pierre/BasicOIDC
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: pierre:90143c891a88db95b6fa0f8c50194ef7316f316f
Branches Tags
pierre:master
..
compare: pierre:master
Branches Tags
pierre:master

115 Commits
90143c891a ... master

Author SHA1 Message Date
Renovate Bot
e3e4e8280c Update Rust crate uuid to 1.17.0
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-06-11 00:19:10 +00:00
Renovate Bot
03c538cc96 Update Rust crate clap to 4.5.40
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-06-10 00:19:27 +00:00
Renovate Bot
77d3e49a94 Update Rust crate futures-util to 0.3.31
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-06-09 00:19:16 +00:00
Renovate Bot
df40e5e6be Update Rust crate clap to 4.5.39
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-06-07 00:18:47 +00:00
Pierre HUBERT
e5c6f0d372 Fix cargo clippy issues (#407)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #407
 2025-06-06 06:11:07 +00:00
Renovate Bot
46c561ca0b Update Rust crate actix-web to 4.11.0
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-05-13 00:13:45 +00:00
Renovate Bot
4a3c1b62e0 Update Rust crate clap to 4.5.38
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-05-12 00:13:25 +00:00
Renovate Bot
64e9844f65 Update Rust crate sha2 to 0.10.9
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-05-01 00:16:56 +00:00
Renovate Bot
958a614f19 Update Rust crate chrono to 0.4.41
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-30 00:16:57 +00:00
Renovate Bot
f869bbde07 Update Rust crate askama to 0.14.0
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-24 00:17:03 +00:00
Renovate Bot
257c9c2b85 Update Rust crate clap to 4.5.37
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-19 00:24:57 +00:00
Renovate Bot
96b3f35ad0 Update Rust crate rand to 0.9.1
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-18 00:24:58 +00:00
Renovate Bot
658e6d498b Update Rust crate askama to 0.13.1
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-16 00:24:41 +00:00
Renovate Bot
5241115f79 Update Rust crate webauthn-rs to 0.5.1
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-15 00:24:36 +00:00
Renovate Bot
23e8f33069 Update Rust crate uuid to 1.16.0
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-14 00:24:42 +00:00
Renovate Bot
77c3dc9e94 Update Rust crate url to 2.5.4
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-13 00:24:38 +00:00
Renovate Bot
0a8fc3c805 Update Rust crate clap to 4.5.36
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-12 00:24:42 +00:00
Renovate Bot
b820ca4b49 Update Rust crate totp_rfc6238 to 0.6.1
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-11 00:24:41 +00:00
Renovate Bot
dc30d65d68 Update Rust crate serde_json to 1.0.140
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-10 00:24:38 +00:00
Renovate Bot
dbea05552d Update Rust crate serde to 1.0.219
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-09 00:24:42 +00:00
Renovate Bot
fc416752db Update Rust crate mime_guess to 2.0.5
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-08 00:24:48 +00:00
Renovate Bot
99dd85c973 Update Rust crate mailchecker to 6.0.17
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-07 00:30:22 +00:00
Renovate Bot
69cabe650e Update Rust crate lazy_static to 1.5.0
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-06 00:30:35 +00:00
Renovate Bot
18e6ee16ae Update Rust crate clap to 4.5.35
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-05 00:30:18 +00:00
Renovate Bot
1e5fc7acfe Update Rust crate lazy-regex to 3.4.1
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-04 00:30:39 +00:00
Renovate Bot
e16e1a5a6a Update Rust crate jwt-simple to 0.12.12
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-03 00:30:21 +00:00
Renovate Bot
80b9ffd4e0 Update Rust crate env_logger to 0.11.8
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-02 00:30:28 +00:00
Renovate Bot
0a8f441ecb Update Rust crate include_dir to 0.7.4
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-04-01 02:01:07 +00:00
Renovate Bot
ee00b31fd0 Update Rust crate chrono to 0.4.40
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-03-31 20:46:52 +00:00
Renovate Bot
7b9ada9164 Update Rust crate base32 to 0.5.1
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-03-31 00:30:31 +00:00
Renovate Bot
991f732f22 Update Rust crate actix-web to 4.10.2
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-03-30 02:16:41 +00:00
Renovate Bot
e11a902c98 Update Rust crate actix-session to 0.10.1
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-03-29 22:51:45 +00:00
Renovate Bot
dc0455c526 Update Rust crate actix to 0.13.5
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-03-29 18:12:42 +00:00
Pierre HUBERT
4cefc7bb0a Update renovate.json
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-03-29 17:33:18 +00:00
Pierre HUBERT
9bcdc84824 Update renovate.json
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-03-29 13:02:15 +00:00
Pierre HUBERT
9c79c3d93c Cargo clippy on test code
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-03-28 14:50:48 +01:00
Pierre HUBERT
bfe6c25f39 Cargo clippy
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-03-28 14:42:04 +01:00
Pierre HUBERT
b77e7895b7 Rust Edition 2024
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-03-28 14:40:35 +01:00
Pierre HUBERT
19f99cf9b9 Update all project dependencies 2025-03-28 14:37:47 +01:00
Pierre HUBERT
73988fe5ec Merge pull request 'Update Rust crate mailchecker to v6.0.17' (#371) from renovate/mailchecker-6.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #371
 2025-03-28 13:01:09 +00:00
Pierre HUBERT
ad1ba1bf19 Merge pull request 'Update Rust crate uuid to v1.16.0' (#372) from renovate/uuid-1.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #372
 2025-03-28 13:00:59 +00:00
Pierre HUBERT
