letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
NaN Commits 2 Branches 1 Tag
bdb44498b8fab0957aee4f447fe21d164f0348b5
Commit Graph

121 Commits

Author SHA1 Message Date
Quentin Gliech
bdb44498b8 Automatically derive the kid from the key fingerprint if missing (#4876) 2025-09-02 17:04:35 +02:00
Kai A. Hiller
897d6de572 Switch to JWK Thumbprints 2025-08-20 18:22:21 +02:00
Quentin Gliech
8dd096ce60 Fix a few more clippy lints 2025-08-18 10:45:20 +02:00
Kai A. Hiller
968968bdbb Auto-generate kid if not given 2025-08-08 11:38:45 +02:00
Quentin Gliech
c93b051da4 Merge branch 'main' into secret_file 2025-08-05 15:37:32 +02:00
Quentin Gliech
9d6c357f45 Make MAS use the modern Synapse API by default 2025-08-05 15:03:32 +02:00
Quentin Gliech
f610994a0f Merge branch 'main' into secret_file 2025-08-05 11:17:39 +02:00
Kai A. Hiller
dd040220db Add clients.[].client_secret_file config option 2025-08-04 19:32:39 +02:00
Kai A. Hiller
357420a56f Add matrix.secret_file config option 2025-07-29 19:46:07 +02:00
Quentin Gliech
6ffe95cdc6 Merge branch 'main' into feat/allow_override_user 2025-07-21 17:03:35 +02:00
Quentin Gliech
942287f99b Threaten to switch to using the modern API in a few releases. 2025-07-21 13:15:48 +02:00
mcalinghee
1886e73e40 allow importing existing users when the localpart matches in upstream OAuth 2.0 logins 2025-07-21 09:52:24 +02:00
Quentin Gliech
85287c5471 Use the new dedicated Synapse API 2025-07-18 16:39:24 +02:00
Quentin Gliech
e8627166a9 Log out oauth & compat sessions when receiving a backchannel logout request 2025-07-04 16:27:10 +02:00
Quentin Gliech
db8c557f81 Backchannel logout behavior settings on upstream providers 2025-07-04 16:27:10 +02:00
Quentin Gliech
a12b50147a Remove optional features from mas-iana & regenerate 
Also ignores 'TEMPORARY' items in the IANA registry
 2025-06-10 14:25:38 +02:00
Quentin Gliech
642c8ba508 Support for experimental plan management tab in UI (#4549) 2025-06-10 14:14:24 +02:00
Hugh Nimmo-Smith
0551b93cae Update schemas 2025-06-06 10:45:23 +01:00
Quentin Gliech
186b5cbdbe Add secrets.encryption_file config option (#4617) 2025-06-05 15:14:55 +02:00
Quentin Gliech
65ec6c187c config: Refactor parsing of secrets section (#4602) 2025-06-05 15:13:00 +02:00
Kai A. Hiller
67874be00f Skip encryption serialization if None 
Signed-off-by: Kai A. Hiller <git@kaialexhiller.de>
 2025-06-04 11:53:43 +02:00
Quentin Gliech
dcef4bcf3f Add config flag to require registration tokens for password registrations 2025-06-03 17:42:53 +02:00
Kai A. Hiller
1d88c875e8 Add secrets.encryption_file config option 
Signed-off-by: Kai A. Hiller <git@kaialexhiller.de>
 2025-06-02 18:39:19 +02:00
Kai A. Hiller
c448bd69bf Refactor key options in secret config 
Signed-off-by: Kai A. Hiller <git@kaialexhiller.de>
 2025-06-02 14:06:43 +02:00
Kai A. Hiller
647f415892 Refactor password options in secret config 
Signed-off-by: Kai A. Hiller <git@kaialexhiller.de>
 2025-06-02 14:06:43 +02:00
Kai A. Hiller
d46f66a056 Add KeyConfig doc comment 
Signed-off-by: Kai A. Hiller <git@kaialexhiller.de>
 2025-06-02 14:06:43 +02:00
Quentin Gliech
f63b466145 Allow applying unicode normalisation to passwords before hashing 2025-05-30 15:42:32 +02:00
Hugh Nimmo-Smith
aad2d8afb3 Merge branch 'main' into hughns/plan-management 2025-05-09 10:33:39 +01:00
Quentin Gliech
4d0bce9382 Make the default scope on upstream providers config openid 2025-05-07 15:34:30 +02:00
Doug
a826b99319 Update the login schema docs. 2025-05-07 10:21:40 +01:00
Doug
b16492a62c Generate the schema (which fixes a typo amongst other things 🤦‍♂️) 2025-05-06 18:03:53 +01:00
Doug
7f91c8948b Add a configuration for forwarding the login hint to the upstream provider. 2025-05-06 17:50:33 +01:00
Quentin Gliech
aba9ca38e6 Insert client_name when upserting statically registered clients (#4417) 2025-04-30 11:50:49 +02:00
Hugh Nimmo-Smith
57cc89a0c8 WIP support for experimental plan management tab in UI 2025-04-22 13:17:29 +01:00
Quentin Gliech
0792171f91 Move the synapse_idp_id field to the top of the provider section 
This means that when serializing those, it will be at a more obvious place.
 2025-04-18 18:25:46 +02:00
Quentin Gliech
a061db35d7 Make a few password-related options public in the config crate 
It also adds docs to a few of those options
 2025-04-18 18:24:35 +02:00
Adis Veletanlic
e495b66ad1 Run ./misc/update.sh 2025-04-16 13:16:43 +02:00
Adis Veletanlic
1611bb652a Format project and run misc/update.sh 2025-04-14 13:41:43 +02:00
Adis Veletanlic
05ab1ec3a9 Add private_key_file option for apple sso and edit docs 2025-04-14 12:21:00 +02:00
mcalinghee
2fe4752aa4 add login by email + feature flag 2025-04-10 17:57:58 +02:00
Quentin Gliech
4f3dcc3a4b Expose more Sentry configuration (#4352) 2025-04-07 08:50:27 +02:00
hummingbard
204b7c54b5 Added Discord to default upstream oauth2 providers, regenerated config schema 2025-04-06 23:21:12 +06:00
Quentin Gliech
d5017bb623 Allow setting the OTLP tracing sample rate 2025-04-05 23:19:50 +02:00
Quentin Gliech
05b7d2d1ec Allow setting the Sentry environment & sample rates 
Also record the version in the Sentry release field.
 2025-04-05 23:19:16 +02:00
Quentin Gliech
25fd400ffb Change the default value of account_deactivation_allowed to true. 2025-03-13 12:04:57 +01:00
Quentin Gliech
a6992b718c Config option to allow account self-deactivation 2025-03-12 15:58:54 +01:00
Quentin Gliech
588a04b0ba Allow configuring the connection to the homeserver to be read-only. 2025-03-03 17:24:15 +01:00
Quentin Gliech
2a202cc6b0 Upgrade OpenTelemetry to 0.28 2025-02-24 10:44:08 +01:00
Quentin Gliech
b40fcdd712 Experimental feature to timeout inactive sessions 2025-02-12 17:31:21 +01:00
reivilibre
163b9e8849 Add pre-migration checks to syn2mas (#3805) 
This matches or exceeds `advisor.mts` from the old tool.

Co-authored-by: Quentin Gliech <quenting@element.io>
 2025-01-27 18:01:46 +00:00