├── .cargo └── config.toml ├── .codecov.yml ├── .config └── nextest.toml ├── .devcontainer ├── .env ├── Dockerfile ├── devcontainer.json └── docker-compose.yml ├── .dockerignore ├── .editorconfig ├── .gitattributes ├── .github ├── actions │ ├── build-frontend │ │ └── action.yml │ └── build-policies │ │ └── action.yml ├── dependabot.yml ├── release.yml ├── scripts │ ├── .gitignore │ ├── cleanup-pr.cjs │ ├── commit-and-tag.cjs │ ├── create-release-branch.cjs │ ├── create-version-tag.cjs │ ├── merge-back.cjs │ ├── package.json │ ├── update-release-branch.cjs │ └── update-unstable-tag.cjs └── workflows │ ├── build.yaml │ ├── ci.yaml │ ├── coverage.yaml │ ├── docs.yaml │ ├── merge-back.yaml │ ├── release-branch.yaml │ ├── release-bump.yaml │ ├── tag.yaml │ ├── translations-download.yaml │ └── translations-upload.yaml ├── .gitignore ├── .rustfmt.toml ├── CONTRIBUTING.md ├── Cargo.lock ├── Cargo.toml ├── Dockerfile ├── LICENSE ├── README.md ├── biome.json ├── book.toml ├── clippy.toml ├── crates ├── axum-utils │ ├── Cargo.toml │ └── src │ │ ├── client_authorization.rs │ │ ├── cookies.rs │ │ ├── csrf.rs │ │ ├── error_wrapper.rs │ │ ├── fancy_error.rs │ │ ├── jwt.rs │ │ ├── language_detection.rs │ │ ├── lib.rs │ │ ├── sentry.rs │ │ ├── session.rs │ │ └── user_authorization.rs ├── cli │ ├── Cargo.toml │ ├── build.rs │ └── src │ │ ├── app_state.rs │ │ ├── commands │ │ ├── config.rs │ │ ├── database.rs │ │ ├── debug.rs │ │ ├── doctor.rs │ │ ├── manage.rs │ │ ├── mod.rs │ │ ├── server.rs │ │ ├── syn2mas.rs │ │ ├── templates.rs │ │ └── worker.rs │ │ ├── lifecycle.rs │ │ ├── main.rs │ │ ├── server.rs │ │ ├── sync.rs │ │ ├── telemetry.rs │ │ ├── telemetry │ │ └── tokio.rs │ │ └── util.rs ├── config │ ├── Cargo.toml │ └── src │ │ ├── bin │ │ └── schema.rs │ │ ├── lib.rs │ │ ├── schema.rs │ │ ├── sections │ │ ├── account.rs │ │ ├── branding.rs │ │ ├── captcha.rs │ │ ├── clients.rs │ │ ├── database.rs │ │ ├── email.rs │ │ ├── experimental.rs │ │ ├── http.rs │ │ ├── matrix.rs │ │ ├── mod.rs │ │ ├── passwords.rs │ │ ├── policy.rs │ │ ├── rate_limiting.rs │ │ ├── secrets.rs │ │ ├── telemetry.rs │ │ ├── templates.rs │ │ └── upstream_oauth2.rs │ │ └── util.rs ├── context │ ├── Cargo.toml │ └── src │ │ ├── fmt.rs │ │ ├── future.rs │ │ ├── layer.rs │ │ ├── lib.rs │ │ └── service.rs ├── data-model │ ├── Cargo.toml │ ├── examples │ │ └── ua-parser.rs │ └── src │ │ ├── compat │ │ ├── device.rs │ │ ├── mod.rs │ │ ├── session.rs │ │ └── sso_login.rs │ │ ├── lib.rs │ │ ├── oauth2 │ │ ├── authorization_grant.rs │ │ ├── client.rs │ │ ├── device_code_grant.rs │ │ ├── mod.rs │ │ └── session.rs │ │ ├── policy_data.rs │ │ ├── site_config.rs │ │ ├── tokens.rs │ │ ├── upstream_oauth2 │ │ ├── link.rs │ │ ├── mod.rs │ │ ├── provider.rs │ │ └── session.rs │ │ ├── user_agent.rs │ │ └── users.rs ├── email │ ├── Cargo.toml │ └── src │ │ ├── lib.rs │ │ ├── mailer.rs │ │ └── transport.rs ├── handlers │ ├── Cargo.toml │ └── src │ │ ├── activity_tracker │ │ ├── bound.rs │ │ ├── mod.rs │ │ └── worker.rs │ │ ├── admin │ │ ├── call_context.rs │ │ ├── mod.rs │ │ ├── model.rs │ │ ├── params.rs │ │ ├── response.rs │ │ ├── schema.rs │ │ └── v1 │ │ │ ├── compat_sessions │ │ │ ├── get.rs │ │ │ ├── list.rs │ │ │ └── mod.rs │ │ │ ├── mod.rs │ │ │ ├── oauth2_sessions │ │ │ ├── get.rs │ │ │ ├── list.rs │ │ │ └── mod.rs │ │ │ ├── policy_data │ │ │ ├── get.rs │ │ │ ├── get_latest.rs │ │ │ ├── mod.rs │ │ │ └── set.rs │ │ │ ├── upstream_oauth_links │ │ │ ├── add.rs │ │ │ ├── delete.rs │ │ │ ├── get.rs │ │ │ ├── list.rs │ │ │ └── mod.rs │ │ │ ├── user_emails │ │ │ ├── add.rs │ │ │ ├── delete.rs │ │ │ ├── get.rs │ │ │ ├── list.rs │ │ │ └── mod.rs │ │ │ ├── user_sessions │ │ │ ├── get.rs │ │ │ ├── list.rs │ │ │ └── mod.rs │ │ │ └── users │ │ │ ├── add.rs │ │ │ ├── by_username.rs │ │ │ ├── deactivate.rs │ │ │ ├── get.rs │ │ │ ├── list.rs │ │ │ ├── lock.rs │ │ │ ├── mod.rs │ │ │ ├── set_admin.rs │ │ │ ├── set_password.rs │ │ │ └── unlock.rs │ │ ├── bin │ │ ├── api-schema.rs │ │ └── graphql-schema.rs │ │ ├── captcha.rs │ │ ├── compat │ │ ├── login.rs │ │ ├── login_sso_complete.rs │ │ ├── login_sso_redirect.rs │ │ ├── logout.rs │ │ ├── logout_all.rs │ │ ├── mod.rs │ │ └── refresh.rs │ │ ├── graphql │ │ ├── mod.rs │ │ ├── model │ │ │ ├── browser_sessions.rs │ │ │ ├── compat_sessions.rs │ │ │ ├── cursor.rs │ │ │ ├── matrix.rs │ │ │ ├── mod.rs │ │ │ ├── node.rs │ │ │ ├── oauth.rs │ │ │ ├── site_config.rs │ │ │ ├── upstream_oauth.rs │ │ │ ├── users.rs │ │ │ └── viewer │ │ │ │ ├── anonymous.rs │ │ │ │ └── mod.rs │ │ ├── mutations │ │ │ ├── browser_session.rs │ │ │ ├── compat_session.rs │ │ │ ├── matrix.rs │ │ │ ├── mod.rs │ │ │ ├── oauth2_session.rs │ │ │ ├── user.rs │ │ │ └── user_email.rs │ │ ├── query │ │ │ ├── mod.rs │ │ │ ├── session.rs │ │ │ ├── upstream_oauth.rs │ │ │ ├── user.rs │ │ │ └── viewer.rs │ │ ├── state.rs │ │ └── tests.rs │ │ ├── health.rs │ │ ├── lib.rs │ │ ├── oauth2 │ │ ├── authorization │ │ │ ├── callback.rs │ │ │ ├── consent.rs │ │ │ └── mod.rs │ │ ├── device │ │ │ ├── authorize.rs │ │ │ ├── consent.rs │ │ │ ├── link.rs │ │ │ └── mod.rs │ │ ├── discovery.rs │ │ ├── introspection.rs │ │ ├── keys.rs │ │ ├── mod.rs │ │ ├── registration.rs │ │ ├── revoke.rs │ │ ├── token.rs │ │ ├── userinfo.rs │ │ └── webfinger.rs │ │ ├── passwords.rs │ │ ├── preferred_language.rs │ │ ├── rate_limit.rs │ │ ├── session.rs │ │ ├── snapshots │ │ ├── mas_handlers__passwords__tests__hash_verify_and_upgrade-2.snap │ │ ├── mas_handlers__passwords__tests__hash_verify_and_upgrade-3.snap │ │ ├── mas_handlers__passwords__tests__hash_verify_and_upgrade.snap │ │ ├── mas_handlers__passwords__tests__hashing_argon2id-2.snap │ │ ├── mas_handlers__passwords__tests__hashing_argon2id.snap │ │ ├── mas_handlers__passwords__tests__hashing_bcrypt-2.snap │ │ ├── mas_handlers__passwords__tests__hashing_bcrypt.snap │ │ ├── mas_handlers__passwords__tests__hashing_pbkdf2-2.snap │ │ └── mas_handlers__passwords__tests__hashing_pbkdf2.snap │ │ ├── test_utils.rs │ │ ├── upstream_oauth2 │ │ ├── authorize.rs │ │ ├── cache.rs │ │ ├── callback.rs │ │ ├── cookie.rs │ │ ├── link.rs │ │ ├── mod.rs │ │ └── template.rs │ │ └── views │ │ ├── app.rs │ │ ├── index.rs │ │ ├── login.rs │ │ ├── logout.rs │ │ ├── mod.rs │ │ ├── recovery │ │ ├── mod.rs │ │ ├── progress.rs │ │ └── start.rs │ │ ├── register │ │ ├── cookie.rs │ │ ├── mod.rs │ │ ├── password.rs │ │ └── steps │ │ │ ├── display_name.rs │ │ │ ├── finish.rs │ │ │ ├── mod.rs │ │ │ └── verify_email.rs │ │ └── shared.rs ├── http │ ├── Cargo.toml │ └── src │ │ ├── ext.rs │ │ ├── lib.rs │ │ └── reqwest.rs ├── i18n-scan │ ├── Cargo.toml │ └── src │ │ ├── key.rs │ │ ├── main.rs │ │ └── minijinja.rs ├── i18n │ ├── Cargo.toml │ ├── src │ │ ├── lib.rs │ │ ├── sprintf │ │ │ ├── argument.rs │ │ │ ├── formatter.rs │ │ │ ├── grammar.pest │ │ │ ├── message.rs │ │ │ ├── mod.rs │ │ │ └── parser.rs │ │ ├── translations.rs │ │ └── translator.rs │ └── test_data │ │ ├── en-US.json │ │ ├── en.json │ │ └── fr.json ├── iana-codegen │ ├── Cargo.toml │ └── src │ │ ├── generation.rs │ │ ├── jose.rs │ │ ├── main.rs │ │ ├── oauth.rs │ │ └── traits.rs ├── iana │ ├── Cargo.toml │ └── src │ │ ├── jose.rs │ │ ├── lib.rs │ │ └── oauth.rs ├── jose │ ├── Cargo.toml │ ├── src │ │ ├── base64.rs │ │ ├── claims.rs │ │ ├── constraints.rs │ │ ├── jwa │ │ │ ├── asymmetric.rs │ │ │ ├── hmac.rs │ │ │ ├── mod.rs │ │ │ ├── signature.rs │ │ │ └── symmetric.rs │ │ ├── jwk │ │ │ ├── mod.rs │ │ │ ├── private_parameters.rs │ │ │ └── public_parameters.rs │ │ ├── jwt │ │ │ ├── header.rs │ │ │ ├── mod.rs │ │ │ ├── raw.rs │ │ │ └── signed.rs │ │ └── lib.rs │ └── tests │ │ ├── generate.py │ │ ├── jws.rs │ │ ├── jwts │ │ ├── eddsa-ed25519.jwt │ │ ├── eddsa-ed448.jwt │ │ ├── es256.jwt │ │ ├── es256k.jwt │ │ ├── es384.jwt │ │ ├── es512.jwt │ │ ├── hs256.jwt │ │ ├── hs384.jwt │ │ ├── hs512.jwt │ │ ├── ps256.jwt │ │ ├── ps384.jwt │ │ ├── ps512.jwt │ │ ├── rs256.jwt │ │ ├── rs384.jwt │ │ └── rs512.jwt │ │ ├── keys │ │ ├── ed25519.priv.pem │ │ ├── ed25519.pub.pem │ │ ├── ed448.priv.pem │ │ ├── ed448.pub.pem │ │ ├── jwks.priv.json │ │ ├── jwks.pub.json │ │ ├── k256.priv.pem │ │ ├── k256.pub.pem │ │ ├── oct.bin │ │ ├── p256.priv.pem │ │ ├── p256.pub.pem │ │ ├── p384.priv.pem │ │ ├── p384.pub.pem │ │ ├── p521.priv.pem │ │ ├── p521.pub.pem │ │ ├── rsa.priv.pem │ │ └── rsa.pub.pem │ │ └── snapshots │ │ ├── jws__es256__sign_jwt.snap │ │ ├── jws__es256k__sign_jwt.snap │ │ ├── jws__es384__sign_jwt.snap │ │ ├── jws__ps256__sign_jwt.snap │ │ ├── jws__ps384__sign_jwt.snap │ │ ├── jws__ps512__sign_jwt.snap │ │ ├── jws__rs256__sign_jwt.snap │ │ ├── jws__rs384__sign_jwt.snap │ │ └── jws__rs512__sign_jwt.snap ├── keystore │ ├── Cargo.toml │ ├── src │ │ ├── encrypter.rs │ │ └── lib.rs │ └── tests │ │ ├── generate.sh │ │ ├── keys │ │ ├── ec-k256.pkcs8.der │ │ ├── ec-k256.pkcs8.encrypted.der │ │ ├── ec-k256.pkcs8.encrypted.pem │ │ ├── ec-k256.pkcs8.pem │ │ ├── ec-k256.sec1.der │ │ ├── ec-k256.sec1.pem │ │ ├── ec-p256.pkcs8.der │ │ ├── ec-p256.pkcs8.encrypted.der │ │ ├── ec-p256.pkcs8.encrypted.pem │ │ ├── ec-p256.pkcs8.pem │ │ ├── ec-p256.sec1.der │ │ ├── ec-p256.sec1.pem │ │ ├── ec-p384.pkcs8.der │ │ ├── ec-p384.pkcs8.encrypted.der │ │ ├── ec-p384.pkcs8.encrypted.pem │ │ ├── ec-p384.pkcs8.pem │ │ ├── ec-p384.sec1.der │ │ ├── ec-p384.sec1.pem │ │ ├── ec256.pkcs8.encrypted.pem │ │ ├── rsa.pkcs1.der │ │ ├── rsa.pkcs1.pem │ │ ├── rsa.pkcs8.der │ │ ├── rsa.pkcs8.encrypted.der │ │ ├── rsa.pkcs8.encrypted.pem │ │ └── rsa.pkcs8.pem │ │ ├── keystore.rs │ │ └── snapshots │ │ ├── keystore__generate_sign_and_verify-2.snap │ │ ├── keystore__generate_sign_and_verify-3.snap │ │ ├── keystore__generate_sign_and_verify-4.snap │ │ ├── keystore__generate_sign_and_verify-5.snap │ │ ├── keystore__generate_sign_and_verify.snap │ │ ├── keystore__jwt_ES256.snap │ │ ├── keystore__jwt_ES256K.snap │ │ ├── keystore__jwt_ES384.snap │ │ ├── keystore__jwt_PS256.snap │ │ ├── keystore__jwt_PS384.snap │ │ ├── keystore__jwt_PS512.snap │ │ ├── keystore__jwt_RS256.snap │ │ ├── keystore__jwt_RS384.snap │ │ └── keystore__jwt_RS512.snap ├── listener │ ├── Cargo.toml │ ├── examples │ │ └── demo │ │ │ ├── certs │ │ │ ├── ca-key.pem │ │ │ ├── ca.csr │ │ │ ├── ca.json │ │ │ ├── ca.pem │ │ │ ├── client-key.pem │ │ │ ├── client.csr │ │ │ ├── client.json │ │ │ ├── client.pem │ │ │ ├── config.json │ │ │ ├── gen.sh │ │ │ ├── server-key.pem │ │ │ ├── server.csr │ │ │ ├── server.json │ │ │ └── server.pem │ │ │ └── main.rs │ └── src │ │ ├── lib.rs │ │ ├── maybe_tls.rs │ │ ├── proxy_protocol │ │ ├── acceptor.rs │ │ ├── maybe.rs │ │ ├── mod.rs │ │ └── v1.rs │ │ ├── rewind.rs │ │ ├── server.rs │ │ └── unix_or_tcp.rs ├── matrix-synapse │ ├── Cargo.toml │ └── src │ │ ├── error.rs │ │ └── lib.rs ├── matrix │ ├── Cargo.toml │ └── src │ │ ├── lib.rs │ │ ├── mock.rs │ │ └── readonly.rs ├── oauth2-types │ ├── Cargo.toml │ └── src │ │ ├── errors.rs │ │ ├── lib.rs │ │ ├── oidc.rs │ │ ├── pkce.rs │ │ ├── registration │ │ ├── client_metadata_serde.rs │ │ └── mod.rs │ │ ├── requests.rs │ │ ├── response_type.rs │ │ ├── scope.rs │ │ ├── test_utils.rs │ │ └── webfinger.rs ├── oidc-client │ ├── Cargo.toml │ ├── src │ │ ├── error.rs │ │ ├── lib.rs │ │ ├── requests │ │ │ ├── authorization_code.rs │ │ │ ├── client_credentials.rs │ │ │ ├── discovery.rs │ │ │ ├── jose.rs │ │ │ ├── mod.rs │ │ │ ├── refresh_token.rs │ │ │ ├── token.rs │ │ │ └── userinfo.rs │ │ └── types │ │ │ ├── client_credentials.rs │ │ │ └── mod.rs │ └── tests │ │ └── it │ │ ├── main.rs │ │ ├── requests │ │ ├── authorization_code.rs │ │ ├── client_credentials.rs │ │ ├── discovery.rs │ │ ├── jose.rs │ │ ├── mod.rs │ │ ├── refresh_token.rs │ │ └── userinfo.rs │ │ └── types │ │ ├── client_credentials.rs │ │ └── mod.rs ├── policy │ ├── Cargo.toml │ └── src │ │ ├── bin │ │ └── schema.rs │ │ ├── lib.rs │ │ └── model.rs ├── router │ ├── Cargo.toml │ └── src │ │ ├── endpoints.rs │ │ ├── lib.rs │ │ ├── traits.rs │ │ └── url_builder.rs ├── spa │ ├── Cargo.toml │ └── src │ │ ├── lib.rs │ │ └── vite.rs ├── storage-pg │ ├── .sqlx │ │ ├── query-015f7ad7c8d5403ce4dfb71d598fd9af472689d5aef7c1c4b1c594ca57c02237.json │ │ ├── query-036e9e2cb7271782e48700fecd3fdd80f596ed433f37f2528c7edbdc88b13646.json │ │ ├── query-037fae6964130343453ef607791c4c3deaa01b5aaa091d3a3487caf3e2634daf.json │ │ ├── query-03eee34f05df9c79f8ca5bfb1af339b3fcea95ba59395106318366a6ef432d85.json │ │ ├── query-047990a99794b565c2cad396946299db5b617f52f6c24bcca0a24c0c185c4478.json │ │ ├── query-048eec775f4af3ffd805e830e8286c6a5745e523b76e1083d6bfced0035c2f76.json │ │ ├── query-05b4dd39521eaf4e8e3c21654df67c00c8781f54054a84b3f3005b65cbc2a14a.json │ │ ├── query-07cd2da428f0984513b4ce58e526c35c9c236ea8beb6696e5740fa45655e59f3.json │ │ ├── query-0e1bce56e15751d82a622d532b279bfc50e22cb12ddf7495c7b0fedca61f9421.json │ │ ├── query-12c4577701416a9dc23708c46700f3f086e4e62c6de9d6864a6a11a2470ebe62.json │ │ ├── query-1764715e59f879f6b917ca30f8e3c1de5910c7a46e7fe52d1fb3bfd5561ac320.json │ │ ├── query-188a4aeef5a8b4bf3230c7176ded64d52804848df378dc74f8f54ec4404e094e.json │ │ ├── query-1919d402fd6f148d14417f633be3353004f458c85f7b4f361802f86651900fbc.json │ │ ├── query-1b547552eed4128f2227c681ff2d45586cdb0c20b98393f89036fbf0f1d2dee2.json │ │ ├── query-1dbc50cdab36da307c569891ab7b1ab4aaf128fed6be67ca0f139d697614c63b.json │ │ ├── query-1eb829460407fca22b717b88a1a0a9b7b920d807a4b6c235e1bee524cd73b266.json │ │ ├── query-22896e8f2a002f307089c3e0f9ee561e6521c45ce07d3a42411984c9a6b75fdc.json │ │ ├── query-245cab1cf7d9cf4e94cdec91ecb4dc8e678278121efbe1f66bcdc24144d684d0.json │ │ ├── query-2564bf6366eb59268c41fb25bb40d0e4e9e1fd1f9ea53b7a359c9025d7304223.json │ │ ├── query-29148548d592046f7d711676911e3847e376e443ccd841f76b17a81f53fafc3a.json │ │ ├── query-2a0d8d70d21afa9a2c9c1c432853361bb85911c48f7db6c3873b0f5abf35940b.json │ │ ├── query-2ee26886c56f04cd53d4c0968f5cf0963f92b6d15e6af0e69378a6447dee677c.json │ │ ├── query-2f7aba76cd7df75d6a9a6d91d5ddebaedf37437f3bd4f796f5581fab997587d7.json │ │ ├── query-2f8d402b7217aef47a5c45d4f7cfddbaeedcbbc6963ee573409bfc98e57de6ed.json │ │ ├── query-373f7eb215b0e515b000a37e55bd055954f697f257de026b74ec408938a52a1a.json │ │ ├── query-37a124678323380357fa9d1375fd125fb35476ac3008e5adbd04a761d5edcd42.json │ │ ├── query-38d0608b7d8ba30927f939491c1d43cfd962c729298ad07ee1ade2f2880c0eb3.json │ │ ├── query-38eb6b635d30ca78ff78b926b414cbd866cfc2918ca4b1741b5687f21cfe273b.json │ │ ├── query-399e261027fe6c9167511636157ab747a469404533f59ff6fbd56e9eb5ad38e1.json │ │ ├── query-3c7960a2eb2edd71bc71177fc0fb2e83858c9944893b8f3a0f0131e8a9b7a494.json │ │ ├── query-3d66f3121b11ce923b9c60609b510a8ca899640e78cc8f5b03168622928ffe94.json │ │ ├── query-3e6e3aad53b22fc53eb3ee881b29bb249b18ced57d6a4809dffc23972b3e9423.json │ │ ├── query-3ed73cfce8ef6a1108f454e18b1668f64b76975dba07e67d04ed7a52e2e8107f.json │ │ ├── query-3f9d76f442c82a1631da931950b83b80c9620e1825ab07ab6c52f3f1a32d2527.json │ │ ├── query-432e199b0d47fe299d840c91159726c0a4f89f65b4dc3e33ddad58aabf6b148b.json │ │ ├── query-446a8d7bd8532a751810401adfab924dc20785c91770ed43d62df2e590e8da71.json │ │ ├── query-4968c60adef69c7215a7efe2021baffb050b2f475ae106155c2e2f210a81191a.json │ │ ├── query-4c2064fed8fa464ea3d2a1258fb0544dbf1493cad31a21c0cd7ddb57ed12de16.json │ │ ├── query-4d0386ad2fe47f1aded46917abe6141752ba90d36467693a68318573171d57b0.json │ │ ├── query-5006c3e60c98c91a0b0fbb3205373e81d9b75e90929af80961f8b5910873a43e.json │ │ ├── query-53ad718642644b47a2d49f768d81bd993088526923769a9147281686c2d47591.json │ │ ├── query-5402b8ddb674d05319830477eb3e72ecb536092b46c92a7dda01598962842323.json │ │ ├── query-55bc51efddf7a1cf06610fdb20d46beca29964733338ea4fec2a29393f031c4f.json │ │ ├── query-585a1e78834c953c80a0af9215348b0f551b16f4cb57c022b50212cfc3d8431f.json │ │ ├── query-5b21644dd3c094b0f2f8babb2c730554dc067d0a6cad963dd7e0c66a80b342bf.json │ │ ├── query-5b697dd7834d33ec55972d3ba43d25fe794bc0b69c5938275711faa7a80b811f.json │ │ ├── query-5f2199865fae3a969bb37429dd70dc74505b22c681322bd99b62c2a540c6cd35.json │ │ ├── query-5f5245ace61b896f92be78ab4fef701b37c9e3c2f4a332f418b9fb2625a0fe3f.json │ │ ├── query-5fe1bb569d13a7d3ff22887b3fc5b76ff901c183b314f8ccb5018d70c516abf6.json │ │ ├── query-607262ccf28b672df51e4e5d371e5cc5119a7d6e7fe784112703c0406f28300f.json │ │ ├── query-608366f45ecaf392ab69cddb12252b5efcc103c3383fa68b552295e2289d1f55.json │ │ ├── query-66693f31eff5673e88ca516ee727a709b06455e08b9fd75cc08f142070f330b3.json │ │ ├── query-6772b17585f26365e70ec3e342100c6890d2d63f54f1306e1bb95ca6ca123777.json │ │ ├── query-67cd4880d84b38f20c3960789934d55cbfb01492985ac2af5a1ad4af9b3ccc77.json │ │ ├── query-689ffbfc5137ec788e89062ad679bbe6b23a8861c09a7246dc1659c28f12bf8d.json │ │ ├── query-6b8d28b76d7ab33178b46dbb28c11e41d86f22b3fa899a952cad00129e59bee6.json │ │ ├── query-6bd38759f569fcf972924d12f565b531b9873f4139eadcbf1450e726b9a27379.json │ │ ├── query-6d71188dffc492ddc8f7f21476516d3b08fd5d736ecf36845e6fd4bfc515b2cf.json │ │ ├── query-6e21e7d816f806da9bb5176931bdb550dee05c44c9d93f53df95fe3b4a840347.json │ │ ├── query-6ecad60e565367a6cfa539b4c32dabe674ea853e0d47eb5c713705cb0130c758.json │ │ ├── query-6f97b5f9ad0d4d15387150bea3839fb7f81015f7ceef61ecaadba64521895cff.json │ │ ├── query-707d78340069627aba9f18bbe5ac1388d6723f82549d88d704d9c939b9d35c49.json │ │ ├── query-7189b6136fd08ac9ae7c51bff06fb2254d1bf9e8a97cd7d32ba789c740e0fbdb.json │ │ ├── query-755f62d0a3a40acc90037371339a8459736fdd4bbffd932f7930d847f2c3ef5d.json │ │ ├── query-75a62d170e4c959a14c5698f1da983113e7d1bc565d01e85c158856abb17ddc6.json │ │ ├── query-77dfa9fae1a9c77b70476d7da19d3313a02886994cfff0690451229fb5ae2f77.json │ │ ├── query-785e6bceed803cb1caccc373cde0c999d601f3a9730e6bbb40cfc43c04195c61.json │ │ ├── query-7a0641df5058927c5cd67d4cdaa59fe609112afbabcbfcc0e7f96c1e531b6567.json │ │ ├── query-7ce387b1b0aaf10e72adde667b19521b66eaafa51f73bf2f95e38b8f3b64a229.json │ │ ├── query-7e367e416d18fcf9b227bf053421410b4b7b4af441f0a138c5421d1111cb9f79.json │ │ ├── query-7f4c4634ada4dc2745530dcca8eee92abf78dfbdf1a25e58a2bc9c14be8035f0.json │ │ ├── query-7f8335cc94347bc3a15afe7051658659347a1bf71dd62335df046708f19c967e.json │ │ ├── query-8275a440640ea28fd8f82e7df672e45a6eba981a0d621665ed8f8b60354b3389.json │ │ ├── query-83d1b0720dfde3209d77f1142aa19359913b8a934ca8a642b7bb43c9a7a58a6d.json │ │ ├── query-875294dc5cf87bcf302fb9e87933745cc1c57bbe3c3c69110592a07400116c7f.json │ │ ├── query-89041298e272d15c21e2b7127bd16c5a4f48e2be87dc26e9d0e3a932c9c49dfb.json │ │ ├── query-8acbdc892d44efb53529da1c2df65bea6b799a43cf4c9264a37d392847e6eff0.json │ │ ├── query-8afada5220fefb0d01ed6f87d3d0ee8fca86b5cdce9320e190e3d3b8fd9f63bc.json │ │ ├── query-8d240d72d651f59d53bed7380710038e9d00492b1e282237c0ec0e03bc36a9c0.json │ │ ├── query-8ef27901b96b73826a431ad6c5fabecc18c36d8cdba8db3b47953855fa5c9035.json │ │ ├── query-8f4f071f844281fb14ecd99db3261540441b14c8206038fdc4a4336bbae3f382.json │ │ ├── query-8f5ce493e8b8473ba03d5263915a8b231f9e7c211ab83487536008e48316c269.json │ │ ├── query-90fe32cb9c88a262a682c0db700fef7d69d6ce0be1f930d9f16c50b921a8b819.json │ │ ├── query-91a3ee5ad64a947b7807a590f6b014c6856229918b972b98946f98b75686ab6c.json │ │ ├── query-92c8eb526fcc5de6874eb0fab1d71fb1ed3dafe2bd1a49aa72e4f4862931c6c2.json │ │ ├── query-933d2bed9c00eb9b37bfe757266ead15df5e0a4209ff47dcf4a5f19d35154e89.json │ │ ├── query-966ca0f7eebd2896c007b2fd6e9327d03b29fe413d57cce21c67b6d539f59e7d.json │ │ ├── query-9b7363000017fa3dee46441bc0679cb16f9f8df08fa258cc907007fb9bcd0bc7.json │ │ ├── query-9c9c65d4ca6847761d8f999253590082672b3782875cf3f5ba0b2f9d26e3a507.json │ │ ├── query-9eaf35f045aaca8473efc4a1f529afe24f01d9ec34609f373db5c535ccb58516.json │ │ ├── query-9f7bdc034c618e47e49c467d0d7f5b8c297d055abe248cc876dbc12c5a7dc920.json │ │ ├── query-9fe87eeaf4b7d0ba09b59ddad3476eb57ccb6e4053ab8f4450dd4a9d1f6ba108.json │ │ ├── query-a2f7433f06fb4f6a7ad5ac6c1db18705276bce41e9b19d5d7e910ad4b767fb5e.json │ │ ├── query-a63a217981b97448ddcc96b2489ddd9d3bc8c99b5b8b1d373939fc3ae9715c27.json │ │ ├── query-a7094d84d313602729fde155cfbe63041fca7cbab407f98452462ec45e3cfd16.json │ │ ├── query-a711f4c6fa38b98c960ee565038d42ea16db436352b19fcd3b2c620c73d9cc0c.json │ │ ├── query-a75a6a08c9639053cfc3cffa9d4a009785f358b334f5c586c2e358f0d0b4d856.json │ │ ├── query-a7f780528882a2ae66c45435215763eed0582264861436eab3f862e3eb12cab1.json │ │ ├── query-a82b87ccfaa1de9a8e6433aaa67382fbb5029d5f7adf95aaa0decd668d25ba89.json │ │ ├── query-ab34912b42a48a8b5c8d63e271b99b7d0b690a2471873c6654b1b6cf2079b95c.json │ │ ├── query-ae6bf8958c4d9837d63f56574e91f91acc6076a8521adc3e30a83bf70e2121a0.json │ │ ├── query-afa86e79e3de2a83265cb0db8549d378a2f11b2a27bbd86d60558318c87eb698.json │ │ ├── query-b60d34f4d250c12f75dba10491c1337d69aebad12be6fbfbdde91e34083ba4ed.json │ │ ├── query-b6c4f4a23968cba2a82c2b7cfffc05a7ed582c9e5c1f65d27b0686f843ccfe42.json │ │ ├── query-b700dc3f7d0f86f4904725d8357e34b7e457f857ed37c467c314142877fd5367.json │ │ ├── query-b74e4d620bed4832a4e8e713a346691f260a7eca4bf494d6fb11c7cf699adaad.json │ │ ├── query-b992283a9b43cbb8f86149f3f55cb47fb628dabd8fadc50e6a5772903f851e1c.json │ │ ├── query-bb0f782756c274c06c1b63af6fc3ac2a7cedfd4247b57f062d348b4b1b36bef1.json │ │ ├── query-bb141d28c0c82244f31d542038c314d05ceb3a7b8f35397c0faef3b36d2d14a7.json │ │ ├── query-bbf62633c561706a762089bbab2f76a9ba3e2ed3539ef16accb601fb609c2ec9.json │ │ ├── query-c09e0bb0378d9dfb15de7f2f1209fab6ea87589819128e6fc9ed5da11dfc2770.json │ │ ├── query-c29fa41743811a6ac3a9b952b6ea75d18e914f823902587b63c9f295407144b1.json │ │ ├── query-c5e7dbb22488aca427b85b3415bd1f1a1766ff865f2e08a5daa095d2a1ccbd56.json │ │ ├── query-c68b28232b42a62907709403caafe1cc5267780232cd615468d50f5c0af2bedb.json │ │ ├── query-c960f4f5571ee68816c49898125979f3c78c2caca52cb4b8dc9880e669a1f23e.json │ │ ├── query-c984ae0496d0bd7520ee3d6761ce6a4f61a6a2001b597e4c63ba4588ec5cf530.json │ │ ├── query-cc332eda5965715607ffa4eeeacc1b6532cbd8fe49904ccdb1afe315804d348d.json │ │ ├── query-cc60ad934d347fb4546205d1fe07e9d2f127cb15b1bb650d1ea3805a4c55b196.json │ │ ├── query-ce36eb8d3e4478a4e8520919ff41f1a5e6470cef581b1638f5578546dd28c4df.json │ │ ├── query-cf654533cfed946e9ac52dbcea1f50be3dfdac0fbfb1e8a0204c0c9c103ba5b0.json │ │ ├── query-d26e42d9fd2b2ee3cf9702c1666d83e7cffa26b320ae1442c7f3e22376c4a4ee.json │ │ ├── query-d2a4f5c01603463b78198529d295f7f121769ea5730d01c20c0ddbcdc79a5716.json │ │ ├── query-d7a0e4fa2f168976505405c7e7800847f3379f7b57c0972659a35bfb68b0f6cd.json │ │ ├── query-da02f93d7346992a9795f12b900f91ac0b326dd751c0d374d6ef4d19f671d22e.json │ │ ├── query-dbf4be84eeff9ea51b00185faae2d453ab449017ed492bf6711dc7fceb630880.json │ │ ├── query-dd02cc4a48123c28b34da8501060096c33df9e30611ef89d01bf0502119cbbe1.json │ │ ├── query-dda97742d389ffeeaab33d352d05767e2150f7da3cf384a7f44741c769f44144.json │ │ ├── query-e291be0434ab9c346dee777e50f8e601f12c8003fe93a5ecb110d02642d14c3c.json │ │ ├── query-e35d56de7136d43d0803ec825b0612e4185cef838f105d66f18cb24865e45140.json │ │ ├── query-e68a7084d44462d19f30902d7e6c1bd60bb771c6f075df15ab0137a7ffc896da.json │ │ ├── query-e6d66a7980933c12ab046958e02d419129ef52ac45bea4345471838016cae917.json │ │ ├── query-e8e48db74ac1ab5baa1e4b121643cfa33a0bf3328df6e869464fe7f31429b81e.json │ │ ├── query-e99ab37ab3e03ad9c48792772b09bac77b09f67e623d5371ab4dadbe2d41fa1c.json │ │ ├── query-eb095f64bec5ac885683a8c6708320760971317c4519fae7af9d44e2be50985d.json │ │ ├── query-f3b043b69e0554b5b4d8f5cf05960632fb2ebd38916dd2e9beac232c7e14c1ec.json │ │ ├── query-f41f76c94cd68fca2285b1cc60f426603c84df4ef1c6ce5dc441a63d2dc46f6e.json │ │ ├── query-f46e87bbb149b35e1d13b2b3cd2bdeab3c28a56a395f52f001a7bb013a5dfece.json │ │ ├── query-f50b7fb5a2c09e7b7e89e2addb0ca42c790c101a3fc9442862b5885d5116325a.json │ │ ├── query-f5c2ec9b7038d7ed36091e670f9bf34f8aa9ea8ed50929731845e32dc3176e39.json │ │ ├── query-f75e44b528234dac708640ad9a111f3f6b468a91bf0d5b574795bf8c80605f19.json │ │ ├── query-f7d26de1d380e3e52f47f2b89ed7506e1e4cca72682bc7737e6508dc4015b8d5.json │ │ ├── query-f8182fd162ffb018d4f102fa7ddbc9991135065e81af8f77b5beef9405607577.json │ │ ├── query-f924db60febad26c9fff24881b05dd1e1f7ba288d7b2f2f8e30a1ea43e98b8c8.json │ │ ├── query-fc9925e19000d79c0bb020ea44e13cbb364b3505626d34550e38f6f7397b9d42.json │ │ ├── query-fcd8b4b9e003d1540357c6bf1ff9c715560d011d4c01112703a9c046170c84f1.json │ │ ├── query-fe7bd146523e4bb321cb234d6bf9f3005b55c654897a8e46dc933c7fd2263c7c.json │ │ └── query-ffbfef8b7e72ec4bae02b6bbe862980b5fe575ae8432a000e9c4e4307caa2d9b.json │ ├── Cargo.toml │ ├── build.rs │ ├── migrations │ │ ├── 20220530084123_jobs_workers.sql │ │ ├── 20221018142001_init.sql │ │ ├── 20221121151402_upstream_oauth.sql │ │ ├── 20221213145242_password_schemes.sql │ │ ├── 20230408234928_add_get_jobs_fn_.sql │ │ ├── 20230616093555_compat_admin_flag.sql │ │ ├── 20230621140528_upstream_oauth_claims_imports.sql │ │ ├── 20230626130338_oauth_clients_static.sql │ │ ├── 20230728154304_user_lock.sql │ │ ├── 20230823125247_drop_apalis_push_job.sql │ │ ├── 20230828085439_oauth2_clients_more_fields.sql │ │ ├── 20230828143553_user_session_authentication_source.sql │ │ ├── 20230829092920_oauth2_sessions_user_id_scope_list.sql │ │ ├── 20230829141928_user_session_user_agent.sql │ │ ├── 20230904135550_oauth2_client_credentials_grant.sql │ │ ├── 20230911091636_oauth2_token_expiration.sql │ │ ├── 20230919155444_record_session_last_activity.sql │ │ ├── 20231009142904_user_can_request_admin.sql │ │ ├── 20231116104353_upstream_oauth_overrides.sql │ │ ├── 20231120110559_upstream_oauth_branding.sql │ │ ├── 20231207090532_oauth_device_code_grant.sql │ │ ├── 20231208155602_oauth_clients_device_code_grant.sql │ │ ├── 20240207100003_user_terms.sql │ │ ├── 20240220141353_nonunique_compat_device_id.sql │ │ ├── 20240220150201_compat_sessions_user_sessions_link.sql │ │ ├── 20240221164945_sessions_user_agent.sql │ │ ├── 20240301091201_upstream_oauth_additional_parameters.sql │ │ ├── 20240402084854_upstream_oauth_disabled_at.sql │ │ ├── 20240621080509_user_recovery.sql │ │ ├── 20240718075125_sessions_active_index.sql │ │ ├── 20241004075132_queue_worker.sql │ │ ├── 20241004121132_queue_job.sql │ │ ├── 20241007160050_oidc_login_hint.sql │ │ ├── 