cabb74b0a3 Merge pull request 'Update Rust crate clap to v4.5.33' (#374) from renovate/clap-4.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #374
 2025-03-28 13:00:52 +00:00
Pierre HUBERT
2d7635668d Merge pull request 'Update Rust crate askama to 0.13.0' (#375) from renovate/askama-0.x into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #375
 2025-03-28 13:00:44 +00:00
Pierre HUBERT
eeb0594e80 Update Rust crate askama to 0.13.0
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-03-28 00:22:19 +00:00
Pierre HUBERT
4f74e7cfc1 Update Rust crate clap to v4.5.33
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-03-27 00:22:30 +00:00
Pierre HUBERT
10247deb2e Update Rust crate uuid to v1.16.0
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-03-15 00:03:57 +00:00
Pierre HUBERT
286b982506 Update Rust crate mailchecker to v6.0.17
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-03-13 00:03:58 +00:00
Pierre HUBERT
25f7221d0b Update all dependencies
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-03-12 19:26:57 +01:00
Pierre HUBERT
c5b083f2df Merge pull request 'Update Rust crate actix-web to v4.10.2' (#370) from renovate/actix-web-4.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #370
 2025-03-12 18:25:09 +00:00
Pierre HUBERT
2170d53bb4 Update Rust crate actix-web to v4.10.2
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-03-12 00:17:31 +00:00
Pierre HUBERT
19a1fba460 Merge pull request 'Update Rust crate clap to v4.5.32' (#368) from renovate/clap-4.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #368
 2025-03-11 13:13:04 +00:00
Pierre HUBERT
402bcbc4cd Merge pull request 'Update Rust crate env_logger to v0.11.7' (#369) from renovate/env_logger-0.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #369
 2025-03-11 13:12:58 +00:00
Pierre HUBERT
19a7ae24cf Update Rust crate env_logger to v0.11.7
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-03-11 00:17:37 +00:00
Pierre HUBERT
44de2d320a Update Rust crate clap to v4.5.32
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-03-11 00:17:28 +00:00
Pierre HUBERT
b7310bd7ad Merge pull request 'Update Rust crate serde to v1.0.219' (#367) from renovate/serde-1.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #367
 2025-03-10 18:04:11 +00:00
Pierre HUBERT
e9c14cf146 Update Rust crate serde to v1.0.219
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-03-10 00:17:39 +00:00
Pierre HUBERT
ce07e8e0eb Merge pull request 'Update Rust crate light-openid to v1.0.3' (#365) from renovate/light-openid-1.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #365
 2025-03-05 20:40:22 +00:00
Pierre HUBERT
5b58b70ca7 Update Rust crate light-openid to v1.0.3
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-03-05 00:17:22 +00:00
Pierre HUBERT
1bbfe494d8 Updated all dependencies
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-03-04 19:54:04 +01:00
Pierre HUBERT
80de6e224e Merge pull request 'Update Rust crate uuid to v1.15.1' (#362) from renovate/uuid-1.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #362
 2025-03-04 18:48:09 +00:00
Pierre HUBERT
1bb417d02c Merge pull request 'Update Rust crate serde_json to v1.0.140' (#364) from renovate/serde_json-1.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #364
 2025-03-04 18:48:04 +00:00
Pierre HUBERT
dd05ab563e Merge pull request 'Update Rust crate chrono to v0.4.40' (#361) from renovate/chrono-0.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #361
 2025-03-04 18:47:57 +00:00
Pierre HUBERT
428a4f8f31 Update Rust crate serde_json to v1.0.140
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-03-04 00:17:30 +00:00
Pierre HUBERT
89d0955137 Update Rust crate uuid to v1.15.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-02-27 00:23:13 +00:00
Pierre HUBERT
ea34f867b0 Update Rust crate chrono to v0.4.40
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-02-27 00:23:09 +00:00
Pierre HUBERT
cbda0db231 Merge pull request 'Update Rust crate clap to v4.5.31' (#360) from renovate/clap-4.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #360
 2025-02-25 07:16:43 +00:00
Pierre HUBERT
91b468ee54 Update Rust crate clap to v4.5.31
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-02-25 00:23:10 +00:00
Pierre HUBERT
c9d41f2517 Add CORS on token endpoint
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-02-21 15:51:33 +01:00
Pierre HUBERT
1a1a41d5dc Disable client secret check when no secret is specified
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-02-21 14:58:13 +01:00
Pierre HUBERT
d01311abf1 Can initiate code authentication without client secret
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-02-21 14:49:45 +01:00
Pierre HUBERT
a73ad4bf41 Add CORS headers on OpenID configuration endpoint
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-02-21 11:59:32 +01:00
Pierre HUBERT
4a248e84ac Merge pull request 'Update Rust crate uuid to v1.13.1' (#355) from renovate/uuid-1.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #355
 2025-02-21 10:53:37 +00:00
Pierre HUBERT
e650fe0c29 Merge pull request 'Update Rust crate mailchecker to v6.0.16' (#357) from renovate/mailchecker-6.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #357
 2025-02-21 10:53:29 +00:00
Pierre HUBERT
473abb2d38 Merge pull request 'Update Rust crate clap to v4.5.29' (#356) from renovate/clap-4.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #356
 2025-02-21 10:53:23 +00:00
Pierre HUBERT
1b743c86bf Merge pull request 'Update Rust crate serde to v1.0.218' (#358) from renovate/serde-1.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #358
 2025-02-21 10:53:16 +00:00
Pierre HUBERT
8c25e2aa4c Merge pull request 'Update Rust crate serde_json to v1.0.139' (#359) from renovate/serde_json-1.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #359
 2025-02-21 10:53:07 +00:00
Pierre HUBERT
f7e4eb955c Update Rust crate serde_json to v1.0.139
