ash-project/ash_authentication
1
0
Fork 0
mirror of https://github.com/team-alembic/ash_authentication.git synced 2024-09-19 21:03:23 +12:00
Code Issues Projects Releases Packages Wiki Activity
808 commits 23 branches 98 tags 6.5 MiB
Commit graph

158 commits

Author SHA1 Message Date
Zach Daniel
85e0760b7d chore: add uuid primary key for users 2024-09-18 20:07:26 -04:00
Zach Daniel
610a09605d improvement: igniter installer for user & user token resources 
This generates resources & configs, but not plugs/phoenix related code.
 2024-09-18 14:00:21 -04:00
Peter Shoukry
a6870105cc
fix: handle options properly for subect to user (#786) 2024-09-17 07:50:46 -04:00
Peter Shoukry
53789c17e4
fix: setup options properly for ash 3.0 (#785) 2024-09-15 14:49:47 -04:00
Miguel Serrano
41724288d3
improvement: add apple strategy (#750) 
* improvement: add apple strategy

* fix: update types and formatter

* fix: add secret values to config

* fix: sort new fields

* fix: sort new types

* fix: properly set allow_nil for apple secrets

* fix: credo and sobelow warnings

---------

Co-authored-by: James Harton <james@harton.dev>
 2024-09-02 08:37:34 +12:00
Zach Daniel
d9a278395a improvement: avoid warning about comparison with nil 
the previous implementation was not a security issue because the
actual action would not execute with a `nil` identity
 2024-08-21 19:44:50 -04:00
Zach Daniel
c4f570380f
fix: allow overriding strategy defaults (#766) 2024-08-18 18:16:28 -04:00
James Harton
ef1b12258b
fix: bug where nil is not allowed but is returned from secret functions. 2024-08-19 09:05:59 +12:00
Antonio
c9d12076ce
Actually use 'trusted_audiences' in oauth2 strategy. (#770) 2024-08-15 17:30:17 -04:00
Zach Daniel
86be412641
fix: add back in accidentally removed debug errors code (#768) 
this also cleans up references to `Ash.ErrorKind` which is
dead code in 3.x
 2024-08-12 09:10:59 -04:00
Zach Daniel
151240df32
chore: add false filter on nil identity_field (#767) 2024-08-11 20:19:16 -04:00
Zach Daniel
ccd0eb00d9 fix: set options earlier in magic link/oauth2 2024-08-09 11:18:31 -04:00
Zach Daniel
652983be5a chore: fix errors from previous commit 2024-08-09 09:37:42 -04:00
Zach Daniel
b75097dd3e improvement: set context in addition to tenant 2024-08-09 09:28:32 -04:00
Zach Daniel
3562aea431 improvement: use no_depend_modules for better compile dependencies 2024-08-08 13:34:36 -04:00
Vitor M. A. da Cruz
e5a9f27c6a
improvement: enable custom http_adapters (#760) 
Allow users to customize the behavior of the http client used by the oauth-based strategies
by configuring a http adapter.
 2024-08-05 16:09:36 -04:00
James Harton
a8d98ac40b
improvement: validate that tokens are enabled when password resets are enabled. (#758) 
Closes #232.
 2024-08-05 15:34:55 +12:00
dependabot[bot]
9b9f11c3f0
chore(deps): Bump the production-dependencies group across 1 directory with 4 updates (#755) 
* chore(deps): Bump the production-dependencies group across 1 directory with 4 updates

Bumps the production-dependencies group with 2 updates in the / directory: [ash](https://github.com/ash-project/ash) and [ash_postgres](https://github.com/ash-project/ash_postgres).


