letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
314 Commits 2 Branches 1 Tag
f05b4eda116eb749030293cb172bbb2ccf4e0dc7
Commit Graph

314 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Quentin Gliech
f05b4eda11 Load the config file from a environment variable 2022-03-11 17:03:28 +01:00
Hugh Nimmo-Smith
935818817f fix: allow authorization in Access-Control-Request-Headers (#88) 
* fix: allow authorization in Access-Control-Request-Headers

* chore: fix clippy style

* style: use constant version of Authorization header

* chore: fix code style with cargo fmt

Co-authored-by: Quentin Gliech <quenting@element.io>
 2022-03-11 11:44:23 +00:00
dependabot[bot]
3478fe7186 Bump tracing from 0.1.31 to 0.1.32 
Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.31 to 0.1.32.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.31...tracing-0.1.32)

---
updated-dependencies:
- dependency-name: tracing
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-11 11:41:04 +01:00
dependabot[bot]
c787326c87 Bump anyhow from 1.0.55 to 1.0.56 
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.55 to 1.0.56.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.55...1.0.56)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-11 10:34:26 +01:00
dependabot[bot]
df35f0706d Bump cssnano from 5.1.0 to 5.1.2 in /crates/static-files 
Bumps [cssnano](https://github.com/cssnano/cssnano) from 5.1.0 to 5.1.2.
- [Release notes](https://github.com/cssnano/cssnano/releases)
- [Commits](https://github.com/cssnano/cssnano/compare/cssnano@5.1.0...cssnano@5.1.2)

---
updated-dependencies:
- dependency-name: cssnano
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-11 10:34:12 +01:00
dependabot[bot]
d0ff917e56 Bump parse-display from 0.5.4 to 0.5.5 
Bumps [parse-display](https://github.com/frozenlib/parse-display) from 0.5.4 to 0.5.5.
- [Release notes](https://github.com/frozenlib/parse-display/releases)
- [Commits](https://github.com/frozenlib/parse-display/compare/v0.5.4...v0.5.5)

---
updated-dependencies:
- dependency-name: parse-display
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-11 10:34:02 +01:00
Quentin Gliech
f243624f45 Move clients to the database 2022-03-08 19:07:46 +01:00
dependabot[bot]
b062eae4d4 Bump clap from 3.1.5 to 3.1.6 
Bumps [clap](https://github.com/clap-rs/clap) from 3.1.5 to 3.1.6.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v3.1.5...v3.1.6)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-08 11:43:57 +01:00
dependabot[bot]
d838ef5ffc Bump tower-http from 0.2.3 to 0.2.4 
Bumps [tower-http](https://github.com/tower-rs/tower-http) from 0.2.3 to 0.2.4.
- [Release notes](https://github.com/tower-rs/tower-http/releases)
- [Commits](https://github.com/tower-rs/tower-http/compare/tower-http-0.2.3...tower-http-0.2.4)

---
updated-dependencies:
- dependency-name: tower-http
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-08 09:19:22 +01:00
dependabot[bot]
28b40e51c6 Bump postcss from 8.4.7 to 8.4.8 in /crates/static-files 
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.7 to 8.4.8.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.7...8.4.8)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-08 09:19:15 +01:00
dependabot[bot]
9fbd76b2c9 Bump sigstore/cosign-installer from 2.0.1 to 2.1.0 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.0.1 to 2.1.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v2.0.1...v2.1.0)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-08 09:19:07 +01:00
dependabot[bot]
43c6b4c4cb Bump once_cell from 1.9.0 to 1.10.0 
Bumps [once_cell](https://github.com/matklad/once_cell) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/matklad/once_cell/releases)
- [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md)
- [Commits](https://github.com/matklad/once_cell/compare/v1.9.0...v1.10.0)

---
updated-dependencies:
- dependency-name: once_cell
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-04 22:42:59 +01:00
dependabot[bot]
234e0e2ec2 Bump clap from 3.1.3 to 3.1.5 
Bumps [clap](https://github.com/clap-rs/clap) from 3.1.3 to 3.1.5.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v3.1.3...v3.1.5)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-03 10:30:10 +01:00
dependabot[bot]
527f56c635 Bump @tailwindcss/forms from 0.4.0 to 0.5.0 in /crates/static-files 
Bumps [@tailwindcss/forms](https://github.com/tailwindlabs/tailwindcss-forms) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/tailwindlabs/tailwindcss-forms/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss-forms/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss-forms/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: "@tailwindcss/forms"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-03 10:30:02 +01:00
dependabot[bot]
ae8317e799 Bump actions/checkout from 2 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-01 21:26:49 +01:00
dependabot[bot]
00edb91ed0 Bump cssnano from 5.0.17 to 5.1.0 in /crates/static-files 
Bumps [cssnano](https://github.com/cssnano/cssnano) from 5.0.17 to 5.1.0.
- [Release notes](https://github.com/cssnano/cssnano/releases)
- [Commits](https://github.com/cssnano/cssnano/compare/cssnano@5.0.17...cssnano@5.1.0)