20241115163340_upstream_oauth2_response_mode.sql │ │ ├── 20241118115314_upstream_oauth2_extra_query_params.sql │ │ ├── 20241120163320_queue_job_failures.sql │ │ ├── 20241122130349_queue_job_scheduled.sql │ │ ├── 20241122133435_queue_job_scheduled_index.sql │ │ ├── 20241124145741_upstream_oauth_userinfo.sql │ │ ├── 20241125110803_queue_job_recurrent.sql │ │ ├── 20241129091057_upstream_oauth2_link_account_name.sql │ │ ├── 20241202123523_upstream_oauth_responses_alg.sql │ │ ├── 20241210115428_oauth_refresh_token_track_next.sql │ │ ├── 20241210133651_oauth2_access_token_first_used.sql │ │ ├── 20241212154426_oauth2_response_mode_null.sql │ │ ├── 20241213180524_upstream_oauth_optional_issuer.sql │ │ ├── 20250109105709_user_email_authentication_codes.sql │ │ ├── 20250113102144_user_registrations.sql │ │ ├── 20250114135939_allow_deviceless_compat_sessions.sql │ │ ├── 20250115155255_cleanup_unverified_emails.sql │ │ ├── 20250124151529_unsupported_threepids_table.sql │ │ ├── 20250129154003_compat_sessions_device_name.sql │ │ ├── 20250130170011_user_is_guest.sql │ │ ├── 20250225091000_dynamic_policy_data.sql │ │ ├── 20250311093145_user_deactivated_at.sql │ │ ├── 20250312094013_upstream_oauth2_providers_order.sql │ │ ├── 20250317151803_upstream_oauth_session_unlinked_at.sql │ │ ├── 20250325102310_oauth2_clients_hash.sql │ │ ├── 20250404105103_compat_sso_login_browser_session.sql │ │ ├── 20250410000000_idx_compat_access_tokens_session_fk.sql │ │ ├── 20250410000001_idx_compat_refresh_tokens_session_fk.sql │ │ ├── 20250410000002_idx_compat_refresh_tokens_access_token_fk.sql │ │ ├── 20250410000003_idx_compat_sessions_user_fk.sql │ │ ├── 20250410000004_idx_compat_sessions_user_session_fk.sql │ │ ├── 20250410000005_drop_compat_sessions_user_id_last_active_at.sql │ │ ├── 20250410000006_idx_compat_sso_logins_session_fk.sql │ │ ├── 20250410000007_idx_oauth2_access_tokens_session_fk.sql │ │ ├── 20250410000008_idx_oauth2_authorization_grants_session_fk.sql │ │ ├── 20250410000009_idx_oauth2_authorization_grants_client_fk.sql │ │ ├── 20250410000010_idx_oauth2_consents_client_fk.sql │ │ ├── 20250410000011_idx_oauth2_consents_user_fk.sql │ │ ├── 20250410000012_idx_oauth2_device_code_grants_client_fk.sql │ │ ├── 20250410000013_idx_oauth2_device_code_grants_session_fk.sql │ │ ├── 20250410000014_idx_oauth2_device_code_grants_user_session_fk.sql │ │ ├── 20250410000015_idx_oauth2_refresh_tokens_session_fk.sql │ │ ├── 20250410000016_idx_oauth2_refresh_tokens_access_token_fk.sql │ │ ├── 20250410000017_idx_oauth2_refresh_tokens_next_refresh_token_fk.sql │ │ ├── 20250410000018_idx_oauth2_sessions_user_session_fk.sql │ │ ├── 20250410000019_idx_oauth2_sessions_client_fk.sql │ │ ├── 20250410000020_idx_oauth2_sessions_user_fk.sql │ │ ├── 20250410000021_drop_oauth2_sessions_user_id_last_active_at.sql │ │ ├── 20250410000022_idx_queue_jobs_started_by_fk.sql │ │ ├── 20250410000023_idx_queue_jobs_next_attempt_fk.sql │ │ ├── 20250410000024_idx_queue_jobs_schedule_name_fk.sql │ │ ├── 20250410000025_idx_upstream_oauth_authorization_sessions_provider_fk.sql │ │ ├── 20250410000026_idx_upstream_oauth_authorization_sessions_link_fk.sql │ │ ├── 20250410000027_idx_upstream_oauth_links_provider_fk.sql │ │ ├── 20250410000028_idx_upstream_oauth_links_user_fk.sql │ │ ├── 20250410000029_idx_user_email_authentication_codes_authentication_fk.sql │ │ ├── 20250410000030_idx_user_email_authentications_user_session_fk.sql │ │ ├── 20250410000031_idx_user_email_authentications_user_registration_fk.sql │ │ ├── 20250410000032_idx_user_emails_user_fk.sql │ │ ├── 20250410000033_idx_user_emails_email_idx.sql │ │ ├── 20250410000034_idx_user_passwords_user_fk.sql │ │ ├── 20250410000035_idx_user_recovery_tickets_session_fk.sql │ │ ├── 20250410000036_idx_user_recovery_tickets_user_email_fk.sql │ │ ├── 20250410000037_idx_user_registrations_email_authentication_fk.sql │ │ ├── 20250410000038_idx_user_session_authentications_user_session_fk.sql │ │ ├── 20250410000039_idx_user_session_authentications_user_password_fk.sql │ │ ├── 20250410000040_idx_user_session_authentications_upstream_oauth_session_fk.sql │ │ ├── 20250410000041_idx_user_sessions_user_fk.sql │ │ ├── 20250410000042_drop_user_sessions_user_id_last_active_at.sql │ │ ├── 20250410000043_idx_user_terms_user_fk.sql │ │ ├── 20250410000044_idx_users_primary_email_fk.sql │ │ ├── 20250410000045_idx_user_recovery_tickets_ticket_idx.sql │ │ ├── 20250410121612_users_lower_username_idx.sql │ │ ├── 20250410174306_oauth2_authorization_default_requires_consent.sql │ │ ├── 20250424150930_oauth2_grants_locale.sql │ │ ├── 20250425113717_oauth2_session_human_name.sql │ │ ├── 20250506161158_upstream_oauth2_forward_login_hint.sql │ │ └── 20250507131948_upstream_oauth_session_optional_nonce.sql │ └── src │ │ ├── app_session.rs │ │ ├── compat │ │ ├── access_token.rs │ │ ├── mod.rs │ │ ├── refresh_token.rs │ │ ├── session.rs │ │ └── sso_login.rs │ │ ├── errors.rs │ │ ├── filter.rs │ │ ├── iden.rs │ │ ├── lib.rs │ │ ├── oauth2 │ │ ├── access_token.rs │ │ ├── authorization_grant.rs │ │ ├── client.rs │ │ ├── device_code_grant.rs │ │ ├── mod.rs │ │ ├── refresh_token.rs │ │ └── session.rs │ │ ├── pagination.rs │ │ ├── policy_data.rs │ │ ├── queue │ │ ├── job.rs │ │ ├── mod.rs │ │ ├── schedule.rs │ │ └── worker.rs │ │ ├── repository.rs │ │ ├── telemetry.rs │ │ ├── tracing.rs │ │ ├── upstream_oauth2 │ │ ├── link.rs │ │ ├── mod.rs │ │ ├── provider.rs │ │ └── session.rs │ │ └── user │ │ ├── email.rs │ │ ├── mod.rs │ │ ├── password.rs │ │ ├── recovery.rs │ │ ├── registration.rs │ │ ├── session.rs │ │ ├── terms.rs │ │ └── tests.rs ├── storage │ ├── Cargo.toml │ └── src │ │ ├── app_session.rs │ │ ├── clock.rs │ │ ├── compat │ │ ├── access_token.rs │ │ ├── mod.rs │ │ ├── refresh_token.rs │ │ ├── session.rs │ │ └── sso_login.rs │ │ ├── lib.rs │ │ ├── oauth2 │ │ ├── access_token.rs │ │ ├── authorization_grant.rs │ │ ├── client.rs │ │ ├── device_code_grant.rs │ │ ├── mod.rs │ │ ├── refresh_token.rs │ │ └── session.rs │ │ ├── pagination.rs │ │ ├── policy_data.rs │ │ ├── queue │ │ ├── job.rs │ │ ├── mod.rs │ │ ├── schedule.rs │ │ ├── tasks.rs │ │ └── worker.rs │ │ ├── repository.rs │ │ ├── upstream_oauth2 │ │ ├── link.rs │ │ ├── mod.rs │ │ ├── provider.rs │ │ └── session.rs │ │ ├── user │ │ ├── email.rs │ │ ├── mod.rs │ │ ├── password.rs │ │ ├── recovery.rs │ │ ├── registration.rs │ │ ├── session.rs │ │ └── terms.rs │ │ └── utils.rs ├── syn2mas │ ├── .sqlx │ │ ├── query-026adeffc646b41ebc096bb874d110039b9a4a0425fd566e401f56ea215de0dd.json │ │ ├── query-07ec66733b67a9990cc9d483b564c8d05c577cf8f049d8822746c7d1dbd23752.json │ │ ├── query-08ad2855f0baaaed9d6af23c8bf035e9a087ff27b06e804464a432d93e5a25f1.json │ │ ├── query-09db58b250c20ab9d1701653165233e5c9aabfdae1f0ee9b77c909b2bb2f3e25.json │ │ ├── query-12112011318abc0bdd7f722ed8c5d4a86bf5758f8c32d9d41a22999b2f0698ca.json │ │ ├── query-1d1004d0fb5939fbf30c1986b80b986b1b4864a778525d0b8b0ad6678aef3e9f.json │ │ ├── query-204cf4811150a7fdeafa9373647a9cd62ac3c9e58155882858c6056e2ef6c30d.json │ │ ├── query-207b880ec2dd484ad05a7138ba485277958b66e4534561686c073e282fafaf2a.json │ │ ├── query-24f6ce6280dc6675ab1ebdde0c5e3db8ff7a686180d71052911879f186ed1c8e.json │ │ ├── query-486f3177dcf6117c6b966954a44d9f96a754eba64912566e81a90bd4cbd186f0.json │ │ ├── query-5b4840f42ae00c5dc9f59f2745d664b16ebd813dfa0aa32a6d39dd5c393af299.json │ │ ├── query-69aa96208513c3ea64a446c7739747fcb5e79d7e8c1212b2a679c3bde908ce93.json │ │ ├── query-78ed3bf1032cd678b42230d68fb2b8e3d74161c8b6c5fe1a746b6958ccd2fd84.json │ │ ├── query-86b2b02fbb6350100d794e4d0fa3c67bf00fd3e411f769b9f25dec27428489ed.json │ │ ├── query-979bedd942b4f71c58f3672f2917cee05ac1a628e51fe61ba6dfed253e0c63c2.json │ │ └── query-b27828d7510d52456b50b4c4b9712878ee329ca72070d849eb61ac9c8f9d1c76.json │ ├── Cargo.toml │ ├── src │ │ ├── lib.rs │ │ ├── mas_writer │ │ │ ├── checks.rs │ │ │ ├── constraint_pausing.rs │ │ │ ├── fixtures │ │ │ │ └── upstream_provider.sql │ │ │ ├── locking.rs │ │ │ ├── mod.rs │ │ │ ├── snapshots │ │ │ │ ├── syn2mas__mas_writer__test__write_user.snap │ │ │ │ ├── syn2mas__mas_writer__test__write_user_with_access_token.snap │ │ │ │ ├── syn2mas__mas_writer__test__write_user_with_device.snap │ │ │ │ ├── syn2mas__mas_writer__test__write_user_with_email.snap │ │ │ │ ├── syn2mas__mas_writer__test__write_user_with_password.snap │ │ │ │ ├── syn2mas__mas_writer__test__write_user_with_refresh_token.snap │ │ │ │ ├── syn2mas__mas_writer__test__write_user_with_unsupported_threepid.snap │ │ │ │ └── syn2mas__mas_writer__test__write_user_with_upstream_provider_link.snap │ │ │ ├── syn2mas_revert_temporary_tables.sql │ │ │ └── syn2mas_temporary_tables.sql │ │ ├── migration.rs │ │ ├── progress.rs │ │ ├── synapse_reader │ │ │ ├── checks.rs │ │ │ ├── config │ │ │ │ ├── mod.rs │ │ │ │ └── oidc.rs │ │ │ ├── fixtures │ │ │ │ ├── access_token_alice.sql │ │ │ │ ├── access_token_alice_with_puppet.sql │ │ │ │ ├── access_token_alice_with_refresh_token.sql │ │ │ │ ├── access_token_alice_with_unused_refresh_token.sql │ │ │ │ ├── devices_alice.sql │ │ │ │ ├── external_ids_alice.sql │ │ │ │ ├── threepids_alice.sql │ │ │ │ └── user_alice.sql │ │ │ ├── mod.rs │ │ │ └── snapshots │ │ │ │ ├── syn2mas__synapse_reader__test__read_access_and_refresh_tokens.snap │ │ │ │ ├── syn2mas__synapse_reader__test__read_access_and_unused_refresh_tokens.snap │ │ │ │ ├── syn2mas__synapse_reader__test__read_access_token.snap │ │ │ │ ├── syn2mas__synapse_reader__test__read_devices.snap │ │ │ │ ├── syn2mas__synapse_reader__test__read_external_ids.snap │ │ │ │ ├── syn2mas__synapse_reader__test__read_threepids.snap │ │ │ │ └── syn2mas__synapse_reader__test__read_users.snap │ │ └── telemetry.rs │ └── test_synapse_migrations │ │ ├── 20250117064958_users.sql │ │ ├── 20250128141011_threepids.sql │ │ ├── 20250128162513_external_ids.sql │ │ ├── 20250128201100_access_and_refresh_tokens.sql │ │ └── 20250129140230_devices.sql ├── tasks │ ├── Cargo.toml │ └── src │ │ ├── database.rs │ │ ├── email.rs │ │ ├── lib.rs │ │ ├── matrix.rs │ │ ├── new_queue.rs │ │ ├── recovery.rs │ │ ├── sessions.rs │ │ └── user.rs ├── templates │ ├── Cargo.toml │ └── src │ │ ├── context.rs │ │ ├── context │ │ ├── branding.rs │ │ ├── captcha.rs │ │ ├── ext.rs │ │ └── features.rs │ │ ├── forms.rs │ │ ├── functions.rs │ │ ├── lib.rs │ │ └── macros.rs └── tower │ ├── Cargo.toml │ └── src │ ├── lib.rs │ ├── metrics │ ├── duration.rs │ ├── in_flight.rs │ ├── make_attributes.rs │ └── mod.rs │ ├── trace_context.rs │ ├── tracing │ ├── enrich_span.rs │ ├── future.rs │ ├── layer.rs │ ├── make_span.rs │ ├── mod.rs │ └── service.rs │ └── utils.rs ├── deny.toml ├── docker-bake.hcl ├── docs ├── README.md ├── SUMMARY.md ├── api │ ├── index.html │ ├── oauth2-redirect.html │ └── spec.json ├── as-login.md ├── config.schema.json ├── development │ ├── architecture.md │ ├── contributing.md │ ├── database.md │ └── graphql.md ├── reference │ ├── cli │ │ ├── README.md │ │ ├── config.md │ │ ├── database.md │ │ ├── doctor.md │ │ ├── manage.md │ │ ├── server.md │ │ ├── syn2mas.md │ │ ├── templates.md │ │ └── worker.md │ ├── configuration.md │ └── scopes.md ├── rustdoc │ └── mas_handlers │ │ └── README.md ├── setup │ ├── README.md │ ├── database.md │ ├── general.md │ ├── homeserver.md │ ├── installation.md │ ├── migration.md │ ├── reverse-proxy.md │ ├── running.md │ └── sso.md ├── storybook │ └── README.md └── topics │ ├── admin-api.md │ ├── authorization.md │ └── policy.md ├── frontend ├── .browserlistrc ├── .editorconfig ├── .gitignore ├── .postcssrc.json ├── .storybook │ ├── locales.ts │ ├── main.ts │ ├── preview-head.html │ ├── preview.tsx │ └── public │ │ └── mockServiceWorker.js ├── codegen.ts ├── graphql.config.json ├── i18next-parser.config.ts ├── index.html ├── knip.config.ts ├── locales │ ├── cs.json │ ├── da.json │ ├── de.json │ ├── en.json │ ├── et.json │ ├── fi.json │ ├── fr.json │ ├── hu.json │ ├── nb-NO.json │ ├── nl.json │ ├── pt.json │ ├── ru.json │ ├── sv.json │ ├── uk.json │ └── zh-Hans.json ├── package-lock.json ├── package.json ├── schema.graphql ├── src │ ├── @types │ │ └── i18next.d.ts │ ├── components │ │ ├── AccountDeleteButton.tsx │ │ ├── AccountManagementPasswordPreview │ │ │ ├── AccountManagementPasswordPreview.module.css │ │ │ ├── AccountManagementPasswordPreview.tsx │ │ │ └── index.ts │ │ ├── BrowserSession.tsx │ │ ├── ButtonLink.module.css │ │ ├── ButtonLink.tsx │ │ ├── Client │ │ │ ├── OAuth2ClientDetail.test.tsx │ │ │ ├── OAuth2ClientDetail.tsx │ │ │ └── __snapshots__ │ │ │ │ └── OAuth2ClientDetail.test.tsx.snap │ │ ├── Collapsible │ │ │ ├── Collapsible.module.css │ │ │ ├── Collapsible.stories.tsx │ │ │ ├── Collapsible.tsx │ │ │ └── index.ts │ │ ├── CompatSession.test.tsx │ │ ├── CompatSession.tsx │ │ ├── DateTime.stories.tsx │ │ ├── DateTime.tsx │ │ ├── Dialog │ │ │ ├── Dialog.module.css │ │ │ ├── Dialog.stories.tsx │ │ │ ├── Dialog.tsx │ │ │ └── index.ts │ │ ├── EmptyState │ │ │ ├── EmptyState.module.css │ │ │ ├── EmptyState.stories.tsx │ │ │ ├── EmptyState.tsx │ │ │ └── index.ts │ │ ├── ErrorBoundary.tsx │ │ ├── ExternalLink │ │ │ ├── ExternalLink.module.css │ │ │ └── ExternalLink.tsx │ │ ├── Filter │ │ │ ├── Filter.module.css │ │ │ ├── Filter.stories.tsx │ │ │ ├── Filter.tsx │ │ │ └── index.ts │ │ ├── Footer │ │ │ ├── Footer.module.css │ │ │ ├── Footer.stories.tsx │ │ │ ├── Footer.tsx │ │ │ └── index.ts │ │ ├── GenericError.module.css │ │ ├── GenericError.tsx │ │ ├── Layout │ │ │ ├── Layout.module.css │ │ │ ├── Layout.tsx │ │ │ └── index.ts │ │ ├── Link.tsx │ │ ├── LoadingScreen │ │ │ ├── LoadingScreen.module.css │ │ │ ├── LoadingScreen.stories.tsx │ │ │ ├── LoadingScreen.test.tsx │ │ │ ├── LoadingScreen.tsx │ │ │ ├── __snapshots__ │ │ │ │ └── LoadingScreen.test.tsx.snap │ │ │ └── index.ts │ │ ├── LoadingSpinner │ │ │ ├── LoadingSpinner.module.css │ │ │ ├── LoadingSpinner.stories.tsx │ │ │ ├── LoadingSpinner.tsx │ │ │ └── index.ts │ │ ├── NavBar │ │ │ ├── NavBar.module.css │ │ │ ├── NavBar.stories.tsx │ │ │ ├── NavBar.tsx │ │ │ └── index.ts │ │ ├── NavItem │ │ │ ├── NavItem.module.css │ │ │ ├── NavItem.tsx │ │ │ ├── __snapshots__ │ │ │ │ └── NavItem.test.tsx.snap │ │ │ └── index.ts │ │ ├── NotFound.tsx │ │ ├── OAuth2Session.test.tsx │ │ ├── OAuth2Session.tsx │ │ ├── PageHeading │ │ │ ├── PageHeading.module.css │ │ │ ├── PageHeading.tsx │ │ │ └── index.ts │ │ ├── PaginationControls.tsx │ │ ├── PasswordConfirmation.tsx │ │ ├── PasswordCreationDoubleInput.tsx │ │ ├── Separator │ │ │ ├── Separator.module.css │ │ │ ├── Separator.tsx │ │ │ └── index.tsx │ │ ├── Session │ │ │ ├── ClientAvatar.module.css │ │ │ ├── ClientAvatar.test.tsx │ │ │ ├── ClientAvatar.tsx │ │ │ ├── DeviceTypeIcon.module.css │ │ │ ├── DeviceTypeIcon.stories.tsx │ │ │ ├── DeviceTypeIcon.test.tsx │ │ │ ├── DeviceTypeIcon.tsx │ │ │ ├── EndBrowserSessionButton.tsx │ │ │ ├── EndCompatSessionButton.tsx │ │ │ ├── EndOAuth2SessionButton.tsx │ │ │ ├── EndSessionButton.tsx │ │ │ ├── LastActive.module.css │ │ │ ├── LastActive.stories.tsx │ │ │ ├── LastActive.test.tsx │ │ │ ├── LastActive.tsx │ │ │ └── __snapshots__ │ │ │ │ ├── ClientAvatar.test.tsx.snap │ │ │ │ ├── DeviceTypeIcon.test.tsx.snap │ │ │ │ ├── LastActive.test.tsx.snap │ │ │ │ └── Session.test.tsx.snap │ │ ├── SessionCard │ │ │ ├── SessionCard.module.css │ │ │ ├── SessionCard.stories.tsx │ │ │ ├── SessionCard.tsx │ │ │ └── index.ts │ │ ├── SessionDetail │ │ │ ├── BrowserSessionDetail.tsx │ │ │ ├── CompatSessionDetail.test.tsx │ │ │ ├── CompatSessionDetail.tsx │ │ │ ├── EditSessionName.tsx │ │ │ ├── OAuth2SessionDetail.test.tsx │ │ │ ├── OAuth2SessionDetail.tsx │ │ │ ├── SessionHeader.module.css │ │ │ ├── SessionHeader.stories.tsx │ │ │ ├── SessionHeader.test.tsx │ │ │ ├── SessionHeader.tsx │ │ │ ├── SessionInfo.tsx │ │ │ └── __snapshots__ │ │ │ │ ├── CompatSessionDetail.test.tsx.snap │ │ │ │ ├── OAuth2SessionDetail.test.tsx.snap │ │ │ │ └── SessionHeader.test.tsx.snap │ │ ├── Typography.stories.tsx │ │ ├── Typography.tsx │ │ ├── UserEmail │ │ │ ├── UserEmail.module.css │ │ │ ├── UserEmail.tsx │ │ │ └── index.ts │ │ ├── UserGreeting │ │ │ ├── UserGreeting.module.css │ │ │ ├── UserGreeting.stories.tsx │ │ │ ├── UserGreeting.tsx │ │ │ └── index.ts │ │ ├── UserProfile │ │ │ ├── AddEmailForm.tsx │ │ │ └── UserEmailList.tsx │ │ ├── UserSessionsOverview │ │ │ ├── BrowserSessionsOverview.module.css │ │ │ ├── BrowserSessionsOverview.stories.tsx │ │ │ ├── BrowserSessionsOverview.test.tsx │ │ │ ├── BrowserSessionsOverview.tsx │ │ │ └── __snapshots__ │ │ │ │ ├── BrowserSessionsOverview.test.tsx.snap │ │ │ │ └── UserSessionsOverview.test.tsx.snap │ │ └── __snapshots__ │ │ │ ├── CompatSession.test.tsx.snap │ │ │ ├── LoadingScreen.test.tsx.snap │ │ │ └── OAuth2Session.test.tsx.snap │ ├── config.ts │ ├── gql │ │ ├── fragment-masking.ts │ │ ├── gql.ts │ │ ├── graphql.ts │ │ └── index.ts │ ├── graphql.ts │ ├── i18n.ts │ ├── i18n │ │ └── password_changes.ts │ ├── main.tsx │ ├── pagination.ts │ ├── routeTree.gen.ts │ ├── router.tsx │ ├── routes │ │ ├── __root.tsx │ │ ├── _account.index.tsx │ │ ├── _account.sessions.browsers.tsx │ │ ├── _account.sessions.index.tsx │ │ ├── _account.tsx │ │ ├── clients.$id.tsx │ │ ├── devices.$.tsx │ │ ├── emails.$id.in-use.tsx │ │ ├── emails.$id.verify.tsx │ │ ├── password.change.index.tsx │ │ ├── password.change.success.tsx │ │ ├── password.recovery.index.tsx │ │ ├── reset-cross-signing.cancelled.tsx │ │ ├── reset-cross-signing.index.tsx │ │ ├── reset-cross-signing.success.tsx │ │ ├── reset-cross-signing.tsx │ │ └── sessions.$id.tsx │ ├── shared.css │ ├── styles │ │ ├── cpd-button.css │ │ ├── cpd-checkbox-control.css │ │ ├── cpd-form.css │ │ ├── cpd-link.css │ │ ├── cpd-mfa-control.css │ │ └── cpd-text-control.css │ ├── swagger.ts │ ├── templates.css │ ├── test-utils │ │ ├── mockLocale.ts │ │ ├── render.tsx │ │ └── router.tsx │ ├── utils │ │ ├── dates.ts │ │ ├── deviceIdFromScope.test.ts │ │ ├── deviceIdFromScope.ts │ │ ├── password_complexity │ │ │ ├── enwiki.json │ │ │ ├── index.ts │ │ │ ├── namesf.json │ │ │ ├── namesm.json │ │ │ ├── namess.json │ │ │ ├── passwords.json │ │ │ └── ustvfilm.json │ │ └── simplifyUrl.ts │ └── vite-env.d.ts ├── stories │ └── routes │ │ ├── app.tsx │ │ ├── index.stories.tsx │ │ └── reset-cross-signing.stories.tsx ├── tailwind.config.cjs ├── tests │ ├── mocks │ │ └── handlers.ts │ └── routes │ │ ├── __snapshots__ │ │ └── reset-cross-signing.test.tsx.snap │ │ ├── account │ │ ├── __snapshots__ │ │ │ └── index.test.tsx.snap │ │ └── index.test.tsx │ │ ├── render.tsx │ │ ├── reset-cross-signing.test.tsx │ │ └── types.d.ts ├── tsconfig.json ├── tsconfig.node.json ├── vite.config.ts ├── vitest.global-setup.ts └── vitest.setup.ts ├── localazy.json ├── misc ├── build-docs.sh ├── sqlx_update.sh └── update.sh ├── overview.png ├── policies ├── .gitignore ├── .regal │ └── config.yaml ├── Makefile ├── authorization_grant │ ├── authorization_grant.rego │ └── authorization_grant_test.rego ├── client_registration │ ├── client_registration.rego │ └── client_registration_test.rego ├── common │ ├── common.rego │ └── common_test.rego ├── email │ ├── email.rego │ └── email_test.rego ├── register │ ├── register.rego │ └── register_test.rego ├── schema │ ├── authorization_grant_input.json │ ├── client_registration_input.json │ ├── email_input.json │ └── register_input.json └── util │ └── coveralls.rego ├── templates ├── app.html ├── base.html ├── components │ ├── back_to_client.html │ ├── button.html │ ├── captcha.html │ ├── errors.html │ ├── field.html │ ├── footer.html │ ├── icon.html │ ├── idp_brand.html │ ├── logout.html │ └── scope.html ├── device_name.txt ├── emails │ ├── recovery.html │ ├── recovery.subject │ ├── recovery.txt │ ├── verification.html │ ├── verification.subject │ └── verification.txt ├── form_post.html ├── pages │ ├── 404.html │ ├── account │ │ ├── deactivated.html │ │ ├── locked.html │ │ └── logged_out.html │ ├── consent.html │ ├── device_consent.html │ ├── device_link.html │ ├── error.html │ ├── index.html │ ├── login.html │ ├── policy_violation.html │ ├── reauth.html │ ├── recovery │ │ ├── consumed.html │ │ ├── disabled.html │ │ ├── expired.html │ │ ├── finish.html │ │ ├── progress.html │ │ └── start.html │ ├── register │ │ ├── index.html │ │ ├── password.html │ │ └── steps │ │ │ ├── display_name.html │ │ │ ├── email_in_use.html │ │ │ └── verify_email.html │ ├── sso.html │ └── upstream_oauth2 │ │ ├── do_register.html │ │ ├── link_mismatch.html │ │ └── suggest_link.html └── swagger │ ├── doc.html │ └── oauth2-redirect.html └── translations ├── cs.json ├── da.json ├── de.json ├── en.json ├── et.json ├── fi.json ├── fr.json ├── hu.json ├── nb-NO.json ├── nl.json ├── pt.json ├── ru.json ├── sv.json ├── uk.json └── zh-Hans.json /.cargo/config.toml: -------------------------------------------------------------------------------- 1 | [build] 2 | rustflags = ["--cfg", "tokio_unstable"] 3 | 4 | # On x86_64, we target the x86-64-v2 psABI, as it is a good compromise between 5 | # modern CPU instructions and compatibility. 6 | [target.x86_64-unknown-linux-gnu] 7 | rustflags = ["--cfg", "tokio_unstable", "-C", "target-cpu=x86-64-v2"] 8 | -------------------------------------------------------------------------------- /.codecov.yml: -------------------------------------------------------------------------------- 1 | comment: false 2 | 3 | flag_management: 4 | default_rules: 5 | carryforward: true 6 | -------------------------------------------------------------------------------- /.config/nextest.toml: -------------------------------------------------------------------------------- 1 | [profile.default] 2 | retries = 1 3 | -------------------------------------------------------------------------------- /.devcontainer/.env: -------------------------------------------------------------------------------- 1 | MAS_OAUTH2_ISSUER="https://${CODESPACE_NAME}-8080.githubpreview.dev/" -------------------------------------------------------------------------------- /.devcontainer/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM mcr.microsoft.com/vscode/devcontainers/rust:0-1 2 | 3 | RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \ 4 | && apt-get -y install --no-install-recommends postgresql-client 5 | 6 | COPY .env /.env 7 | 8 | # TODO: pre-build custom images, those take too much time 9 | #RUN cargo install sqlx-cli --no-default-features --features postgres 10 | #RUN cargo install cargo-edit -------------------------------------------------------------------------------- /.dockerignore: -------------------------------------------------------------------------------- 1 | target/ 2 | crates/*/target 3 | crates/*/node_modules 4 | frontend/node_modules 5 | frontend/dist 6 | docs/ 7 | .devcontainer/ 8 | .github/ 9 | .gitignore 10 | Dockerfile 11 | .dockerignore 12 | docker-bake.hcl 13 | -------------------------------------------------------------------------------- /.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*] 4 | charset=utf-8 5 | end_of_line = lf 6 | 7 | [*.{ts,tsx,cts,mts,js,cjs,mjs,css,json,graphql}] 8 | indent_style = space 9 | indent_size = 2 10 | insert_final_newline = true 11 | trim_trailing_whitespace = true 12 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | *.wasm binary 2 | -------------------------------------------------------------------------------- /.github/actions/build-frontend/action.yml: -------------------------------------------------------------------------------- 1 | name: Build the frontend assets 2 | description: Installs Node.js and builds the frontend assets from the frontend directory 3 | 4 | runs: 5 | using: composite 6 | steps: 7 | - name: Install Node 8 | uses: actions/setup-node@v4.2.0 9 | with: 10 | node-version: '22' 11 | 12 | - name: Install dependencies 13 | run: npm ci 14 | working-directory: ./frontend 15 | shell: sh 16 | 17 | - name: Build the frontend assets 18 | run: npm run build 19 | working-directory: ./frontend 20 | shell: sh 21 | -------------------------------------------------------------------------------- /.github/actions/build-policies/action.yml: -------------------------------------------------------------------------------- 1 | name: Build the Open Policy Agent policies 2 | description: Installs OPA and builds the policies 3 | 4 | runs: 5 | using: composite 6 | steps: 7 | - name: Install Open Policy Agent 8 | uses: open-policy-agent/setup-opa@v2.2.0 9 | with: 10 | version: 1.1.0 11 | 12 | - name: Build the policies 13 | run: make 14 | working-directory: ./policies 15 | shell: sh 16 | -------------------------------------------------------------------------------- /.github/scripts/.gitignore: -------------------------------------------------------------------------------- 1 | node_modules/ 2 | package-lock.json 3 | -------------------------------------------------------------------------------- /.github/scripts/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "private": true, 3 | "devDependencies": { 4 | "@actions/github-script": "github:actions/github-script", 5 | "typescript": "^5.7.3" 6 | } 7 | } 8 | -------------------------------------------------------------------------------- /.github/scripts/update-release-branch.cjs: -------------------------------------------------------------------------------- 1 | // Copyright 2025 New Vector Ltd. 2 | // 3 | // SPDX-License-Identifier: AGPL-3.0-only 4 | // Please see LICENSE in the repository root for full details. 5 | 6 | // @ts-check 7 | 8 | /** @param {import('@actions/github-script').AsyncFunctionArguments} AsyncFunctionArguments */ 9 | module.exports = async ({ github, context }) => { 10 | const { owner, repo } = context.repo; 11 | const branch = process.env.BRANCH; 12 | const sha = process.env.SHA; 13 | if (!sha) throw new Error("SHA is not defined"); 14 | 15 | await github.rest.git.updateRef({ 16 | owner, 17 | repo, 18 | ref: `heads/${branch}`, 19 | sha, 20 | }); 21 | console.log(`Updated branch ${branch} to ${sha}`); 22 | }; 23 | -------------------------------------------------------------------------------- /.github/scripts/update-unstable-tag.cjs: -------------------------------------------------------------------------------- 1 | // Copyright 2025 New Vector Ltd. 2 | // 3 | // SPDX-License-Identifier: AGPL-3.0-only 4 | // Please see LICENSE in the repository root for full details. 