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-02-21 00:05:04 +00:00
Pierre HUBERT
7d521ef040 Update Rust crate serde to v1.0.218
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-02-21 00:05:01 +00:00
Pierre HUBERT
c59e7b96db Update Rust crate mailchecker to v6.0.16
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-02-18 00:04:45 +00:00
Pierre HUBERT
a0d204ad09 Update Rust crate clap to v4.5.29
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-02-12 00:04:41 +00:00
Pierre HUBERT
a06be2e889 Update Rust crate uuid to v1.13.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-02-06 00:08:38 +00:00
Pierre HUBERT
42862aea7f Merge pull request 'Update Rust crate clap to v4.5.28' (#354) from renovate/clap-4.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #354
 2025-02-04 07:04:12 +00:00
Pierre HUBERT
8173ac5bc1 Update Rust crate clap to v4.5.28
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-02-04 00:08:27 +00:00
Pierre HUBERT
79a00ff7ad Merge pull request 'Update Rust crate rand to 0.9.0' (#351) from renovate/rand-0.x into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #351
 2025-02-03 20:00:33 +00:00
Pierre HUBERT
f2e4d82f87 Fix rand breaking changes
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-02-03 20:57:49 +01:00
Pierre HUBERT
022073f26a Update Rust crate rand to 0.9.0
Some checks failed
renovate/artifacts Artifact file update failure
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/pr Build is failing
Details
2025-02-01 00:22:15 +00:00
Pierre HUBERT
c22fcdab74 Merge pull request 'Update Rust crate bcrypt to 0.17.0' (#353) from renovate/bcrypt-0.x into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #353
 2025-01-31 07:10:50 +00:00
Pierre HUBERT
672267d521 Merge pull request 'Update Rust crate serde_json to v1.0.138' (#352) from renovate/serde_json-1.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #352
 2025-01-31 07:10:41 +00:00
Pierre HUBERT
c26a3af253 Update Rust crate bcrypt to 0.17.0
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-01-31 00:22:28 +00:00
Pierre HUBERT
84d69de09b Update Rust crate serde_json to v1.0.138
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-01-30 00:22:18 +00:00
Pierre HUBERT
76faa33c4e Update Rust crate uuid to v1.12.1
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-01-22 00:22:26 +00:00
Pierre HUBERT
fb0ebde748 Update Rust crate clap to v4.5.27
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-01-21 00:22:26 +00:00
Pierre HUBERT
e0f33c133b Update Rust crate serde_json to v1.0.137
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-01-20 00:22:30 +00:00
Pierre HUBERT
8a0ef75295 Update Rust crate uuid to v1.12.0
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-01-15 00:56:58 +00:00
Pierre HUBERT
a4f73db82e Update Rust crate log to v0.4.25
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-01-15 00:30:18 +00:00
Pierre HUBERT
31ad52607f Update Rust crate uuid to v1.11.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-01-11 00:30:21 +00:00
Pierre HUBERT
a201f175a2 Update Rust crate log to v0.4.24
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-01-11 00:19:08 +00:00
Pierre HUBERT
f5eaecc189 Update Rust crate clap to v4.5.26
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-01-10 00:19:07 +00:00
Pierre HUBERT
6c18a58c43 Update Rust crate serde_json to v1.0.135
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-01-08 00:33:32 +00:00
Pierre HUBERT
677b4221eb Update Rust crate clap to v4.5.24
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-01-08 00:24:08 +00:00
Pierre HUBERT
ae92f8f405 Update Rust crate mailchecker to v6.0.15
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2025-01-04 00:20:22 +00:00
Pierre HUBERT
16083a7624 Update Rust crate lazy-regex to v3.4.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-12-28 00:31:42 +00:00
Pierre HUBERT
09da003f35 Update Rust crate serde to v1.0.217
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2024-12-28 00:20:30 +00:00
Pierre HUBERT
f5dde48e9f Update Rust crate serde_json to v1.0.134
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2024-12-22 00:20:15 +00:00
Pierre HUBERT
c59c735291 Update Rust crate webauthn-rs to v0.5.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-12-21 00:29:10 +00:00
Pierre HUBERT
c2dc140002 Update Rust crate env_logger to v0.11.6
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2024-12-21 00:20:19 +00:00
Pierre HUBERT
d26c9ead7d Update Rust crate mailchecker to v6.0.14
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2024-12-16 00:02:50 +00:00
Pierre HUBERT
5da918cc86 Merge pull request 'Update Rust crate serde to v1.0.216' (#333) from renovate/serde-1.x-lockfile into master
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #333
 2024-12-13 19:31:45 +00:00
Pierre HUBERT
f7d1115b5a Update Rust crate serde to v1.0.216
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2024-12-12 00:02:56 +00:00
Pierre HUBERT
6d5f65559f Update Rust crate jwt-simple to v0.12.11
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-12-10 00:32:26 +00:00
Pierre HUBERT
872fa25d77 Update Rust crate chrono to v0.4.39
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2024-12-10 00:19:09 +00:00
Pierre HUBERT
6901803ae8 Update Rust crate clap to v4.5.23
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2024-12-06 00:19:15 +00:00
Pierre HUBERT
2f8b02a866 Update Rust crate url to v2.5.4
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2024-12-05 00:19:17 +00:00
Pierre HUBERT
6ce1b20ad0 Update Rust crate serde to v1.0.215
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-12-04 00:30:25 +00:00
Pierre HUBERT
de3896b703 Update Rust crate clap to v4.5.22
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
2024-12-04 00:19:20 +00:00
30 changed files with 942 additions and 821 deletions
Expand all files Collapse all files

