continuwuation/continuwuity
9
17
Fork 10
Code Issues 78 Pull requests 9 Projects Releases 16 Packages 1 Activity Actions 1

WIP: act as a Matrix OIDC auth provider #810

Draft
lafleur wants to merge 20 commits from lafleur/continuwuity:as-oidc-provider into main
pull from: lafleur/continuwuity:as-oidc-provider
merge into: continuwuation:main
Conversation 20 Commits 20 Files changed 31 +1573 -257

20 commits

Author SHA1 Message Date
nexy7574
9dbd0e654c
fix build errors
Some checks failed
Documentation / Build and Deploy Documentation (pull_request) Failing after 34s
Details
2025-05-31 21:23:39 +01:00
Jade Ellis
bb9e8af4e0
fixup! fix OidcResponse: reimplement IntoResponse
Some checks failed
Documentation / Build and Deploy Documentation (pull_request) Failing after 23s
Details
2025-05-21 12:47:45 +01:00
lafleur
71201c780a
fix OidcResponse: reimplement IntoResponse 2025-05-21 12:47:45 +01:00
Jade Ellis
4692a936a7
chore: fix up 2025-05-21 12:47:45 +01:00
lafleur
a76480be48
oidc: small cosmetics + typos 2025-05-21 12:47:45 +01:00
lafleur
aa2575be3e
remove stale debugging logs 
I don't have the hd space to do debug builds, so I use tracing::info to debug
on release builds. Silly, right ?
 2025-05-21 12:47:45 +01:00
lafleur
8f3fdb0023
use config.server_name as title in OIDC pages 2025-05-21 12:47:44 +01:00
lafleur
95f25f67cf
fix oidc_provider discovery message and docstrings 2025-05-21 12:47:44 +01:00
lafleur
8beaa55352
typos oidc_provider discovery 2025-05-21 12:47:44 +01:00
lafleur
ad6297c1c8
fix oidc_provider config section's doc generation 2025-05-21 12:47:44 +01:00
Jade Ellis
168c21bb27
fix: Don't crash when the client URL doesn't have a domain 
Having a URL with an IP literal, for example, is allowed
 2025-05-21 12:47:43 +01:00
Jade Ellis
c1bad98702
fix: Use correct CSP for login page 2025-05-21 12:47:43 +01:00
Jade Ellis
5c73d3d168
chore: Ignore formatting PR in blame 2025-05-21 12:47:43 +01:00
Jade Ellis
4f8afcf3e1
chore: Fix most clippy issue, format & typos 2025-05-21 12:47:43 +01:00
lafleur
6c5289192d
remove stale dependency oxide-auth-axum 2025-05-21 12:47:42 +01:00
lafleur
ec2c2bb27c
feat(oidc_provider) use askama templates 
Implements a custom OidcResponse with CSP headers and oxide-auth processing
compatibility.
 2025-05-21 12:47:42 +01:00
lafleur
bfbd7abf44
rebase on current main 2025-05-21 12:47:42 +01:00
lafleur
fc62213e64
impl MSC2966: register clients dynamically 2025-05-21 12:47:42 +01:00
lafleur
a96a5b3219
impl MSC2964: OIDC token flow 2025-05-21 12:47:42 +01:00
lafleur
f8c7b2ae3a
impl MSC2965: self-advertise as OIDC authentication provider 
MSC2965 proposes to let the homeserver advertise its current OIDC authentication
issuer. These changes let conduwuit advertise itself as the issuer when
[global.auth.enable_oidc_login] is set. It also advertises its account management
endpoint if [global.auth.enable_oidc_account_management] is set.

None of these endpoints are implemented. This commit only implements the bare
advertisement, as requested by the MSC.
 2025-05-21 12:47:41 +01:00