5 | 6 | // @ts-check 7 | 8 | /** @param {import('@actions/github-script').AsyncFunctionArguments} AsyncFunctionArguments */ 9 | module.exports = async ({ github, context }) => { 10 | const { owner, repo } = context.repo; 11 | const sha = context.sha; 12 | 13 | const tag = await github.rest.git.updateRef({ 14 | owner, 15 | repo, 16 | force: true, 17 | ref: "tags/unstable", 18 | sha, 19 | }); 20 | console.log("Updated tag ref:", tag.data.url); 21 | }; 22 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Rust 2 | target/ 3 | 4 | # Editors 5 | .idea 6 | .nova 7 | 8 | # OS garbage 9 | .DS_Store 10 | -------------------------------------------------------------------------------- /.rustfmt.toml: -------------------------------------------------------------------------------- 1 | max_width = 100 2 | comment_width = 80 3 | wrap_comments = true 4 | imports_granularity = "Crate" 5 | use_small_heuristics = "Default" 6 | group_imports = "StdExternalCrate" 7 | -------------------------------------------------------------------------------- /crates/config/src/bin/schema.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | use schemars::r#gen::SchemaSettings; 8 | 9 | fn main() { 10 | let settings = SchemaSettings::draft07().with(|s| { 11 | s.option_nullable = false; 12 | s.option_add_null_type = false; 13 | }); 14 | let generator = settings.into_generator(); 15 | let schema = generator.into_root_schema_for::(); 16 | 17 | serde_json::to_writer_pretty(std::io::stdout(), &schema).expect("Failed to serialize schema"); 18 | } 19 | -------------------------------------------------------------------------------- /crates/context/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "mas-context" 3 | version.workspace = true 4 | authors.workspace = true 5 | edition.workspace = true 6 | license.workspace = true 7 | homepage.workspace = true 8 | repository.workspace = true 9 | publish = false 10 | 11 | [lints] 12 | workspace = true 13 | 14 | [dependencies] 15 | console.workspace = true 16 | pin-project-lite.workspace = true 17 | quanta.workspace = true 18 | tokio.workspace = true 19 | tower-service.workspace = true 20 | tower-layer.workspace = true 21 | tracing.workspace = true 22 | tracing-subscriber.workspace = true 23 | tracing-opentelemetry.workspace = true 24 | opentelemetry.workspace = true 25 | -------------------------------------------------------------------------------- /crates/data-model/examples/ua-parser.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | use mas_data_model::UserAgent; 8 | 9 | /// Simple command-line tool to try out user-agent parsing 10 | /// 11 | /// It parses user-agents from stdin and prints the parsed user-agent to stdout. 12 | fn main() { 13 | for line in std::io::stdin().lines() { 14 | let user_agent = line.unwrap(); 15 | let user_agent = UserAgent::parse(user_agent); 16 | println!("{user_agent:?}"); 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /crates/data-model/src/oauth2/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2021-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | mod authorization_grant; 8 | mod client; 9 | mod device_code_grant; 10 | mod session; 11 | 12 | pub use self::{ 13 | authorization_grant::{ 14 | AuthorizationCode, AuthorizationGrant, AuthorizationGrantStage, LoginHint, Pkce, 15 | }, 16 | client::{Client, InvalidRedirectUriError, JwksOrJwksUri}, 17 | device_code_grant::{DeviceCodeGrant, DeviceCodeGrantState}, 18 | session::{Session, SessionState}, 19 | }; 20 | -------------------------------------------------------------------------------- /crates/data-model/src/policy_data.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2025 New Vector Ltd. 2 | // 3 | // SPDX-License-Identifier: AGPL-3.0-only 4 | // Please see LICENSE in the repository root for full details. 5 | 6 | use chrono::{DateTime, Utc}; 7 | use serde::Serialize; 8 | use ulid::Ulid; 9 | 10 | #[derive(Debug, Clone, PartialEq, Eq, Serialize)] 11 | pub struct PolicyData { 12 | pub id: Ulid, 13 | pub created_at: DateTime, 14 | pub data: serde_json::Value, 15 | } 16 | -------------------------------------------------------------------------------- /crates/data-model/src/upstream_oauth2/link.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | use chrono::{DateTime, Utc}; 8 | use serde::Serialize; 9 | use ulid::Ulid; 10 | 11 | #[derive(Debug, Clone, PartialEq, Eq, Serialize)] 12 | pub struct UpstreamOAuthLink { 13 | pub id: Ulid, 14 | pub provider_id: Ulid, 15 | pub user_id: Option, 16 | pub subject: String, 17 | pub human_account_name: Option, 18 | pub created_at: DateTime, 19 | } 20 | -------------------------------------------------------------------------------- /crates/email/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "mas-email" 3 | version.workspace = true 4 | authors.workspace = true 5 | edition.workspace = true 6 | license.workspace = true 7 | homepage.workspace = true 8 | repository.workspace = true 9 | publish = false 10 | 11 | [lints] 12 | workspace = true 13 | 14 | [dependencies] 15 | async-trait.workspace = true 16 | lettre.workspace = true 17 | thiserror.workspace = true 18 | tracing.workspace = true 19 | 20 | mas-templates.workspace = true 21 | -------------------------------------------------------------------------------- /crates/email/src/lib.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | //! Helps sending emails to users, with different email backends 8 | 9 | #![deny(missing_docs)] 10 | 11 | mod mailer; 12 | mod transport; 13 | 14 | pub use lettre::{ 15 | Address, message::Mailbox, transport::smtp::authentication::Credentials as SmtpCredentials, 16 | }; 17 | pub use mas_templates::EmailVerificationContext; 18 | 19 | pub use self::{ 20 | mailer::Mailer, 21 | transport::{SmtpMode, Transport as MailTransport}, 22 | }; 23 | -------------------------------------------------------------------------------- /crates/handlers/src/admin/v1/compat_sessions/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2025 New Vector Ltd. 2 | // 3 | // SPDX-License-Identifier: AGPL-3.0-only 4 | // Please see LICENSE in the repository root for full details. 5 | 6 | mod get; 7 | mod list; 8 | 9 | pub use self::{ 10 | get::{doc as get_doc, handler as get}, 11 | list::{doc as list_doc, handler as list}, 12 | }; 13 | -------------------------------------------------------------------------------- /crates/handlers/src/admin/v1/oauth2_sessions/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | mod get; 8 | mod list; 9 | 10 | pub use self::{ 11 | get::{doc as get_doc, handler as get}, 12 | list::{doc as list_doc, handler as list}, 13 | }; 14 | -------------------------------------------------------------------------------- /crates/handlers/src/admin/v1/policy_data/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2025 New Vector Ltd. 2 | // 3 | // SPDX-License-Identifier: AGPL-3.0-only 4 | // Please see LICENSE in the repository root for full details. 5 | 6 | mod get; 7 | mod get_latest; 8 | mod set; 9 | 10 | pub use self::{ 11 | get::{doc as get_doc, handler as get}, 12 | get_latest::{doc as get_latest_doc, handler as get_latest}, 13 | set::{doc as set_doc, handler as set}, 14 | }; 15 | -------------------------------------------------------------------------------- /crates/handlers/src/admin/v1/user_emails/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2025 New Vector Ltd. 2 | // 3 | // SPDX-License-Identifier: AGPL-3.0-only 4 | // Please see LICENSE in the repository root for full details. 5 | 6 | mod add; 7 | mod delete; 8 | mod get; 9 | mod list; 10 | 11 | pub use self::{ 12 | add::{doc as add_doc, handler as add}, 13 | delete::{doc as delete_doc, handler as delete}, 14 | get::{doc as get_doc, handler as get}, 15 | list::{doc as list_doc, handler as list}, 16 | }; 17 | -------------------------------------------------------------------------------- /crates/handlers/src/admin/v1/user_sessions/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2025 New Vector Ltd. 2 | // 3 | // SPDX-License-Identifier: AGPL-3.0-only 4 | // Please see LICENSE in the repository root for full details. 5 | 6 | mod get; 7 | mod list; 8 | 9 | pub use self::{ 10 | get::{doc as get_doc, handler as get}, 11 | list::{doc as list_doc, handler as list}, 12 | }; 13 | -------------------------------------------------------------------------------- /crates/handlers/src/bin/graphql-schema.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | #![forbid(unsafe_code)] 8 | #![deny( 9 | clippy::all, 10 | clippy::str_to_string, 11 | rustdoc::broken_intra_doc_links, 12 | clippy::future_not_send 13 | )] 14 | #![warn(clippy::pedantic)] 15 | 16 | fn main() { 17 | let schema = mas_handlers::graphql_schema_builder().finish(); 18 | println!("{}", schema.sdl()); 19 | } 20 | -------------------------------------------------------------------------------- /crates/handlers/src/graphql/model/viewer/anonymous.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | use async_graphql::{ID, Object}; 8 | 9 | /// An anonymous viewer 10 | #[derive(Default, Clone, Copy)] 11 | pub struct Anonymous; 12 | 13 | #[Object] 14 | impl Anonymous { 15 | pub async fn id(&self) -> ID { 16 | "anonymous".into() 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /crates/handlers/src/oauth2/device/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | pub mod authorize; 8 | pub mod consent; 9 | pub mod link; 10 | -------------------------------------------------------------------------------- /crates/handlers/src/oauth2/keys.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2021-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | use axum::{Json, extract::State, response::IntoResponse}; 8 | use mas_keystore::Keystore; 9 | 10 | #[tracing::instrument(name = "handlers.oauth2.keys.get", skip_all)] 11 | pub(crate) async fn get(State(key_store): State) -> impl IntoResponse { 12 | let jwks = key_store.public_jwks(); 13 | Json(jwks) 14 | } 15 | -------------------------------------------------------------------------------- /crates/handlers/src/snapshots/mas_handlers__passwords__tests__hash_verify_and_upgrade-2.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/handlers/src/passwords.rs 3 | expression: hash 4 | --- 5 | $argon2id$v=19$m=19456,t=2,p=1$4aRFZH7bgRs24delZVap/Q$Y2SNOQuEfwWuBXflRnbJhqpksexRziQ9Wf9BatCuIVY 6 | -------------------------------------------------------------------------------- /crates/handlers/src/snapshots/mas_handlers__passwords__tests__hash_verify_and_upgrade-3.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/handlers/src/passwords.rs 3 | expression: hash 4 | --- 5 | $argon2id$v=19$m=19456,t=2,p=1$1Ke64U6Mrdl5imSjjFRU+g$yirg39x3QVVTxsV5OI4usyIaCw6IRxPl5Li3mQyNmN8 6 | -------------------------------------------------------------------------------- /crates/handlers/src/snapshots/mas_handlers__passwords__tests__hash_verify_and_upgrade.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/handlers/src/passwords.rs 3 | expression: hash 4 | --- 5 | $2b$10$1Mgv9BLlKUPw2H3LIWlseeWUiTWF2yZC/.TyzuC3bGuB9XacoEUu6 6 | -------------------------------------------------------------------------------- /crates/handlers/src/snapshots/mas_handlers__passwords__tests__hashing_argon2id-2.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/handlers/src/passwords.rs 3 | expression: hash 4 | --- 5 | $argon2id$v=19$m=19456,t=2,p=1$1WdxAF1UChkYSTnJ6NDbKg$ajKAfwlUmkbxITSdh55j+Hvoxzppx20ArNUF44oV9Nk 6 | -------------------------------------------------------------------------------- /crates/handlers/src/snapshots/mas_handlers__passwords__tests__hashing_argon2id.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/handlers/src/passwords.rs 3 | expression: hash 4 | --- 5 | $argon2id$v=19$m=19456,t=2,p=1$eEi11xG8mIOZYxej+ckCaQ$eBeygPqiuImQAaFQOkE6oVkPfqxIGgnqpQd/MwW4YX4 6 | -------------------------------------------------------------------------------- /crates/handlers/src/snapshots/mas_handlers__passwords__tests__hashing_bcrypt-2.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/handlers/src/passwords.rs 3 | expression: hash 4 | --- 5 | $2b$10$mqjtwG6w3GawhuQQdwBCqOt0TQ0V4vGhB.tMuCZO8WL.ycBHkOLca 6 | -------------------------------------------------------------------------------- /crates/handlers/src/snapshots/mas_handlers__passwords__tests__hashing_bcrypt.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/handlers/src/passwords.rs 3 | expression: hash 4 | --- 5 | $2b$10$c/EX8bTbEMfTn4oCvcQyBOR1zPyLmGzZ2pMXoElLASqv2qpq5X15i 6 | -------------------------------------------------------------------------------- /crates/handlers/src/snapshots/mas_handlers__passwords__tests__hashing_pbkdf2-2.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/handlers/src/passwords.rs 3 | expression: hash 4 | --- 5 | $pbkdf2-sha256$i=600000,l=32$1WdxAF1UChkYSTnJ6NDbKg$uwgJSFAtjA082fY37K09Q5Hjbw3mBjFI/JLW9sw0F2A 6 | -------------------------------------------------------------------------------- /crates/handlers/src/snapshots/mas_handlers__passwords__tests__hashing_pbkdf2.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/handlers/src/passwords.rs 3 | expression: hash 4 | --- 5 | $pbkdf2-sha256$i=600000,l=32$eEi11xG8mIOZYxej+ckCaQ$uyS+Ip4DieQ9S+m1EcT+vCtuiWpQ3TsDGPLY4mwkOxc 6 | -------------------------------------------------------------------------------- /crates/handlers/src/views/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2021-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | pub mod app; 8 | pub mod index; 9 | pub mod login; 10 | pub mod logout; 11 | pub mod recovery; 12 | pub mod register; 13 | pub mod shared; 14 | -------------------------------------------------------------------------------- /crates/handlers/src/views/recovery/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | pub mod progress; 8 | pub mod start; 9 | -------------------------------------------------------------------------------- /crates/handlers/src/views/register/steps/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2025 New Vector Ltd. 2 | // 3 | // SPDX-License-Identifier: AGPL-3.0-only 4 | // Please see LICENSE in the repository root for full details. 5 | 6 | pub(crate) mod display_name; 7 | pub(crate) mod finish; 8 | pub(crate) mod verify_email; 9 | -------------------------------------------------------------------------------- /crates/i18n-scan/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "mas-i18n-scan" 3 | version.workspace = true 4 | license.workspace = true 5 | authors.workspace = true 6 | edition.workspace = true 7 | homepage.workspace = true 8 | repository.workspace = true 9 | publish = false 10 | 11 | [lints] 12 | workspace = true 13 | 14 | [dependencies] 15 | camino.workspace = true 16 | clap.workspace = true 17 | minijinja.workspace = true 18 | serde_json.workspace = true 19 | tracing-subscriber.workspace = true 20 | tracing.workspace = true 21 | walkdir = "2.5.0" 22 | 23 | mas-i18n.workspace = true 24 | -------------------------------------------------------------------------------- /crates/i18n/src/lib.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | pub mod sprintf; 8 | pub mod translations; 9 | mod translator; 10 | 11 | pub use icu_calendar; 12 | pub use icu_datetime; 13 | pub use icu_locid::locale; 14 | pub use icu_provider::{DataError, DataLocale}; 15 | 16 | pub use self::{ 17 | sprintf::{Argument, ArgumentList, Message}, 18 | translator::{LoadError, Translator}, 19 | }; 20 | -------------------------------------------------------------------------------- /crates/i18n/test_data/en-US.json: -------------------------------------------------------------------------------- 1 | { 2 | "hello": "Hey!" 3 | } -------------------------------------------------------------------------------- /crates/i18n/test_data/en.json: -------------------------------------------------------------------------------- 1 | { 2 | "hello": "Hello!", 3 | "goodbye": "Goodbye!", 4 | "active_sessions": { 5 | "one": "%(count)d active session.", 6 | "other": "%(count)d active sessions." 7 | } 8 | } -------------------------------------------------------------------------------- /crates/i18n/test_data/fr.json: -------------------------------------------------------------------------------- 1 | { 2 | "hello": "Bonjour !", 3 | "goodbye": "Au revoir !", 4 | "active_sessions": { 5 | "one": "%(count)d session active.", 6 | "other": "%(count)d sessions actives." 7 | } 8 | } -------------------------------------------------------------------------------- /crates/iana-codegen/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "mas-iana-codegen" 3 | version.workspace = true 4 | authors.workspace = true 5 | edition.workspace = true 6 | license.workspace = true 7 | homepage.workspace = true 8 | repository.workspace = true 9 | publish = false 10 | 11 | [lints] 12 | workspace = true 13 | 14 | [dependencies] 15 | anyhow.workspace = true 16 | async-trait.workspace = true 17 | camino.workspace = true 18 | convert_case = "0.8.0" 19 | csv = "1.3.1" 20 | reqwest.workspace = true 21 | serde.workspace = true 22 | tokio.workspace = true 23 | tracing.workspace = true 24 | tracing-subscriber.workspace = true 25 | -------------------------------------------------------------------------------- /crates/iana/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "mas-iana" 3 | description = "IANA registry data for JOSE and OAuth 2.0" 4 | version.workspace = true 5 | authors.workspace = true 6 | edition.workspace = true 7 | license.workspace = true 8 | homepage.workspace = true 9 | repository.workspace = true 10 | 11 | [lints] 12 | workspace = true 13 | 14 | [dependencies] 15 | serde = { workspace = true, optional = true } 16 | schemars = { workspace = true, optional = true } 17 | 18 | [features] 19 | default = ["serde", "schemars"] 20 | serde = ["dep:serde"] 21 | schemars = ["dep:schemars"] 22 | -------------------------------------------------------------------------------- /crates/jose/src/jwt/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | mod header; 8 | mod raw; 9 | mod signed; 10 | 11 | pub use self::{ 12 | header::JsonWebSignatureHeader, 13 | signed::{Jwt, JwtDecodeError, JwtSignatureError, JwtVerificationError, NoKeyWorked}, 14 | }; 15 | -------------------------------------------------------------------------------- /crates/jose/src/lib.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | #![deny(rustdoc::broken_intra_doc_links)] 8 | #![allow(clippy::module_name_repetitions)] 9 | 10 | mod base64; 11 | pub mod claims; 12 | pub mod constraints; 13 | pub mod jwa; 14 | pub mod jwk; 15 | pub mod jwt; 16 | 17 | pub use self::base64::Base64; 18 | -------------------------------------------------------------------------------- /crates/jose/tests/jwts/eddsa-ed25519.jwt: -------------------------------------------------------------------------------- 1 | eyJhbGciOiJFZERTQSIsImtpZCI6ImlYa2l5aEVoNkU3VS1hWDBmZzd3LWVzSFdxUHZ2eFdkNmdIMUpHMnU3TjAifQ.eyJoZWxsbyI6IndvcmxkIn0.ZFiNWsheqUC_mQNztHpZXLnyb5LtvyT1dTGcMSCgG97Cobju83xCIkbJwfjOSgZrI2CpEVobVM_mfnmFIAUfBg -------------------------------------------------------------------------------- /crates/jose/tests/jwts/eddsa-ed448.jwt: -------------------------------------------------------------------------------- 1 | eyJhbGciOiJFZERTQSIsImtpZCI6IlFsdGEycVZsaEhoZzNqcmlKcDBIc0lCUXFHVkIxWkgycEVueVBIemwxTXMifQ.eyJoZWxsbyI6IndvcmxkIn0.7EqBc73c8UjbZnW5LkkDmPlAnlgjVdDzfABvssoLE3FoFX3uUr1dPdX3I9Hu_rtOIdRtTLfN9eeABuG5cugUoshrYSFuHF6vy2Nim7uM3GWa6mVZx6fzOBq6goCK4JpNfwkJ3a4VyslHU7wQBfXAOxcA -------------------------------------------------------------------------------- /crates/jose/tests/jwts/es256.jwt: -------------------------------------------------------------------------------- 1 | eyJhbGciOiJFUzI1NiIsImtpZCI6ImxNYlNJNjlhanNCSEhrSXBWQUZLUktZblI2NmtHZEd0ZWcyb3FNenAwX0UifQ.eyJoZWxsbyI6IndvcmxkIn0.YckCGhpak2hpO9EiR-X2MD6CVBnUAmQbRVKvKoYCbRnydOOksNlzWaOl0S-C4KZxGTuKG-spzFQJov5h_ob5nw -------------------------------------------------------------------------------- /crates/jose/tests/jwts/es256k.jwt: -------------------------------------------------------------------------------- 1 | eyJhbGciOiJFUzI1NksiLCJraWQiOiJuOWI0Z3lkNU5nSHY3cEo3UzI3QUtCcmhCUEhhM0g1cHRjaXhtWWVyU1VnIn0.eyJoZWxsbyI6IndvcmxkIn0.e0XIMec0_gvlxS8je5hVpYQGls2A5r2TUJ9eJNmdwZQbo1alRB93dgbh3yd4fh8bDOmmLhRfMKti93c7-ljPVg -------------------------------------------------------------------------------- /crates/jose/tests/jwts/es384.jwt: -------------------------------------------------------------------------------- 1 | eyJhbGciOiJFUzM4NCIsImtpZCI6IkoxRVpKR1AxTHloWDJabHo4eFBjc3BNUUVsOFczYllHMngzTnFpTWJQeVkifQ.eyJoZWxsbyI6IndvcmxkIn0.XK3AIs0TQ1r5Wbpd14MkVIp3rvisQEb_8wlp3F4usveL23GH15y5TQ8mcU5NrxNFFylclwikyz4ozM2zmU7fkCYfjKD8AoEABOTlfjH3DRQnynVcpkvB47CsSgt8QpGe -------------------------------------------------------------------------------- /crates/jose/tests/jwts/es512.jwt: -------------------------------------------------------------------------------- 1 | eyJhbGciOiJFUzUxMiIsImtpZCI6Il94R3lJM21zOTBBdmdGNjU4d3o5NzF3c3dTeVluR1NHX0EwZEFnbXJBTTAifQ.eyJoZWxsbyI6IndvcmxkIn0.AJ9YcP56d-1Z1wsZL0ikFRY_4Q6du7YEWsqtQDOloCLMYQ-3citw6Fm35t4kg8E5aoe8QrEj8kTqsQLloWv0eBMFAWh-Uyrupmz0Kzllc6xbOEVoWuM5DWc6AJ6Da6k0f6XHsZ_MVcayQpdmZTLcM_pyo1U6olqwLYqv1YNx-2M2GdCl -------------------------------------------------------------------------------- /crates/jose/tests/jwts/hs256.jwt: -------------------------------------------------------------------------------- 1 | eyJhbGciOiJIUzI1NiIsImtpZCI6ImRqSEtvV1Uzck9sV2c1RTBFSV80RmxiRVRmZDRPRlFnVjk4REZYRW1HZmcifQ.eyJoZWxsbyI6IndvcmxkIn0.GBxkJdc15D26siv1Ov_a2jgQSIsgLwiF2ZDFSUdzoFY -------------------------------------------------------------------------------- /crates/jose/tests/jwts/hs384.jwt: -------------------------------------------------------------------------------- 1 | eyJhbGciOiJIUzM4NCIsImtpZCI6ImRqSEtvV1Uzck9sV2c1RTBFSV80RmxiRVRmZDRPRlFnVjk4REZYRW1HZmcifQ.eyJoZWxsbyI6IndvcmxkIn0.pOZkiI4HMCNHgUf9diq6CkFxsMIMCNADvDPHmtkjerSYWy16dmlZy-FT9ZxyyD_1 -------------------------------------------------------------------------------- /crates/jose/tests/jwts/hs512.jwt: -------------------------------------------------------------------------------- 1 | eyJhbGciOiJIUzUxMiIsImtpZCI6ImRqSEtvV1Uzck9sV2c1RTBFSV80RmxiRVRmZDRPRlFnVjk4REZYRW1HZmcifQ.eyJoZWxsbyI6IndvcmxkIn0.1kVwcE7LajF4Ph3yl2cKhJRs4FtZUMT6mxVCbtfttLPLqkxX-WAlZ0Hd7zg1JAzxNUmkeF8bsgZ9P0bPxBDSyw -------------------------------------------------------------------------------- /crates/jose/tests/jwts/ps256.jwt: -------------------------------------------------------------------------------- 1 | eyJhbGciOiJQUzI1NiIsImtpZCI6ImxqQXdGc1czMmV4cHlBMFJqcktvT0h1WnhmazdLTFNlajh6bGRPOXo0aVUifQ.eyJoZWxsbyI6IndvcmxkIn0.JWY1HZhLrDngEV7-V7to489hsX3muDOeCr4cedGUY2cpDNgJs0CgTe1pknXws9msZSlG4C-oA08UqgousBA2FWbcuVDhSEmSyNWM2rHekFuYcLlAupP8wucMQ3yzP425V2PzlgWV85xRe18PifNaTldMHLArbTKplMQgHHHopz28kuP1Uko99lHxpZrDVMHSLXNTyYaoQeOd81Hbx8uSx5wZO6tVIErV1RhKhSFGLP9DsbOKKW6jRgam_tKNh35VYBQZ6CIQkgsZCruDP7KFHHqC4xHTbkNQ6VlxHHHOpHz-SuRcBS901EN6NVCSPRSc0oYp1ChQCPgUeH_SrloCMg -------------------------------------------------------------------------------- /crates/jose/tests/jwts/ps384.jwt: -------------------------------------------------------------------------------- 1 | eyJhbGciOiJQUzM4NCIsImtpZCI6ImxqQXdGc1czMmV4cHlBMFJqcktvT0h1WnhmazdLTFNlajh6bGRPOXo0aVUifQ.eyJoZWxsbyI6IndvcmxkIn0.XLe8Fxg1wALfGIYBtGtYCSxneiReNMRsUiXukYPS3KWvIH6xcLV93GflNRBHRE1aijy1GPnqZv-mZoKjfZr4PoZMX0MalE0j0bFqrLJvfoyxlZLTIzjfyYm81JtPwlB3iU3DvqKGAYBE8aknTOnv65nyprdhGuJhFEW-_7omDzXqE03DofIGQOu-F3nkVP5Om28VKY6Vdr7PswJhKawP97VXrhN5aIubSjldv5-LcKlVwjV9_3RTiEbVGCgluyhzUUhoa-y0Y1oplJC4GMzvQ1YCYQeYJOn0bB1FjpOryJ2mxlIf8qNzlDHnpyr5MVRJ2PAlhZ31GB5JGr_ZQYTRUA -------------------------------------------------------------------------------- /crates/jose/tests/jwts/ps512.jwt: -------------------------------------------------------------------------------- 1 | eyJhbGciOiJQUzUxMiIsImtpZCI6ImxqQXdGc1czMmV4cHlBMFJqcktvT0h1WnhmazdLTFNlajh6bGRPOXo0aVUifQ.eyJoZWxsbyI6IndvcmxkIn0.aQ6sXJsU-U14WW7cD344aZi72Hf_XNq9LBi0_feKRVQOO98gV-jlBKWer-n_FI1qLcOUoHfitOciTOVLgvYxeJUwePCwUm9JhQ186CLAc6i_AhqpeKRlDkVOF_viQeZTFwEadHT2KMIe0ImZnPqGUb07arUdzGO67Lwsts2ob7qgG_uWgVbjXMkTUwt-JSHdXUcGIz1FgCJaFgGygfQE_I_doNiApWr2okiuIMs_4Q5BfxIlvPR-uaOcpqxk7ldukvQgUjv4rTfOGE12fCx5eLDVF4P1OXgMjgmcXH1yaV89DgTBgDPP11tQrbsFbANX004VLF9MQWoVF6esl6xwQw -------------------------------------------------------------------------------- /crates/jose/tests/jwts/rs256.jwt: -------------------------------------------------------------------------------- 1 | eyJhbGciOiJSUzI1NiIsImtpZCI6ImxqQXdGc1czMmV4cHlBMFJqcktvT0h1WnhmazdLTFNlajh6bGRPOXo0aVUifQ.eyJoZWxsbyI6IndvcmxkIn0.JLzSM5NDbAIb5vpbnKJeHUgU-uJ46616qzDjWXRbIAdxPk8WUqpRDRTlPoRUBXsAKn7E14r_CZmwvGAgJipS7EY0PbJYOkA_6oi8sYWykMUT1F2BlqKQGv2BvRR0LGu0tmm4XYZT2nOLRiEa4bs9l-D2jA5GRTKjDnmgUBHXpX4vIICtnkHHvZilMf1Fjsdm-3X9NFmxjtvQChg-w0h6hM3NZAt6Gd5AG8MaFf-mj3sLa40c51XXz1J1WE9iOWF8lGC6EfP5MSWunKnhyHf2xPQiH4C_Tvm529p2EiEBjjoL1f2A8WH8EYruHF8AXsz2F8HxN_7ryGmjrqLGwuw7iQ -------------------------------------------------------------------------------- /crates/jose/tests/jwts/rs384.jwt: -------------------------------------------------------------------------------- 1 | eyJhbGciOiJSUzM4NCIsImtpZCI6ImxqQXdGc1czMmV4cHlBMFJqcktvT0h1WnhmazdLTFNlajh6bGRPOXo0aVUifQ.eyJoZWxsbyI6IndvcmxkIn0.Qf9DbTCoisWvPvGYahn-dMe9r-escYv5cTL-5X2tz5uPRUmAEJ6D6cn0VtLCCPmTIuzSYDzeMqdEx1Is-AVkzvWMKdFRXNVL_E54bhS6Dg04a75bL4YGQOg8iaTTdRlHMaLLfClf8sXttpHmnOFhQ9C6pLcmtT5cfle8qrAw9x7Ivri7jkcjydWcR2WKsYHJxEWDwdhDiBK461F2fi9YtbZOL4qdKEoYpg08v4jH7hFf5G60W_k2oKvPQnbVJe0VcnGcEXvItMAEi8omMn3_OxIGNH-mxBf9DOpOu8Vj-kvvWuE03f31goWLqiL6-Eq8ykqqFZ3sKb23WfGPd26pDw -------------------------------------------------------------------------------- /crates/jose/tests/jwts/rs512.jwt: -------------------------------------------------------------------------------- 1 | eyJhbGciOiJSUzUxMiIsImtpZCI6ImxqQXdGc1czMmV4cHlBMFJqcktvT0h1WnhmazdLTFNlajh6bGRPOXo0aVUifQ.eyJoZWxsbyI6IndvcmxkIn0.UevGIlEIlrQWvLLm3Iouq6cxjWf7CtFwaDXQOUEQzdQxa3Mg9H0KD7Ztc1LRS36RFd0rnh9dWsXmeDbQ9yWNepnRvv0QP8Vxq3ty7wOHZtLn2kG1SjDQqgaU743p4n-YUpVugzSha0RHTiRN1TU4zufpx26jQBuO7ihOFof6trc8E2UG98Pgd1w3kv20Glwo_cWauhAefgDRhS-sOaH_SsOFWSBNCa8ISeIOiuKLFOEp2o1m2sla0yCDHVptERYDp3D_LHTLX-BP0dyaxpKwfQ7EuECGK1r7_yyiSq_pOwPrainC3lBKYovOgj8tYGTJxfw4Au_QSY57J96M7N4TmA -------------------------------------------------------------------------------- /crates/jose/tests/keys/ed25519.priv.