1395
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

58
Cargo.toml
View File

@ -1,42 +1,42 @@
[package]
name = "basic-oidc"
version = "0.1.4"
edition = "2021"
version = "0.1.5"
edition = "2024"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
actix = "0.13.3"
actix = "0.13.5"
actix-identity = "0.8.0"
actix-web = "4.5.1"
actix-session = { version = "0.10.0", features = ["cookie-session"] }
actix-web = "4.11.0"
actix-session = { version = "0.10.1", features = ["cookie-session"] }
actix-remote-ip = "0.1.0"
clap = { version = "4.5.17", features = ["derive", "env"] }
include_dir = "0.7.3"
log = "0.4.21"
serde_json = "1.0.128"
clap = { version = "4.5.40", features = ["derive", "env"] }
include_dir = "0.7.4"
log = "0.4.27"
serde_json = "1.0.140"
serde_yaml = "0.9.34"
env_logger = "0.11.3"
serde = { version = "1.0.210", features = ["derive"] }
bcrypt = "0.16.0"
uuid = { version = "1.8.0", features = ["v4"] }
mime_guess = "2.0.4"
askama = "0.12.1"
futures-util = "0.3.30"
env_logger = "0.11.8"
serde = { version = "1.0.219", features = ["derive"] }
bcrypt = "0.17.0"
uuid = { version = "1.17.0", features = ["v4"] }
mime_guess = "2.0.5"
askama = "0.14.0"
futures-util = "0.3.31"
urlencoding = "2.1.3"
rand = "0.8.5"
rand = "0.9.1"
base64 = "0.22.1"
jwt-simple = { version = "0.12.10", default-features = false, features = ["pure-rust"] }
jwt-simple = { version = "0.12.12", default-features = false, features = ["pure-rust"] }
digest = "0.10.7"
sha2 = "0.10.8"
lazy-regex = "3.3.0"
totp_rfc6238 = "0.6.0"
base32 = "0.5.0"
sha2 = "0.10.9"
lazy-regex = "3.4.1"
totp_rfc6238 = "0.6.1"
base32 = "0.5.1"
qrcode-generator = "5.0.0"
webauthn-rs = { version = "0.5.0", features = ["danger-allow-state-serialisation"] }
url = "2.5.0"
light-openid = { version = "1.0.2", features = ["crypto-wrapper"] }
bincode = "2.0.0-rc.3"
chrono = "0.4.38"
lazy_static = "1.4.0"
mailchecker = "6.0.8"
webauthn-rs = { version = "0.5.1", features = ["danger-allow-state-serialisation"] }
url = "2.5.4"
light-openid = { version = "1.0.4", features = ["crypto-wrapper"] }
bincode = "2.0.1"
chrono = "0.4.41"
lazy_static = "1.5.0"
mailchecker = "6.0.17"

10
renovate.json
View File

@ -1,9 +1,3 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"packageRules": [
{
"matchUpdateTypes": ["major", "minor", "patch"],
"automerge": true
}
]
}
"extends": ["local>renovate/presets"]
}

2
src/actors/bruteforce_actor.rs
View File

@ -1,5 +1,5 @@
use std::collections::hash_map::Entry;
use std::collections::HashMap;
use std::collections::hash_map::Entry;
use std::net::IpAddr;
use actix::{Actor, AsyncContext, Context, Handler, Message};

2
src/actors/providers_states_actor.rs
View File

@ -8,8 +8,8 @@ use crate::constants::{
OIDC_STATES_CLEANUP_INTERVAL,
};
use actix::{Actor, AsyncContext, Context, Handler, Message};
use std::collections::hash_map::Entry;
use std::collections::HashMap;
use std::collections::hash_map::Entry;
use std::net::IpAddr;
use crate::data::login_redirect::LoginRedirect;

2
src/controllers/admin_api.rs
View File

@ -1,6 +1,6 @@
use crate::actors::users_actor;
use actix::Addr;
use actix_web::{web, HttpResponse, Responder};
use actix_web::{HttpResponse, Responder, web};
use crate::actors::users_actor::{DeleteUserRequest, FindUserByUsername, UsersActor};
use crate::data::action_logger::{Action, ActionLogger};

2
src/controllers/admin_controller.rs
View File

@ -2,7 +2,7 @@ use std::ops::Deref;
use std::sync::Arc;
use actix::Addr;
use actix_web::{web, HttpResponse, Responder};
use actix_web::{HttpResponse, Responder, web};
use askama::Template;
use crate::actors::users_actor;

4
src/controllers/assets_controller.rs
View File

@ -1,7 +1,7 @@
use std::path::Path;
use actix_web::{web, HttpResponse};
use include_dir::{include_dir, Dir};
use actix_web::{HttpResponse, web};
use include_dir::{Dir, include_dir};
/// Assets directory
static ASSETS_DIR: Dir = include_dir!("$CARGO_MANIFEST_DIR/assets");

2
src/controllers/login_api.rs
View File

@ -4,7 +4,7 @@ use crate::data::action_logger::{Action, ActionLogger};
use actix::Addr;
use actix_identity::Identity;
use actix_remote_ip::RemoteIP;
use actix_web::{web, HttpRequest, HttpResponse, Responder};
use actix_web::{HttpRequest, HttpResponse, Responder, web};
use webauthn_rs::prelude::PublicKeyCredential;
use crate::data::session_identity::{SessionIdentity, SessionStatus};

9
src/controllers/login_controller.rs
View File

@ -1,7 +1,7 @@
use actix::Addr;
use actix_identity::Identity;
use actix_remote_ip::RemoteIP;
use actix_web::{web, HttpRequest, HttpResponse, Responder};
use actix_web::{HttpRequest, HttpResponse, Responder, web};
use askama::Template;
use std::sync::Arc;
@ -14,7 +14,7 @@ use crate::controllers::base_controller::{
};
use crate::data::action_logger::{Action, ActionLogger};
use crate::data::force_2fa_auth::Force2FAAuth;
use crate::data::login_redirect::{get_2fa_url, LoginRedirect};
use crate::data::login_redirect::{LoginRedirect, get_2fa_url};
use crate::data::provider::{Provider, ProvidersManager};
use crate::data::session_identity::{SessionIdentity, SessionStatus};
use crate::data::user::User;
@ -177,7 +177,10 @@ pub async fn login_route(
}
LoginResult::LocalAuthForbidden => {
log::warn!("Failed login for username {} : attempted to use local auth, but it is forbidden", &login);
log::warn!(
"Failed login for username {} : attempted to use local auth, but it is forbidden",
&login
);
logger.log(Action::TryLocalLoginFromUnauthorizedAccount(&login));
danger = Some("You cannot login from local auth with your account!".to_string());
}

