Quentin Gliech
a4bece6a77
Add translatable errors for the email policy constraints
2025-02-17 15:53:57 +01:00
Quentin Gliech
3a4aba049c
Expose the user agent string to the policy execution context
2025-02-17 11:51:26 +01:00
Quentin Gliech
e74ddb832a
Merge the GraphQL requester and requester fingerprint into a single struct
2025-02-17 10:37:43 +01:00
Quentin Gliech
b1b7bf5725
Allow banning registrations by IP address
2025-02-17 10:18:11 +01:00
Quentin Gliech
fa85d60652
Remove the unused password input schema
2025-02-17 10:17:30 +01:00
Quentin Gliech
72384b8e03
Pass an input object to the policy evaluation instead of multiple arguments
2025-02-14 17:15:26 +01:00
Quentin Gliech
b8fb25faed
Don't block the upstream oauth registration if the suggested username is invalid
2025-02-14 17:14:09 +01:00
Quentin Gliech
9e81369c60
Fix the HTTP status code for the user creation admin endpoint ( #4040 )
2025-02-14 15:01:58 +01:00
Quentin Gliech
281ed7bc17
Fix the HTTP status code for the user creation admin endpoint
2025-02-14 14:54:22 +01:00
Quentin Gliech
69a4b28691
Admin API to add user emails
2025-02-14 14:50:47 +01:00
Quentin Gliech
78f30e58dd
Admin API to delete user emails
2025-02-14 14:50:46 +01:00
dependabot[bot]
84e2f69f48
build(deps): bump psl from 2.1.84 to 2.1.85
...
Bumps [psl](https://github.com/addr-rs/psl ) from 2.1.84 to 2.1.85.
- [Release notes](https://github.com/addr-rs/psl/releases )
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.84...v2.1.85 )
---
updated-dependencies:
- dependency-name: psl
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-13 13:41:59 +00:00
Quentin Gliech
c7d2ad7c5c
Only expire sessions from dynamic clients
2025-02-12 17:31:21 +01:00
Quentin Gliech
9fea06693b
Allow filtering sessions by client kind (dynamic or static)
2025-02-12 17:31:21 +01:00
Quentin Gliech
b40fcdd712
Experimental feature to timeout inactive sessions
2025-02-12 17:31:21 +01:00
Quentin Gliech
d8b9bb1d9a
Setup job to expire inactive browser sessions
2025-02-12 14:03:41 +01:00
Quentin Gliech
dcc23421c9
Setup a job to expire compatibility sessions
2025-02-12 13:57:36 +01:00
Quentin Gliech
0a624eb92c
Setup a job to expire OAuth 2.0 sessions
2025-02-12 13:47:48 +01:00
Quentin Gliech
70936ba0f7
Allow filtering OAuth sessions with any/no user
2025-02-12 13:00:22 +01:00
Quentin Gliech
5e9cc91979
Allow filtering by subject in the upstream OAuth links admin API
2025-02-12 11:07:11 +01:00
Quentin Gliech
903b48792a
storage: allow filtering upstream OAuth links by subject
2025-02-12 11:01:53 +01:00
Quentin Gliech
1f36463e8f
Admin API to list and get upstream OAuth links
2025-02-12 10:51:31 +01:00
Quentin Gliech
a398d8d579
Fix the user session admin API docs
2025-02-11 17:09:33 +01:00
Quentin Gliech
487d1633e2
Admin API to list and get user sessions ( #4004 )
...
Similar to #4002 , this adds an admin API to list and get user (browser
cookies) sessions
2025-02-11 16:38:21 +01:00
Quentin Gliech
a2a83583ef
Fix the upstream OAuth 2.0 callback form deserialisation ( #4010 )
...
Fixes #3957
This was broken since #3893
2025-02-11 15:36:43 +01:00
dependabot[bot]
c5fa9e38bd
build(deps): bump psl from 2.1.83 to 2.1.84
...
Bumps [psl](https://github.com/addr-rs/psl ) from 2.1.83 to 2.1.84.