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MC4CAQAwBQYDK2VwBCIEIIutDmtMjMBKXN/Oxmfvxw3cNwtqgcyR2awtQYH/OS/5 3 | -----END PRIVATE KEY----- 4 | -------------------------------------------------------------------------------- /crates/jose/tests/keys/ed25519.pub.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MCowBQYDK2VwAyEAnVo63sClAQ8qwBAZW0tttHFhXdrLiKqJnFeJ+j3nA3U= 3 | -----END PUBLIC KEY----- 4 | -------------------------------------------------------------------------------- /crates/jose/tests/keys/ed448.priv.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MEcCAQAwBQYDK2VxBDsEOdwdrXdIIxmkz/6pi3/JeOemGYvMECA+CvW5CAGXCvwi 3 | VXFdnXxUt22BpU8Hl1jl1+kuGe3Mx5Pt3w== 4 | -----END PRIVATE KEY----- 5 | -------------------------------------------------------------------------------- /crates/jose/tests/keys/ed448.pub.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MEMwBQYDK2VxAzoAKgaYHB+xIpPPvmH2PdbnWT+67/CfJhuD3U90sv+i5CZmGdwt 3 | WOErsowzNYSvuFWk8vztPOERjn4A 4 | -----END PUBLIC KEY----- 5 | -------------------------------------------------------------------------------- /crates/jose/tests/keys/k256.priv.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQACg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MHQCAQEEIPwbk/wHJMKyIvACaVE5Km8UzGlYi1yuc9KCHj1n/ZJIoAcGBSuBBAAK 6 | oUQDQgAEt+mBmz+Rvh0n3W/bRL/TSOc3Vv0ZB0oGaPZBEqu4sTQ8ubxqypS0fDmB 7 | Vk3T28DmCImQMg8M5njNobs1HvupKA== 8 | -----END EC PRIVATE KEY----- 9 | -------------------------------------------------------------------------------- /crates/jose/tests/keys/k256.pub.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEt+mBmz+Rvh0n3W/bRL/TSOc3Vv0ZB0oG 3 | aPZBEqu4sTQ8ubxqypS0fDmBVk3T28DmCImQMg8M5njNobs1HvupKA== 4 | -----END PUBLIC KEY----- 5 | -------------------------------------------------------------------------------- /crates/jose/tests/keys/oct.bin: -------------------------------------------------------------------------------- 1 | 23eaa437c2ace04e35a3a77b8132100f3438aa68946a30553cbf8fe80e2a5f3ca70082053f4bd4457653bbb15877d847c232948ea7512ccd679f71c268f1dd08 2 | -------------------------------------------------------------------------------- /crates/jose/tests/keys/p256.priv.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BggqhkjOPQMBBw== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MHcCAQEEIFffy3Oo3NIcqhbqkh1WjM13JljI9+CG96Rub5bNxG2joAoGCCqGSM49 6 | AwEHoUQDQgAE4rnALl/X1zeOJtDmxz+YiUR1+9QGBfRE90qy/rqe0N2oaXdN6WDT 7 | a6yBcr2NBPBw1BEsui+jTu99/BppncNzmg== 8 | -----END EC PRIVATE KEY----- 9 | -------------------------------------------------------------------------------- /crates/jose/tests/keys/p256.pub.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE4rnALl/X1zeOJtDmxz+YiUR1+9QG 3 | BfRE90qy/rqe0N2oaXdN6WDTa6yBcr2NBPBw1BEsui+jTu99/BppncNzmg== 4 | -----END PUBLIC KEY----- 5 | -------------------------------------------------------------------------------- /crates/jose/tests/keys/p384.priv.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIg== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIGkAgEBBDCouZuJuvvAc+9SiWwALojasP9rvygIDdK82I6HgL9a9ma1Um0gEN5D 6 | cgaHPyrmUXSgBwYFK4EEACKhZANiAAR1Pv/f5aneSB7ACIDKhqspDb+svh2R62pp 7 | S2Lycc4hP0rR0a0wYO3lb25OFziYAs0sd0LkbjZFhNlx2ecQx+3NzHcM45p5MSut 8 | x0ylVN27SB2MBAOsPC0ca7vcTcB4cak= 9 | -----END EC PRIVATE KEY----- 10 | -------------------------------------------------------------------------------- /crates/jose/tests/keys/p384.pub.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEdT7/3+Wp3kgewAiAyoarKQ2/rL4dketq 3 | aUti8nHOIT9K0dGtMGDt5W9uThc4mALNLHdC5G42RYTZcdnnEMftzcx3DOOaeTEr 4 | rcdMpVTdu0gdjAQDrDwtHGu73E3AeHGp 5 | -----END PUBLIC KEY----- 6 | -------------------------------------------------------------------------------- /crates/jose/tests/keys/p521.priv.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PARAMETERS----- 2 | BgUrgQQAIw== 3 | -----END EC PARAMETERS----- 4 | -----BEGIN EC PRIVATE KEY----- 5 | MIHcAgEBBEIB7pEkW3rt95hcMEixYS/fZYvsyy6I0mA7cDtYTKJ1oc3X4I/mciMU 6 | 3m6t/wy8Px8FaprF3CsAQgDq499zx/ZTUnygBwYFK4EEACOhgYkDgYYABAEb/gVt 7 | YMU1snsv8IpeknNomj7rv4gbBCo4tgfFAYFvryKfiUh807rdXUdVKZBZ2XudxJEu 8 | j+ZEzZuXAQPq/dvNiQHlbbx5CbJcLj44vjO9Wadw8zqLLaf5HljAdH9c5Y5dD9Ql 9 | YXKQuceE/w95xDv80Xbi9UdBb+YBOs2i5vF+HGQ+Zg== 10 | -----END EC PRIVATE KEY----- 11 | -------------------------------------------------------------------------------- /crates/jose/tests/keys/p521.pub.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBG/4FbWDFNbJ7L/CKXpJzaJo+67+I 3 | GwQqOLYHxQGBb68in4lIfNO63V1HVSmQWdl7ncSRLo/mRM2blwED6v3bzYkB5W28 4 | eQmyXC4+OL4zvVmncPM6iy2n+R5YwHR/XOWOXQ/UJWFykLnHhP8PecQ7/NF24vVH 5 | QW/mATrNoubxfhxkPmY= 6 | -----END PUBLIC KEY----- 7 | -------------------------------------------------------------------------------- /crates/jose/tests/keys/rsa.pub.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PUBLIC KEY----- 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNYHjNfiXl2SPu7NYSkd 3 | 5RiF45bo4c/WW4K1NwH+iBwOOb970RvwlcyhctsvrtrUAJ046Z+3LgW27MR73Ndc 4 | BP6z756XWIQ6CV6XlowG9NlgnEmOolh3XujZuNig+/05anzhTJr6Xl7uxh8o61VQ 5 | gBjOgDma7cnEJNz2s89nu9f+WOMNage63O02ecA17TsZjU2jYcOCnV5UhsIyVRUc 6 | B3S2Jtk8FtRGBIydbkFHCX61atyh8GjzXYpneVPxTm1fRr+qUvGgNJqvK2HhuOzP 7 | 6wRpcyKS6cl47I9Mu4L36pavtB/WOTXNhtduSYbUvMnkifAGuYTJHpT2e5QzSm2p 8 | 7QIDAQAB 9 | -----END PUBLIC KEY----- 10 | -------------------------------------------------------------------------------- /crates/jose/tests/snapshots/jws__es256__sign_jwt.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/jose/tests/jws.rs 3 | expression: jwt.as_str() 4 | --- 5 | eyJhbGciOiJFUzI1NiJ9.eyJoZWxsbyI6IndvcmxkIn0._3wYtQklt0l_fhcwpQUSWbySVA3uJjVNgoudkvUInWjPpS7tO0sgmPf8Bwb3Rv9oTJncQfavs4rEw2kmgouPBw 6 | -------------------------------------------------------------------------------- /crates/jose/tests/snapshots/jws__es256k__sign_jwt.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/jose/tests/jws.rs 3 | expression: jwt.as_str() 4 | --- 5 | eyJhbGciOiJFUzI1NksifQ.eyJoZWxsbyI6IndvcmxkIn0.-9Z19RYab_3Ym4Ork_lZUriouz5ktZFkT6B-DBGPYCJhVvSSNtG9Je9PEo0xpe9al0NhFcG5YJ4s4usDicsVjQ 6 | -------------------------------------------------------------------------------- /crates/jose/tests/snapshots/jws__es384__sign_jwt.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/jose/tests/jws.rs 3 | expression: jwt.as_str() 4 | --- 5 | eyJhbGciOiJFUzM4NCJ9.eyJoZWxsbyI6IndvcmxkIn0.QIX0_gN6orAY32t6gKiDnstNdnBAmf1D5y-000ym-C8Y_MGt-HReODkUIMl7k6FNS1kw1FSbNXhXAPnAfcfgg2rR7oWDWfdxY5D0u1DcFGmhIrU5mxcUG50I_5YHIbe2 6 | -------------------------------------------------------------------------------- /crates/jose/tests/snapshots/jws__ps256__sign_jwt.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/jose/tests/jws.rs 3 | expression: jwt.as_str() 4 | --- 5 | eyJhbGciOiJQUzI1NiJ9.eyJoZWxsbyI6IndvcmxkIn0.CupFwPDQkECCpxd9y0y4hdPccVa387MXe8jMnI5Q0nWwdXqJ9PCyEGOfdBDwFqAfWGYlTkcDjTua81K6tV2ctnFRd9mqs_i1PyhLp8PFO9PcdxtqQKRgA0M4CEA_Yd-7mDFeh4raHgWX6xoNGnEoqrPrp-Vl4jQzdXVpY-J_PKuam_0PlXv-pk3uBW5RD8HU1J8injsUp2FRIJfnOGok4ZnXZqy4_jKkBgu35ymgn011MvLKjHnwTSWteHHc1CVUmJ-txiCaQGWL-6sz0tKdpEpekDCXyygaabn4rDtxm4Be2NeS1Nm852pwzg78SLgxgGPs9uxOx-cH66nWX6Ct9w 6 | -------------------------------------------------------------------------------- /crates/jose/tests/snapshots/jws__ps384__sign_jwt.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/jose/tests/jws.rs 3 | expression: jwt.as_str() 4 | --- 5 | eyJhbGciOiJQUzM4NCJ9.eyJoZWxsbyI6IndvcmxkIn0.IlvyM131OVgUdNUlnAFDC4ZgIUtF_rzM_mOYasKi9WMB6d83AD-CRSnpkCXjSRS6WXx8fcLl5WA5COAMTG7PiDZlCxQ2zWsBn4SF2e8ARAiCsEGkkHhY6r68mXq86bdVD_46RKOnpBBK_DGu_ZHFY7Cjo6SGYol57HKIoGhTi79qQd0tYPdqNYO02KOTsR83-ph5vdEdM4jLg81X7--rH08Zhtnywu1JnmtxEotTvtbwXB1tDTTZvgywzgP63krP44D5hH-PlKLw4Bia_LQkSE4OE1HfDsK1IK4Y7SniJTrTQXp5FVASPrQnF2-lJUz_oDqzTKAv7FXCcCz1iPKbvg 6 | -------------------------------------------------------------------------------- /crates/jose/tests/snapshots/jws__ps512__sign_jwt.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/jose/tests/jws.rs 3 | expression: jwt.as_str() 4 | --- 5 | eyJhbGciOiJQUzUxMiJ9.eyJoZWxsbyI6IndvcmxkIn0.Chyx9_a-dAyy2tB5hgj3SzLCoDSFx7GxO1PnFCrPN0z8pVRpOTrHaHDVlqPq0IjIGwPAcrTpNtwTIJdjNcpck9nyTShOUQya0tAGCrV1hbxR_QLGPayJydq8_treTKHeGxby4RaInM8k_hLz-6136FDiZXSxtZ6p4mCEcWeYiG5WGVqY15YptCuIipsY01Fyrew8djnIgW9bqS0aP9pakQWOIigYavFxhrLzyutgXiNxsNSH8OTCh9UQr62xEePJWsXkZIkSqtQlEnK68qhSgLffinyDtDMS7CAt82Lh0ac3vqRVyM0w4_l2C-auLE1aeAAroAhnc9YLVg0BufvydQ 6 | -------------------------------------------------------------------------------- /crates/jose/tests/snapshots/jws__rs256__sign_jwt.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/jose/tests/jws.rs 3 | expression: jwt.as_str() 4 | --- 5 | eyJhbGciOiJSUzI1NiJ9.eyJoZWxsbyI6IndvcmxkIn0.ji96-idJ7VHafGOGt22nJPVSDC6S2XvZSUFG7TLrjv-_ylINko_9YsI9_-9UZcB5ZtMeCX6Z5eO_9MTaq3Fhcj7mdn_hozZaNseTVgnwkFfTBlF7HcWhBdWbihAoY1YDvhTu-l_L6iBt1KhQh3J6fsfeGB-l3JfygZLKLtM1gsEz2qaZpnM90wESpphvpaJ_rGlWcTu61DGBBB3kOGCgaG2CJypCKp67m2vxFfi7J_2yE-1H2Y9ACWye73TWNuZubXNdo6azqqiJRe9o6oFmuPwkjgld66MdshQWjo3sGPHPI1_V-nhR9AtoizzF-3_YoS9oVwAzL6GiVUzeKpvZfQ 6 | -------------------------------------------------------------------------------- /crates/jose/tests/snapshots/jws__rs384__sign_jwt.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/jose/tests/jws.rs 3 | expression: jwt.as_str() 4 | --- 5 | eyJhbGciOiJSUzM4NCJ9.eyJoZWxsbyI6IndvcmxkIn0.UgY6PfaVQ3Rhz_RvS8YZmCjUIcchejdWcf5zvSRK0ANGB1r2yvcdvGkOeVsFdKW_z7oru_4jTOffLgm8NoYVvg_x44u_z63ENrQTGbO0QLOLZKI4fuEvKDrKpkf2BmSPa-2feKQECVXxCcIiR32Q_zTHJtTIaDV2-hk2W_CEJxCVqLZ4b6l5iI2qLKUS3vERDKdwA2igiA_NElv4KThCtNIoS8TBohwio-M-SV43i-aJHnyn2U6Uw3Gu1mCSIBeRUNoQPXFBFnWY1Pa5TrxPA2jekck9j_xCWOX_jWK1khBW1lMwzYC5Ry24S7QxOcg8l2x8I6J03gB4N651fhcKgQ 6 | -------------------------------------------------------------------------------- /crates/jose/tests/snapshots/jws__rs512__sign_jwt.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/jose/tests/jws.rs 3 | expression: jwt.as_str() 4 | --- 5 | eyJhbGciOiJSUzUxMiJ9.eyJoZWxsbyI6IndvcmxkIn0.HMs8F0DuJbLh0mjhXh5-PE66m8hwjdRP0_ixm_LKmeieAmJrerObyKHtstOdaLO0l_r3XXg2bHjzwGNSn3XF5Gj0RgqRqW6T5X8CO_Kf__0B-lTUfiXpxyLMhb3Vkt9fRa1YZjVix8hGsEx8oerA_xqv1DzgdKNvO4kK_Vzykuz5bgLn2oQR1w1NARCqazmjKh4S9q9XS8BZ-Ke2xTLSOpLP4g67IGyo79Y_BZ0-mOgBWZmPGzJnBGOrv4Lc-Vn3kPNZqREM9DA9IILw1hbCRG6x31pM5u1PESIV1dSuoIaab5A9yfBx1Fr9PRxV-1qHRaRYi06E_q_jxwtPG2oM7w 6 | -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-k256.pkcs8.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/element-hq/matrix-authentication-service/d8fa8f7018bcd6e2b33628aa6932f421d885a2cf/crates/keystore/tests/keys/ec-k256.pkcs8.der -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-k256.pkcs8.encrypted.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/element-hq/matrix-authentication-service/d8fa8f7018bcd6e2b33628aa6932f421d885a2cf/crates/keystore/tests/keys/ec-k256.pkcs8.encrypted.der -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-k256.pkcs8.encrypted.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN ENCRYPTED PRIVATE KEY----- 2 | MIHsMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAhwADdSwH2MNgICCAAw 3 | DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEH8t882jspL2rajw+8VU6TcEgZAb 4 | CF6z9u2wMvUdDsj83zLoOyMxC+QB46EGr6EwnZP5zzy3iq+0fAnmufKp16/Lziiy 5 | CQecvYb9qZ67NejmrirFP95OLIXm7Sc38aBLJ7DXirUC3msOPyTGOgz2qUwM2xvu 6 | zy+aNzsEwRkOD3i1yWipIGSZ++oQ/FSnJ3ALKPjNZlDG86yBBi2FN+Ug2uz2rOE= 7 | -----END ENCRYPTED PRIVATE KEY----- 8 | -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-k256.pkcs8.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgTzJ5SHXXU2mq7Z7nBfGM 3 | L8YDmVsZ7SPQpVepk/Xa+qKhRANCAARIp9S0pouoJ+Er6nfPzvRbn3I5i936SMZZ 4 | 760rXpKZbNkltEKB0dqQcTkwLq0lGe952xigpOtigO/9dkgEj3OU 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-k256.sec1.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/element-hq/matrix-authentication-service/d8fa8f7018bcd6e2b33628aa6932f421d885a2cf/crates/keystore/tests/keys/ec-k256.sec1.der -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-k256.sec1.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MHQCAQEEIE8yeUh111Npqu2e5wXxjC/GA5lbGe0j0KVXqZP12vqioAcGBSuBBAAK 3 | oUQDQgAESKfUtKaLqCfhK+p3z870W59yOYvd+kjGWe+tK16SmWzZJbRCgdHakHE5 4 | MC6tJRnvedsYoKTrYoDv/XZIBI9zlA== 5 | -----END EC PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-p256.pkcs8.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/element-hq/matrix-authentication-service/d8fa8f7018bcd6e2b33628aa6932f421d885a2cf/crates/keystore/tests/keys/ec-p256.pkcs8.der -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-p256.pkcs8.encrypted.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/element-hq/matrix-authentication-service/d8fa8f7018bcd6e2b33628aa6932f421d885a2cf/crates/keystore/tests/keys/ec-p256.pkcs8.encrypted.der -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-p256.pkcs8.encrypted.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN ENCRYPTED PRIVATE KEY----- 2 | MIHsMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAhIOTdQ9pS7EgICCAAw 3 | DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEEVvTsSwG1HEr6urEKUSC8kEgZCQ 4 | fLQHNDHSjGin9RvcMYi5htsKZbRJK1JL19o7cf8W4AH0kKNAlDtJBrc7j/9tlCkP 5 | b/7O7KFCNkeCrfF113mzgoRuD4xLzoe3n+ybpeBgf8WJuJowiZwhKGXGlUP/m+XX 6 | aWiCKUaaA4huhJbQzJDBdVUnKEZZ+lysEMjYjNgplGc2uvoNSywWKHubgY9Wj0Y= 7 | -----END ENCRYPTED PRIVATE KEY----- 8 | -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-p256.pkcs8.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg5Ru1AmWbX0F4p3X0 3 | 8YIWMnVm+6KJqQiIjm0Pw2BDqO6hRANCAARQQd/kCEAv7PYjKvA+xhQAvnQXNbXZ 4 | fXfUHEiuBjpV2b70TZCr08POfUZf/BjTHG+NuluyLFle6dJWIga1muhV 5 | -----END PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-p256.sec1.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/element-hq/matrix-authentication-service/d8fa8f7018bcd6e2b33628aa6932f421d885a2cf/crates/keystore/tests/keys/ec-p256.sec1.der -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-p256.sec1.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MHcCAQEEIOUbtQJlm19BeKd19PGCFjJ1ZvuiiakIiI5tD8NgQ6juoAoGCCqGSM49 3 | AwEHoUQDQgAEUEHf5AhAL+z2IyrwPsYUAL50FzW12X131BxIrgY6Vdm+9E2Qq9PD 4 | zn1GX/wY0xxvjbpbsixZXunSViIGtZroVQ== 5 | -----END EC PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-p384.pkcs8.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/element-hq/matrix-authentication-service/d8fa8f7018bcd6e2b33628aa6932f421d885a2cf/crates/keystore/tests/keys/ec-p384.pkcs8.der -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-p384.pkcs8.encrypted.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/element-hq/matrix-authentication-service/d8fa8f7018bcd6e2b33628aa6932f421d885a2cf/crates/keystore/tests/keys/ec-p384.pkcs8.encrypted.der -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-p384.pkcs8.encrypted.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN ENCRYPTED PRIVATE KEY----- 2 | MIIBHDBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQIYMIe05yFZUgCAggA 3 | MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBAlgotQyGiZyH4G0SlIKij5BIHA 4 | 0vyLKiFzcUxy5Ch1FGWx4WpZlzhBKwk4ZPxKBH18/DXVbC9yfZJR5dCTgE46fFLM 5 | QJmOTxRbY7B3SH9UsvLQ96+83Y0et/wGLIdqW4yvf60oSH042XKZKs6j/I6LA3pE 6 | NAez9K4hXjKSN9FGkN86s+9+ouuw4dVKznu3zzk6uuBv/5buQwkNMP1vLIgHDh1n 7 | ZvimXlfqOkeZriyNk6OhjN3JiU1jjUeZghAjOKM6o6U5CYAi9KgCDBJWtu6M8edV 8 | -----END ENCRYPTED PRIVATE KEY----- 9 | -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-p384.pkcs8.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDB7jIEkTYf/O4QMPM+o 3 | KGha8Z9rgfRVOJNWMHRuLvw5HuIJhgobe9n1xUaydBj7/nmhZANiAASsmR291tkF 4 | a+aXcNUqBec55lIFYjRvaKvOP7vL7nSj1PGsPgud/YF7w33yb56fwE7H9ELG3+3j 5 | JM26/rx9JZyKurTnhQVkWe/ZHB+59Dqke9zAzDXW0vRmOoFCrZL8IRw= 6 | -----END PRIVATE KEY----- 7 | -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-p384.sec1.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/element-hq/matrix-authentication-service/d8fa8f7018bcd6e2b33628aa6932f421d885a2cf/crates/keystore/tests/keys/ec-p384.sec1.der -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec-p384.sec1.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MIGkAgEBBDB7jIEkTYf/O4QMPM+oKGha8Z9rgfRVOJNWMHRuLvw5HuIJhgobe9n1 3 | xUaydBj7/nmgBwYFK4EEACKhZANiAASsmR291tkFa+aXcNUqBec55lIFYjRvaKvO 4 | P7vL7nSj1PGsPgud/YF7w33yb56fwE7H9ELG3+3jJM26/rx9JZyKurTnhQVkWe/Z 5 | HB+59Dqke9zAzDXW0vRmOoFCrZL8IRw= 6 | -----END EC PRIVATE KEY----- 7 | -------------------------------------------------------------------------------- /crates/keystore/tests/keys/ec256.pkcs8.encrypted.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN ENCRYPTED PRIVATE KEY----- 2 | MIHsMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAhuoY9YhPfgvwICCAAw 3 | DAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEIYpzmbQGScgbLLC3aqyxIAEgZB0 4 | BfhaPQtEGidyNscFjopgxP/wHTdrvzFzqgikeOif9/GeaEXjRlc6vBEGnkq0gR6P 5 | i1E1ie31wwasBK3EwvvSgJdMsSQyD+RjpQy+0RqncNhsJvE9gshMCSWDxqR/CIJw 6 | VnZeGxhWFYQf9ybcBBwp2W/bqInPdQdqGwUi9agkWdmui2B9bb4eKz5p2htVClQ= 7 | -----END ENCRYPTED PRIVATE KEY----- 8 | -------------------------------------------------------------------------------- /crates/keystore/tests/keys/rsa.pkcs1.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/element-hq/matrix-authentication-service/d8fa8f7018bcd6e2b33628aa6932f421d885a2cf/crates/keystore/tests/keys/rsa.pkcs1.der -------------------------------------------------------------------------------- /crates/keystore/tests/keys/rsa.pkcs8.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/element-hq/matrix-authentication-service/d8fa8f7018bcd6e2b33628aa6932f421d885a2cf/crates/keystore/tests/keys/rsa.pkcs8.der -------------------------------------------------------------------------------- /crates/keystore/tests/keys/rsa.pkcs8.encrypted.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/element-hq/matrix-authentication-service/d8fa8f7018bcd6e2b33628aa6932f421d885a2cf/crates/keystore/tests/keys/rsa.pkcs8.encrypted.der -------------------------------------------------------------------------------- /crates/keystore/tests/snapshots/keystore__generate_sign_and_verify-2.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/keystore/tests/keystore.rs 3 | expression: "ec_p256.to_pem(LineEnding::LF).unwrap()" 4 | --- 5 | -----BEGIN EC PRIVATE KEY----- 6 | MHcCAQEEIH3L+ZYgfEaJtclP07qPQBrmkHEhYkyYooxvU8AlSW+CoAoGCCqGSM49 7 | AwEHoUQDQgAEXcA+X+lhDCmmzaUQFh7i7gkT7mwdrRUsMl9RSfyWh93n+xq3O4/m 8 | vMmUnlvy7tBoHkcAdTJ+Zkv+loLw+mkcBA== 9 | -----END EC PRIVATE KEY----- 10 | 11 | -------------------------------------------------------------------------------- /crates/keystore/tests/snapshots/keystore__generate_sign_and_verify-3.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/keystore/tests/keystore.rs 3 | expression: "ec_p384.to_pem(LineEnding::LF).unwrap()" 4 | --- 5 | -----BEGIN EC PRIVATE KEY----- 6 | MIGkAgEBBDAl3R97SR8hWLuMH6737YdvXVb7P7T9pKSIhQozmzN+r+V5Ncvjn+DQ 7 | Q/QxYr9nLwOgBwYFK4EEACKhZANiAASa86XQW7CDF9GhvcBY53sJ4lP0z9rfrjwo 8 | nwixQJIWBROjlpsm5hdIwLfj46IUPYCNEoD8VP8eR2s/uzlgEv1hnz/2wmLlMqU0 9 | 2R5QcY7Gc9CyDTO1bh5V2FFYjks4xfs= 10 | -----END EC PRIVATE KEY----- 11 | 12 | -------------------------------------------------------------------------------- /crates/keystore/tests/snapshots/keystore__generate_sign_and_verify-4.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/keystore/tests/keystore.rs 3 | expression: "ec_k256.to_pem(LineEnding::LF).unwrap()" 4 | --- 5 | -----BEGIN EC PRIVATE KEY----- 6 | MHQCAQEEIBcikq9QkV39T8VFZWD4j5wO9xm0FWxhuAmvDRpix8XUoAcGBSuBBAAK 7 | oUQDQgAEf4htTtPsdxlZn1htWE3ueHT4JB/4n4lxVOQdT/3RFuCS5aKQ04oS9pKM 8 | QAHAn1bjbLRQ88Yxi3CgHuCitS+RrA== 9 | -----END EC PRIVATE KEY----- 10 | 11 | -------------------------------------------------------------------------------- /crates/keystore/tests/snapshots/keystore__jwt_ES256.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/keystore/tests/keystore.rs 3 | expression: token.as_str() 4 | --- 5 | eyJhbGciOiJFUzI1NiJ9.IiI.Yvudbc_oPln_H02H9woFZurQrgzsuWGnRK2kZzat_rp2HYFZtYobvMw9LqPDgeqq9a1HiL_Hx796SqyobiTXJg 6 | -------------------------------------------------------------------------------- /crates/keystore/tests/snapshots/keystore__jwt_ES256K.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/keystore/tests/keystore.rs 3 | expression: token.as_str() 4 | --- 5 | eyJhbGciOiJFUzI1NksifQ.IiI.4q4ua7R-we5m58rKtLQDHJmQJb15dEUhj7A_H5kh591mrScXFmCYXVQI5iKKXGFHBV_AFISrJF4YjWCHDnLPeQ 6 | -------------------------------------------------------------------------------- /crates/keystore/tests/snapshots/keystore__jwt_ES384.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/keystore/tests/keystore.rs 3 | expression: token.as_str() 4 | --- 5 | eyJhbGciOiJFUzM4NCJ9.IiI.p9Otttjs3JOxZCeuIKwkql3YM-nfdxo__EVt84sex_PcokYjY47sa0qsvCqUUhpUoLSBihdchynuYqc5lOFuAM3Pi2pjg-ZrTqrzI23UlzFonlr4Zag9Qo3IYD10HKFq 6 | -------------------------------------------------------------------------------- /crates/keystore/tests/snapshots/keystore__jwt_PS256.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/keystore/tests/keystore.rs 3 | expression: token.as_str() 4 | --- 5 | eyJhbGciOiJQUzI1NiJ9.IiI.HlJaOfS2PMi4mWzE8-0EgXt06-MeqzaLRy_04gs4HTS7FugbSJ0rJiwUwhss6O1KWT9TvDqo6AQBO_2hV1DKDiBIIh5Z6M92uC4MJNVLbAVQo6dSBt2DfSzioBI5MoDOBvgbIwSZAIFMqKTbYDa9rQ3XRAaClpqrIN-ACa3gz99ds5mYvUyiYsL5uuEBuWrp8DRk6WKjduhpOi4sMvylZbnfop1uHbvg6_dk5lzXt-1MKIW1QJW_63cFn7vdap5T9U4DBsEkCzYtuwgU-UCmsC8W07QEfcrJhHIlYoPQPHePKF0A4dVHKrgRmf1ik2p6e-VNw129JMvx0KO6v_JBww 6 | -------------------------------------------------------------------------------- /crates/keystore/tests/snapshots/keystore__jwt_PS384.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/keystore/tests/keystore.rs 3 | expression: token.as_str() 4 | --- 5 | eyJhbGciOiJQUzM4NCJ9.IiI.AHBo1kZW72IQfs7NvjfrD_WpDa9avLdKyf_rqcCp0mJtGID60cgOG5RDTmI6K7TwzykW6l6LjEuYXDR8hemri6mQrtpQ6rMVTJwqJ6D8M92vH4b2gDBwSwbKz427bGdd_fnqm5K2ntwZGC7pceYg1zbcUQ6NJXs3vqKI6YSKustmm9yA1iMfugFG4eLAPrpfTtLmT1sSWYTYWHVT-6G5q7Bfk7Yu5aHiGDQTo427-Y9YF2fabIuDyCGG48UrBp0ajlm1MHKCBuOvK6NI5Jojd9IWDIf7tvAArsrKVR8QRvDXqqPInJEEZ5x7H1YEEZ5Qrh4XKVhRh9b3O-grDMxMng 6 | -------------------------------------------------------------------------------- /crates/keystore/tests/snapshots/keystore__jwt_PS512.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/keystore/tests/keystore.rs 3 | expression: token.as_str() 4 | --- 5 | eyJhbGciOiJQUzUxMiJ9.IiI.o_-UDhc26qYAstuaFJQUz8OKw3UeMc4N7b3U4qcLM-84dxRdw-wBw1rf94jX71vsrFQ2bEh6J5fc4_VtYgKBb2P6QvoL55c7Gqr-5JBw8BkoiiCzlvKIsi_j41FH5Gb4ZBE5Nf9vZD7DnD9BhYXadxaiksx20oNRKIKQ3oMiJxH1w0c-miCSoIR0jnS1QLlKoHYVb7wnkCiR2SOYQ42Je8B8REVzWm2GrqS2cRWnpi3nHihrapruL_BA161Ip1uH4lUFdZLXeG-R6pAlg1OJ_QXSZlP16nzT6MAW_-IFXfioR1QKT8AFNBodY8zlQCGglMyppZi5Y9i7YaMxFgnM4A 6 | -------------------------------------------------------------------------------- /crates/keystore/tests/snapshots/keystore__jwt_RS256.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/keystore/tests/keystore.rs 3 | expression: token.as_str() 4 | --- 5 | eyJhbGciOiJSUzI1NiJ9.IiI.H_iz_ry505dPMNxQIi4raU88i3wu7DS0Rre6Qm_LJz0Ee_gd5C_t92fBcrFkber1XL_p8AvlXx4DT2Zr_PMBL_2IblJ7t0Od5wnGC__twarj0v1t6KfUkLXcJ3Jy-StnHNbFTmdFnLuGGWIO7xG9h6xgKIvTroVoLJekMzYCc0wSFiyCfaow4yuKesQHUO-N9VDDPoYhkCPqbhVI_d0y6u7KmQy97FbCdCIxvPGHWrwxWcmYbTh4K9xhGDspDUUEubjYTg3t-oaMc2TJqWvu2FE8jyD02A8OCgca6bCU3NmV_Qr6LSUpFNsL4c-0sIp3-L9ndEWzGnN-ZeeGKur-FQ 6 | -------------------------------------------------------------------------------- /crates/keystore/tests/snapshots/keystore__jwt_RS384.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/keystore/tests/keystore.rs 3 | expression: token.as_str() 4 | --- 5 | eyJhbGciOiJSUzM4NCJ9.IiI.bxKYTQQ4RlxOUvxbU_kuwJKGXXiuIPeRgO78a_3zHjvxIzDNKDvQK3w4DUVTlibR-iTVOASRSycWifBJZx_tsU7-BSqrBcjMtgP7mW-HwZ6pANO071iPkkiQU7gqMzbc2tz4uqGI0Z0izkX0_9dOOFSb7jKIUMzzW1O14fBPhZ4kPqkj07A9S9LW9lauQUTXrFgyEaT6G372cyNxi3-T55u9lkjjiiVN4TAhkaXUSN79IE2rNstU8DtKKs725WNUFy30f1-Ftc-J2uGEOsMZ9CQvEVPwOKbvFY2Uh1S8-FT4ahhwj1fxrmUwDH2lSmz6Rj5zf9-FF-IzivSVq4Z4ig 6 | -------------------------------------------------------------------------------- /crates/keystore/tests/snapshots/keystore__jwt_RS512.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/keystore/tests/keystore.rs 3 | expression: token.as_str() 4 | --- 5 | eyJhbGciOiJSUzUxMiJ9.IiI.nFsZ3X8GCgpPEojuEktc9a4C-YGQYx8XpbzhOkgnMVrw_wpqIQgWI--4r6BYV6TYAH8NBdQ8Dkdw6POh1Ni-vAtE2rAzjU19ySth5mfP7WEJXRxA1oEV3-dOqCgUI2JJEM13DuLlWFsUaOCbc1_kCkiziTcLtNap__EPGp5koRy-ZyVa1p_mQSQ4NlhJ3hZfHMGnQ0k3RWnpBn3AqERWllQllLniWGQ4l7rZStsD8PRr-rg7P7W7CRIyjrDqy_3bNJyKQCzs_oUrxO-Z7CU6-KfAeyM2U80TQvhZb-Z8_1dJ8e9WsfudQMLtHgO4tlD678Ywezjvr5ackZdn4QEEEA 6 | -------------------------------------------------------------------------------- /crates/listener/examples/demo/certs/ca.json: -------------------------------------------------------------------------------- 1 | { 2 | "CN": "My own CA", 3 | "key": { 4 | "algo": "rsa", 5 | "size": 2048 6 | }, 7 | "names": [ 8 | { 9 | "C": "US", 10 | "L": "CA", 11 | "O": "My Company Name", 12 | "ST": "San Francisco", 13 | "OU": "Org Unit 1" 14 | } 15 | ] 16 | } 17 | -------------------------------------------------------------------------------- /crates/listener/examples/demo/certs/client.json: -------------------------------------------------------------------------------- 1 | { 2 | "CN": "client", 3 | "hosts": [ 4 | "localhost", 5 | "127.0.0.1" 6 | ], 7 | "key": { 8 | "algo": "rsa", 9 | "size": 2048 10 | }, 11 | "names": [ 12 | { 13 | "C": "US", 14 | "ST": "CA", 15 | "L": "San Francisco" 16 | } 17 | ] 18 | } 19 | -------------------------------------------------------------------------------- /crates/listener/examples/demo/certs/config.json: -------------------------------------------------------------------------------- 1 | { 2 | "signing": { 3 | "default": { 4 | "expiry": "43800h" 5 | }, 6 | "profiles": { 7 | "server": { 8 | "expiry": "43800h", 9 | "usages": [ 10 | "signing", 11 | "key encipherment", 12 | "server auth" 13 | ] 14 | }, 15 | "client": { 16 | "expiry": "43800h", 17 | "usages": [ 18 | "signing", 19 | "key encipherment", 20 | "client auth" 21 | ] 22 | } 23 | } 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /crates/listener/examples/demo/certs/gen.