letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
3,414 Commits 2 Branches 1 Tag
90fb2f03691c514bfe66d5f6d22c9ef41bd48745
Commit Graph

275 Commits

Author SHA1 Message Date
Quentin Gliech
9db14f6743 Rip out the email verification codes 
This considers all user_emails as confirmed, and removes the verification code.
It will be replaced by a new email authentication code flow
 2025-01-14 15:46:45 +01:00
Quentin Gliech
077a55fd5d Remove the primary email address concept 2025-01-13 17:00:30 +01:00
Quentin Gliech
28480e40af Make the rate limiter available to the GraphQL API handlers 2025-01-13 16:58:42 +01:00
Quentin Gliech
17430c21c5 Additional fields in the GraphQL API for upstream providers 2025-01-06 11:59:43 +01:00
Quentin Gliech
1e3d838c99 Allow longer & shorter usernames, complying with the MXID length spec 2025-01-06 10:15:08 +01:00
Mathieu Velten
33e1cdbf16 Allow response_mode to be null and if so do not add the query param (#3700) 2024-12-18 18:18:39 +01:00
Quentin Gliech
f563daf822 Make the issue optional on upstream OAuth 2.0 providers 2024-12-17 13:40:34 +01:00
Mathieu Velten
75ee9a1e58 Add id_token_signed_response_alg and userinfo_signed_response_alg (#3664) 2024-12-17 11:54:16 +01:00
Quentin Gliech
1c6a8000f0 Shutdown the server if any of the tasks crashes (#3672) 2024-12-17 09:11:08 +00:00
Quentin Gliech
f4a3a8bf64 Report version from git describe in metrics & CLI 2024-12-12 17:59:35 +01:00
Quentin Gliech
0435fa848d Move all the OTEL meters to crate-level statics 2024-12-12 16:04:48 +01:00
Quentin Gliech
8c358efd88 Update the rest of the OTEL deps and use the new APIs 2024-12-12 16:04:48 +01:00
Quentin Gliech
703bd743d6 Schedule jobs through the new queue 2024-12-06 16:24:26 +01:00
Quentin Gliech
b82483f936 Move the jobs types in the queue module 2024-12-06 16:24:26 +01:00
Quentin Gliech
312640605d Graceful shutdown 2024-12-06 16:24:26 +01:00
Quentin Gliech
2903ff5e7a Allow setting an explicit upstream account name (#3600) 2024-11-29 12:30:18 +01:00
Quentin Gliech
e39ea44e60 Make the id_token optional on upstream OAuth 2.0 providers 
This makes it possible to use non-OIDC providers as upstream OAuth 2.0 providers, like GitHub.
 2024-11-29 10:31:50 +01:00
Quentin Gliech
b90dd98d0e Concatenate arrays in the config when loading multiple files 2024-11-28 17:03:42 +01:00
Mathieu Velten
f832666a86 Add fetch_userinfo to upstream SSO provider (#3363) 2024-11-26 15:01:03 +00:00
Quentin Gliech
ec28c30e3c Allow setting the response_mode on upstream OAuth 2.0 providers 2024-11-22 08:48:00 +01:00
Quentin Gliech
dddd9fe998 Support Sign in with Apple 2024-11-22 08:48:00 +01:00
Quentin Gliech
a88b7efe1e Replace all the manual HTTP clients with reqwest 2024-10-28 13:46:38 +01:00
Quentin Gliech
248e03ac93 Replace HTTP client in oidc-client with reqwest 2024-10-28 13:46:38 +01:00
Quentin Gliech
34ab23d97c Better error when the email addresses in the config are invalid 2024-10-22 16:19:43 +02:00
Quentin Gliech
7babcf1d35 Add a CLI tool to add an email address to a user 2024-10-22 16:19:26 +02:00
Quentin Gliech
f0e2f6a2f0 Use CancellationToken and a TaskTracker to handle graceful shutdowns 2024-10-10 10:49:41 +02:00
Quentin Gliech