Updates `ash` from 3.0.16 to 3.3.2
- [Changelog](https://github.com/ash-project/ash/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ash-project/ash/compare/v3.0.16...v3.3.2)

Updates `ash_postgres` from 2.0.12 to 2.1.17
- [Changelog](https://github.com/ash-project/ash_postgres/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ash-project/ash_postgres/compare/v2.0.12...v2.1.17)

Updates `jason` from 1.4.3 to 1.4.4
- [Release notes](https://github.com/michalmuskala/jason/releases)
- [Changelog](https://github.com/michalmuskala/jason/blob/v1.4.4/CHANGELOG.md)
- [Commits](https://github.com/michalmuskala/jason/compare/v1.4.3...v1.4.4)

Updates `spark` from 2.2.7 to 2.2.11
- [Changelog](https://github.com/ash-project/spark/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ash-project/spark/compare/v2.2.7...v2.2.11)

---
updated-dependencies:
- dependency-name: ash
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: ash_postgres
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: jason
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: spark
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore: fix formatting, etc.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Harton <james@harton.nz>
 2024-08-05 15:19:10 +12:00
Simon Bergström
866d806b47
improvement: compile-time check to make sure that the configured token_resource is an Ash.Resource (#749) 
* improvement(Tokens): improved compile-time validation of the token_resource option of the tokens DSL by checking that the passed value is an Ash.Resource.

* improvement(Tokens): removed unnecessary stuff from the test file.

* improvement(Tokens): fixed credo warning and changed some things after PR feedback
 2024-07-24 16:21:24 -04:00
Zach Daniel
a79a474b11
fix: only pass the "token" parameter to reset with token action (#748) 2024-07-22 15:44:36 -04:00
Zach Daniel
b10b958723 fix: handle case where action.accept is nil 2024-07-10 09:34:58 -04:00
Zach Daniel
1131de032a fix: no need to allow_nil_input for an unaccepted field 
the purpose of `allow_nil_input` is to say "we accept some required
field X as input, but the action will set it if the user does not".
Non-accepted attributes *always* behave that way, expecting the
action to set them, and are checked just prior to committing the action.
 2024-06-11 09:46:50 -04:00
James Harton
81236e1ed5
fix: correctly generate sign-in tokens when requested. 2024-06-06 14:34:30 +12:00
Zach Daniel
e1cdc10b89 fix: ensure tenant is set when revoking tokens and on changeset for updating 2024-05-29 09:06:05 -04:00
James Harton
8d584030f6
fix: bug in tokens required verifier. 2024-05-14 15:04:08 +12:00
James Harton
69dc1f1dbc
chore: fix dialyzer warnings about info generator functions. 
It seems that it's now smart enough to detect that schema options with default values cannot ever return `:error`.
 2024-05-14 14:51:15 +12:00
Bryan Bryce
014819811f
Update debug.ex (#675) 2024-05-12 08:45:03 +12:00
James Harton
4e66a402fe
improvement: Only require tokens to be enabled when using a strategy which needs them. 2024-05-10 14:38:09 +12:00
James Harton
bc1e590bca
docs: Documentation refresh for Ash 3.0. (#665) 
* docs: Update README to new format.

* docs: tidy up docus some more.

* docs: More documentation tweaks.

* docs: Tweak readme.
 2024-05-08 11:50:57 +12:00
James Harton
325b52eca0
fix(Jwt): Include authentication interaction context when storing tokens. 2024-04-30 10:04:54 +12:00
Martin Schut
8721c01b4c
improvement(OIDC): Adjust dsl of OIDC reflect assent requirements (#538) 
The OIDC implementation of assent requires the base_url to be set and ignores the different *_url attributes. At favours the returned configuration from the openid_configuration_uri. To not configure some unused attributes they're removed.
 2024-04-12 09:22:58 +12:00
James Harton
85700b37d8 feat!: Sign in tokens are enabled by default for the password strategy. 2024-04-10 12:08:54 +12:00
James Harton
03b38bdcb4 feat!: Tokens are now enabled by default. 2024-04-10 12:08:54 +12:00
James Harton
d697e0313d
fix(Strategy.Password): Reset tokens are single use. (#625) 
When a token is successfully used to reset a password then it is immediately revoked so that it cannot be used again.