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # Script to regenerate the server and client certificate 4 | 5 | set -eux 6 | 7 | cd "$(dirname "$0")" 8 | rm -f ./*.pem ./*.csr 9 | cfssl gencert -config=config.json -initca ca.json | cfssljson -bare ca 10 | cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=config.json -profile=server server.json | cfssljson -bare server 11 | cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=config.json -profile=client client.json | cfssljson -bare client 12 | -------------------------------------------------------------------------------- /crates/listener/examples/demo/certs/server.json: -------------------------------------------------------------------------------- 1 | { 2 | "CN": "localhost", 3 | "hosts": [ 4 | "localhost", 5 | "127.0.0.1" 6 | ], 7 | "key": { 8 | "algo": "rsa", 9 | "size": 2048 10 | }, 11 | "names": [ 12 | { 13 | "C": "US", 14 | "ST": "CA", 15 | "L": "San Francisco" 16 | } 17 | ] 18 | } 19 | -------------------------------------------------------------------------------- /crates/listener/src/proxy_protocol/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | mod acceptor; 8 | mod maybe; 9 | mod v1; 10 | 11 | pub use self::{ 12 | acceptor::{ProxyAcceptError, ProxyAcceptor}, 13 | maybe::MaybeProxyAcceptor, 14 | v1::ProxyProtocolV1Info, 15 | }; 16 | -------------------------------------------------------------------------------- /crates/matrix-synapse/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "mas-matrix-synapse" 3 | version.workspace = true 4 | authors.workspace = true 5 | edition.workspace = true 6 | license.workspace = true 7 | homepage.workspace = true 8 | repository.workspace = true 9 | publish = false 10 | 11 | [lints] 12 | workspace = true 13 | 14 | [dependencies] 15 | anyhow.workspace = true 16 | async-trait.workspace = true 17 | http.workspace = true 18 | reqwest.workspace = true 19 | serde.workspace = true 20 | thiserror.workspace = true 21 | tracing.workspace = true 22 | url.workspace = true 23 | urlencoding = "2.1.3" 24 | 25 | mas-http.workspace = true 26 | mas-matrix.workspace = true 27 | -------------------------------------------------------------------------------- /crates/matrix/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "mas-matrix" 3 | version.workspace = true 4 | authors.workspace = true 5 | edition.workspace = true 6 | license.workspace = true 7 | homepage.workspace = true 8 | repository.workspace = true 9 | publish = false 10 | 11 | [lints] 12 | workspace = true 13 | 14 | [dependencies] 15 | anyhow.workspace = true 16 | async-trait.workspace = true 17 | tokio.workspace = true 18 | ruma-common.workspace = true 19 | -------------------------------------------------------------------------------- /crates/oidc-client/src/requests/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 Kévin Commaille. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | //! Methods to interact with OpenID Connect and OAuth2.0 endpoints. 8 | 9 | pub mod authorization_code; 10 | pub mod client_credentials; 11 | pub mod discovery; 12 | pub mod jose; 13 | pub mod refresh_token; 14 | pub mod token; 15 | pub mod userinfo; 16 | -------------------------------------------------------------------------------- /crates/oidc-client/src/types/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 Kévin Commaille. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | //! OAuth 2.0 and OpenID Connect types. 8 | 9 | pub mod client_credentials; 10 | 11 | use std::collections::HashMap; 12 | 13 | #[doc(inline)] 14 | pub use mas_iana as iana; 15 | use mas_jose::jwt::Jwt; 16 | pub use oauth2_types::*; 17 | use serde_json::Value; 18 | 19 | /// An OpenID Connect [ID Token]. 20 | /// 21 | /// [ID Token]: https://openid.net/specs/openid-connect-core-1_0.html#IDToken 22 | pub type IdToken<'a> = Jwt<'a, HashMap>; 23 | -------------------------------------------------------------------------------- /crates/oidc-client/tests/it/requests/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 Kévin Commaille. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | mod authorization_code; 8 | mod client_credentials; 9 | mod discovery; 10 | mod jose; 11 | mod refresh_token; 12 | mod userinfo; 13 | -------------------------------------------------------------------------------- /crates/oidc-client/tests/it/types/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 Kévin Commaille. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | mod client_credentials; 8 | -------------------------------------------------------------------------------- /crates/router/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "mas-router" 3 | version.workspace = true 4 | authors.workspace = true 5 | edition.workspace = true 6 | license.workspace = true 7 | homepage.workspace = true 8 | repository.workspace = true 9 | publish = false 10 | 11 | [lints] 12 | workspace = true 13 | 14 | [dependencies] 15 | axum.workspace = true 16 | serde.workspace = true 17 | serde_urlencoded = "0.7.1" 18 | url.workspace = true 19 | ulid.workspace = true 20 | -------------------------------------------------------------------------------- /crates/spa/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "mas-spa" 3 | version.workspace = true 4 | authors.workspace = true 5 | edition.workspace = true 6 | license.workspace = true 7 | homepage.workspace = true 8 | repository.workspace = true 9 | publish = false 10 | 11 | [lints] 12 | workspace = true 13 | 14 | [dependencies] 15 | serde.workspace = true 16 | thiserror.workspace = true 17 | camino = { workspace = true, features = ["serde1"] } 18 | 19 | -------------------------------------------------------------------------------- /crates/spa/src/lib.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | #![deny(rustdoc::missing_crate_level_docs)] 8 | 9 | //! A crate to help serve single-page apps built by Vite. 10 | 11 | mod vite; 12 | 13 | pub use self::vite::Manifest as ViteManifest; 14 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-015f7ad7c8d5403ce4dfb71d598fd9af472689d5aef7c1c4b1c594ca57c02237.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE oauth2_authorization_grants\n SET fulfilled_at = $2\n , oauth2_session_id = $3\n WHERE oauth2_authorization_grant_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz", 10 | "Uuid" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "015f7ad7c8d5403ce4dfb71d598fd9af472689d5aef7c1c4b1c594ca57c02237" 16 | } 17 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-036e9e2cb7271782e48700fecd3fdd80f596ed433f37f2528c7edbdc88b13646.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n DELETE FROM oauth2_consents\n WHERE oauth2_client_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "036e9e2cb7271782e48700fecd3fdd80f596ed433f37f2528c7edbdc88b13646" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-037fae6964130343453ef607791c4c3deaa01b5aaa091d3a3487caf3e2634daf.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO user_terms (user_terms_id, user_id, terms_url, created_at)\n VALUES ($1, $2, $3, $4)\n ON CONFLICT (user_id, terms_url) DO NOTHING\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Uuid", 10 | "Text", 11 | "Timestamptz" 12 | ] 13 | }, 14 | "nullable": [] 15 | }, 16 | "hash": "037fae6964130343453ef607791c4c3deaa01b5aaa091d3a3487caf3e2634daf" 17 | } 18 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-048eec775f4af3ffd805e830e8286c6a5745e523b76e1083d6bfced0035c2f76.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE upstream_oauth_providers\n SET disabled_at = $2\n WHERE upstream_oauth_provider_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "048eec775f4af3ffd805e830e8286c6a5745e523b76e1083d6bfced0035c2f76" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-05b4dd39521eaf4e8e3c21654df67c00c8781f54054a84b3f3005b65cbc2a14a.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO user_email_authentications\n ( user_email_authentication_id\n , user_session_id\n , email\n , created_at\n )\n VALUES ($1, $2, $3, $4)\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Uuid", 10 | "Text", 11 | "Timestamptz" 12 | ] 13 | }, 14 | "nullable": [] 15 | }, 16 | "hash": "05b4dd39521eaf4e8e3c21654df67c00c8781f54054a84b3f3005b65cbc2a14a" 17 | } 18 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-07cd2da428f0984513b4ce58e526c35c9c236ea8beb6696e5740fa45655e59f3.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE queue_jobs\n SET next_attempt_id = $1\n WHERE queue_job_id = $2\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Uuid" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "07cd2da428f0984513b4ce58e526c35c9c236ea8beb6696e5740fa45655e59f3" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-12c4577701416a9dc23708c46700f3f086e4e62c6de9d6864a6a11a2470ebe62.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO queue_workers (queue_worker_id, registered_at, last_seen_at)\n VALUES ($1, $2, $2)\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "12c4577701416a9dc23708c46700f3f086e4e62c6de9d6864a6a11a2470ebe62" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-1764715e59f879f6b917ca30f8e3c1de5910c7a46e7fe52d1fb3bfd5561ac320.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE user_recovery_sessions\n SET consumed_at = $1\n WHERE user_recovery_session_id = $2\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Timestamptz", 9 | "Uuid" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "1764715e59f879f6b917ca30f8e3c1de5910c7a46e7fe52d1fb3bfd5561ac320" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-188a4aeef5a8b4bf3230c7176ded64d52804848df378dc74f8f54ec4404e094e.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE user_registrations\n SET terms_url = $2\n WHERE user_registration_id = $1 AND completed_at IS NULL\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Text" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "188a4aeef5a8b4bf3230c7176ded64d52804848df378dc74f8f54ec4404e094e" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-1919d402fd6f148d14417f633be3353004f458c85f7b4f361802f86651900fbc.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE oauth2_sessions\n SET user_agent = $2\n WHERE oauth2_session_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Text" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "1919d402fd6f148d14417f633be3353004f458c85f7b4f361802f86651900fbc" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-1dbc50cdab36da307c569891ab7b1ab4aaf128fed6be67ca0f139d697614c63b.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE users\n SET can_request_admin = $2\n WHERE user_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Bool" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "1dbc50cdab36da307c569891ab7b1ab4aaf128fed6be67ca0f139d697614c63b" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-1eb829460407fca22b717b88a1a0a9b7b920d807a4b6c235e1bee524cd73b266.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n DELETE FROM upstream_oauth_links\n WHERE upstream_oauth_provider_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "1eb829460407fca22b717b88a1a0a9b7b920d807a4b6c235e1bee524cd73b266" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-22896e8f2a002f307089c3e0f9ee561e6521c45ce07d3a42411984c9a6b75fdc.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE users\n SET locked_at = NULL\n WHERE user_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "22896e8f2a002f307089c3e0f9ee561e6521c45ce07d3a42411984c9a6b75fdc" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-2564bf6366eb59268c41fb25bb40d0e4e9e1fd1f9ea53b7a359c9025d7304223.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE oauth2_access_tokens\n SET revoked_at = $2\n WHERE oauth2_access_token_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "2564bf6366eb59268c41fb25bb40d0e4e9e1fd1f9ea53b7a359c9025d7304223" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-29148548d592046f7d711676911e3847e376e443ccd841f76b17a81f53fafc3a.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE compat_sessions\n SET user_agent = $2\n WHERE compat_session_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Text" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "29148548d592046f7d711676911e3847e376e443ccd841f76b17a81f53fafc3a" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-2a0d8d70d21afa9a2c9c1c432853361bb85911c48f7db6c3873b0f5abf35940b.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n DELETE FROM oauth2_authorization_grants\n WHERE oauth2_client_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "2a0d8d70d21afa9a2c9c1c432853361bb85911c48f7db6c3873b0f5abf35940b" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-2ee26886c56f04cd53d4c0968f5cf0963f92b6d15e6af0e69378a6447dee677c.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n DELETE FROM oauth2_access_tokens\n WHERE oauth2_session_id IN (\n SELECT oauth2_session_id\n FROM oauth2_sessions\n WHERE oauth2_client_id = $1\n )\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "2ee26886c56f04cd53d4c0968f5cf0963f92b6d15e6af0e69378a6447dee677c" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-2f7aba76cd7df75d6a9a6d91d5ddebaedf37437f3bd4f796f5581fab997587d7.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE users\n SET deactivated_at = $2\n WHERE user_id = $1\n AND deactivated_at IS NULL\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "2f7aba76cd7df75d6a9a6d91d5ddebaedf37437f3bd4f796f5581fab997587d7" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-373f7eb215b0e515b000a37e55bd055954f697f257de026b74ec408938a52a1a.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE oauth2_sessions SET finished_at = $3 WHERE user_id = $1 AND $2 = ANY(scope_list) AND finished_at IS NULL\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Text", 10 | "Timestamptz" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "373f7eb215b0e515b000a37e55bd055954f697f257de026b74ec408938a52a1a" 16 | } 17 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-399e261027fe6c9167511636157ab747a469404533f59ff6fbd56e9eb5ad38e1.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n DELETE FROM queue_leader\n WHERE queue_worker_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "399e261027fe6c9167511636157ab747a469404533f59ff6fbd56e9eb5ad38e1" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-3c7960a2eb2edd71bc71177fc0fb2e83858c9944893b8f3a0f0131e8a9b7a494.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE queue_jobs\n SET status = 'available'\n WHERE\n status = 'scheduled'\n AND scheduled_at <= $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Timestamptz" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "3c7960a2eb2edd71bc71177fc0fb2e83858c9944893b8f3a0f0131e8a9b7a494" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-3d66f3121b11ce923b9c60609b510a8ca899640e78cc8f5b03168622928ffe94.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n DELETE FROM user_emails\n WHERE user_email_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "3d66f3121b11ce923b9c60609b510a8ca899640e78cc8f5b03168622928ffe94" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-3e6e3aad53b22fc53eb3ee881b29bb249b18ced57d6a4809dffc23972b3e9423.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE queue_schedules\n SET last_scheduled_at = $1,\n last_scheduled_job_id = $2\n WHERE schedule_name = $3\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Timestamptz", 9 | "Uuid", 10 | "Text" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "3e6e3aad53b22fc53eb3ee881b29bb249b18ced57d6a4809dffc23972b3e9423" 16 | } 17 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-3ed73cfce8ef6a1108f454e18b1668f64b76975dba07e67d04ed7a52e2e8107f.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE upstream_oauth_authorization_sessions SET\n upstream_oauth_link_id = NULL,\n unlinked_at = $2\n WHERE upstream_oauth_link_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "3ed73cfce8ef6a1108f454e18b1668f64b76975dba07e67d04ed7a52e2e8107f" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-3f9d76f442c82a1631da931950b83b80c9620e1825ab07ab6c52f3f1a32d2527.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE compat_sso_logins\n SET\n user_session_id = $2,\n fulfilled_at = $3\n WHERE\n compat_sso_login_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Uuid", 10 | "Timestamptz" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "3f9d76f442c82a1631da931950b83b80c9620e1825ab07ab6c52f3f1a32d2527" 16 | } 17 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-4968c60adef69c7215a7efe2021baffb050b2f475ae106155c2e2f210a81191a.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE user_registrations\n SET email_authentication_id = $2\n WHERE user_registration_id = $1 AND completed_at IS NULL\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Uuid" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "4968c60adef69c7215a7efe2021baffb050b2f475ae106155c2e2f210a81191a" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-5006c3e60c98c91a0b0fbb3205373e81d9b75e90929af80961f8b5910873a43e.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n DELETE FROM policy_data\n WHERE policy_data_id IN (\n SELECT policy_data_id\n FROM policy_data\n ORDER BY policy_data_id DESC\n OFFSET $1\n )\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Int8" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "5006c3e60c98c91a0b0fbb3205373e81d9b75e90929af80961f8b5910873a43e" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-5b21644dd3c094b0f2f8babb2c730554dc067d0a6cad963dd7e0c66a80b342bf.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE queue_schedules\n SET last_scheduled_at = $1,\n last_scheduled_job_id = $2\n WHERE last_scheduled_job_id = $3\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Timestamptz", 9 | "Uuid", 10 | "Uuid" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "5b21644dd3c094b0f2f8babb2c730554dc067d0a6cad963dd7e0c66a80b342bf" 16 | } 17 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-5b697dd7834d33ec55972d3ba43d25fe794bc0b69c5938275711faa7a80b811f.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n DELETE FROM oauth2_refresh_tokens\n WHERE oauth2_session_id IN (\n SELECT oauth2_session_id\n FROM oauth2_sessions\n WHERE oauth2_client_id = $1\n )\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "5b697dd7834d33ec55972d3ba43d25fe794bc0b69c5938275711faa7a80b811f" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-5f2199865fae3a969bb37429dd70dc74505b22c681322bd99b62c2a540c6cd35.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE queue_workers\n SET shutdown_at = $2\n WHERE queue_worker_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "5f2199865fae3a969bb37429dd70dc74505b22c681322bd99b62c2a540c6cd35" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-5fe1bb569d13a7d3ff22887b3fc5b76ff901c183b314f8ccb5018d70c516abf6.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n DELETE FROM oauth2_clients\n WHERE oauth2_client_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "5fe1bb569d13a7d3ff22887b3fc5b76ff901c183b314f8ccb5018d70c516abf6" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-608366f45ecaf392ab69cddb12252b5efcc103c3383fa68b552295e2289d1f55.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO user_session_authentications\n (user_session_authentication_id, user_session_id, created_at, user_password_id)\n VALUES ($1, $2, $3, $4)\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Uuid", 10 | "Timestamptz", 11 | "Uuid" 12 | ] 13 | }, 14 | "nullable": [] 15 | }, 16 | "hash": "608366f45ecaf392ab69cddb12252b5efcc103c3383fa68b552295e2289d1f55" 17 | } 18 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-66693f31eff5673e88ca516ee727a709b06455e08b9fd75cc08f142070f330b3.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE oauth2_refresh_tokens\n SET revoked_at = $2\n WHERE oauth2_refresh_token_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "66693f31eff5673e88ca516ee727a709b06455e08b9fd75cc08f142070f330b3" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-67cd4880d84b38f20c3960789934d55cbfb01492985ac2af5a1ad4af9b3ccc77.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO queue_leader (elected_at, expires_at, queue_worker_id)\n VALUES ($1, NOW() + INTERVAL '5 seconds', $2)\n ON CONFLICT (active)\n DO UPDATE SET expires_at = EXCLUDED.expires_at\n WHERE queue_leader.queue_worker_id = $2\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Timestamptz", 9 | "Uuid" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "67cd4880d84b38f20c3960789934d55cbfb01492985ac2af5a1ad4af9b3ccc77" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-689ffbfc5137ec788e89062ad679bbe6b23a8861c09a7246dc1659c28f12bf8d.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE upstream_oauth_authorization_sessions\n SET consumed_at = $1\n WHERE upstream_oauth_authorization_session_id = $2\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Timestamptz", 9 | "Uuid" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "689ffbfc5137ec788e89062ad679bbe6b23a8861c09a7246dc1659c28f12bf8d" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-6bd38759f569fcf972924d12f565b531b9873f4139eadcbf1450e726b9a27379.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE queue_workers\n SET shutdown_at = $1\n WHERE shutdown_at IS NULL\n AND last_seen_at < $2\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Timestamptz", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "6bd38759f569fcf972924d12f565b531b9873f4139eadcbf1450e726b9a27379" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-6e21e7d816f806da9bb5176931bdb550dee05c44c9d93f53df95fe3b4a840347.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO compat_sso_logins\n (compat_sso_login_id, login_token, redirect_uri, created_at)\n VALUES ($1, $2, $3, $4)\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Text", 10 | "Text", 11 | "Timestamptz" 12 | ] 13 | }, 14 | "nullable": [] 15 | }, 16 | "hash": "6e21e7d816f806da9bb5176931bdb550dee05c44c9d93f53df95fe3b4a840347" 17 | } 18 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-6ecad60e565367a6cfa539b4c32dabe674ea853e0d47eb5c713705cb0130c758.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n NOTIFY queue_leader_stepdown\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [] 8 | }, 9 | "nullable": [] 10 | }, 11 | "hash": "6ecad60e565367a6cfa539b4c32dabe674ea853e0d47eb5c713705cb0130c758" 12 | } 13 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-6f97b5f9ad0d4d15387150bea3839fb7f81015f7ceef61ecaadba64521895cff.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO user_passwords\n (user_password_id, user_id, hashed_password, version, upgraded_from_id, created_at)\n VALUES ($1, $2, $3, $4, $5, $6)\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Uuid", 10 | "Text", 11 | "Int4", 12 | "Uuid", 13 | "Timestamptz" 14 | ] 15 | }, 16 | "nullable": [] 17 | }, 18 | "hash": "6f97b5f9ad0d4d15387150bea3839fb7f81015f7ceef61ecaadba64521895cff" 19 | } 20 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-7189b6136fd08ac9ae7c51bff06fb2254d1bf9e8a97cd7d32ba789c740e0fbdb.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE oauth2_access_tokens\n SET first_used_at = $2\n WHERE oauth2_access_token_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "7189b6136fd08ac9ae7c51bff06fb2254d1bf9e8a97cd7d32ba789c740e0fbdb" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-755f62d0a3a40acc90037371339a8459736fdd4bbffd932f7930d847f2c3ef5d.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE oauth2_device_code_grant\n SET rejected_at = $1\n , user_session_id = $2\n WHERE oauth2_device_code_grant_id = $3\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Timestamptz", 9 | "Uuid", 10 | "Uuid" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "755f62d0a3a40acc90037371339a8459736fdd4bbffd932f7930d847f2c3ef5d" 16 | } 17 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-7ce387b1b0aaf10e72adde667b19521b66eaafa51f73bf2f95e38b8f3b64a229.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE upstream_oauth_links\n SET user_id = $1\n WHERE upstream_oauth_link_id = $2\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Uuid" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "7ce387b1b0aaf10e72adde667b19521b66eaafa51f73bf2f95e38b8f3b64a229" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-7f4c4634ada4dc2745530dcca8eee92abf78dfbdf1a25e58a2bc9c14be8035f0.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO users (user_id, username, created_at)\n VALUES ($1, $2, $3)\n ON CONFLICT (username) DO NOTHING\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Text", 10 | "Timestamptz" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "7f4c4634ada4dc2745530dcca8eee92abf78dfbdf1a25e58a2bc9c14be8035f0" 16 | } 17 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-7f8335cc94347bc3a15afe7051658659347a1bf71dd62335df046708f19c967e.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n SELECT EXISTS(\n SELECT 1 FROM users WHERE LOWER(username) = LOWER($1)\n ) AS \"exists!\"\n ", 4 | "describe": { 5 | "columns": [ 6 | { 7 | "ordinal": 0, 8 | "name": "exists!", 9 | "type_info": "Bool" 10 | } 11 | ], 12 | "parameters": { 13 | "Left": [ 14 | "Text" 15 | ] 16 | }, 17 | "nullable": [ 18 | null 19 | ] 20 | }, 21 | "hash": "7f8335cc94347bc3a15afe7051658659347a1bf71dd62335df046708f19c967e" 22 | } 23 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-83d1b0720dfde3209d77f1142aa19359913b8a934ca8a642b7bb43c9a7a58a6d.