9e1cd0cdec Move the remaining mentions of matrix-org to element-hq 2024-09-10 14:28:55 +02:00
Quentin Gliech
9a946c19e7 Remove (C) 2024-09-10 14:28:55 +02:00
Quentin Gliech
9da19e2af0 License headers change 2024-09-05 13:25:42 +02:00
reivilibre
8f0d7800ff Add configuration for rate-limiting of logins, replacing hardcoded limits (#3090) 2024-08-07 18:36:02 +01:00
Quentin Gliech
58b673d54d Disallow OAuth 2.0 use of the GraphQL API by default 2024-08-07 18:09:51 +02:00
Quentin Gliech
f9d23a87d0 Make the optional configuration sections really optional 2024-08-01 15:00:16 +02:00
Quentin Gliech
a8cf8c519a Move the account-related options out of experimental 2024-08-01 14:50:21 +02:00
Quentin Gliech
58ba68b938 Call retain_recent periodically on rate limiters 2024-07-26 13:56:45 +02:00
Quentin Gliech
0b55719b12 Rate-limit password-based login attempts 2024-07-26 13:56:45 +02:00
Quentin Gliech
c8b4a17a55 config: allow serving the admin API routes 2024-07-26 11:36:55 +02:00
Quentin Gliech
678753c2e1 storage: freeze the error type on BoxRepository 
This avoids having to deal with traits bounds everywhere. It also moves
the `boxed()` method to the PgRepository, because it was unnecessary to
keep it on the `Repository` trait
 2024-07-26 11:36:55 +02:00
Quentin Gliech
00f4265bcc OTEL: remove custom Header{Injector,Extractor} implementations 2024-07-25 11:27:07 +02:00
Quentin Gliech
1381e92409 Update opentelemetry to 0.24.0 2024-07-25 11:01:43 +02:00
reivilibre
fbd57ad51a Remove OPA-based password policy enforcement (#2875) 
Co-authored-by: Quentin Gliech <quenting@element.io>
 2024-07-16 14:33:04 +01:00
Quentin Gliech
450fcaafc7 Make mas-cli manage kill-sessions finish sessions in bulk 2024-07-16 14:13:11 +02:00
Quentin Gliech
98d66c1356 Add a way to reactivate users on the homeserver 2024-07-16 13:20:28 +02:00
Quentin Gliech
f5e189304e Fully sync the devices with the homeserver 2024-07-16 09:32:07 +02:00
reivilibre
a4891fa9ef Backend work to support minimum password complexity (#2965) 
* config: Add minimum password complexity option

* PasswordManager: add function for checking if complexity is sufficient

* Enforce password complexity on registration, change and recovery

* cli: Use exit code 1 for weak passwords

This seems preferable to exit code 0, but ideally we should choose one
and document it.

* Expose minimum password complexity score over GraphQL
 2024-07-11 10:17:39 +01:00
Quentin Gliech
85186682d7 Fix mas-cli 
This does a few things:

 - move `bytes` to workspace dependencies
 - write an hyper-based transport for Sentry
 - ignore OTEL errors related to propagations
 - fix everything else in mas-cli
 2024-07-05 10:07:40 +02:00
Quentin Gliech
5162e1d5ef Write an adapter for opentelemetry-http 2024-07-05 10:07:40 +02:00
Quentin Gliech
cb92ef9df6 Box the CLI command futures to reduce the size of the try_main future 2024-07-05 09:54:18 +02:00
Quentin Gliech
65c416ff2e New config options to set the database certificates 2024-07-05 09:54:18 +02:00
Quentin Gliech
d966130e9f Bump the other opentelemetry crates 2024-06-28 17:22:02 +02:00
Quentin Gliech
041c74e7b2 Gate account recovery behing a configuration flag 2024-06-28 15:59:21 +02:00