Closes #624.
 2024-04-10 11:26:55 +12:00
James Harton
59918e49a4
improvement: Use Ash functions instead of generated domain functions. 2024-04-09 15:43:10 +12:00
James Harton
c22439f48f
fix(Confirmation): Only allow the confirmation token to be used once. (#623) 
Fixes a potential issue where the confirmation token can be used multiple times, potentially opening a replay attack.

Closes #618
 2024-04-09 09:32:37 +12:00
James Harton
ea3ff3b00e
fix(Jwt): Ignore pre-release versions verifying token versions. 2024-03-28 15:06:05 +13:00
James Harton
f0075e2cd3
improvement!: Update to support Ash 3.0. (#599) 2024-03-28 14:44:23 +13:00
Dmitrii Maganov
bb81521d6c improvement: infer api from a resource 2024-03-11 16:07:24 +13:00
Jean-Luc Geering
8163b178f7
docs: better Plug.Router example (#566) 2024-02-22 07:11:32 -05:00
M.Yasoob Ullah Khalid ☺
2dde760d31
improvement: support atom keys for uid in addition to strings (#556) 2024-01-25 10:50:08 -05:00
Zach Daniel
ba44d56820 docs: update ex_doc, overhaul underlying doc structure 
docs: make all DSL docs one liners (now required by spark)
 2024-01-12 16:30:27 -05:00
Rebecca Le
d360117c2a
docs: Fix broken link to Auth0 quick-start guide 2023-12-06 11:02:04 +08:00
Rebecca Le
739a544651
docs: Add new Testing guide 
It's pretty bare-bones at the moment, but does close #476 by mentioning
that `bcrypt_elixir` can be tweaked for faster tests
 2023-12-06 10:47:07 +08:00
dependabot[bot]
408a28ccf4
chore(deps): Bump assent from 0.2.7 to 0.2.8 (#506) 
* chore(deps): Bump assent from 0.2.7 to 0.2.8

Bumps [assent](https://github.com/pow-auth/assent) from 0.2.7 to 0.2.8.
- [Release notes](https://github.com/pow-auth/assent/releases)
- [Changelog](https://github.com/pow-auth/assent/blob/main/CHANGELOG.md)
- [Commits](https://github.com/pow-auth/assent/compare/v0.2.7...v0.2.8)

---
updated-dependencies:
- dependency-name: assent
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore(OAuth2): Reflect `assent` `site` -> `base_url` change.

I considered just rewriting it behind the scenes, but I think it's probably better in the long run if we just emit a deprecation.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Harton <james@harton.nz>
 2023-11-22 10:49:07 +13:00
Rebecca Le
199f3d6a83
docs: Add missing ends to examples in OAuth2 module docs 
Closes #266
 2023-11-13 14:00:46 +08:00
James Harton
0f6e677e4b
docs: fix incorrect username in example. (#496) 
Closes #460.
 2023-10-30 09:54:33 +13:00
Lars Wikman
a4f68eb9e0
feat: Add Google strategy (#474) 
* feat: Add Google strategy

* fix: include Google strategy cheat sheet

* fix: Add documentation grouping for Google strategy

* chore: update formatter.

---------

Co-authored-by: James Harton <james@harton.nz>
 2023-10-26 12:44:56 +13:00
Lars Wikman
8a623ff6b0
improvement: Change redirect_uri secret to be more flexible (#473) 
Applies to both OAuth2 and OpenID Connect.

With this the developer can provide either the full
URL or the URL up to the AuthPlug path. If the suffix
is already there we won't add it again.

Should make it easier to get it on the first try.
 2023-10-26 11:48:23 +13:00
Lars Wikman
5f5e8a6b27
fix: Change overwriting of refresh_token to not overwrite them with nil (#483) 2023-10-26 11:11:38 +13:00