letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
6,580 Commits 2 Branches 1 Tag
e7c1f126bef94cb907b01eba72c8db9bf5832905
Commit Graph

42 Commits

Author SHA1 Message Date
Quentin Gliech
a56482cf60 Merge branch 'quenting/upstream-oauth/better-conflict-options' into quenting/upstream-oauth/skip-interactive 2025-11-28 18:08:09 +01:00
Quentin Gliech
d38662e395 Option to skip confirmation when registering through an upstream OAuth provider 2025-11-28 15:51:43 +01:00
Quentin Gliech
f97f56ed11 Add more options to deal with localpart conflicts on upstream OAuth 2.0 logins 2025-11-28 10:53:28 +01:00
networkException
23322cfc28 Add upstream_oauth2.providers.[].client_secret_file config option 
This patch factors out the previously introduced config
wrapper for client secrets to also use it for upstream oauth
providers.

See dd040220db
 2025-11-08 16:10:19 +01:00
Quentin Gliech
55120c909b Adapt most code to use the new edges and cursors 2025-09-29 15:08:46 +02:00
Quentin Gliech
7253ca69b0 Merge remote-tracking branch 'origin/main' into feat/login_hint_with_email 2025-08-18 16:43:00 +02:00
Quentin Gliech
78933acb3c Collapse a few nested if now that we have if let chains 2025-08-18 10:29:30 +02:00
mcalinghee
8bad68cc34 Merge branch 'main' into feat/login_hint_with_email 2025-08-05 17:02:14 +02:00
Kai A. Hiller
dd040220db Add clients.[].client_secret_file config option 2025-08-04 19:32:39 +02:00
mcalinghee
062f5aced7 move Clock/MockClock/SystemClock/BoxClock/BoxRng to mas-data-model 2025-07-31 11:17:33 +02:00
mcalinghee
f78e2c38f5 use of UpstreamOAuthProviderLocalpartPreference 2025-07-21 09:52:24 +02:00
mcalinghee
1886e73e40 allow importing existing users when the localpart matches in upstream OAuth 2.0 logins 2025-07-21 09:52:24 +02:00
Quentin Gliech
e8627166a9 Log out oauth & compat sessions when receiving a backchannel logout request 2025-07-04 16:27:10 +02:00
Quentin Gliech
db8c557f81 Backchannel logout behavior settings on upstream providers 2025-07-04 16:27:10 +02:00
Quentin Gliech
52b0a9b2ba Update license headers to match the actual license 2025-06-12 10:32:16 +02:00
Doug
7f91c8948b Add a configuration for forwarding the login hint to the upstream provider. 2025-05-06 17:50:33 +01:00
Quentin Gliech
aba9ca38e6 Insert client_name when upserting statically registered clients (#4417) 2025-04-30 11:50:49 +02:00
Quentin Gliech
3a8d4a1e8a Replace most remaining #[instrument(err)] annotations 2025-04-18 09:59:29 +02:00
Quentin Gliech
7c9754d537 Add context to some log messages 2025-04-18 09:58:48 +02:00
Adis Veletanlic
5f2fbe6a14 Merge branch 'main' into feat/upsert-static-reg-client-name 2025-04-16 11:50:58 +02:00
Adis Veletanlic
7890862500 Add client_name to static registrations function and generate new query data 2025-04-16 11:44:58 +02:00
Adis Veletanlic
067bb99dd6 Format project with nightly toolchain 2025-04-16 10:11:02 +02:00
Adis Veletanlic
40f122b4da Format project 2025-04-14 18:52:41 +02:00
Adis Veletanlic
ef52c85587 Add comment to explain sync workflow 2025-04-14 18:44:18 +02:00
Adis Veletanlic
e460b17d09 Populate private key for SIWA in sync.rs so it is simply storing private_key in db using the provided file (if given) 2025-04-14 18:25:28 +02:00
Quentin Gliech
cc98fd7a53 Order the OAuth providers in the UI by their order in the config file 2025-03-12 11:12:55 +01:00
Quentin Gliech
56d9c7e63b Upgrade to Rust 1.85 and edition 2024 2025-02-21 16:15:02 +01:00
Quentin Gliech
9db14f6743 Rip out the email verification codes 
This considers all user_emails as confirmed, and removes the verification code.
It will be replaced by a new email authentication code flow
 2025-01-14 15:46:45 +01:00
Mathieu Velten
33e1cdbf16 Allow response_mode to be null and if so do not add the query param (#3700) 2024-12-18 18:18:39 +01:00
Mathieu Velten
75ee9a1e58 Add id_token_signed_response_alg and userinfo_signed_response_alg (#3664) 2024-12-17 11:54:16 +01:00
Quentin Gliech
2903ff5e7a Allow setting an explicit upstream account name (#3600) 2024-11-29 12:30:18 +01:00
Quentin Gliech
e39ea44e60 Make the id_token optional on upstream OAuth 2.0 providers 
This makes it possible to use non-OIDC providers as upstream OAuth 2.0 providers, like GitHub.
 2024-11-29 10:31:50 +01:00
Mathieu Velten
f832666a86 Add fetch_userinfo to upstream SSO provider (#3363) 2024-11-26 15:01:03 +00:00
Quentin Gliech
ec28c30e3c Allow setting the response_mode on upstream OAuth 2.0 providers 2024-11-22 08:48:00 +01:00
Quentin Gliech
dddd9fe998 Support Sign in with Apple 2024-11-22 08:48:00 +01:00
Quentin Gliech
9a946c19e7 Remove (C) 2024-09-10 14:28:55 +02:00
Quentin Gliech
9da19e2af0 License headers change 2024-09-05 13:25:42 +02:00
Quentin Gliech
f82ad8c0e6 Soft-delete upstream OAuth 2.0 providers on config sync 2024-04-03 09:51:22 +02:00
Quentin Gliech
6841bc112d Add a soft-deletion column on upstream OAuth 2.0 providers 2024-04-03 09:51:22 +02:00
Quentin Gliech
ff1267eefd Flatten the upstream_oauth2 config section 2024-03-22 13:33:09 +01:00
Quentin Gliech
f61bdbba72 Flatten the clients config 2024-03-22 13:33:09 +01:00
Quentin Gliech
2e0c72811e Automatically sync the configuration on server startup 2024-03-01 18:14:05 +01:00