---
updated-dependencies:
- dependency-name: cssnano
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-01 21:18:02 +01:00
dependabot[bot]
6063d39955 Bump tracing-appender from 0.2.0 to 0.2.1 
Bumps [tracing-appender](https://github.com/tokio-rs/tracing) from 0.2.0 to 0.2.1.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-appender-0.2.0...tracing-appender-0.2.1)

---
updated-dependencies:
- dependency-name: tracing-appender
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-01 21:17:24 +01:00
dependabot[bot]
3bd46c70a6 Bump clap from 3.1.2 to 3.1.3 
Bumps [clap](https://github.com/clap-rs/clap) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v3.1.2...v3.1.3)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-01 09:05:54 +01:00
Quentin Gliech
363965a1e4 Upgrade AWS SDK crates 2022-02-28 10:11:49 +01:00
Quentin Gliech
0611b8171f Fix compilation on older rust version 2022-02-28 10:07:32 +01:00
Quentin Gliech
5a0ab1ccc2 Upgrade Rust version in Docker image 2022-02-28 10:07:32 +01:00
dependabot[bot]
0d743c89a3 Bump postcss from 8.4.6 to 8.4.7 in /crates/static-files 
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.6 to 8.4.7.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.6...8.4.7)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-26 21:44:37 +01:00
Quentin Gliech
0c803f0469 Fix email verification link 2022-02-25 16:25:38 +01:00
Quentin Gliech
2e7f0a64ca Support the email scope 2022-02-25 16:19:38 +01:00
Quentin Gliech
170ad27cf4 Reply with proper errors on the OAuth token endpoint 2022-02-25 11:28:23 +01:00
Quentin Gliech
482ee02dcc Fix server trace names 2022-02-25 10:06:24 +01:00
Quentin Gliech
6d1db5eea9 Upgrade AWS SDK dependencies 2022-02-24 16:09:08 +01:00
Quentin Gliech
650bfa86b3 Better OpenTelemetry tracer 2022-02-24 16:03:37 +01:00
dependabot[bot]
1ebdc4b086 Bump clap from 3.1.1 to 3.1.2 
Bumps [clap](https://github.com/clap-rs/clap) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v3.1.1...v3.1.2)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-24 09:04:55 +01:00
dependabot[bot]
549afac863 Bump tracing-opentelemetry from 0.17.1 to 0.17.2 
Bumps [tracing-opentelemetry](https://github.com/tokio-rs/tracing) from 0.17.1 to 0.17.2.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-opentelemetry-0.17.1...tracing-opentelemetry-0.17.2)

---
updated-dependencies:
- dependency-name: tracing-opentelemetry
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-23 09:55:12 +01:00
dependabot[bot]
42765977bd Bump anyhow from 1.0.53 to 1.0.55 
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.53 to 1.0.55.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.53...1.0.55)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-22 10:43:31 +01:00
dependabot[bot]
ca54dbdce1 Bump rustls from 0.20.3 to 0.20.4 
Bumps [rustls](https://github.com/rustls/rustls) from 0.20.3 to 0.20.4.
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/RELEASE_NOTES.md)
- [Commits](https://github.com/rustls/rustls/compare/v/0.20.3...v/0.20.4)

---
updated-dependencies:
- dependency-name: rustls
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-22 09:53:07 +01:00
dependabot[bot]
7bb1ead068 Bump clap from 3.1.0 to 3.1.1 
Bumps [clap](https://github.com/clap-rs/clap) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-22 09:51:57 +01:00
dependabot[bot]
565a1c632b Bump sigstore/cosign-installer from 2.0.0 to 2.0.1 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.0.0 to 2.0.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v2.0.0...v2.0.1)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-22 09:51:32 +01:00
dependabot[bot]
936247cd2a Bump sqlx from 0.5.10 to 0.5.11 
Bumps [sqlx](https://github.com/launchbadge/sqlx) from 0.5.10 to 0.5.11.
- [Release notes](https://github.com/launchbadge/sqlx/releases)
- [Changelog](https://github.com/launchbadge/sqlx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/launchbadge/sqlx/compare/v0.5.10...v0.5.11)

