letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
933 Commits 2 Branches 1 Tag
b9eda7c9e89fb4cf61baaa9436c8a87efb193b8c
Commit Graph

693 Commits

Author SHA1 Message Date
Quentin Gliech
b9eda7c9e8 Save the ID token during an upstream authorization 2022-12-05 19:39:51 +01:00
Quentin Gliech
6aca90e4d9 OIDC account linking and login 2022-12-05 19:39:51 +01:00
Quentin Gliech
19f5e2d417 WIP: handle account linking 2022-12-05 19:39:51 +01:00
Quentin Gliech
ae532a05f9 Lookup and save upstream links 2022-12-05 19:39:51 +01:00
Quentin Gliech
d8550778ea Remove the ServerLayer from mas-http 2022-12-05 19:39:51 +01:00
Quentin Gliech
05ea35690b Add a global HTTP client factory 2022-12-05 19:39:51 +01:00
Quentin Gliech
0cfbf17a13 Cleanup HTTP client building 2022-12-05 19:39:51 +01:00
Quentin Gliech
9461b5566f Refactor the provider client credentials extraction 2022-12-05 19:39:51 +01:00
Quentin Gliech
28704ab473 WIP: upstream OIDC provider support 2022-12-05 19:39:51 +01:00
Quentin Gliech
44cf4e3d3c Move the BoxCloneSyncService to mas-http 2022-12-05 19:39:51 +01:00
dependabot[bot]
fc948f12b4 Bump tower-http from 0.3.4 to 0.3.5 
Bumps [tower-http](https://github.com/tower-rs/tower-http) from 0.3.4 to 0.3.5.
- [Release notes](https://github.com/tower-rs/tower-http/releases)
- [Commits](https://github.com/tower-rs/tower-http/compare/tower-http-0.3.4...tower-http-0.3.5)

---
updated-dependencies:
- dependency-name: tower-http
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-12-03 12:12:29 +01:00
dependabot[bot]
a138939311 Bump axum-extra from 0.4.1 to 0.4.2 
Bumps [axum-extra](https://github.com/tokio-rs/axum) from 0.4.1 to 0.4.2.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-extra-v0.4.1...axum-extra-v0.4.2)

---
updated-dependencies:
- dependency-name: axum-extra
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-12-03 12:12:16 +01:00
Quentin Gliech
72773d589f Make the OIDC issuer a string instead of a URL 2022-12-02 18:04:07 +01:00
Quentin Gliech
860239cdc1 Apply suggestions from code review 
Co-authored-by: Kévin Commaille <76261501+zecakeh@users.noreply.github.com>
 2022-12-01 14:34:19 +01:00
Quentin Gliech
559fef6ada Use associated error type in claims validator instead of anyhow. 2022-12-01 14:34:19 +01:00
Kévin Commaille
b6c41d61a7 Add OneOrMany contains claim validator 2022-12-01 11:28:07 +01:00
Kévin Commaille
0774910657 Add equality claim validator 2022-12-01 11:28:07 +01:00
Kévin Commaille
2aa7bb338a Make sure Scope and InvalidScope are reexported from mas-oidc-client 2022-12-01 10:45:38 +01:00
Kévin Commaille
3530f354f3 Make sure all types of oauth2-types are documented 2022-12-01 10:45:38 +01:00
dependabot[bot]
7b70bcc22d Bump async-graphql from 5.0.1 to 5.0.2 
Bumps [async-graphql](https://github.com/async-graphql/async-graphql) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/async-graphql/async-graphql/releases)
- [Changelog](https://github.com/async-graphql/async-graphql/blob/master/CHANGELOG.md)
- [Commits](https://github.com/async-graphql/async-graphql/commits)

---
updated-dependencies:
- dependency-name: async-graphql
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-30 22:19:48 +01:00
dependabot[bot]
e1e0576f3e Bump axum-extra from 0.4.0 to 0.4.1 
Bumps [axum-extra](https://github.com/tokio-rs/axum) from 0.4.0 to 0.4.1.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-extra-v0.4.0...axum-extra-v0.4.1)

---
updated-dependencies:
- dependency-name: axum-extra
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-30 00:07:19 +01:00
dependabot[bot]
d090a508aa Bump axum from 0.6.0 to 0.6.1 
Bumps [axum](https://github.com/tokio-rs/axum) from 0.6.0 to 0.6.1.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-v0.6.0...axum-v0.6.1)

---
updated-dependencies:
- dependency-name: axum
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-29 23:48:02 +01:00
dependabot[bot]
60e0a49324 Bump async-trait from 0.1.58 to 0.1.59 
Bumps [async-trait](https://github.com/dtolnay/async-trait) from 0.1.58 to 0.1.59.
- [Release notes](https://github.com/dtolnay/async-trait/releases)
- [Commits](https://github.com/dtolnay/async-trait/compare/0.1.58...0.1.59)

---
updated-dependencies:
- dependency-name: async-trait
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-29 22:33:19 +01:00
dependabot[bot]
003d8d71db Bump clap from 4.0.27 to 4.0.29 
Bumps [clap](https://github.com/clap-rs/clap) from 4.0.27 to 4.0.29.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v4.0.27...v4.0.29)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-29 22:33:03 +01:00
dependabot[bot]
346dbb2e9f Bump async-graphql from 5.0.0 to 5.0.1 
Bumps [async-graphql](https://github.com/async-graphql/async-graphql) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/async-graphql/async-graphql/releases)
- [Changelog](https://github.com/async-graphql/async-graphql/blob/master/CHANGELOG.md)
- [Commits](https://github.com/async-graphql/async-graphql/commits)

