letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
732 Commits 2 Branches 1 Tag
df47791e7c8ba1c6d4e687f03e4baaaa295f4552
Commit Graph

732 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kévin Commaille
df47791e7c Add variants for unknown values on mas-iana types 
Remove the Copy derive and mark enums as non-exhaustive.
 2022-09-28 13:43:39 +02:00
Quentin Gliech
01d464c887 Gate the prometheus exporter behind a feature 
Also fixes the Docker image building and the CI builds
 2022-09-28 11:13:53 +02:00
Quentin Gliech
19f5d6cd36 Move the in-flight counter decrement to a drop guard 2022-09-28 11:13:53 +02:00
Quentin Gliech
f5eb93d754 HTTP metrics & other stuff 2022-09-28 11:13:53 +02:00
Quentin Gliech
fa39c127d3 Prometheus exporter & other stuff 2022-09-28 11:13:53 +02:00
Quentin Gliech
534604ca09 WIP: bump OTEL 2022-09-28 11:13:53 +02:00
dependabot[bot]
25d3e6ae65 Bump k256 from 0.11.5 to 0.11.6 
Bumps [k256](https://github.com/RustCrypto/elliptic-curves) from 0.11.5 to 0.11.6.
- [Release notes](https://github.com/RustCrypto/elliptic-curves/releases)
- [Commits](https://github.com/RustCrypto/elliptic-curves/compare/k256/v0.11.5...k256/v0.11.6)

---
updated-dependencies:
- dependency-name: k256
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-28 00:24:21 +02:00
Kévin Commaille
5265547517 Allow access token types in introspection auth methods 2022-09-27 19:11:32 +02:00
Quentin Gliech
f2b3649d75 Bump MSRV to 1.61.0 2022-09-27 19:05:25 +02:00
Quentin Gliech
8adc54b479 ci: do not run the tests with --all-features 2022-09-27 19:05:25 +02:00
Quentin Gliech
6f5b3636ba Simplify the HTTP client building 
Also supports loading the WebPKI roots instead of the native ones for
TLS
 2022-09-27 19:05:25 +02:00
dependabot[bot]
2a6f5fcbee Bump autoprefixer from 10.4.11 to 10.4.12 in /crates/static-files 
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 10.4.11 to 10.4.12.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/10.4.11...10.4.12)

---
updated-dependencies:
- dependency-name: autoprefixer
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-27 18:56:56 +02:00
dependabot[bot]
87055c0dfe Bump sigstore/cosign-installer from 2.6.0 to 2.7.0 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.6.0 to 2.7.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v2.6.0...v2.7.0)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-27 18:56:18 +02:00
Quentin Gliech
b2d61a6b6f Bump AWS crates 2022-09-27 18:30:25 +02:00
Quentin Gliech
87fd36ca4a Bump Crypto crates 2022-09-27 18:27:52 +02:00
Kévin Commaille
fb26be3c45 Export list of supported algorithms from mas-jose 2022-09-16 11:48:06 +02:00
Kévin Commaille
f47d57e80c Add types for the Device Authorization flow 2022-09-16 11:47:31 +02:00
Kévin Commaille
6419ef80ba Fix intra-doc broken link in mas-jose 2022-09-16 11:45:53 +02:00
dependabot[bot]
84835c9467 Bump autoprefixer from 10.4.9 to 10.4.11 in /crates/static-files 
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 10.4.9 to 10.4.11.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/10.4.9...10.4.11)

---
updated-dependencies:
- dependency-name: autoprefixer
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-15 07:34:10 +02:00
dependabot[bot]
abcc2f7cf0 Bump tokio from 1.21.0 to 1.21.1 
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.21.0 to 1.21.1.
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.21.0...tokio-1.21.1)