100
src/controllers/openid_controller.rs
View File

@ -4,9 +4,9 @@ use std::sync::Arc;
use actix::Addr;
use actix_identity::Identity;
use actix_web::error::ErrorUnauthorized;
use actix_web::{web, HttpRequest, HttpResponse, Responder};
use base64::engine::general_purpose::STANDARD as BASE64_STANDARD;
use actix_web::{HttpRequest, HttpResponse, Responder, web};
use base64::Engine as _;
use base64::engine::general_purpose::STANDARD as BASE64_STANDARD;
use light_openid::primitives::{OpenIDConfig, OpenIDTokenResponse, OpenIDUserInfo};
use crate::actors::openid_sessions_actor::{OpenIDSessionsActor, Session, SessionID};
@ -16,12 +16,12 @@ use crate::constants::*;
use crate::controllers::base_controller::{build_fatal_error_page, redirect_user};
use crate::data::action_logger::{Action, ActionLogger};
use crate::data::app_config::AppConfig;
use crate::data::client::{AdditionalClaims, AuthenticationFlow, ClientID, ClientManager};
use crate::data::client::{AdditionalClaims, ClientID, ClientManager};
use crate::data::code_challenge::CodeChallenge;
use crate::data::current_user::CurrentUser;
use crate::data::id_token::IdToken;
use crate::data::jwt_signer::{JWTSigner, JsonWebKey};
use crate::data::login_redirect::{get_2fa_url, LoginRedirect};
use crate::data::login_redirect::{LoginRedirect, get_2fa_url};
use crate::data::session_identity::SessionIdentity;
use crate::data::user::User;
@ -50,37 +50,39 @@ pub async fn get_configuration(req: HttpRequest) -> impl Responder {
host
);
HttpResponse::Ok().json(OpenIDConfig {
issuer: AppConfig::get().website_origin.clone(),
authorization_endpoint: AppConfig::get().full_url(AUTHORIZE_URI),
token_endpoint: curr_origin.clone() + TOKEN_URI,
userinfo_endpoint: Some(curr_origin.clone() + USERINFO_URI),
jwks_uri: curr_origin + CERT_URI,
scopes_supported: Some(vec![
"openid".to_string(),
"profile".to_string(),
"email".to_string(),
]),
response_types_supported: vec![
"code".to_string(),
"id_token".to_string(),
"token id_token".to_string(),
],
subject_types_supported: vec!["public".to_string()],
id_token_signing_alg_values_supported: vec!["RS256".to_string()],
token_endpoint_auth_methods_supported: Some(vec![
"client_secret_post".to_string(),
"client_secret_basic".to_string(),
]),
claims_supported: Some(vec![
"sub".to_string(),
"name".to_string(),
"given_name".to_string(),
"family_name".to_string(),
"email".to_string(),
]),
code_challenge_methods_supported: Some(vec!["plain".to_string(), "S256".to_string()]),
})
HttpResponse::Ok()
.insert_header(("access-control-allow-origin", "*"))
.json(OpenIDConfig {
issuer: AppConfig::get().website_origin.clone(),
authorization_endpoint: AppConfig::get().full_url(AUTHORIZE_URI),
token_endpoint: curr_origin.clone() + TOKEN_URI,
userinfo_endpoint: Some(curr_origin.clone() + USERINFO_URI),
jwks_uri: curr_origin + CERT_URI,
scopes_supported: Some(vec![
"openid".to_string(),
"profile".to_string(),
"email".to_string(),
]),
response_types_supported: vec![
"code".to_string(),
"id_token".to_string(),
"token id_token".to_string(),
],
subject_types_supported: vec!["public".to_string()],
id_token_signing_alg_values_supported: vec!["RS256".to_string()],
token_endpoint_auth_methods_supported: Some(vec![
"client_secret_post".to_string(),
"client_secret_basic".to_string(),
]),
claims_supported: Some(vec![
"sub".to_string(),
"name".to_string(),
"given_name".to_string(),
"family_name".to_string(),
"email".to_string(),
]),
code_challenge_methods_supported: Some(vec!["plain".to_string(), "S256".to_string()]),
})
}
#[derive(serde::Deserialize, Debug)]
@ -218,8 +220,8 @@ pub async fn authorize(
));
}
match (client.auth_flow(), query.response_type.as_str()) {
(AuthenticationFlow::AuthorizationCode, "code") => {
match (client.has_secret(), query.response_type.as_str()) {
(_, "code") => {
// Save all authentication information in memory
let session = Session {
session_id: SessionID(rand_str(OPEN_ID_SESSION_LEN)),
@ -261,7 +263,8 @@ pub async fn authorize(
.finish())
}
(AuthenticationFlow::Implicit, "id_token") => {
// id_token is available only if user has no secret configured
(false, "id_token") => {
let id_token = IdToken {
issuer: AppConfig::get().website_origin.to_string(),
subject_identifier: user.uid.0.clone(),
@ -293,11 +296,11 @@ pub async fn authorize(
.finish())
}
(flow, code) => {
(secret, code) => {
log::warn!(
"For client {:?}, configured with flow {:?}, made request with code {}",
"For client {:?}, configured with secret {:?}, made request with code {}",
client.id,
flow,
secret,
code
);
Ok(error_redirect(
@ -366,9 +369,7 @@ pub async fn token(
let (client_id, client_secret) =
match (&query.client_id, &query.client_secret, authorization_header) {
// post authentication
(Some(client_id), Some(client_secret), None) => {
(client_id.clone(), client_secret.to_string())
}
(Some(client_id), client_secret, None) => (client_id.clone(), client_secret.clone()),
// Basic authentication
(_, None, Some(v)) => {
@ -399,8 +400,8 @@ pub async fn token(
.to_string();
match decode.split_once(':') {
None => (ClientID(decode), "".to_string()),
Some((id, secret)) => (ClientID(id.to_string()), secret.to_string()),
None => (ClientID(decode), None),
Some((id, secret)) => (ClientID(id.to_string()), Some(secret.to_string())),
}
}
@ -418,7 +419,7 @@ pub async fn token(
.ok_or_else(|| ErrorUnauthorized("Client not found"))?;
// Retrieving token requires the client to have a defined secret
if client.secret != Some(client_secret) {
if client.secret != client_secret {
return Ok(error_response(
&query,
"invalid_request",
@ -608,8 +609,9 @@ pub async fn token(
};
Ok(HttpResponse::Ok()
.append_header(("Cache-Control", "no-store"))
.append_header(("Pragam", "no-cache"))
.insert_header(("Cache-Control", "no-store"))
.insert_header(("Pragma", "no-cache"))
.insert_header(("access-control-allow-origin", "*"))
.json(token_response))
}