- [Release notes](https://github.com/addr-rs/psl/releases )
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.83...v2.1.84 )
---
updated-dependencies:
- dependency-name: psl
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-11 14:15:49 +00:00
Quentin Gliech
190bc550ac
Fix the upstream OAuth 2.0 callback form deserialisation
2025-02-11 15:13:43 +01:00
Quentin Gliech
c48e063d3a
Admin API to list and get user sessions
2025-02-11 14:24:16 +01:00
Quentin Gliech
bf900e7e5a
Fix the definition of the set-password success response in the OpenAPI spec
2025-02-11 13:54:15 +01:00
Quentin Gliech
38daf613af
Admin API to list and get compatibility sessions
2025-02-11 12:01:54 +01:00
Quentin Gliech
4b9f91a3b6
build(deps): bump psl from 2.1.82 to 2.1.83 ( #3986 )
...
Bumps [psl](https://github.com/addr-rs/psl ) from 2.1.82 to 2.1.83.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ce4c61043fb460f6bbf5https://github.com/addr-rs/psl/compare/v2.1.82...v2.1.83 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
2025-02-10 17:26:47 +01:00
Quentin Gliech
a67c00d4da
build(deps): bump p384 from 0.13.0 to 0.13.1 ( #3987 )
...
Bumps [p384](https://github.com/RustCrypto/elliptic-curves ) from 0.13.0
to 0.13.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d439608563https://redirect.github.com/RustCrypto/elliptic-curves/issues/864 ">#864</a>)</li>
<li><a
href="6e6886563bhttps://redirect.github.com/RustCrypto/elliptic-curves/issues/863 ">#863</a>)</li>
<li><a
href="b9fcdd3b8ahttps://redirect.github.com/RustCrypto/elliptic-curves/issues/862 ">#862</a>)</li>
<li><a
href="c17e54adc7https://redirect.github.com/RustCrypto/elliptic-curves/issues/861 ">#861</a>)</li>
<li><a
href="c7019c1a66https://redirect.github.com/RustCrypto/elliptic-curves/issues/860 ">#860</a>)</li>
<li><a
href="a0931eeb4dhttps://redirect.github.com/RustCrypto/elliptic-curves/issues/859 ">#859</a>)</li>
<li><a
href="0f9dfa440fhttps://redirect.github.com/RustCrypto/elliptic-curves/issues/858 ">#858</a>)</li>
<li><a
href="0e0a1a5977https://redirect.github.com/RustCrypto/elliptic-curves/issues/856 ">#856</a>)</li>
<li><a
href="fbc5d26ee7https://redirect.github.com/RustCrypto/elliptic-curves/issues/857 ">#857</a>)</li>
<li><a
href="655a7d6da5https://redirect.github.com/RustCrypto/elliptic-curves/issues/855 ">#855</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/RustCrypto/elliptic-curves/compare/p384/v0.13.0...sm2/v0.13.1 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
2025-02-10 17:26:36 +01:00
Quentin Gliech
c9c622bd1b
build(deps): bump data-encoding from 2.7.0 to 2.8.0 ( #4000 )
...
Bumps [data-encoding](https://github.com/ia0/data-encoding ) from 2.7.0
to 2.8.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="284f84626ahttps://redirect.github.com/ia0/data-encoding/issues/134 ">#134</a>)</li>
<li><a
href="b6f9f3b9d6https://redirect.github.com/ia0/data-encoding/issues/133 ">#133</a>)</li>
<li><a
href="c060e6873chttps://redirect.github.com/ia0/data-encoding/issues/132 ">#132</a>)</li>
<li><a
href="d62d722222https://redirect.github.com/ia0/data-encoding/issues/131 ">#131</a>)</li>
<li><a
href="5e86676a34https://redirect.github.com/ia0/data-encoding/issues/130 ">#130</a>)</li>
<li><a
href="8a9537cf64https://redirect.github.com/ia0/data-encoding/issues/129 ">#129</a>)</li>
<li><a
href="27a68f43cdhttps://redirect.github.com/ia0/data-encoding/issues/128 ">#128</a>)</li>
<li><a
href="06b0d89b11https://redirect.github.com/ia0/data-encoding/issues/127 ">#127</a>)</li>
<li>See full diff in <a
href="https://github.com/ia0/data-encoding/compare/v2.7.0...v2.8.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
2025-02-10 17:25:14 +01:00
Quentin Gliech
845f0c274b
Admin API to list and get user emails
2025-02-10 17:13:55 +01:00
dependabot[bot]
4cd144c4dc
build(deps): bump data-encoding from 2.7.0 to 2.8.0
...