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE user_registrations\n SET completed_at = $2\n WHERE user_registration_id = $1 AND completed_at IS NULL\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "83d1b0720dfde3209d77f1142aa19359913b8a934ca8a642b7bb43c9a7a58a6d" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-8acbdc892d44efb53529da1c2df65bea6b799a43cf4c9264a37d392847e6eff0.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n DELETE FROM oauth2_sessions\n WHERE oauth2_client_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "8acbdc892d44efb53529da1c2df65bea6b799a43cf4c9264a37d392847e6eff0" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-8afada5220fefb0d01ed6f87d3d0ee8fca86b5cdce9320e190e3d3b8fd9f63bc.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE oauth2_sessions\n SET human_name = $2\n WHERE oauth2_session_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Text" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "8afada5220fefb0d01ed6f87d3d0ee8fca86b5cdce9320e190e3d3b8fd9f63bc" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-8f5ce493e8b8473ba03d5263915a8b231f9e7c211ab83487536008e48316c269.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE user_registrations\n SET display_name = $2\n WHERE user_registration_id = $1 AND completed_at IS NULL\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Text" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "8f5ce493e8b8473ba03d5263915a8b231f9e7c211ab83487536008e48316c269" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-90fe32cb9c88a262a682c0db700fef7d69d6ce0be1f930d9f16c50b921a8b819.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO user_emails (user_email_id, user_id, email, created_at)\n VALUES ($1, $2, $3, $4)\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Uuid", 10 | "Text", 11 | "Timestamptz" 12 | ] 13 | }, 14 | "nullable": [] 15 | }, 16 | "hash": "90fe32cb9c88a262a682c0db700fef7d69d6ce0be1f930d9f16c50b921a8b819" 17 | } 18 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-91a3ee5ad64a947b7807a590f6b014c6856229918b972b98946f98b75686ab6c.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n DELETE FROM upstream_oauth_providers\n WHERE upstream_oauth_provider_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "91a3ee5ad64a947b7807a590f6b014c6856229918b972b98946f98b75686ab6c" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-92c8eb526fcc5de6874eb0fab1d71fb1ed3dafe2bd1a49aa72e4f4862931c6c2.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE oauth2_device_code_grant\n SET exchanged_at = $1\n , oauth2_session_id = $2\n WHERE oauth2_device_code_grant_id = $3\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Timestamptz", 9 | "Uuid", 10 | "Uuid" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "92c8eb526fcc5de6874eb0fab1d71fb1ed3dafe2bd1a49aa72e4f4862931c6c2" 16 | } 17 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-966ca0f7eebd2896c007b2fd6e9327d03b29fe413d57cce21c67b6d539f59e7d.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE queue_workers\n SET last_seen_at = $2\n WHERE queue_worker_id = $1 AND shutdown_at IS NULL\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "966ca0f7eebd2896c007b2fd6e9327d03b29fe413d57cce21c67b6d539f59e7d" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-9c9c65d4ca6847761d8f999253590082672b3782875cf3f5ba0b2f9d26e3a507.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO user_session_authentications\n (user_session_authentication_id, user_session_id, created_at, upstream_oauth_authorization_session_id)\n VALUES ($1, $2, $3, $4)\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Uuid", 10 | "Timestamptz", 11 | "Uuid" 12 | ] 13 | }, 14 | "nullable": [] 15 | }, 16 | "hash": "9c9c65d4ca6847761d8f999253590082672b3782875cf3f5ba0b2f9d26e3a507" 17 | } 18 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-9f7bdc034c618e47e49c467d0d7f5b8c297d055abe248cc876dbc12c5a7dc920.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO compat_refresh_tokens\n (compat_refresh_token_id, compat_session_id,\n compat_access_token_id, refresh_token, created_at)\n VALUES ($1, $2, $3, $4, $5)\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Uuid", 10 | "Uuid", 11 | "Text", 12 | "Timestamptz" 13 | ] 14 | }, 15 | "nullable": [] 16 | }, 17 | "hash": "9f7bdc034c618e47e49c467d0d7f5b8c297d055abe248cc876dbc12c5a7dc920" 18 | } 19 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-a63a217981b97448ddcc96b2489ddd9d3bc8c99b5b8b1d373939fc3ae9715c27.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE queue_jobs\n SET status = 'completed', completed_at = $1\n WHERE queue_job_id = $2 AND status = 'running'\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Timestamptz", 9 | "Uuid" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "a63a217981b97448ddcc96b2489ddd9d3bc8c99b5b8b1d373939fc3ae9715c27" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-a7f780528882a2ae66c45435215763eed0582264861436eab3f862e3eb12cab1.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO compat_access_tokens\n (compat_access_token_id, compat_session_id, access_token, created_at, expires_at)\n VALUES ($1, $2, $3, $4, $5)\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Uuid", 10 | "Text", 11 | "Timestamptz", 12 | "Timestamptz" 13 | ] 14 | }, 15 | "nullable": [] 16 | }, 17 | "hash": "a7f780528882a2ae66c45435215763eed0582264861436eab3f862e3eb12cab1" 18 | } 19 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-ab34912b42a48a8b5c8d63e271b99b7d0b690a2471873c6654b1b6cf2079b95c.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE compat_sessions cs\n SET finished_at = $2\n WHERE compat_session_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "ab34912b42a48a8b5c8d63e271b99b7d0b690a2471873c6654b1b6cf2079b95c" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-afa86e79e3de2a83265cb0db8549d378a2f11b2a27bbd86d60558318c87eb698.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO oauth2_access_tokens\n (oauth2_access_token_id, oauth2_session_id, access_token, created_at, expires_at)\n VALUES\n ($1, $2, $3, $4, $5)\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Uuid", 10 | "Text", 11 | "Timestamptz", 12 | "Timestamptz" 13 | ] 14 | }, 15 | "nullable": [] 16 | }, 17 | "hash": "afa86e79e3de2a83265cb0db8549d378a2f11b2a27bbd86d60558318c87eb698" 18 | } 19 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-b60d34f4d250c12f75dba10491c1337d69aebad12be6fbfbdde91e34083ba4ed.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE user_registrations\n SET hashed_password = $2, hashed_password_version = $3\n WHERE user_registration_id = $1 AND completed_at IS NULL\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Text", 10 | "Int4" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "b60d34f4d250c12f75dba10491c1337d69aebad12be6fbfbdde91e34083ba4ed" 16 | } 17 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-b6c4f4a23968cba2a82c2b7cfffc05a7ed582c9e5c1f65d27b0686f843ccfe42.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO policy_data (policy_data_id, created_at, data)\n VALUES ($1, $2, $3)\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz", 10 | "Jsonb" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "b6c4f4a23968cba2a82c2b7cfffc05a7ed582c9e5c1f65d27b0686f843ccfe42" 16 | } 17 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-b700dc3f7d0f86f4904725d8357e34b7e457f857ed37c467c314142877fd5367.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE oauth2_sessions\n SET finished_at = $2\n WHERE oauth2_session_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "b700dc3f7d0f86f4904725d8357e34b7e457f857ed37c467c314142877fd5367" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-b74e4d620bed4832a4e8e713a346691f260a7eca4bf494d6fb11c7cf699adaad.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE compat_sessions SET finished_at = $3 WHERE user_id = $1 AND device_id = $2 AND finished_at IS NULL\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Text", 10 | "Timestamptz" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "b74e4d620bed4832a4e8e713a346691f260a7eca4bf494d6fb11c7cf699adaad" 16 | } 17 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-b992283a9b43cbb8f86149f3f55cb47fb628dabd8fadc50e6a5772903f851e1c.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n DELETE FROM upstream_oauth_authorization_sessions\n WHERE upstream_oauth_provider_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "b992283a9b43cbb8f86149f3f55cb47fb628dabd8fadc50e6a5772903f851e1c" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-bbf62633c561706a762089bbab2f76a9ba3e2ed3539ef16accb601fb609c2ec9.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE compat_access_tokens\n SET expires_at = $2\n WHERE compat_access_token_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "bbf62633c561706a762089bbab2f76a9ba3e2ed3539ef16accb601fb609c2ec9" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-c29fa41743811a6ac3a9b952b6ea75d18e914f823902587b63c9f295407144b1.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE users\n SET locked_at = $1\n WHERE user_id = $2\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Timestamptz", 9 | "Uuid" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "c29fa41743811a6ac3a9b952b6ea75d18e914f823902587b63c9f295407144b1" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-c5e7dbb22488aca427b85b3415bd1f1a1766ff865f2e08a5daa095d2a1ccbd56.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE oauth2_authorization_grants\n SET exchanged_at = $2\n WHERE oauth2_authorization_grant_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "c5e7dbb22488aca427b85b3415bd1f1a1766ff865f2e08a5daa095d2a1ccbd56" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-c68b28232b42a62907709403caafe1cc5267780232cd615468d50f5c0af2bedb.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n DELETE FROM oauth2_access_tokens\n WHERE revoked_at < $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Timestamptz" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "c68b28232b42a62907709403caafe1cc5267780232cd615468d50f5c0af2bedb" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-cc60ad934d347fb4546205d1fe07e9d2f127cb15b1bb650d1ea3805a4c55b196.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n DELETE FROM upstream_oauth_links\n WHERE upstream_oauth_link_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "cc60ad934d347fb4546205d1fe07e9d2f127cb15b1bb650d1ea3805a4c55b196" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-d26e42d9fd2b2ee3cf9702c1666d83e7cffa26b320ae1442c7f3e22376c4a4ee.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE oauth2_device_code_grant\n SET fulfilled_at = $1\n , user_session_id = $2\n WHERE oauth2_device_code_grant_id = $3\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Timestamptz", 9 | "Uuid", 10 | "Uuid" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "d26e42d9fd2b2ee3cf9702c1666d83e7cffa26b320ae1442c7f3e22376c4a4ee" 16 | } 17 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-dbf4be84eeff9ea51b00185faae2d453ab449017ed492bf6711dc7fceb630880.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE user_sessions\n SET finished_at = $1\n WHERE user_session_id = $2\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Timestamptz", 9 | "Uuid" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "dbf4be84eeff9ea51b00185faae2d453ab449017ed492bf6711dc7fceb630880" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-dd02cc4a48123c28b34da8501060096c33df9e30611ef89d01bf0502119cbbe1.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE user_email_authentications\n SET completed_at = $2\n WHERE user_email_authentication_id = $1\n AND completed_at IS NULL\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "dd02cc4a48123c28b34da8501060096c33df9e30611ef89d01bf0502119cbbe1" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-e291be0434ab9c346dee777e50f8e601f12c8003fe93a5ecb110d02642d14c3c.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO queue_jobs\n (queue_job_id, queue_name, payload, metadata, created_at)\n VALUES ($1, $2, $3, $4, $5)\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Text", 10 | "Jsonb", 11 | "Jsonb", 12 | "Timestamptz" 13 | ] 14 | }, 15 | "nullable": [] 16 | }, 17 | "hash": "e291be0434ab9c346dee777e50f8e601f12c8003fe93a5ecb110d02642d14c3c" 18 | } 19 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-e68a7084d44462d19f30902d7e6c1bd60bb771c6f075df15ab0137a7ffc896da.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n SELECT pg_advisory_xact_lock($1)\n ", 4 | "describe": { 5 | "columns": [ 6 | { 7 | "ordinal": 0, 8 | "name": "pg_advisory_xact_lock", 9 | "type_info": "Void" 10 | } 11 | ], 12 | "parameters": { 13 | "Left": [ 14 | "Int8" 15 | ] 16 | }, 17 | "nullable": [ 18 | null 19 | ] 20 | }, 21 | "hash": "e68a7084d44462d19f30902d7e6c1bd60bb771c6f075df15ab0137a7ffc896da" 22 | } 23 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-e8e48db74ac1ab5baa1e4b121643cfa33a0bf3328df6e869464fe7f31429b81e.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE compat_sso_logins\n SET\n exchanged_at = $2,\n compat_session_id = $3\n WHERE\n compat_sso_login_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz", 10 | "Uuid" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "e8e48db74ac1ab5baa1e4b121643cfa33a0bf3328df6e869464fe7f31429b81e" 16 | } 17 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-eb095f64bec5ac885683a8c6708320760971317c4519fae7af9d44e2be50985d.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE compat_sessions\n SET human_name = $2\n WHERE compat_session_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Text" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "eb095f64bec5ac885683a8c6708320760971317c4519fae7af9d44e2be50985d" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-f41f76c94cd68fca2285b1cc60f426603c84df4ef1c6ce5dc441a63d2dc46f6e.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO user_sessions (user_session_id, user_id, created_at, user_agent)\n VALUES ($1, $2, $3, $4)\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Uuid", 10 | "Timestamptz", 11 | "Text" 12 | ] 13 | }, 14 | "nullable": [] 15 | }, 16 | "hash": "f41f76c94cd68fca2285b1cc60f426603c84df4ef1c6ce5dc441a63d2dc46f6e" 17 | } 18 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-f50b7fb5a2c09e7b7e89e2addb0ca42c790c101a3fc9442862b5885d5116325a.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE queue_jobs\n SET\n status = 'failed',\n failed_at = $1,\n failed_reason = $2\n WHERE\n queue_job_id = $3\n AND status = 'running'\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Timestamptz", 9 | "Text", 10 | "Uuid" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "f50b7fb5a2c09e7b7e89e2addb0ca42c790c101a3fc9442862b5885d5116325a" 16 | } 17 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-f75e44b528234dac708640ad9a111f3f6b468a91bf0d5b574795bf8c80605f19.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE compat_refresh_tokens\n SET consumed_at = $2\n WHERE compat_session_id = $1\n AND consumed_at IS NULL\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz" 10 | ] 11 | }, 12 | "nullable": [] 13 | }, 14 | "hash": "f75e44b528234dac708640ad9a111f3f6b468a91bf0d5b574795bf8c80605f19" 15 | } 16 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-f8182fd162ffb018d4f102fa7ddbc9991135065e81af8f77b5beef9405607577.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO queue_schedules (schedule_name)\n SELECT * FROM UNNEST($1::text[]) AS t (schedule_name)\n ON CONFLICT (schedule_name) DO NOTHING\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "TextArray" 9 | ] 10 | }, 11 | "nullable": [] 12 | }, 13 | "hash": "f8182fd162ffb018d4f102fa7ddbc9991135065e81af8f77b5beef9405607577" 14 | } 15 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-fe7bd146523e4bb321cb234d6bf9f3005b55c654897a8e46dc933c7fd2263c7c.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n DELETE FROM queue_leader\n WHERE expires_at < NOW()\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [] 8 | }, 9 | "nullable": [] 10 | }, 11 | "hash": "fe7bd146523e4bb321cb234d6bf9f3005b55c654897a8e46dc933c7fd2263c7c" 12 | } 13 | -------------------------------------------------------------------------------- /crates/storage-pg/.sqlx/query-ffbfef8b7e72ec4bae02b6bbe862980b5fe575ae8432a000e9c4e4307caa2d9b.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n UPDATE oauth2_refresh_tokens\n SET consumed_at = $2,\n next_oauth2_refresh_token_id = $3\n WHERE oauth2_refresh_token_id = $1\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Uuid", 9 | "Timestamptz", 10 | "Uuid" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "ffbfef8b7e72ec4bae02b6bbe862980b5fe575ae8432a000e9c4e4307caa2d9b" 16 | } 17 | -------------------------------------------------------------------------------- /crates/storage-pg/build.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2021-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | fn main() { 8 | // trigger recompilation when a new migration is added 9 | println!("cargo:rerun-if-changed=migrations"); 10 | } 11 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20241007160050_oidc_login_hint.sql: -------------------------------------------------------------------------------- 1 | -- Add login_hint to oauth2_authorization_grants 2 | ALTER TABLE "oauth2_authorization_grants" 3 | ADD COLUMN "login_hint" TEXT; 4 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20241115163340_upstream_oauth2_response_mode.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2024 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Add the response_mode column to the upstream_oauth_providers table 7 | ALTER TABLE "upstream_oauth_providers" 8 | ADD COLUMN "response_mode" text NOT NULL DEFAULT 'query'; 9 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20241118115314_upstream_oauth2_extra_query_params.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2024 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Add a column to the upstream_oauth_authorization_sessions table to store 7 | -- extra query parameters 8 | ALTER TABLE "upstream_oauth_authorization_sessions" 9 | ADD COLUMN "extra_callback_parameters" JSONB; 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20241122130349_queue_job_scheduled.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2024 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Add a new status for scheduled jobs 7 | ALTER TYPE "queue_job_status" ADD VALUE 'scheduled'; 8 | 9 | ALTER TABLE "queue_jobs" 10 | -- When the job is scheduled to run 11 | ADD COLUMN "scheduled_at" TIMESTAMP WITH TIME ZONE; 12 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20241122133435_queue_job_scheduled_index.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2024 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Add a partial index on scheduled jobs 7 | CREATE INDEX "queue_jobs_scheduled_at_idx" 8 | ON "queue_jobs" ("scheduled_at") 9 | WHERE "status" = 'scheduled'; 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20241124145741_upstream_oauth_userinfo.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2024 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Add columms to upstream_oauth_providers and upstream_oauth_authorization_sessions 7 | -- table to handle userinfo endpoint. 8 | ALTER TABLE "upstream_oauth_providers" 9 | ADD COLUMN "fetch_userinfo" BOOLEAN NOT NULL DEFAULT FALSE, 10 | ADD COLUMN "userinfo_endpoint_override" TEXT; 11 | 12 | ALTER TABLE "upstream_oauth_authorization_sessions" 13 | ADD COLUMN "userinfo" JSONB; 14 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20241129091057_upstream_oauth2_link_account_name.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2024 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Add the human_account_name column to the upstream_oauth_links table to store 7 | -- a human-readable name for the upstream account 8 | ALTER TABLE "upstream_oauth_links" 9 | ADD COLUMN "human_account_name" TEXT; 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20241202123523_upstream_oauth_responses_alg.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2024 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Add columns to upstream_oauth_providers to specify the 7 | -- expected signing algorithm for the endpoint JWT responses. 8 | ALTER TABLE "upstream_oauth_providers" 9 | ADD COLUMN "id_token_signed_response_alg" TEXT NOT NULL DEFAULT 'RS256', 10 | ADD COLUMN "userinfo_signed_response_alg" TEXT; 11 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20241210115428_oauth_refresh_token_track_next.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2024 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Add a reference to the 'next' refresh token when it was consumed and replaced 7 | ALTER TABLE oauth2_refresh_tokens 8 | ADD COLUMN "next_oauth2_refresh_token_id" UUID 9 | REFERENCES oauth2_refresh_tokens (oauth2_refresh_token_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20241210133651_oauth2_access_token_first_used.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2024 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Track when the access token was first used. A NULL value means it was never used. 7 | ALTER TABLE oauth2_access_tokens 8 | ADD COLUMN "first_used_at" TIMESTAMP WITH TIME ZONE; 9 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20241212154426_oauth2_response_mode_null.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2024 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Drop not null requirement on response mode, so we can ignore this query parameter. 7 | ALTER TABLE "upstream_oauth_providers" ALTER COLUMN "response_mode" DROP NOT NULL; 8 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20241213180524_upstream_oauth_optional_issuer.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2024 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Make the issuer field in the upstream_oauth_providers table optional 7 | ALTER TABLE "upstream_oauth_providers" 8 | ALTER COLUMN "issuer" DROP NOT NULL; 9 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250114135939_allow_deviceless_compat_sessions.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Drop the `NOT NULL` requirement on compat sessions, so we can import device-less access tokens from Synapse. 7 | ALTER TABLE compat_sessions ALTER COLUMN device_id DROP NOT NULL; 8 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250115155255_cleanup_unverified_emails.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- This drops all the unverified email addresses from the database, as they are 7 | -- now always verified when they land in the user_emails table. 8 | -- We don't drop the `confirmed_at` column to allow rolling back 9 | 10 | -- First, truncate all the confirmation codes 11 | TRUNCATE TABLE user_email_confirmation_codes; 12 | 13 | -- Then, delete all the unverified email addresses 14 | DELETE FROM user_emails WHERE confirmed_at IS NULL; 15 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250129154003_compat_sessions_device_name.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | ALTER TABLE compat_sessions 7 | -- Stores a human-readable name for the device. 8 | -- syn2mas behaviour: Will be populated from the device name in Synapse. 9 | ADD COLUMN human_name TEXT; 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250130170011_user_is_guest.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | ALTER TABLE users 7 | -- Track whether users are guests. 8 | -- Although guest support is not present in MAS yet, syn2mas should import 9 | -- these users and therefore we should track their state. 10 | ADD COLUMN is_guest BOOLEAN NOT NULL DEFAULT FALSE; 11 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250225091000_dynamic_policy_data.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Add a table which stores the latest policy data 7 | -- 8 | -- Every time the policy data is updated, it creates a new row, so that we keep 9 | -- an history of the policy data, trace back which version of the data was used 10 | -- on each evaluation. 11 | CREATE TABLE IF NOT EXISTS policy_data ( 12 | policy_data_id UUID PRIMARY KEY, 13 | created_at TIMESTAMP WITH TIME ZONE NOT NULL, 14 | data JSONB NOT NULL 15 | ); 16 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250311093145_user_deactivated_at.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | ALTER TABLE users 7 | -- Track when a user was deactivated. 8 | ADD COLUMN deactivated_at TIMESTAMP WITH TIME ZONE; 9 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250312094013_upstream_oauth2_providers_order.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Adds a column to track the 'UI order' of the upstream OAuth2 providers, so 7 | -- that they can be consistently displayed in the UI 8 | ALTER TABLE upstream_oauth_providers 9 | ADD COLUMN ui_order INTEGER NOT NULL DEFAULT 0; 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250317151803_upstream_oauth_session_unlinked_at.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | ALTER TABLE upstream_oauth_authorization_sessions 7 | ADD COLUMN unlinked_at TIMESTAMP WITH TIME ZONE; 8 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250325102310_oauth2_clients_hash.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Adds a column which stores a hash of the client metadata, so that we can 7 | -- deduplicate client registrations 8 | -- 9 | -- This hash is a SHA-256 hash of the JSON-encoded client metadata. Note that we 10 | -- don't retroactively hash existing clients, so this will only be populated for 11 | -- new clients. 