2
src/controllers/providers_controller.rs
View File

@ -3,7 +3,7 @@ use std::sync::Arc;
use actix::Addr;
use actix_identity::Identity;
use actix_remote_ip::RemoteIP;
use actix_web::{web, HttpRequest, HttpResponse, Responder};
use actix_web::{HttpRequest, HttpResponse, Responder, web};
use askama::Template;
use crate::actors::bruteforce_actor::BruteForceActor;

2
src/controllers/settings_controller.rs
View File

@ -1,6 +1,6 @@
use actix::Addr;
use actix_remote_ip::RemoteIP;
use actix_web::{web, HttpResponse, Responder};
use actix_web::{HttpResponse, Responder, web};
use askama::Template;
use crate::actors::bruteforce_actor::BruteForceActor;

2
src/controllers/two_factor_api.rs
View File

@ -1,5 +1,5 @@
use actix::Addr;
use actix_web::{web, HttpResponse, Responder};
use actix_web::{HttpResponse, Responder, web};
use uuid::Uuid;
use webauthn_rs::prelude::RegisterPublicKeyCredential;

2
src/controllers/two_factors_controller.rs
View File

@ -2,8 +2,8 @@ use std::ops::Deref;
use actix_web::{HttpResponse, Responder};
use askama::Template;
use base64::engine::general_purpose::STANDARD as BASE64_STANDARD;
use base64::Engine as _;
use base64::engine::general_purpose::STANDARD as BASE64_STANDARD;
use qrcode_generator::QrCodeEcc;
use crate::constants::MAX_SECOND_FACTOR_NAME_LEN;

82
src/data/action_logger.rs
View File

@ -6,7 +6,7 @@ use actix::Addr;
use actix_identity::Identity;
use actix_remote_ip::RemoteIP;
use actix_web::dev::Payload;
use actix_web::{web, Error, FromRequest, HttpRequest};
use actix_web::{Error, FromRequest, HttpRequest, web};
use crate::actors::providers_states_actor::ProviderLoginState;
use crate::actors::users_actor;
@ -142,27 +142,56 @@ impl Action<'_> {
false => format!("performed FAILED webauthn attempt for user {user_id:?}"),
},
Action::StartLoginAttemptWithOpenIDProvider { provider_id, state } => format!(
"started new authentication attempt through an OpenID provider (prov={} / state={state})", provider_id.0
"started new authentication attempt through an OpenID provider (prov={} / state={state})",
provider_id.0
),
Action::ProviderError { message } => {
format!("failed provider authentication with message '{message}'")
}
Action::ProviderCBInvalidState { state } => {
format!("provided invalid callback state after provider authentication: '{state}'")
}
Action::ProviderRateLimited => {
"could not complete OpenID login because it has reached failed attempts rate limit!"
.to_string()
}
Action::ProviderFailedGetToken { state, code } => format!(
"could not complete login from provider because the id_token could not be retrieved! (state={:?} code = {code})",
state
),
Action::ProviderFailedGetUserInfo { provider } => format!(
"could not get user information from userinfo endpoint of provider {}!",
provider.id.0
),
Action::ProviderEmailNotValidated { provider } => format!(
"could not login using provider {} because its email was marked as not validated!",
provider.id.0
),
Action::ProviderMissingEmailInResponse { provider } => format!(
"could not login using provider {} because the email was not provided by userinfo endpoint!",
provider.id.0
),
Action::ProviderAccountNotFound { provider, email } => format!(
"could not login using provider {} because the email {email} could not be associated to any account!",
&provider.id.0
),
Action::ProviderAccountDisabled { provider, email } => format!(
"could not login using provider {} because the account associated to the email {email} is disabled!",
&provider.id.0
),
Action::ProviderAccountNotAllowedToLoginWithProvider { provider, email } => format!(
"could not login using provider {} because the account associated to the email {email} is not allowed to authenticate using this provider!",
&provider.id.0
),
Action::ProviderLoginFailed { provider, email } => format!(
"could not login using provider {} with the email {email} for an unknown reason!",
&provider.id.0
),
Action::ProviderLoginSuccessful { provider, user } => format!(
"successfully authenticated using provider {} as {}",
provider.id.0,
user.quick_identity()
),
Action::ProviderError { message } =>
format!("failed provider authentication with message '{message}'"),
Action::ProviderCBInvalidState { state } =>
format!("provided invalid callback state after provider authentication: '{state}'"),
Action::ProviderRateLimited => "could not complete OpenID login because it has reached failed attempts rate limit!".to_string(),
Action::ProviderFailedGetToken {state, code} => format!("could not complete login from provider because the id_token could not be retrieved! (state={:?} code = {code})",state),
Action::ProviderFailedGetUserInfo {provider} => format!("could not get user information from userinfo endpoint of provider {}!", provider.id.0),
Action::ProviderEmailNotValidated {provider}=>format!("could not login using provider {} because its email was marked as not validated!", provider.id.0),
Action::ProviderMissingEmailInResponse {provider}=>format!("could not login using provider {} because the email was not provided by userinfo endpoint!", provider.id.0),
Action::ProviderAccountNotFound { provider, email } =>
format!("could not login using provider {} because the email {email} could not be associated to any account!", &provider.id.0),
Action::ProviderAccountDisabled { provider, email } =>
format!("could not login using provider {} because the account associated to the email {email} is disabled!", &provider.id.0),
Action::ProviderAccountNotAllowedToLoginWithProvider { provider, email } =>
format!("could not login using provider {} because the account associated to the email {email} is not allowed to authenticate using this provider!", &provider.id.0),
Action::ProviderLoginFailed { provider, email } =>
format!("could not login using provider {} with the email {email} for an unknown reason!", &provider.id.0),
Action::ProviderLoginSuccessful {provider, user} =>
format!("successfully authenticated using provider {} as {}", provider.id.0, user.quick_identity()),
Action::Signout => "signed out".to_string(),
Action::UserNeed2FAOnLogin(user) => {
format!(
@ -181,7 +210,9 @@ impl Action<'_> {
format!("successfully authenticated as {login}, but this is a DISABLED ACCOUNT")
}
Action::TryLocalLoginFromUnauthorizedAccount(login) => {
format!("successfully locally authenticated as {login}, but this is a FORBIDDEN for this account!")
format!(
"successfully locally authenticated as {login}, but this is a FORBIDDEN for this account!"
)
}
Action::FailedLoginWithBadCredentials(login) => {
format!("attempted to authenticate as {login} but with a WRONG PASSWORD")
@ -202,7 +233,10 @@ impl Action<'_> {
Action::NewOpenIDSession { client } => {
format!("opened a new OpenID session with {:?}", client.id)
}
Action::NewOpenIDSuccessfulImplicitAuth { client } => format!("finished an implicit flow connection for client {:?}", client.id),
Action::NewOpenIDSuccessfulImplicitAuth { client } => format!(
"finished an implicit flow connection for client {:?}",
client.id
),
Action::ChangedHisPassword => "changed his password".to_string(),
Action::ClearedHisLoginHistory => "cleared his login history".to_string(),
Action::AddNewFactor(factor) => format!(
@ -227,7 +261,7 @@ impl ActionLogger {
None => "Anonymous user".to_string(),
Some(u) => u.quick_identity(),
},
self.ip.to_string(),
self.ip,
action.as_string()
)
}

