letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
1,494 Commits 2 Branches 1 Tag
8fad2b780830dc23df959cdbea7b43175f74da2c
Commit Graph

133 Commits

Author SHA1 Message Date
dependabot[bot]
03c87f455e build(deps): bump serde from 1.0.181 to 1.0.183 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.181 to 1.0.183.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.181...v1.0.183)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-08 20:35:57 +02:00
dependabot[bot]
e4eb09e0a5 build(deps): bump serde from 1.0.180 to 1.0.181 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.180 to 1.0.181.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.180...v1.0.181)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-04 23:18:07 +02:00
Quentin Gliech
04099d5235 Merge branch 'main' into quenting/user-lock 2023-08-03 15:20:05 +02:00
dependabot[bot]
874a7876f2 build(deps): bump serde from 1.0.177 to 1.0.180 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.177 to 1.0.180.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.177...v1.0.180)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-03 15:18:17 +02:00
Quentin Gliech
7f3aa06153 Add a way to lock users 2023-08-03 14:06:34 +02:00
dependabot[bot]
6a58195ae9 build(deps): bump serde from 1.0.176 to 1.0.177 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.176 to 1.0.177.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.176...v1.0.177)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-27 23:28:07 +02:00
Quentin Gliech
a9b3445493 Bump Rust dependencies and remove unused ones 2023-07-27 17:23:08 +02:00
dependabot[bot]
9b92d26c7e build(deps): bump serde from 1.0.171 to 1.0.174 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.171 to 1.0.174.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.171...v1.0.174)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-22 00:17:55 +02:00
Quentin Gliech
2b1d7d9d56 Remove the last authentication from the browser session model 2023-07-21 19:50:30 +02:00
Quentin Gliech
af46088507 Upgrade all Rust dependencies 
This includes breaking changes of sqlx 0.7.0
 2023-07-17 19:04:06 +02:00
dependabot[bot]
9a334ae571 build(deps): bump thiserror from 1.0.40 to 1.0.41 
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.40 to 1.0.41.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.40...1.0.41)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-05 01:15:00 +02:00
dependabot[bot]
1040251a3f build(deps): bump serde from 1.0.165 to 1.0.166 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.165 to 1.0.166.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.165...v1.0.166)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-04 00:59:48 +02:00
dependabot[bot]
f3da75f002 build(deps): bump serde from 1.0.164 to 1.0.165 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.164 to 1.0.165.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.164...v1.0.165)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-03 15:43:13 +02:00
Quentin Gliech
086c2c8a8e CLI tool to sync the upstream IDPs with the config 2023-06-26 17:24:56 +02:00
Quentin Gliech
6b9b699ed4 Pass the claims import preferences on the storage layer 2023-06-26 17:24:56 +02:00
Quentin Gliech
3c29d998fe Ground work to import upstream OIDC claims on registration. 2023-06-26 17:24:56 +02:00
Quentin Gliech
e5d5243c6d Add a admin flag to the compatibility session 
Also adds a CLI tool to issue a compatibility token.
 2023-06-16 15:24:38 +02:00
Quentin Gliech
be837a54e3 Bump Rust dependencies 2023-06-14 12:02:16 +02:00
Quentin Gliech
1b4f48798b Bump Rust dependencies 2023-05-25 18:15:44 +02:00
Quentin Gliech
2fbcb5377e Split the mutations and make them use an input object instead of different parameters 2023-04-25 16:39:15 +02:00
Quentin Gliech
fa101361a2 Fix Device to ScopeToken conversion and test it 2023-04-24 10:42:38 +02:00
Quentin Gliech
aea734d41b Provision and delete Matrix devices in OAuth sessions 2023-04-24 10:42:38 +02:00
Quentin Gliech
24140f7058 Bump Rust depdenencies 2023-04-18 23:01:43 +02:00
dependabot[bot]
2df23fab67 build(deps): bump thiserror from 1.0.39 to 1.0.40 
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.39 to 1.0.40.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.39...1.0.40)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-14 12:40:00 +02:00
Kévin Commaille
08556a7f50 Allow redirect URIs with any port for loopback interfaces 2023-04-14 10:22:49 +02:00
Hugh Nimmo-Smith
4a6b4ee169 Lint 2023-04-06 16:24:18 +02:00
Hugh Nimmo-Smith
f74ad36aa3 Handle imported Synapse access/refresh tokens 2023-04-06 16:24:18 +02:00
dependabot[bot]
00b7c5a532 build(deps): bump serde from 1.0.156 to 1.0.158 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.156 to 1.0.158.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.156...v1.0.158)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-21 17:26:05 +01:00
dependabot[bot]
dd65a5deca build(deps): bump serde from 1.0.155 to 1.0.156 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.155 to 1.0.156.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.155...v1.0.156)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-15 14:51:14 +01:00
Quentin Gliech
b5ba81e260 Fix clippy errors 2023-03-14 10:47:35 +01:00
Quentin Gliech
6141d16eff Bump Rust dependencies 2023-03-14 10:47:35 +01:00
Quentin Gliech
75e5f6836b handlers: Add test for the compatibility login API 2023-02-24 15:52:21 +01:00
dependabot[bot]
de7c3bdbd3 build(deps): bump crc from 3.0.0 to 3.0.1 
Bumps [crc](https://github.com/mrhooray/crc-rs) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/mrhooray/crc-rs/releases)
- [Commits](https://github.com/mrhooray/crc-rs/compare/3.0.0...3.0.1)