---
updated-dependencies:
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-14 09:05:25 +02:00
dependabot[bot]
63f5e57412 Bump thiserror from 1.0.34 to 1.0.35 
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.34 to 1.0.35.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.34...1.0.35)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-14 08:42:55 +02:00
dependabot[bot]
bc7fe404aa Bump clap from 3.2.20 to 3.2.21 
Bumps [clap](https://github.com/clap-rs/clap) from 3.2.20 to 3.2.21.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/v3.2.21/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v3.2.20...v3.2.21)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-14 08:21:10 +02:00
Quentin Gliech
b20cc49d36 Properly advertise all the supported JWT verification algorithms 2022-09-13 15:19:19 +02:00
Kévin Commaille
efc6606960 Use ResponseType that doesn't care about tokens order 2022-09-13 15:15:30 +02:00
Quentin Gliech
9ff782f0a0 Remove double must_use 2022-09-13 11:38:49 +02:00
dependabot[bot]
6b1029577a Bump axum from 0.6.0-rc.1 to 0.6.0-rc.2 
Bumps [axum](https://github.com/tokio-rs/axum) from 0.6.0-rc.1 to 0.6.0-rc.2.
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-v0.6.0-rc.1...axum-v0.6.0-rc.2)

---
updated-dependencies:
- dependency-name: axum
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-13 11:38:49 +02:00
dependabot[bot]
e5180a1041 Bump signature from 1.6.0 to 1.6.1 
Bumps [signature](https://github.com/RustCrypto/traits) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/RustCrypto/traits/releases)
- [Commits](https://github.com/RustCrypto/traits/compare/signature-v1.6.0...signature/v1.6.1)

---
updated-dependencies:
- dependency-name: signature
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-12 23:01:57 +02:00
dependabot[bot]
d632bc8386 Bump serde_with from 2.0.0 to 2.0.1 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 2.0.0 to 2.0.1.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v2.0.0...v2.0.1)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-12 23:00:26 +02:00
dependabot[bot]
6ad5aa23e2 Bump sigstore/cosign-installer from 2.5.1 to 2.6.0 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v2.5.1...v2.6.0)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-12 22:58:06 +02:00
dependabot[bot]
867e0635d3 Bump autoprefixer from 10.4.8 to 10.4.9 in /crates/static-files 
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 10.4.8 to 10.4.9.
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/autoprefixer/compare/10.4.8...10.4.9)

---
updated-dependencies:
- dependency-name: autoprefixer
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-12 22:57:45 +02:00
dependabot[bot]
0f88ae812b Bump rust-embed from 6.4.0 to 6.4.1 
Bumps [rust-embed](https://github.com/pyros2097/rust-embed) from 6.4.0 to 6.4.1.
- [Release notes](https://github.com/pyros2097/rust-embed/releases)
- [Changelog](https://github.com/pyrossh/rust-embed/blob/master/changelog.md)
- [Commits](https://github.com/pyros2097/rust-embed/commits)

---
updated-dependencies:
- dependency-name: rust-embed
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-12 22:57:35 +02:00
Kévin Commaille
62e07005da Properly implement Display and FromStr for oauth2-types enums 
Use SerializeDisplay and DeserializeFromStr derives.
Add tests for serialize and deserialize implemntations.
 2022-09-12 15:44:15 +02:00
Kévin Commaille
bf405bd911 Add more variants to GrantType 2022-09-12 11:06:45 +02:00
dependabot[bot]
cfb889bc6a Bump convert_case from 0.5.0 to 0.6.0 
Bumps [convert_case](https://github.com/rutrum/convert-case) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/rutrum/convert-case/releases)
- [Commits](https://github.com/rutrum/convert-case/commits)

---
updated-dependencies:
- dependency-name: convert_case
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-10 11:35:54 +02:00
dependabot[bot]
5f8d3aadca Bump url from 2.3.0 to 2.3.1 
Bumps [url](https://github.com/servo/rust-url) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/servo/rust-url/releases)
- [Commits](https://github.com/servo/rust-url/compare/v2.3.0...v2.3.1)

---
updated-dependencies:
- dependency-name: url
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-08 23:18:54 +02:00
dependabot[bot]
4a271eae21 Bump url from 2.2.2 to 2.3.0 
Bumps [url](https://github.com/servo/rust-url) from 2.2.2 to 2.3.0.
- [Release notes](https://github.com/servo/rust-url/releases)
- [Commits](https://github.com/servo/rust-url/compare/v2.2.2...v2.3.0)