15
src/data/client.rs
View File

@ -7,12 +7,6 @@ use std::collections::HashMap;
#[derive(Clone, Debug, serde::Serialize, serde::Deserialize, Eq, PartialEq)]
pub struct ClientID(pub String);
#[derive(Debug, Copy, Clone, Eq, PartialEq)]
pub enum AuthenticationFlow {
AuthorizationCode,
Implicit,
}
pub type AdditionalClaims = HashMap<String, Value>;
#[derive(Clone, Debug, serde::Serialize, serde::Deserialize)]
@ -61,12 +55,9 @@ impl PartialEq for Client {
impl Eq for Client {}
impl Client {
/// Get the client authentication flow
pub fn auth_flow(&self) -> AuthenticationFlow {
match self.secret {
None => AuthenticationFlow::Implicit,
Some(_) => AuthenticationFlow::AuthorizationCode,
}
/// Check if the client has a secret defined
pub fn has_secret(&self) -> bool {
self.secret.is_some()
}
/// Process a single claim value

2
src/data/code_challenge.rs
View File

@ -1,5 +1,5 @@
use base64::engine::general_purpose::URL_SAFE_NO_PAD as BASE64_URL_SAFE_NO_PAD;
use base64::Engine as _;
use base64::engine::general_purpose::URL_SAFE_NO_PAD as BASE64_URL_SAFE_NO_PAD;
use crate::utils::crypt_utils::sha256;

2
src/data/critical_route.rs
View File

@ -1,6 +1,6 @@
use crate::data::current_user::CurrentUser;
use crate::data::from_request_redirect::FromRequestRedirect;
use crate::data::login_redirect::{get_2fa_url, LoginRedirect};
use crate::data::login_redirect::{LoginRedirect, get_2fa_url};
use actix_web::dev::Payload;
use actix_web::{FromRequest, HttpRequest};
use std::future::Future;

2
src/data/current_user.rs
View File

@ -6,7 +6,7 @@ use actix::Addr;
use actix_identity::Identity;
use actix_web::dev::Payload;
use actix_web::error::ErrorInternalServerError;
use actix_web::{web, Error, FromRequest, HttpRequest};
use actix_web::{Error, FromRequest, HttpRequest, web};
use crate::actors::users_actor;
use crate::actors::users_actor::UsersActor;

5
src/data/entity_manager.rs
View File

@ -20,7 +20,10 @@ where
/// Open entity
pub fn open_or_create<A: AsRef<Path>>(path: A) -> Res<Self> {
if !path.as_ref().is_file() {
log::warn!("Entities at {:?} does not point to a file, creating a new empty entity container...", path.as_ref());
log::warn!(
"Entities at {:?} does not point to a file, creating a new empty entity container...",
path.as_ref()
);
return Ok(Self {
file_path: path.as_ref().to_path_buf(),
list: vec![],

2
src/data/force_2fa_auth.rs
View File

@ -2,7 +2,7 @@ use crate::data::current_user::CurrentUser;
use crate::data::session_identity::SessionIdentity;
use actix_identity::Identity;
use actix_web::dev::Payload;
use actix_web::{web, Error, FromRequest, HttpRequest};
use actix_web::{Error, FromRequest, HttpRequest, web};
use std::future::Future;
use std::pin::Pin;

4
src/data/jwt_signer.rs
View File

@ -1,12 +1,12 @@
use jwt_simple::algorithms::RSAKeyPairLike;
use jwt_simple::claims::JWTClaims;
use jwt_simple::prelude::RS256KeyPair;
use serde::de::DeserializeOwned;
use serde::Serialize;
use serde::de::DeserializeOwned;
use base64::Engine as _;
use base64::engine::general_purpose::URL_SAFE as BASE64_URL_URL_SAFE;
use base64::engine::general_purpose::URL_SAFE_NO_PAD as BASE64_URL_SAFE_NO_PAD;
use base64::Engine as _;
use crate::utils::err::Res;
use crate::utils::string_utils::rand_str;

4
src/data/provider_configuration.rs
View File

@ -26,7 +26,9 @@ impl ProviderConfiguration {
let state = urlencoding::encode(&state.state_id).to_string();
let callback_url = AppConfig::get().oidc_provider_redirect_url();
format!("{authorization_url}?response_type=code&scope=openid%20profile%20email&client_id={client_id}&state={state}&redirect_uri={callback_url}")
format!(
"{authorization_url}?response_type=code&scope=openid%20profile%20email&client_id={client_id}&state={state}&redirect_uri={callback_url}"
)
}
/// Retrieve the authorization token after a successful authentication, using an authorization code