---
updated-dependencies:
- dependency-name: sqlx
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-22 09:51:19 +01:00
dependabot[bot]
41335ed2ea Bump tracing from 0.1.30 to 0.1.31 
Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.30 to 0.1.31.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-0.1.30...tracing-0.1.31)

---
updated-dependencies:
- dependency-name: tracing
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-20 17:37:02 +01:00
dependabot[bot]
b84835f1a9 Bump tower-http from 0.2.2 to 0.2.3 
Bumps [tower-http](https://github.com/tower-rs/tower-http) from 0.2.2 to 0.2.3.
- [Release notes](https://github.com/tower-rs/tower-http/releases)
- [Commits](https://github.com/tower-rs/tower-http/compare/tower-http-0.2.2...tower-http-0.2.3)

---
updated-dependencies:
- dependency-name: tower-http
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-20 16:41:42 +01:00
dependabot[bot]
9655d3e1de Bump argon2 from 0.3.3 to 0.3.4 
Bumps [argon2](https://github.com/RustCrypto/password-hashes) from 0.3.3 to 0.3.4.
- [Release notes](https://github.com/RustCrypto/password-hashes/releases)
- [Commits](https://github.com/RustCrypto/password-hashes/compare/argon2-v0.3.3...argon2-v0.3.4)

---
updated-dependencies:
- dependency-name: argon2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-20 16:41:31 +01:00
dependabot[bot]
cfc859e36a Bump indoc from 1.0.3 to 1.0.4 
Bumps [indoc](https://github.com/dtolnay/indoc) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/dtolnay/indoc/releases)
- [Commits](https://github.com/dtolnay/indoc/compare/1.0.3...1.0.4)

---
updated-dependencies:
- dependency-name: indoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-20 16:41:19 +01:00
dependabot[bot]
0b570c741c Bump tracing-subscriber from 0.3.8 to 0.3.9 
Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.8 to 0.3.9.
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.8...tracing-subscriber-0.3.9)

---
updated-dependencies:
- dependency-name: tracing-subscriber
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-20 16:41:07 +01:00
dependabot[bot]
468730c0cf Bump cssnano from 5.0.16 to 5.0.17 in /crates/static-files 
Bumps [cssnano](https://github.com/cssnano/cssnano) from 5.0.16 to 5.0.17.
- [Release notes](https://github.com/cssnano/cssnano/releases)
- [Commits](https://github.com/cssnano/cssnano/compare/cssnano@5.0.16...cssnano@5.0.17)

---
updated-dependencies:
- dependency-name: cssnano
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-17 16:53:45 +01:00
dependabot[bot]
7ddde5eaa2 Bump tailwindcss from 3.0.19 to 3.0.23 in /crates/static-files 
Bumps [tailwindcss](https://github.com/tailwindlabs/tailwindcss) from 3.0.19 to 3.0.23.
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/compare/v3.0.19...v3.0.23)

---
updated-dependencies:
- dependency-name: tailwindcss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-17 16:40:36 +01:00
Quentin Gliech
d8286cde55 ci: fix code coverage generation 2022-02-17 16:23:41 +01:00
Quentin Gliech
76e047b748 ci: generate test coverage with a stable toolchain, not nightly 2022-02-17 15:59:00 +01:00
Quentin Gliech
b0000e5d91 Update Cargo.lock 2022-02-17 15:56:09 +01:00
Quentin Gliech
6b5694b0d5 Bump dependencies 2022-02-17 15:53:48 +01:00
Quentin Gliech
8748460831 Implement private_key_jwks client authentication 
This involves a lot of things, including:
 - better VerifyingKeystore trait
 - better errors in the JOSE crate
 - getting rid of async_trait in some JOSE traits
 2022-02-17 15:42:44 +01:00
Quentin Gliech
342c64b5d9 Many improvements to the mas-http crate 
- make `mas_http::client` implement Service directly instead of being
   an async function
 - a Get layer that makes a Service<Uri>
 - better error sources in the JSON layer
 - make the client have a proper error type
 2022-02-15 08:28:25 +01:00
Quentin Gliech
718cac3fb5 Implement a JSON tower layer 
This will help requesting JSON APIs
 2022-02-11 14:15:31 +01:00
Quentin Gliech
d92415d419 Proper HTTP client 2022-02-10 16:38:17 +01:00