---
updated-dependencies:
- dependency-name: crc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-02 11:45:20 +01:00
Quentin Gliech
99e05b4a4f Fix the authorization grant template 
It previously relied on the client being in the authorization grant,
which is not the case anymore. This commit also adds a test to ensure
we're not breaking this template in the future.
 2023-01-31 16:50:48 +01:00
Quentin Gliech
6f6572ddda storage-pg: write tests for the OAuth2 repositories 2023-01-25 17:24:34 +01:00
Quentin Gliech
59ce524586 storage: split the repository trait 2023-01-24 16:05:14 +01:00
Quentin Gliech
34136a2a97 handlers: extract the PgRepository from the request 
Also fix a bunch of clippy errors & doctests
 2023-01-18 18:22:13 +01:00
Quentin Gliech
2265327bac handlers: box the rng and clock, and extract it from the state 2023-01-18 17:49:59 +01:00
Quentin Gliech
7099a8df20 Fix rustdoc lints 2023-01-18 12:25:49 +01:00
Quentin Gliech
eb4ce7e7f0 Split the storage trait from the implementation 2023-01-18 10:38:22 +01:00
Quentin Gliech
8e5b3e46ea storage: remaining oauth2 repositories 
- authorization grants
 - access tokens
 - refresh tokens
 2023-01-12 18:26:04 +01:00
Quentin Gliech
af267657c5 storage: repository pattern for the compat layer 2023-01-12 15:41:26 +01:00
Quentin Gliech
3a1fc8982c storage: cleanup access/refresh token lookups 2023-01-11 12:14:52 +01:00
Quentin Gliech
f0a44fcd5e storage: do less joins in compat sessions 2023-01-10 18:49:35 +01:00
Quentin Gliech
2b2f452d96 data-model: have more structs use a state machine 2023-01-09 18:02:32 +01:00
Quentin Gliech
31779f5222 data-model: don't embed the client in the auth grant 2023-01-09 10:49:51 +01:00
Quentin Gliech
8b8b21329e storage: do less joins on authorization grants and refresh tokens 2023-01-05 16:49:19 +01:00
Quentin Gliech
644eb61dd4 storage: oauth2 session repository 2023-01-05 16:44:56 +01:00
Quentin Gliech
6053e24d73 storage: Load with less joins 
This is done to simplify some queries, to avoid loading more data than
necessary, and in preparation of a proper cache layer
 2023-01-04 18:06:17 +01:00
Quentin Gliech
f77923599b strorage: browser session and user password repositories 2023-01-03 15:58:01 +01:00