---
updated-dependencies:
- dependency-name: async-graphql
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-29 09:38:36 +01:00
Quentin Gliech
2fcede2788 Bump axum to 0.6.0 2022-11-29 09:37:12 +01:00
dependabot[bot]
c52a73c286 Bump clap from 4.0.26 to 4.0.27 
Bumps [clap](https://github.com/clap-rs/clap) from 4.0.26 to 4.0.27.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v4.0.26...v4.0.27)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-29 09:10:29 +01:00
dependabot[bot]
fd616a8e3c Bump async-graphql from 4.0.16 to 5.0.0 
Bumps [async-graphql](https://github.com/async-graphql/async-graphql) from 4.0.16 to 5.0.0.
- [Release notes](https://github.com/async-graphql/async-graphql/releases)
- [Changelog](https://github.com/async-graphql/async-graphql/blob/master/CHANGELOG.md)
- [Commits](https://github.com/async-graphql/async-graphql/commits/v5.0.0)

---
updated-dependencies:
- dependency-name: async-graphql
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-29 09:10:21 +01:00
dependabot[bot]
58520a2619 Bump insta from 1.21.1 to 1.21.2 
Bumps [insta](https://github.com/mitsuhiko/insta) from 1.21.1 to 1.21.2.
- [Release notes](https://github.com/mitsuhiko/insta/releases)
- [Changelog](https://github.com/mitsuhiko/insta/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mitsuhiko/insta/compare/1.21.1...1.21.2)

---
updated-dependencies:
- dependency-name: insta
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-29 09:10:16 +01:00
dependabot[bot]
27365982ee Bump serde from 1.0.147 to 1.0.148 
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.147 to 1.0.148.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.147...v1.0.148)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-29 09:10:09 +01:00
dependabot[bot]
9a2b92cc62 Bump serde_json from 1.0.88 to 1.0.89 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.88 to 1.0.89.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.88...v1.0.89)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-24 08:32:02 +01:00
Kévin Commaille
aa5c0f2f4f Create mas-oidc-client crate 
Methods to interact as an RP with an OIDC OP.
 2022-11-21 16:12:35 +01:00
Kévin Commaille
52d930c4c6 Don't leak secrets in requests Debug format 2022-11-21 16:12:35 +01:00
Kévin Commaille
e99f2366c3 Export NoKeyWorked error type 2022-11-21 16:12:35 +01:00
dependabot[bot]
85a6003622 Bump bytes from 1.2.1 to 1.3.0 
Bumps [bytes](https://github.com/tokio-rs/bytes) from 1.2.1 to 1.3.0.
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/bytes/commits)

---
updated-dependencies:
- dependency-name: bytes
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-21 15:09:28 +01:00
Quentin Gliech
7685fe5c9f Migrate to axum 0.6.0-rc.5 2022-11-21 15:04:16 +01:00
dependabot[bot]
edf3b6b28c Bump axum from 0.6.0-rc.4 to 0.6.0-rc.5 
Bumps [axum](https://github.com/tokio-rs/axum) from 0.6.0-rc.4 to 0.6.0-rc.5.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-v0.6.0-rc.4...axum-v0.6.0-rc.5)

---
updated-dependencies:
- dependency-name: axum
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-21 15:04:16 +01:00
Quentin Gliech
412bb92bf8 Disable the Prometheus feature by default 
It remains enabled in the Docker image, but this avoids having to have
protoc installed to build the binary
 2022-11-19 00:11:04 +01:00
Quentin Gliech
4420c21333 Also disable otlp exporter by default 2022-11-18 23:47:47 +01:00
dependabot[bot]
b65da969ba Bump tokio from 1.21.2 to 1.22.0 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.21.2 to 1.22.0.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.21.2...tokio-1.22.0)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-18 23:22:14 +01:00
Quentin Gliech
c1aad59e18 Do not embed the templates and static files in the binary 2022-11-18 22:37:55 +01:00
Quentin Gliech
44d397b54c Do not embed the WASM-compiled policies in the binary 2022-11-18 22:37:55 +01:00
Quentin Gliech
9d97e4a0e8 Switch to camino's Utf8Path* instead of std::path::Path* 2022-11-18 19:02:26 +01:00
Quentin Gliech
c611b292f4 Bump the latest axum rc 2022-11-18 14:57:22 +01:00
Quentin Gliech
28a9d54072 Serve the SPA by the server 2022-11-18 13:43:01 +01:00
Quentin Gliech
e37201b5c0 Allow fetching more nodes by their IDs 2022-11-18 13:43:01 +01:00
Quentin Gliech
a0ae4dd4fa OAuth and browser session lists 2022-11-18 13:43:01 +01:00
Quentin Gliech
65a3011173 Simple list of compat sessions 2022-11-18 13:43:01 +01:00
Quentin Gliech
f33810ce1a Lint GraphQL schema and operations with eslint 2022-11-18 13:43:01 +01:00
dependabot[bot]
5b156ffe5c Bump serde_with from 2.0.1 to 2.1.0 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 2.0.1 to 2.1.0.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v2.0.1...v2.1.0)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-17 20:42:01 +01:00