11
src/data/totp_key.rs
View File

@ -1,5 +1,3 @@
use std::io::ErrorKind;
use base32::Alphabet;
use rand::Rng;
use totp_rfc6238::{HashAlgorithm, TotpGenerator};
@ -21,7 +19,7 @@ pub struct TotpKey {
impl TotpKey {
/// Generate a new TOTP key
pub fn new_random() -> Self {
let random_bytes = rand::thread_rng().gen::<[u8; 20]>();
let random_bytes = rand::rng().random::<[u8; 20]>();
Self {
encoded: base32::encode(BASE32_ALPHABET, &random_bytes),
}
@ -80,7 +78,7 @@ impl TotpKey {
/// Get the code at a specific time
fn get_code_at<F: Fn() -> u64>(&self, get_time: F) -> Res<String> {
let gen = TotpGenerator::new()
let generator = TotpGenerator::new()
.set_digit(NUM_DIGITS)
.unwrap()
.set_step(PERIOD)
@ -90,15 +88,14 @@ impl TotpKey {
let key = match base32::decode(BASE32_ALPHABET, &self.encoded) {
None => {
return Err(Box::new(std::io::Error::new(
ErrorKind::Other,
return Err(Box::new(std::io::Error::other(
"Failed to decode base32 secret!",
)));
}
Some(k) => k,
};
Ok(gen.get_code_with(&key, get_time))
Ok(generator.get_code_with(&key, get_time))
}
/// Check a code's validity

2
src/data/users_file_entity.rs
View File

@ -3,7 +3,7 @@ use std::net::IpAddr;
use crate::actors::users_actor::{AuthorizedAuthenticationSources, UsersSyncBackend};
use crate::data::entity_manager::EntityManager;
use crate::data::user::{FactorID, GeneralSettings, GrantedClients, TwoFactor, User, UserID};
use crate::utils::err::{new_error, Res};
use crate::utils::err::{Res, new_error};
use crate::utils::time::time;
impl EntityManager<User> {

13
src/data/webauthn_manager.rs
View File

@ -1,4 +1,3 @@
use std::io::ErrorKind;
use std::sync::Arc;
use actix_web::web;
@ -109,15 +108,13 @@ impl WebAuthManager {
) -> Res<WebauthnPubKey> {
let state: RegisterKeyOpaqueData = self.crypto_wrapper.decrypt(opaque_state)?;
if state.user_id != user.uid {
return Err(Box::new(std::io::Error::new(
ErrorKind::Other,
return Err(Box::new(std::io::Error::other(
"Invalid user for pubkey!",
)));
}
if state.expire < time() {
return Err(Box::new(std::io::Error::new(
ErrorKind::Other,
return Err(Box::new(std::io::Error::other(
"Challenge has expired!",
)));
}
@ -157,15 +154,13 @@ impl WebAuthManager {
) -> Res {
let state: AuthStateOpaqueData = self.crypto_wrapper.decrypt(opaque_state)?;
if &state.user_id != user_id {
return Err(Box::new(std::io::Error::new(
ErrorKind::Other,
return Err(Box::new(std::io::Error::other(
"Invalid user for pubkey!",
)));
}
if state.expire < time() {
return Err(Box::new(std::io::Error::new(
ErrorKind::Other,
return Err(Box::new(std::io::Error::other(
"Challenge has expired!",
)));
}

6
src/main.rs
View File

@ -2,14 +2,14 @@ use core::time::Duration;
use std::sync::Arc;
use actix::Actor;
use actix_identity::config::LogoutBehaviour;
use actix_identity::IdentityMiddleware;
use actix_identity::config::LogoutBehaviour;
use actix_remote_ip::RemoteIPConfig;
use actix_session::storage::CookieSessionStore;
use actix_session::SessionMiddleware;
use actix_session::storage::CookieSessionStore;
use actix_web::cookie::{Key, SameSite};
use actix_web::middleware::Logger;
use actix_web::{get, middleware, web, App, HttpResponse, HttpServer};
use actix_web::{App, HttpResponse, HttpServer, get, middleware, web};
use basic_oidc::actors::bruteforce_actor::BruteForceActor;
use basic_oidc::actors::openid_sessions_actor::OpenIDSessionsActor;

6
src/middlewares/auth_middleware.rs
View File

@ -1,15 +1,15 @@
//! # Authentication middleware
use std::future::{ready, Future, Ready};
use std::future::{Future, Ready, ready};
use std::pin::Pin;
use std::rc::Rc;
use actix_identity::IdentityExt;
use actix_web::body::EitherBody;
use actix_web::http::{header, Method};
use actix_web::http::{Method, header};
use actix_web::{
dev::{forward_ready, Service, ServiceRequest, ServiceResponse, Transform},
Error, HttpResponse,
dev::{Service, ServiceRequest, ServiceResponse, Transform, forward_ready},
};
use crate::constants::{

13
src/utils/string_utils.rs
View File

@ -1,14 +1,9 @@
use lazy_regex::regex_find;
use rand::distributions::Alphanumeric;
use rand::Rng;
use rand::distr::{Alphanumeric, SampleString};
/// Generate a random string of a given size
pub fn rand_str(len: usize) -> String {
rand::thread_rng()
.sample_iter(&Alphanumeric)
.map(char::from)
.take(len)
.collect()
Alphanumeric.sample_string(&mut rand::rng(), len)
}
/// Parse environment variables
@ -49,7 +44,9 @@ mod test {
const VAR_ONE: &str = "VAR_ONE";
#[test]
fn test_apply_env_var() {
env::set_var(VAR_ONE, "good");
unsafe {
env::set_var(VAR_ONE, "good");
}
let src = format!("This is ${{{}}}", VAR_ONE);
assert_eq!("This is good", apply_env_vars(&src));
}