Bumps [data-encoding](https://github.com/ia0/data-encoding ) from 2.7.0 to 2.8.0.
- [Commits](https://github.com/ia0/data-encoding/compare/v2.7.0...v2.8.0 )
---
updated-dependencies:
- dependency-name: data-encoding
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-10 14:14:02 +00:00
Quentin Gliech
ad48e89aa6
Pass the migration state as owned to the various stages
2025-02-10 10:14:20 +01:00
Quentin Gliech
c6fdd82432
Encapsulate migration state in a single structure
2025-02-07 15:02:30 +01:00
dependabot[bot]
5bee95f650
build(deps): bump p384 from 0.13.0 to 0.13.1
...
Bumps [p384](https://github.com/RustCrypto/elliptic-curves ) from 0.13.0 to 0.13.1.
- [Commits](https://github.com/RustCrypto/elliptic-curves/compare/p384/v0.13.0...sm2/v0.13.1 )
---
updated-dependencies:
- dependency-name: p384
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-07 13:17:14 +00:00
dependabot[bot]
7a5306e302
build(deps): bump psl from 2.1.82 to 2.1.83
...
Bumps [psl](https://github.com/addr-rs/psl ) from 2.1.82 to 2.1.83.
- [Release notes](https://github.com/addr-rs/psl/releases )
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.82...v2.1.83 )
---
updated-dependencies:
- dependency-name: psl
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-07 13:16:35 +00:00
Quentin Gliech
d1d73af3ce
Remove the lifetime parameter from MasWriter
2025-02-07 12:57:21 +01:00
Quentin Gliech
260834bc01
Make the MAS connection owned in the locked database struct
2025-02-07 12:53:51 +01:00
Quentin Gliech
cc618fa45d
Update most Rust dependencies & disable some unused features
2025-02-06 12:50:50 +01:00
dependabot[bot]
8b229eddaf
build(deps): bump uuid from 1.12.1 to 1.13.1
...
Bumps [uuid](https://github.com/uuid-rs/uuid ) from 1.12.1 to 1.13.1.
- [Release notes](https://github.com/uuid-rs/uuid/releases )
- [Commits](https://github.com/uuid-rs/uuid/compare/1.12.1...1.13.1 )
---
updated-dependencies:
- dependency-name: uuid
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-05 13:31:06 +00:00
Quentin Gliech
9fbb1e73df
Merge pull request #3926 from element-hq/rei/syn2mas_8_atrtdevs
...
syn2mas: migrate access tokens, refresh tokens and devices
2025-02-05 11:57:59 +01:00
Olivier 'reivilibre
dacfa9045d
Don't return errors when finding rows dependent upon appservice users
2025-02-05 11:42:04 +01:00
Olivier 'reivilibre
ac58b4f326
Support reading and writing guests
2025-02-05 11:41:52 +01:00
Olivier 'reivilibre
dc305ddc40
Split access tokens between refreshable and unrefreshable ones
2025-02-05 11:41:45 +01:00
Olivier 'reivilibre
73ccecf8e8
Add MasWriter support for compat refresh tokens + some migration progress
2025-02-05 11:38:50 +01:00
Olivier 'reivilibre
900413cc43
Add MasWriter support for compat access tokens
2025-02-05 11:38:06 +01:00
Olivier 'reivilibre
0cd8106624
Add MasWriter support for compat sessions
2025-02-05 11:37:59 +01:00
