OAuth 2.0 sessions 2024-08-07 17:41:18 +02:00
dependabot[bot]
1440e0456c build(deps): bump regex from 1.10.5 to 1.10.6 
Bumps [regex](https://github.com/rust-lang/regex) from 1.10.5 to 1.10.6.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.5...1.10.6)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-04 22:49:17 +02:00
reivilibre
a4891fa9ef Backend work to support minimum password complexity (#2965) 
* config: Add minimum password complexity option

* PasswordManager: add function for checking if complexity is sufficient

* Enforce password complexity on registration, change and recovery

* cli: Use exit code 1 for weak passwords

This seems preferable to exit code 0, but ideally we should choose one
and document it.

* Expose minimum password complexity score over GraphQL
 2024-07-11 10:17:39 +01:00
dependabot[bot]
5f90b0c6cb build(deps): bump regex from 1.10.4 to 1.10.5 
Bumps [regex](https://github.com/rust-lang/regex) from 1.10.4 to 1.10.5.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.4...1.10.5)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-29 05:41:05 +02:00
Quentin Gliech
041c74e7b2 Gate account recovery behing a configuration flag 2024-06-28 15:59:21 +02:00
Quentin Gliech
751d2e5dc2 Data model and repository for the user recovery flow 2024-06-28 15:59:21 +02:00
Quentin Gliech
545b014fd7 Actually verify the CAPTCHA during registration 2024-05-15 09:38:10 +02:00
Quentin Gliech
5e1e27f7ea hCaptcha support 2024-05-15 09:38:10 +02:00
Quentin Gliech
608daa9ac2 Cloudflare Turnstile support 2024-05-15 09:38:10 +02:00
Quentin Gliech
764069b6bc Render reCAPTCHA challenge on the registration form 2024-05-15 09:38:10 +02:00
Quentin Gliech
3e450b50f0 Fix recently added Clippy lints 
This also ignores the clippy::blocks_in_conditions lint in two crates,
until tracing gets fixed: https://github.com/tokio-rs/tracing/issues/2876
 2024-05-07 07:32:02 +02:00
Quentin Gliech
7998d30ba8 Allow more characters in device IDs 2024-05-03 16:56:56 +02:00
dependabot[bot]
9ec73ed8c8 build(deps): bump crc from 3.0.1 to 3.2.1 
Bumps [crc](https://github.com/mrhooray/crc-rs) from 3.0.1 to 3.2.1.
- [Release notes](https://github.com/mrhooray/crc-rs/releases)
- [Commits](https://github.com/mrhooray/crc-rs/compare/3.0.1...3.2.1)

---
updated-dependencies:
- dependency-name: crc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-30 22:34:40 +02:00
dependabot[bot]
c2ed92300a build(deps): bump regex from 1.10.3 to 1.10.4 
Bumps [regex](https://github.com/rust-lang/regex) from 1.10.3 to 1.10.4.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.3...1.10.4)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-30 19:43:16 +02:00
Quentin Gliech
a29da1f66f Update copyright headers 2024-04-30 13:33:47 +02:00
Quentin Gliech
10f7195cc0 Move the SiteConfig to the data-model crate 2024-04-30 13:33:47 +02:00
Quentin Gliech
75aeac9e0a Add a manage register-user utility to the CLI 2024-04-30 12:15:10 +02:00
Quentin Gliech
f82ad8c0e6 Soft-delete upstream OAuth 2.0 providers on config sync 2024-04-03 09:51:22 +02:00
Quentin Gliech
6841bc112d Add a soft-deletion column on upstream OAuth 2.0 providers 2024-04-03 09:51:22 +02:00
Michael Telatynski
09cd3f90d6 Add Electron user-agent parsing for Element Desktop/Nightly (#2461) 2024-03-18 18:42:31 +01:00
Quentin Gliech
1627fc6945 Upgrade chrono and replace deprecated methods usage 2024-03-18 17:26:40 +01:00
Quentin Gliech
6b3b1e8109 Additional parameters from upstream OAuth2 providers in the data model 2024-03-01 14:36:37 +01:00
Quentin Gliech
a7dc41fdba Parse User Agents on the backend side (#2388) 
* Parse user agents on the server side