12 | ALTER TABLE oauth2_clients 13 | ADD COLUMN metadata_digest TEXT UNIQUE; 14 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000000_idx_compat_access_tokens_session_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | compat_access_tokens_session_fk 9 | ON compat_access_tokens (compat_session_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000001_idx_compat_refresh_tokens_session_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | compat_refresh_tokens_session_fk 9 | ON compat_refresh_tokens (compat_session_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000002_idx_compat_refresh_tokens_access_token_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | compat_refresh_tokens_access_token_fk 9 | ON compat_refresh_tokens (compat_access_token_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000003_idx_compat_sessions_user_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | -- Including the `last_active_at` column lets us effeciently filter in-memory 8 | -- for those sessions without fetching the rows, and without including it in the 9 | -- index btree 10 | CREATE INDEX CONCURRENTLY 11 | compat_sessions_user_fk 12 | ON compat_sessions (user_id) 13 | INCLUDE (last_active_at); 14 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000004_idx_compat_sessions_user_session_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | compat_sessions_user_session_fk 9 | ON compat_sessions (user_session_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000005_drop_compat_sessions_user_id_last_active_at.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | -- Redundant with the `compat_sessions_user_fk` 8 | DROP INDEX IF EXISTS compat_sessions_user_id_last_active_at; 9 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000006_idx_compat_sso_logins_session_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | compat_sso_logins_session_fk 9 | ON compat_sso_logins (compat_session_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000007_idx_oauth2_access_tokens_session_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | oauth2_access_tokens_session_fk 9 | ON oauth2_access_tokens (oauth2_session_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000008_idx_oauth2_authorization_grants_session_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | oauth2_authorization_grants_session_fk 9 | ON oauth2_authorization_grants (oauth2_session_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000009_idx_oauth2_authorization_grants_client_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | oauth2_authorization_grants_client_fk 9 | ON oauth2_authorization_grants (oauth2_client_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000010_idx_oauth2_consents_client_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | oauth2_consents_client_fk 9 | ON oauth2_consents (oauth2_client_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000011_idx_oauth2_consents_user_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | oauth2_consents_user_fk 9 | ON oauth2_consents (user_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000012_idx_oauth2_device_code_grants_client_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | oauth2_device_code_grants_client_fk 9 | ON oauth2_device_code_grant (oauth2_client_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000013_idx_oauth2_device_code_grants_session_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | oauth2_device_code_grants_session_fk 9 | ON oauth2_device_code_grant (oauth2_session_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000014_idx_oauth2_device_code_grants_user_session_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | oauth2_device_code_grants_user_session_fk 9 | ON oauth2_device_code_grant (user_session_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000015_idx_oauth2_refresh_tokens_session_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | oauth2_refresh_tokens_session_fk 9 | ON oauth2_refresh_tokens (oauth2_session_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000016_idx_oauth2_refresh_tokens_access_token_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | oauth2_refresh_tokens_access_token_fk 9 | ON oauth2_refresh_tokens (oauth2_access_token_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000017_idx_oauth2_refresh_tokens_next_refresh_token_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | oauth2_refresh_tokens_next_refresh_token_fk 9 | ON oauth2_refresh_tokens (next_oauth2_refresh_token_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000018_idx_oauth2_sessions_user_session_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | oauth2_sessions_user_session_fk 9 | ON oauth2_sessions (user_session_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000019_idx_oauth2_sessions_client_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | oauth2_sessions_client_fk 9 | ON oauth2_sessions (oauth2_client_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000020_idx_oauth2_sessions_user_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | -- Including the `last_active_at` column lets us effeciently filter in-memory 8 | -- for those sessions without fetching the rows, and without including it in the 9 | -- index btree 10 | CREATE INDEX CONCURRENTLY 11 | oauth2_sessions_user_fk 12 | ON oauth2_sessions (user_id) 13 | INCLUDE (last_active_at); 14 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000021_drop_oauth2_sessions_user_id_last_active_at.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | -- Redundant with the `oauth2_sessions_user_fk` 8 | DROP INDEX IF EXISTS oauth2_sessions_user_id_last_active_at; 9 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000022_idx_queue_jobs_started_by_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | queue_jobs_started_by_fk 9 | ON queue_jobs (started_by); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000023_idx_queue_jobs_next_attempt_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | queue_jobs_next_attempt_fk 9 | ON queue_jobs (next_attempt_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000024_idx_queue_jobs_schedule_name_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | queue_jobs_schedule_name_fk 9 | ON queue_jobs (schedule_name); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000025_idx_upstream_oauth_authorization_sessions_provider_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | upstream_oauth_authorization_sessions_provider_fk 9 | ON upstream_oauth_authorization_sessions (upstream_oauth_provider_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000026_idx_upstream_oauth_authorization_sessions_link_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | upstream_oauth_authorization_sessions_link_fk 9 | ON upstream_oauth_authorization_sessions (upstream_oauth_link_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000027_idx_upstream_oauth_links_provider_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | upstream_oauth_links_provider_fk 9 | ON upstream_oauth_links (upstream_oauth_provider_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000028_idx_upstream_oauth_links_user_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | upstream_oauth_links_user_fk 9 | ON upstream_oauth_links (user_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000029_idx_user_email_authentication_codes_authentication_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | user_email_authentication_codes_authentication_fk 9 | ON user_email_authentication_codes (user_email_authentication_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000030_idx_user_email_authentications_user_session_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | user_email_authentications_user_session_fk 9 | ON user_email_authentications (user_session_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000031_idx_user_email_authentications_user_registration_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | user_email_authentications_user_registration_fk 9 | ON user_email_authentications (user_registration_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000032_idx_user_emails_user_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | user_emails_user_fk 9 | ON user_emails (user_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000033_idx_user_emails_email_idx.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | -- This isn't a foreign key, but we really need that to be indexed 8 | CREATE INDEX CONCURRENTLY 9 | user_emails_email_idx 10 | ON user_emails (email); 11 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000034_idx_user_passwords_user_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | user_passwords_user_fk 9 | ON user_passwords (user_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000035_idx_user_recovery_tickets_session_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | user_recovery_tickets_session_fk 9 | ON user_recovery_tickets (user_recovery_session_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000036_idx_user_recovery_tickets_user_email_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | user_recovery_tickets_user_email_fk 9 | ON user_recovery_tickets (user_email_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000037_idx_user_registrations_email_authentication_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | user_registrations_email_authentication_fk 9 | ON user_registrations (email_authentication_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000038_idx_user_session_authentications_user_session_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | user_session_authentications_user_session_fk 9 | ON user_session_authentications (user_session_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000039_idx_user_session_authentications_user_password_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | user_session_authentications_user_password_fk 9 | ON user_session_authentications (user_password_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000040_idx_user_session_authentications_upstream_oauth_session_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | user_session_authentications_upstream_oauth_session_fk 9 | ON user_session_authentications (upstream_oauth_authorization_session_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000041_idx_user_sessions_user_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | -- Including the `last_active_at` column lets us effeciently filter in-memory 8 | -- for those sessions without fetching the rows, and without including it in the 9 | -- index btree 10 | CREATE INDEX CONCURRENTLY 11 | user_sessions_user_fk 12 | ON user_sessions (user_id) 13 | INCLUDE (last_active_at); 14 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000042_drop_user_sessions_user_id_last_active_at.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | -- Redundant with the `user_sessions_user_fk` 8 | DROP INDEX IF EXISTS user_sessions_user_id_last_active_at; 9 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000043_idx_user_terms_user_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | CREATE INDEX CONCURRENTLY 8 | user_terms_user_fk 9 | ON user_terms (user_id); 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000044_idx_users_primary_email_fk.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | -- We don't use this column anymore, but… it will still tank the performance on 8 | -- deletions of user_emails if we don't have it 9 | CREATE INDEX CONCURRENTLY 10 | users_primary_email_fk 11 | ON users (primary_user_email_id); 12 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410000045_idx_user_recovery_tickets_ticket_idx.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | -- This isn't a foreign key, but we really need that to be indexed 8 | CREATE INDEX CONCURRENTLY 9 | user_recovery_tickets_ticket_idx 10 | ON user_recovery_tickets (ticket); 11 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410121612_users_lower_username_idx.sql: -------------------------------------------------------------------------------- 1 | -- no-transaction 2 | -- Copyright 2025 New Vector Ltd. 3 | -- 4 | -- SPDX-License-Identifier: AGPL-3.0-only 5 | -- Please see LICENSE in the repository root for full details. 6 | 7 | -- Create an index on the username column, lower-cased, so that we can lookup 8 | -- usernames in a case-insensitive manner. 9 | CREATE INDEX CONCURRENTLY users_lower_username_idx 10 | ON users (LOWER(username)); 11 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250410174306_oauth2_authorization_default_requires_consent.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- We stopped reading/writing to this column, but it's not nullable. 7 | -- So we need to add a default value, and drop it in the next release 8 | ALTER TABLE oauth2_authorization_grants 9 | ALTER COLUMN requires_consent SET DEFAULT false; 10 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250424150930_oauth2_grants_locale.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Track the locale of the user which asked for the authorization grant 7 | ALTER TABLE oauth2_authorization_grants 8 | ADD COLUMN locale TEXT; 9 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250425113717_oauth2_session_human_name.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Add a user-provided human name to OAuth 2.0 sessions 7 | ALTER TABLE oauth2_sessions 8 | ADD COLUMN human_name TEXT; 9 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250506161158_upstream_oauth2_forward_login_hint.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Add the forward_login_hint column to the upstream_oauth_providers table 7 | ALTER TABLE "upstream_oauth_providers" 8 | ADD COLUMN "forward_login_hint" BOOLEAN NOT NULL DEFAULT FALSE; 9 | -------------------------------------------------------------------------------- /crates/storage-pg/migrations/20250507131948_upstream_oauth_session_optional_nonce.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Make the nonce column optional on the upstream oauth sessions 7 | ALTER TABLE "upstream_oauth_authorization_sessions" 8 | ALTER COLUMN "nonce" DROP NOT NULL; 9 | -------------------------------------------------------------------------------- /crates/storage-pg/src/queue/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // 3 | // SPDX-License-Identifier: AGPL-3.0-only 4 | // Please see LICENSE in the repository root for full details. 5 | 6 | //! A module containing the PostgreSQL implementation of the job queue 7 | 8 | pub mod job; 9 | pub mod schedule; 10 | pub mod worker; 11 | -------------------------------------------------------------------------------- /crates/storage/src/compat/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | //! Repositories to interact with entities of the compatibility layer 8 | 9 | mod access_token; 10 | mod refresh_token; 11 | mod session; 12 | mod sso_login; 13 | 14 | pub use self::{ 15 | access_token::CompatAccessTokenRepository, 16 | refresh_token::CompatRefreshTokenRepository, 17 | session::{CompatSessionFilter, CompatSessionRepository}, 18 | sso_login::{CompatSsoLoginFilter, CompatSsoLoginRepository}, 19 | }; 20 | -------------------------------------------------------------------------------- /crates/storage/src/queue/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // 3 | // SPDX-License-Identifier: AGPL-3.0-only 4 | // Please see LICENSE in the repository root for full details. 5 | 6 | //! A module containing repositories for the job queue 7 | 8 | mod job; 9 | mod schedule; 10 | mod tasks; 11 | mod worker; 12 | 13 | pub use self::{ 14 | job::{InsertableJob, Job, JobMetadata, QueueJobRepository, QueueJobRepositoryExt}, 15 | schedule::{QueueScheduleRepository, ScheduleStatus}, 16 | tasks::*, 17 | worker::{QueueWorkerRepository, Worker}, 18 | }; 19 | -------------------------------------------------------------------------------- /crates/storage/src/upstream_oauth2/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | //! Repositories to interact with entities related to the upstream OAuth 2.0 8 | //! providers 9 | 10 | mod link; 11 | mod provider; 12 | mod session; 13 | 14 | pub use self::{ 15 | link::{UpstreamOAuthLinkFilter, UpstreamOAuthLinkRepository}, 16 | provider::{ 17 | UpstreamOAuthProviderFilter, UpstreamOAuthProviderParams, UpstreamOAuthProviderRepository, 18 | }, 19 | session::UpstreamOAuthSessionRepository, 20 | }; 21 | -------------------------------------------------------------------------------- /crates/syn2mas/.sqlx/query-07ec66733b67a9990cc9d483b564c8d05c577cf8f049d8822746c7d1dbd23752.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO syn2mas_restore_indices (name, table_name, definition)\n VALUES ($1, $2, $3)\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Text", 9 | "Text", 10 | "Text" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "07ec66733b67a9990cc9d483b564c8d05c577cf8f049d8822746c7d1dbd23752" 16 | } 17 | -------------------------------------------------------------------------------- /crates/syn2mas/.sqlx/query-204cf4811150a7fdeafa9373647a9cd62ac3c9e58155882858c6056e2ef6c30d.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO syn2mas__user_unsupported_third_party_ids\n (user_id, medium, address, created_at)\n SELECT * FROM UNNEST($1::UUID[], $2::TEXT[], $3::TEXT[], $4::TIMESTAMP WITH TIME ZONE[])\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "UuidArray", 9 | "TextArray", 10 | "TextArray", 11 | "TimestamptzArray" 12 | ] 13 | }, 14 | "nullable": [] 15 | }, 16 | "hash": "204cf4811150a7fdeafa9373647a9cd62ac3c9e58155882858c6056e2ef6c30d" 17 | } 18 | -------------------------------------------------------------------------------- /crates/syn2mas/.sqlx/query-69aa96208513c3ea64a446c7739747fcb5e79d7e8c1212b2a679c3bde908ce93.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n INSERT INTO syn2mas_restore_constraints (name, table_name, definition)\n VALUES ($1, $2, $3)\n ", 4 | "describe": { 5 | "columns": [], 6 | "parameters": { 7 | "Left": [ 8 | "Text", 9 | "Text", 10 | "Text" 11 | ] 12 | }, 13 | "nullable": [] 14 | }, 15 | "hash": "69aa96208513c3ea64a446c7739747fcb5e79d7e8c1212b2a679c3bde908ce93" 16 | } 17 | -------------------------------------------------------------------------------- /crates/syn2mas/.sqlx/query-b27828d7510d52456b50b4c4b9712878ee329ca72070d849eb61ac9c8f9d1c76.json: -------------------------------------------------------------------------------- 1 | { 2 | "db_name": "PostgreSQL", 3 | "query": "\n SELECT 1 AS _dummy FROM pg_tables WHERE schemaname = current_schema\n AND tablename = ANY($1)\n ", 4 | "describe": { 5 | "columns": [ 6 | { 7 | "ordinal": 0, 8 | "name": "_dummy", 9 | "type_info": "Int4" 10 | } 11 | ], 12 | "parameters": { 13 | "Left": [ 14 | "NameArray" 15 | ] 16 | }, 17 | "nullable": [ 18 | null 19 | ] 20 | }, 21 | "hash": "b27828d7510d52456b50b4c4b9712878ee329ca72070d849eb61ac9c8f9d1c76" 22 | } 23 | -------------------------------------------------------------------------------- /crates/syn2mas/src/mas_writer/fixtures/upstream_provider.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2024, 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | INSERT INTO upstream_oauth_providers 7 | ( 8 | upstream_oauth_provider_id, 9 | scope, 10 | client_id, 11 | token_endpoint_auth_method, 12 | created_at 13 | ) 14 | VALUES 15 | ( 16 | '00000000-0000-0000-0000-000000000004', 17 | 'openid', 18 | 'someClientId', 19 | 'client_secret_basic', 20 | '2011-12-13 14:15:16Z' 21 | ); 22 | -------------------------------------------------------------------------------- /crates/syn2mas/src/mas_writer/snapshots/syn2mas__mas_writer__test__write_user.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/syn2mas/src/mas_writer/mod.rs 3 | expression: db_snapshot 4 | --- 5 | users: 6 | - can_request_admin: "false" 7 | created_at: "1970-01-01 00:00:00+00" 8 | deactivated_at: ~ 9 | is_guest: "false" 10 | locked_at: ~ 11 | primary_user_email_id: ~ 12 | user_id: 00000000-0000-0000-0000-000000000001 13 | username: alice 14 | -------------------------------------------------------------------------------- /crates/syn2mas/src/mas_writer/snapshots/syn2mas__mas_writer__test__write_user_with_email.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/syn2mas/src/mas_writer/mod.rs 3 | expression: db_snapshot 4 | --- 5 | user_emails: 6 | - confirmed_at: "1970-01-01 00:00:00+00" 7 | created_at: "1970-01-01 00:00:00+00" 8 | email: alice@example.org 9 | user_email_id: 00000000-0000-0000-0000-000000000002 10 | user_id: 00000000-0000-0000-0000-000000000001 11 | users: 12 | - can_request_admin: "false" 13 | created_at: "1970-01-01 00:00:00+00" 14 | deactivated_at: ~ 15 | is_guest: "false" 16 | locked_at: ~ 17 | primary_user_email_id: ~ 18 | user_id: 00000000-0000-0000-0000-000000000001 19 | username: alice 20 | -------------------------------------------------------------------------------- /crates/syn2mas/src/mas_writer/snapshots/syn2mas__mas_writer__test__write_user_with_password.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/syn2mas/src/mas_writer/mod.rs 3 | expression: db_snapshot 4 | --- 5 | user_passwords: 6 | - created_at: "1970-01-01 00:00:00+00" 7 | hashed_password: $bcrypt$aaaaaaaaaaa 8 | upgraded_from_id: ~ 9 | user_id: 00000000-0000-0000-0000-000000000001 10 | user_password_id: 00000000-0000-0000-0000-00000000002a 11 | version: "1" 12 | users: 13 | - can_request_admin: "false" 14 | created_at: "1970-01-01 00:00:00+00" 15 | deactivated_at: ~ 16 | is_guest: "false" 17 | locked_at: ~ 18 | primary_user_email_id: ~ 19 | user_id: 00000000-0000-0000-0000-000000000001 20 | username: alice 21 | -------------------------------------------------------------------------------- /crates/syn2mas/src/mas_writer/snapshots/syn2mas__mas_writer__test__write_user_with_unsupported_threepid.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/syn2mas/src/mas_writer/mod.rs 3 | expression: db_snapshot 4 | --- 5 | user_unsupported_third_party_ids: 6 | - address: "441189998819991197253" 7 | created_at: "1970-01-01 00:00:00+00" 8 | medium: msisdn 9 | user_id: 00000000-0000-0000-0000-000000000001 10 | users: 11 | - can_request_admin: "false" 12 | created_at: "1970-01-01 00:00:00+00" 13 | deactivated_at: ~ 14 | is_guest: "false" 15 | locked_at: ~ 16 | primary_user_email_id: ~ 17 | user_id: 00000000-0000-0000-0000-000000000001 18 | username: alice 19 | -------------------------------------------------------------------------------- /crates/syn2mas/src/synapse_reader/fixtures/access_token_alice.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2024, 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | INSERT INTO access_tokens 7 | ( 8 | id, 9 | user_id, 10 | device_id, 11 | token 12 | ) 13 | VALUES 14 | ( 15 | 42, 16 | '@alice:example.com', 17 | 'ADEVICE', 18 | 'syt_aaaaaaaaaaaaaa_aaaa' 19 | ); 20 | -------------------------------------------------------------------------------- /crates/syn2mas/src/synapse_reader/fixtures/access_token_alice_with_puppet.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2024, 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | INSERT INTO access_tokens 7 | ( 8 | id, 9 | user_id, 10 | device_id, 11 | token, 12 | puppets_user_id 13 | ) 14 | VALUES 15 | ( 16 | 42, 17 | '@alice:example.com', 18 | NULL, 19 | 'syt_pupupupupup_eett', 20 | '@bob:example.com' 21 | ); 22 | -------------------------------------------------------------------------------- /crates/syn2mas/src/synapse_reader/fixtures/external_ids_alice.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2024, 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | INSERT INTO user_external_ids 7 | ( 8 | user_id, 9 | auth_provider, 10 | external_id 11 | ) 12 | VALUES 13 | ( 14 | '@alice:example.com', 15 | 'oidc-raasu', 16 | '871.syn30' 17 | ); 18 | -------------------------------------------------------------------------------- /crates/syn2mas/src/synapse_reader/fixtures/threepids_alice.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2024, 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | INSERT INTO user_threepids 7 | ( 8 | user_id, 9 | medium, 10 | address, 11 | validated_at, 12 | added_at 13 | ) 14 | VALUES 15 | ( 16 | '@alice:example.com', 17 | 'email', 18 | 'alice@example.com', 19 | 1554228492026, 20 | 1554228549014 21 | ), 22 | ( 23 | '@alice:example.com', 24 | 'msisdn', 25 | '441189998819991197253', 26 | 1555228492026, 27 | 1555228549014 28 | ); 29 | -------------------------------------------------------------------------------- /crates/syn2mas/src/synapse_reader/snapshots/syn2mas__synapse_reader__test__read_access_and_refresh_tokens.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/syn2mas/src/synapse_reader/mod.rs 3 | expression: refresh_tokens 4 | --- 5 | { 6 | SynapseRefreshableTokenPair { 7 | user_id: FullUserId( 8 | "@alice:example.com", 9 | ), 10 | device_id: "ADEVICE", 11 | access_token: "syt_AAAAAAAAAAAAAA_AAAA", 12 | refresh_token: "syr_cccccccccccc_cccc", 13 | valid_until_ms: None, 14 | last_validated: None, 15 | }, 16 | } 17 | -------------------------------------------------------------------------------- /crates/syn2mas/src/synapse_reader/snapshots/syn2mas__synapse_reader__test__read_access_token.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/syn2mas/src/synapse_reader/mod.rs 3 | expression: access_tokens 4 | --- 5 | { 6 | SynapseAccessToken { 7 | user_id: FullUserId( 8 | "@alice:example.com", 9 | ), 10 | device_id: Some( 11 | "ADEVICE", 12 | ), 13 | token: "syt_aaaaaaaaaaaaaa_aaaa", 14 | valid_until_ms: None, 15 | last_validated: None, 16 | }, 17 | } 18 | -------------------------------------------------------------------------------- /crates/syn2mas/src/synapse_reader/snapshots/syn2mas__synapse_reader__test__read_external_ids.snap: -------------------------------------------------------------------------------- 1 | --- 2 | source: crates/syn2mas/src/synapse_reader/mod.rs 3 | expression: external_ids 4 | --- 5 | { 6 | SynapseExternalId { 7 | user_id: FullUserId( 8 | "@alice:example.com", 9 | ), 10 | auth_provider: "oidc-raasu", 11 | external_id: "871.syn30", 12 | }, 13 | } 14 | -------------------------------------------------------------------------------- /crates/syn2mas/src/telemetry.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2025 New Vector Ltd. 2 | // 3 | // SPDX-License-Identifier: AGPL-3.0-only 4 | // Please see LICENSE in the repository root for full details. 5 | 6 | use std::sync::LazyLock; 7 | 8 | use opentelemetry::{InstrumentationScope, metrics::Meter}; 9 | use opentelemetry_semantic_conventions as semcov; 10 | 11 | static SCOPE: LazyLock = LazyLock::new(|| { 12 | InstrumentationScope::builder(env!