---
updated-dependencies:
- dependency-name: url
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-08 01:20:45 +02:00
dependabot[bot]
268984232c Bump ecdsa from 0.14.4 to 0.14.5 
Bumps [ecdsa](https://github.com/RustCrypto/signatures) from 0.14.4 to 0.14.5.
- [Release notes](https://github.com/RustCrypto/signatures/releases)
- [Commits](https://github.com/RustCrypto/signatures/compare/ecdsa/v0.14.4...ecdsa/v0.14.5)

---
updated-dependencies:
- dependency-name: ecdsa
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-08 01:20:24 +02:00
Kévin Commaille
6bb610c0a1 Allow to get verified provider metadata with minimal checks 2022-09-07 08:56:10 +02:00
dependabot[bot]
4cfe17a49b Bump figment from 0.10.6 to 0.10.7 
Bumps [figment](https://github.com/SergioBenitez/Figment) from 0.10.6 to 0.10.7.
- [Release notes](https://github.com/SergioBenitez/Figment/releases)
- [Commits](https://github.com/SergioBenitez/Figment/compare/v0.10.6...v0.10.7)

---
updated-dependencies:
- dependency-name: figment
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-07 08:40:38 +02:00
Kévin Commaille
74599de6b7 Add TokenHash validator to hash claim definitions 2022-09-06 16:35:36 +02:00
Kévin Commaille
8b48d96bcf Move claim hash token function to mas-jose crate 
Change the hash function according to the signature algorithm,
according to the OpendID Connect spec.
 2022-09-06 14:15:05 +02:00
Quentin Gliech
32cde97da5 Move the healthcheck route to the API router 2022-09-06 13:11:54 +02:00
Quentin Gliech
8e549387cb Upgrade axum to 0.6.0-rc.1 2022-09-06 13:11:54 +02:00
Kévin Commaille
90b3daf7d0 Allow to split JWT into parts 2022-09-06 11:22:08 +02:00
dependabot[bot]
487c4a3e85 Bump opa-wasm from b7d8ea2 to 24bb170 
Bumps [opa-wasm](https://github.com/matrix-org/rust-opa-wasm) from `b7d8ea2` to `24bb170`.
- [Release notes](https://github.com/matrix-org/rust-opa-wasm/releases)
- [Commits](b7d8ea2a94...24bb1700ed)

---
updated-dependencies:
- dependency-name: opa-wasm
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-06 08:01:59 +02:00
dependabot[bot]
dbd72d4a66 Bump thiserror from 1.0.33 to 1.0.34 
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.33 to 1.0.34.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.33...1.0.34)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-06 00:17:05 +02:00
dependabot[bot]
4bd1ee1ab6 Bump anyhow from 1.0.63 to 1.0.64 
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.63 to 1.0.64.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.63...1.0.64)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-05 23:53:36 +02:00
Kévin Commaille
059f1661e0 Add Pushed Authorization Request response type 2022-09-05 11:29:17 +02:00
dependabot[bot]
4649457802 Bump sha2 from 0.10.4 to 0.10.5 
Bumps [sha2](https://github.com/RustCrypto/hashes) from 0.10.4 to 0.10.5.
- [Release notes](https://github.com/RustCrypto/hashes/releases)
- [Commits](https://github.com/RustCrypto/hashes/compare/sha2-v0.10.4...sha2-v0.10.5)

---
updated-dependencies:
- dependency-name: sha2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-03 02:54:55 +02:00
dependabot[bot]
5d6f679084 Bump opa-wasm from 99b2125 to b7d8ea2 
Bumps [opa-wasm](https://github.com/matrix-org/rust-opa-wasm) from `99b2125` to `b7d8ea2`.
- [Release notes](https://github.com/matrix-org/rust-opa-wasm/releases)
- [Commits](99b2125274...b7d8ea2a94)

---
updated-dependencies:
- dependency-name: opa-wasm
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-03 01:27:58 +02:00