* Parse and expose user agents on the backend

* Use the parsed user agent in the device consent page

* Fix the device icon tests

* Fix clippy warnings

* Box stuff to avoid large enum variants

* Ignore a clippy warning

* Fix the requester boxing
 2024-02-23 16:47:48 +01:00
Quentin Gliech
82cb1365fd Record user agents on OAuth 2.0 and compat sessions (#2386) 
* Record user agents on OAuth 2.0 and compat sessions

* Add tests for recording user agent in sessions
 2024-02-22 10:01:32 +01:00
Quentin Gliech
d3c799b3ae Save which user session created a compat session 
This also exposes the user session in the GraphQL API, and allow
filtering on browser session ID on the app session list.
 2024-02-21 11:55:58 +01:00
Quentin Gliech
17abb9a67e Record the user agent and IP in the device code grant 2024-02-02 18:01:51 +01:00
Quentin Gliech
45b7a6a931 Add a repository for device code grants 2024-02-02 18:01:51 +01:00
Quentin Gliech
1bbbe1fe3b Setup the data model for the device code grant 2024-02-02 18:01:51 +01:00
Quentin Gliech
dc66b5b18f Prepare workspace to publish OIDC crates 2023-12-07 16:02:55 +01:00
Quentin Gliech
a7ff6b00aa Enable clippy lints on a workspace level 
This enables a lot more lints than before in some crates, so this fixed a lot of warnings as well.
 2023-12-05 17:20:42 +01:00
Quentin Gliech
b7f509532e Add upstream OAuth 2.0 providers name and branding 2023-11-20 17:23:02 +01:00
Quentin Gliech
6942fc4570 Allow endpoints and discovery mode override for upstream oauth2 providers 
This time, at the configuration and database level
 2023-11-17 16:18:39 +01:00
Quentin Gliech
701e1c6814 Allow overriding usptream OAuth2 providers endpoints 
Also have a way to disable OIDC discovery when all the endpoints are known.
 2023-11-17 16:18:39 +01:00
Quentin Gliech
26f43e4766 Refactor the upstream link provider template logic 
Also adds tests for new account registration through an upstream oauth2
provider
 2023-11-13 14:11:30 +01:00
Quentin Gliech
097f314d8b Use minijinja templates to map OIDC claims to user attributes 2023-11-08 12:05:58 +01:00
Quentin Gliech
92d2a18afb "Can request admin" flag on user 2023-10-09 18:52:30 +02:00
Quentin Gliech
7d391ea58f Test the activity tracker on the introspection endpoint 2023-09-19 21:57:54 +02:00
Quentin Gliech
8e73092ad0 Make the last activity timestamp and IP available through the API 2023-09-19 21:57:54 +02:00
Quentin Gliech
921f491a00 Rust dependencies housekeeping 
Including:
 - package upgrades
 - stop using the patched version of `ulid`
 - update cargo deny duplicate exception list
 2023-09-14 23:43:00 +02:00
Quentin Gliech
bbbf833c97 Make the error on introspection failure more explicit in the logs 2023-09-13 18:24:52 +02:00
Quentin Gliech
37ae1420f3 data-model: make the access token expiration optional 2023-09-11 12:03:42 +02:00
Quentin Gliech
43aa2db3d5 data-model: Make the user_id optional in the OAuth 2.0 sessions 2023-09-06 09:35:34 +02:00
Quentin Gliech
d39daf48c5 Define common crates metadata on the workspace level 2023-09-01 16:27:22 +02:00
Quentin Gliech
80b3398424 Make the email verification state more configurable on upstream OAuth 2.0 registration 
This also marks the email as primary
 2023-08-31 14:20:06 +02:00
Quentin Gliech
fb246508b2 Store the browser user-agent when starting a browser session 2023-08-29 17:38:01 +02:00