letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
1,494 Commits 2 Branches 1 Tag
8fad2b780830dc23df959cdbea7b43175f74da2c
Commit Graph

82 Commits

Author SHA1 Message Date
Quentin Gliech
7f3aa06153 Add a way to lock users 2023-08-03 14:06:34 +02:00
Quentin Gliech
2b1d7d9d56 Remove the last authentication from the browser session model 2023-07-21 19:50:30 +02:00
Quentin Gliech
086c2c8a8e CLI tool to sync the upstream IDPs with the config 2023-06-26 17:24:56 +02:00
Quentin Gliech
6b9b699ed4 Pass the claims import preferences on the storage layer 2023-06-26 17:24:56 +02:00
Quentin Gliech
3c29d998fe Ground work to import upstream OIDC claims on registration. 2023-06-26 17:24:56 +02:00
Quentin Gliech
e5d5243c6d Add a admin flag to the compatibility session 
Also adds a CLI tool to issue a compatibility token.
 2023-06-16 15:24:38 +02:00
Quentin Gliech
2fbcb5377e Split the mutations and make them use an input object instead of different parameters 2023-04-25 16:39:15 +02:00
Quentin Gliech
fa101361a2 Fix Device to ScopeToken conversion and test it 2023-04-24 10:42:38 +02:00
Quentin Gliech
aea734d41b Provision and delete Matrix devices in OAuth sessions 2023-04-24 10:42:38 +02:00
Kévin Commaille
08556a7f50 Allow redirect URIs with any port for loopback interfaces 2023-04-14 10:22:49 +02:00
Hugh Nimmo-Smith
4a6b4ee169 Lint 2023-04-06 16:24:18 +02:00
Hugh Nimmo-Smith
f74ad36aa3 Handle imported Synapse access/refresh tokens 2023-04-06 16:24:18 +02:00
Quentin Gliech
b5ba81e260 Fix clippy errors 2023-03-14 10:47:35 +01:00
Quentin Gliech
75e5f6836b handlers: Add test for the compatibility login API 2023-02-24 15:52:21 +01:00
Quentin Gliech
99e05b4a4f Fix the authorization grant template 
It previously relied on the client being in the authorization grant,
which is not the case anymore. This commit also adds a test to ensure
we're not breaking this template in the future.
 2023-01-31 16:50:48 +01:00
Quentin Gliech
6f6572ddda storage-pg: write tests for the OAuth2 repositories 2023-01-25 17:24:34 +01:00
Quentin Gliech
59ce524586 storage: split the repository trait 2023-01-24 16:05:14 +01:00
Quentin Gliech
34136a2a97 handlers: extract the PgRepository from the request 
Also fix a bunch of clippy errors & doctests
 2023-01-18 18:22:13 +01:00
Quentin Gliech
2265327bac handlers: box the rng and clock, and extract it from the state 2023-01-18 17:49:59 +01:00
Quentin Gliech
7099a8df20 Fix rustdoc lints 2023-01-18 12:25:49 +01:00
Quentin Gliech
8e5b3e46ea storage: remaining oauth2 repositories 
- authorization grants
 - access tokens
 - refresh tokens
 2023-01-12 18:26:04 +01:00
Quentin Gliech
af267657c5 storage: repository pattern for the compat layer 2023-01-12 15:41:26 +01:00
Quentin Gliech
3a1fc8982c storage: cleanup access/refresh token lookups 2023-01-11 12:14:52 +01:00
Quentin Gliech
f0a44fcd5e storage: do less joins in compat sessions 2023-01-10 18:49:35 +01:00
Quentin Gliech
2b2f452d96 data-model: have more structs use a state machine 2023-01-09 18:02:32 +01:00
Quentin Gliech
31779f5222 data-model: don't embed the client in the auth grant 2023-01-09 10:49:51 +01:00
Quentin Gliech
8b8b21329e storage: do less joins on authorization grants and refresh tokens 2023-01-05 16:49:19 +01:00
Quentin Gliech
644eb61dd4 storage: oauth2 session repository 2023-01-05 16:44:56 +01:00
Quentin Gliech
6053e24d73 storage: Load with less joins 
This is done to simplify some queries, to avoid loading more data than
necessary, and in preparation of a proper cache layer
 2023-01-04 18:06:17 +01:00
Quentin Gliech
f77923599b strorage: browser session and user password repositories 2023-01-03 15:58:01 +01:00
Quentin Gliech
bd7f949300 storage: user and user email repository 2023-01-02 15:28:44 +01:00
Quentin Gliech
79d72b9123 ci: Update clippy to 1.66 and fix new warnings 2022-12-16 18:16:18 +01:00
Quentin Gliech
6c00f677a2 Use the new password manager 2022-12-14 16:04:36 +01:00
Quentin Gliech
1f967deb57 data-model: simplify the authorization grants and sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech
584fba6ec7 data-model: simplify the oauth2 clients 2022-12-08 15:29:15 +01:00
Quentin Gliech
97b5f153a2 data-model: simplify the compat sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech
2c32ff4917 data-model: simplify users and sessions 2022-12-08 15:29:15 +01:00
Quentin Gliech
b19dd4f77e data-model: simplify tokens 2022-12-08 15:29:15 +01:00
Quentin Gliech
4dd6379d24 GraphQL API 2022-12-05 19:39:51 +01:00
Quentin Gliech
b9eda7c9e8 Save the ID token during an upstream authorization 2022-12-05 19:39:51 +01:00
Quentin Gliech
6aca90e4d9 OIDC account linking and login 2022-12-05 19:39:51 +01:00
Quentin Gliech
ae532a05f9 Lookup and save upstream links 2022-12-05 19:39:51 +01:00
Quentin Gliech
28704ab473 WIP: upstream OIDC provider support 2022-12-05 19:39:51 +01:00
Quentin Gliech
625f238eee More cleanups 2022-11-02 18:59:00 +01:00
Quentin Gliech
2bfd22a7df Cleanups 2022-11-02 18:59:00 +01:00
Quentin Gliech
9c27110993 Stop using Utc::now in templates samples 2022-11-02 18:59:00 +01:00
Quentin Gliech
fb5d6eac25 Pass the rng and clock around 2022-11-02 18:59:00 +01:00
Quentin Gliech
9ad66ed94d Database refactoring 2022-11-02 18:59:00 +01:00
Quentin Gliech
57bcedfe58 Make the JWK generic over the parameters 2022-09-02 15:37:46 +02:00
Quentin Gliech
2281ccfcbd Remove support for the token response type 2022-09-02 13:59:10 +02:00