("CARGO_PKG_NAME")) 13 | .with_version(env!("CARGO_PKG_VERSION")) 14 | .with_schema_url(semcov::SCHEMA_URL) 15 | .build() 16 | }); 17 | 18 | pub static METER: LazyLock = 19 | LazyLock::new(|| opentelemetry::global::meter_with_scope(SCOPE.clone())); 20 | -------------------------------------------------------------------------------- /crates/syn2mas/test_synapse_migrations/20250128141011_threepids.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Brings in the `user_threepids` table from Synapse 7 | 8 | CREATE TABLE user_threepids ( 9 | user_id text NOT NULL, 10 | medium text NOT NULL, 11 | address text NOT NULL, 12 | validated_at bigint NOT NULL, 13 | added_at bigint NOT NULL 14 | ); 15 | -------------------------------------------------------------------------------- /crates/syn2mas/test_synapse_migrations/20250128162513_external_ids.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Brings in the `user_external_ids` table from Synapse 7 | 8 | CREATE TABLE user_external_ids ( 9 | auth_provider text NOT NULL, 10 | external_id text NOT NULL, 11 | user_id text NOT NULL 12 | ); 13 | -------------------------------------------------------------------------------- /crates/syn2mas/test_synapse_migrations/20250129140230_devices.sql: -------------------------------------------------------------------------------- 1 | -- Copyright 2025 New Vector Ltd. 2 | -- 3 | -- SPDX-License-Identifier: AGPL-3.0-only 4 | -- Please see LICENSE in the repository root for full details. 5 | 6 | -- Brings in the `devices` table from Synapse 7 | CREATE TABLE devices ( 8 | user_id text NOT NULL, 9 | device_id text NOT NULL, 10 | display_name text, 11 | last_seen bigint, 12 | ip text, 13 | user_agent text, 14 | hidden boolean DEFAULT false 15 | ); 16 | -------------------------------------------------------------------------------- /crates/tower/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "mas-tower" 3 | description = "Tower layers used by the Matrix Authentication Service" 4 | version.workspace = true 5 | authors.workspace = true 6 | edition.workspace = true 7 | license.workspace = true 8 | homepage.workspace = true 9 | repository.workspace = true 10 | 11 | [lints] 12 | workspace = true 13 | 14 | [dependencies] 15 | http.workspace = true 16 | tracing.workspace = true 17 | tracing-opentelemetry.workspace = true 18 | tower.workspace = true 19 | opentelemetry.workspace = true 20 | opentelemetry-http.workspace = true 21 | opentelemetry-semantic-conventions.workspace = true 22 | pin-project-lite.workspace = true 23 | -------------------------------------------------------------------------------- /crates/tower/src/metrics/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | mod duration; 8 | mod in_flight; 9 | mod make_attributes; 10 | 11 | pub use self::{ 12 | duration::{DurationRecorderFuture, DurationRecorderLayer, DurationRecorderService}, 13 | in_flight::{InFlightCounterLayer, InFlightCounterService, InFlightFuture}, 14 | make_attributes::{MetricsAttributes, metrics_attributes_fn}, 15 | }; 16 | -------------------------------------------------------------------------------- /crates/tower/src/tracing/mod.rs: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | mod enrich_span; 8 | mod future; 9 | mod layer; 10 | mod make_span; 11 | mod service; 12 | 13 | pub use self::{ 14 | enrich_span::{EnrichSpan, enrich_span_fn}, 15 | future::TraceFuture, 16 | layer::TraceLayer, 17 | make_span::{MakeSpan, make_span_fn}, 18 | service::TraceService, 19 | }; 20 | -------------------------------------------------------------------------------- /docs/as-login.md: -------------------------------------------------------------------------------- 1 | # About Application Services login 2 | 3 | Encrypted Application Services/Bridges currently leverage the `m.login.application_service` login type to create devices for users. 4 | This API is *not* available in the Matrix Authentication Service. 5 | 6 | We're working on a solution to support this use case, but in the meantime, this means **encrypted bridges will not work with the Matrix Authentication Service.** 7 | A workaround is to disable E2EE support in your bridge setup. 8 | -------------------------------------------------------------------------------- /docs/reference/cli/database.md: -------------------------------------------------------------------------------- 1 | # `database` 2 | 3 | Run database-related operations 4 | 5 | Global options: 6 | - `--config `: Path to the configuration file. 7 | - `--help`: Print help. 8 | 9 | ## `database migrate` 10 | 11 | Run the pending database migrations. 12 | 13 | ``` 14 | $ mas-cli database migrate 15 | ``` -------------------------------------------------------------------------------- /docs/reference/cli/doctor.md: -------------------------------------------------------------------------------- 1 | # `doctor` 2 | 3 | Global options: 4 | - `--config `: Path to the configuration file. 5 | - `--help`: Print help. 6 | 7 | ## `doctor` 8 | 9 | Run diagnostics on the live deployment. 10 | This tool should help diagnose common issues with the service configuration and deployment. 11 | 12 | When running this tool, make sure it runs from the same point-of-view as the service, with the same configuration file and environment variables. 13 | 14 | ``` 15 | $ mas-cli doctor 16 | ``` -------------------------------------------------------------------------------- /docs/reference/cli/server.md: -------------------------------------------------------------------------------- 1 | # `server` 2 | 3 | Global options: 4 | - `--config `: Path to the configuration file. 5 | - `--help`: Print help. 6 | 7 | ## `server` 8 | 9 | Runs the authentication service. 10 | 11 | Options: 12 | - `--no-migrate`: Do not apply pending database migrations on start. 13 | - `--no-worker`: Do not start the task worker. 14 | - `--no-sync`: Do not sync the configuration with the database. 15 | 16 | ``` 17 | $ mas-cli server 18 | INFO mas_cli::server: Starting task scheduler 19 | INFO mas_core::templates: Loading builtin templates 20 | INFO mas_cli::server: Listening on http://0.0.0.0:8080 21 | ``` 22 | -------------------------------------------------------------------------------- /docs/reference/cli/worker.md: -------------------------------------------------------------------------------- 1 | # `worker` 2 | 3 | Global options: 4 | - `--config `: Path to the configuration file. 5 | - `--help`: Print help. 6 | 7 | ## `worker` 8 | 9 | Runs the authentication service worker. 10 | 11 | ``` 12 | $ mas-cli worker 13 | ``` 14 | -------------------------------------------------------------------------------- /docs/rustdoc/mas_handlers/README.md: -------------------------------------------------------------------------------- 1 | This is a placeholder which is replaced by the built crates technical documentation when building the documentation. 2 | If you're seeing this, you're probably looking at the documentation source, and should look at the built documentation instead here: 3 | -------------------------------------------------------------------------------- /docs/storybook/README.md: -------------------------------------------------------------------------------- 1 | This is a placeholder which is replaced by the built Storybook when building the documentation. 2 | If you're seeing this, you're probably looking at the documentation source, and should look at the built documentation instead here: -------------------------------------------------------------------------------- /frontend/.browserlistrc: -------------------------------------------------------------------------------- 1 | last 2 Chrome versions, 2 | last 2 Firefox versions, 3 | Firefox ESR, 4 | last 2 Opera versions, 5 | last 2 Safari versions, 6 | last 2 edge version, 7 | not dead 8 | -------------------------------------------------------------------------------- /frontend/.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*] 4 | charset=utf-8 5 | end_of_line = lf 6 | 7 | [*.{ts,tsx,js,cjs,mjs,css,json,graphql}] 8 | indent_style = space 9 | indent_size = 2 10 | insert_final_newline = true 11 | trim_trailing_whitespace = true 12 | -------------------------------------------------------------------------------- /frontend/.gitignore: -------------------------------------------------------------------------------- 1 | /node_modules 2 | /dist 3 | /coverage 4 | -------------------------------------------------------------------------------- /frontend/.postcssrc.json: -------------------------------------------------------------------------------- 1 | { 2 | "plugins": { 3 | "postcss-import": {}, 4 | "tailwindcss/nesting": "postcss-nesting", 5 | "tailwindcss": {}, 6 | "autoprefixer": {} 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /frontend/.storybook/preview-head.html: -------------------------------------------------------------------------------- 1 | 4 | 5 | 10 | -------------------------------------------------------------------------------- /frontend/graphql.config.json: -------------------------------------------------------------------------------- 1 | { 2 | "schema": "./schema.graphql", 3 | "documents": "./src/**/*" 4 | } 5 | -------------------------------------------------------------------------------- /frontend/src/@types/i18next.d.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | import "i18next"; 8 | import type translation from "../../locales/en.json"; 9 | 10 | declare module "i18next" { 11 | interface CustomTypeOptions { 12 | keySeparator: "."; 13 | pluralSeparator: ":"; 14 | defaultNS: "translation"; 15 | resources: { 16 | translation: typeof translation; 17 | }; 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /frontend/src/components/AccountManagementPasswordPreview/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | export { default } from "./AccountManagementPasswordPreview"; 8 | -------------------------------------------------------------------------------- /frontend/src/components/ButtonLink.module.css: -------------------------------------------------------------------------------- 1 | /* Copyright 2024 New Vector Ltd. 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-only 4 | * Please see LICENSE in the repository root for full details. 5 | */ 6 | 7 | /* The weird selector is to have higher specificity than compound-web's button-link */ 8 | a.button-link[href] { 9 | /** This is to undo the following rule in compound-web: 10 | * https://github.com/element-hq/compound-web/blob/6ccb4b6049f3bc8e9739d9452c850ed3c7de49f9/src/components/Button/Button.module.css#L31-L34 11 | */ 12 | inline-size: initial; 13 | } 14 | -------------------------------------------------------------------------------- /frontend/src/components/Collapsible/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | export * from "./Collapsible"; 8 | -------------------------------------------------------------------------------- /frontend/src/components/Dialog/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | export { Close, Dialog, Title, Description } from "./Dialog"; 8 | -------------------------------------------------------------------------------- /frontend/src/components/EmptyState/EmptyState.module.css: -------------------------------------------------------------------------------- 1 | /* Copyright 2024 New Vector Ltd. 2 | * Copyright 2024 The Matrix.org Foundation C.I.C. 3 | * 4 | * SPDX-License-Identifier: AGPL-3.0-only 5 | * Please see LICENSE in the repository root for full details. 6 | */ 7 | 8 | .empty-state { 9 | display: flex; 10 | flex-direction: column; 11 | gap: var(--cpd-space-2x); 12 | padding: var(--cpd-space-4x); 13 | background: var(--cpd-color-gray-200); 14 | color: var(--cpd-color-text-secondary); 15 | font: var(--cpd-font-body-sm-regular); 16 | letter-spacing: var(--cpd-font-letter-spacing-body-sm); 17 | } 18 | -------------------------------------------------------------------------------- /frontend/src/components/EmptyState/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | export { EmptyState as default } from "./EmptyState"; 8 | -------------------------------------------------------------------------------- /frontend/src/components/ExternalLink/ExternalLink.module.css: -------------------------------------------------------------------------------- 1 | /* Copyright 2024 New Vector Ltd. 2 | * Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | * 4 | * SPDX-License-Identifier: AGPL-3.0-only 5 | * Please see LICENSE in the repository root for full details. 6 | */ 7 | 8 | .external-link { 9 | /* override compound style */ 10 | color: var(--cpd-color-text-link-external) !important; 11 | } 12 | -------------------------------------------------------------------------------- /frontend/src/components/Filter/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | export { Filter as default } from "./Filter"; 8 | -------------------------------------------------------------------------------- /frontend/src/components/Footer/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | export { default } from "./Footer"; 8 | -------------------------------------------------------------------------------- /frontend/src/components/GenericError.module.css: -------------------------------------------------------------------------------- 1 | /* Copyright 2024 New Vector Ltd. 2 | * Copyright 2024 The Matrix.org Foundation C.I.C. 3 | * 4 | * SPDX-License-Identifier: AGPL-3.0-only 5 | * Please see LICENSE in the repository root for full details. 6 | */ 7 | 8 | .details { 9 | font: var(--cpd-font-body-sm-regular); 10 | background: var(--cpd-color-bg-critical-subtle); 11 | border: 1px solid var(--cpd-color-border-critical-subtle); 12 | padding: var(--cpd-space-4x); 13 | text-align: initial; 14 | } 15 | -------------------------------------------------------------------------------- /frontend/src/components/Layout/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | export { default, query } from "./Layout"; 8 | -------------------------------------------------------------------------------- /frontend/src/components/Link.tsx: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | import { createLink } from "@tanstack/react-router"; 8 | import { Link as CompoundLink } from "@vector-im/compound-web"; 9 | 10 | export const Link = createLink(CompoundLink); 11 | -------------------------------------------------------------------------------- /frontend/src/components/LoadingScreen/LoadingScreen.module.css: -------------------------------------------------------------------------------- 1 | /* Copyright 2024 New Vector Ltd. 2 | * Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | * 4 | * SPDX-License-Identifier: AGPL-3.0-only 5 | * Please see LICENSE in the repository root for full details. 6 | */ 7 | 8 | .loading-screen { 9 | display: flex; 10 | 11 | /* Fallback for browsers that do not support 100svh */ 12 | min-height: 100vh; 13 | min-height: 100svh; 14 | 15 | justify-content: center; 16 | align-items: center; 17 | } 18 | -------------------------------------------------------------------------------- /frontend/src/components/LoadingScreen/LoadingScreen.stories.tsx: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | import type { Meta, StoryObj } from "@storybook/react-vite"; 8 | 9 | import LoadingScreen from "./LoadingScreen"; 10 | 11 | const meta = { 12 | title: "UI/Loading Screen", 13 | component: LoadingScreen, 14 | parameters: { 15 | layout: "fullscreen", 16 | }, 17 | tags: ["autodocs"], 18 | } satisfies Meta; 19 | 20 | export default meta; 21 | type Story = StoryObj; 22 | 23 | export const Basic: Story = {}; 24 | -------------------------------------------------------------------------------- /frontend/src/components/LoadingScreen/LoadingScreen.test.tsx: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | // @vitest-environment happy-dom 8 | 9 | import { describe, expect, it } from "vitest"; 10 | 11 | import render from "../../test-utils/render"; 12 | import LoadingScreen from "./LoadingScreen"; 13 | 14 | describe("LoadingScreen", () => { 15 | it("render ", () => { 16 | const { asFragment } = render(); 17 | expect(asFragment()).toMatchSnapshot(); 18 | }); 19 | }); 20 | -------------------------------------------------------------------------------- /frontend/src/components/LoadingScreen/LoadingScreen.tsx: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | import LoadingSpinner from "../LoadingSpinner"; 8 | 9 | import styles from "./LoadingScreen.module.css"; 10 | 11 | const LoadingScreen: React.FC = () => ( 12 |
13 | 14 |
15 | ); 16 | 17 | export default LoadingScreen; 18 | -------------------------------------------------------------------------------- /frontend/src/components/LoadingScreen/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | export { default } from "./LoadingScreen"; 8 | -------------------------------------------------------------------------------- /frontend/src/components/LoadingSpinner/LoadingSpinner.stories.tsx: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | import type { Meta, StoryObj } from "@storybook/react-vite"; 8 | 9 | import LoadingSpinner from "./LoadingSpinner"; 10 | 11 | const meta = { 12 | title: "UI/Loading Spinner", 13 | component: LoadingSpinner, 14 | tags: ["autodocs"], 15 | } satisfies Meta; 16 | 17 | export default meta; 18 | type Story = StoryObj; 19 | 20 | export const Basic: Story = {}; 21 | -------------------------------------------------------------------------------- /frontend/src/components/LoadingSpinner/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | export { default } from "./LoadingSpinner"; 8 | -------------------------------------------------------------------------------- /frontend/src/components/NavBar/NavBar.module.css: -------------------------------------------------------------------------------- 1 | /* Copyright 2024 New Vector Ltd. 2 | * Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | * 4 | * SPDX-License-Identifier: AGPL-3.0-only 5 | * Please see LICENSE in the repository root for full details. 6 | */ 7 | 8 | .nav-bar { 9 | border-bottom: var(--cpd-border-width-1) solid var(--cpd-color-gray-400); 10 | } 11 | 12 | .nav-bar-items { 13 | display: flex; 14 | flex-direction: row; 15 | justify-content: flex-start; 16 | align-items: center; 17 | gap: var(--cpd-space-3x); 18 | } 19 | -------------------------------------------------------------------------------- /frontend/src/components/NavBar/NavBar.tsx: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | import styles from "./NavBar.module.css"; 8 | 9 | const NavBar: React.FC = ({ children }) => ( 10 | 13 | ); 14 | 15 | export default NavBar; 16 | -------------------------------------------------------------------------------- /frontend/src/components/NavBar/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | export { default } from "./NavBar"; 8 | -------------------------------------------------------------------------------- /frontend/src/components/NavItem/NavItem.tsx: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | import { Link } from "@tanstack/react-router"; 8 | 9 | import styles from "./NavItem.module.css"; 10 | 11 | const NavItem: React.FC> = (props) => { 12 | return ( 13 |
  • 14 | 19 |
    • 20 | ); 21 | }; 22 | 23 | export default NavItem; 24 | -------------------------------------------------------------------------------- /frontend/src/components/NavItem/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | export { default } from "./NavItem"; 8 | -------------------------------------------------------------------------------- /frontend/src/components/NotFound.tsx: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | import { Alert } from "@vector-im/compound-web"; 8 | import type { ReactNode } from "react"; 9 | import { Translation } from "react-i18next"; 10 | 11 | const NotFound: React.FC = () => ( 12 | 13 | {(t): ReactNode => ( 14 | 15 | )} 16 | 17 | ); 18 | 19 | export default NotFound; 20 | -------------------------------------------------------------------------------- /frontend/src/components/PageHeading/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | export { default } from "./PageHeading"; 8 | -------------------------------------------------------------------------------- /frontend/src/components/Separator/Separator.module.css: -------------------------------------------------------------------------------- 1 | /* Copyright 2025 New Vector Ltd. 2 | * 3 | * SPDX-License-Identifier: AGPL-3.0-only 4 | * Please see LICENSE in the repository root for full details. 5 | */ 6 | 7 | .separator { 8 | border-block-start: 1px solid var(--cpd-color-bg-subtle-primary); 9 | } 10 | 11 | .section { 12 | border-block-start-width: 2px; 13 | } 14 | -------------------------------------------------------------------------------- /frontend/src/components/Separator/index.tsx: -------------------------------------------------------------------------------- 1 | // Copyright 2025 New Vector Ltd. 2 | // 3 | // SPDX-License-Identifier: AGPL-3.0-only 4 | // Please see LICENSE in the repository root for full details. 5 | 6 | export { default } from "./Separator"; 7 | -------------------------------------------------------------------------------- /frontend/src/components/Session/ClientAvatar.module.css: -------------------------------------------------------------------------------- 1 | /* Copyright 2024 New Vector Ltd. 2 | * Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | * 4 | * SPDX-License-Identifier: AGPL-3.0-only 5 | * Please see LICENSE in the repository root for full details. 6 | */ 7 | 8 | .avatar { 9 | object-fit: cover; 10 | overflow: hidden; 11 | aspect-ratio: 1 / 1; 12 | width: var(--mas-avatar-size); 13 | border-radius: 50%; 14 | display: inline-block; 15 | } 16 | -------------------------------------------------------------------------------- /frontend/src/components/Session/DeviceTypeIcon.module.css: -------------------------------------------------------------------------------- 1 | /* Copyright 2024 New Vector Ltd. 2 | * Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | * 4 | * SPDX-License-Identifier: AGPL-3.0-only 5 | * Please see LICENSE in the repository root for full details. 6 | */ 7 | 8 | .device-type-icon { 9 | color: var(--cpd-color-icon-secondary); 10 | background-color: var(--cpd-color-bg-subtle-secondary); 11 | box-sizing: content-box; 12 | height: var(--cpd-space-6x); 13 | width: var(--cpd-space-6x); 14 | padding: var(--cpd-space-2x); 15 | border-radius: var(--cpd-space-2x); 16 | } 17 | -------------------------------------------------------------------------------- /frontend/src/components/Session/LastActive.module.css: -------------------------------------------------------------------------------- 1 | /* Copyright 2024 New Vector Ltd. 2 | * Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | * 4 | * SPDX-License-Identifier: AGPL-3.0-only 5 | * Please see LICENSE in the repository root for full details. 6 | */ 7 | 8 | .active { 9 | color: var(--cpd-color-text-success-primary); 10 | } 11 | -------------------------------------------------------------------------------- /frontend/src/components/Session/__snapshots__/ClientAvatar.test.tsx.snap: -------------------------------------------------------------------------------- 1 | // Vitest Snapshot v1, https://vitest.dev/guide/snapshot.html 2 | 3 | exports[` > renders client logo 1`] = ` 4 |
    5 | Test Client 12 |
    13 | `; 14 | -------------------------------------------------------------------------------- /frontend/src/components/SessionCard/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | export { 8 | Root, 9 | LinkBody, 10 | Body, 11 | Header, 12 | Name, 13 | Client, 14 | Metadata, 15 | Info, 16 | Action, 17 | } from "./SessionCard"; 18 | -------------------------------------------------------------------------------- /frontend/src/components/UserEmail/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | export { default } from "./UserEmail"; 8 | -------------------------------------------------------------------------------- /frontend/src/components/UserGreeting/index.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | export { default } from "./UserGreeting"; 8 | -------------------------------------------------------------------------------- /frontend/src/components/UserSessionsOverview/BrowserSessionsOverview.module.css: -------------------------------------------------------------------------------- 1 | /* Copyright 2024 New Vector Ltd. 2 | * Copyright 2024 The Matrix.org Foundation C.I.C. 3 | * 4 | * SPDX-License-Identifier: AGPL-3.0-only 5 | * Please see LICENSE in the repository root for full details. 6 | */ 7 | 8 | .browser-sessions-overview { 9 | display: flex; 10 | align-items: center; 11 | gap: var(--cpd-space-4x); 12 | padding: var(--cpd-space-4x); 13 | border-radius: var(--cpd-space-3x); 14 | background-color: var(--cpd-color-bg-canvas-default); 15 | outline: 1px solid var(--cpd-color-gray-400); 16 | outline-offset: -1px; 17 | } 18 | -------------------------------------------------------------------------------- /frontend/src/components/UserSessionsOverview/__snapshots__/UserSessionsOverview.test.tsx.snap: -------------------------------------------------------------------------------- 1 | // Vitest Snapshot v1, https://vitest.dev/guide/snapshot.html 2 | 3 | exports[`UserSessionsOverview > render an simple 1`] = `
    `; 4 | -------------------------------------------------------------------------------- /frontend/src/config.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | type AppConfig = { 8 | root: string; 9 | graphqlEndpoint: string; 10 | }; 11 | 12 | interface IWindow { 13 | APP_CONFIG?: AppConfig; 14 | } 15 | 16 | const config: AppConfig = (typeof window !== "undefined" && 17 | (window as IWindow).APP_CONFIG) || { 18 | root: "/", 19 | graphqlEndpoint: "/graphql", 20 | }; 21 | 22 | export default config; 23 | -------------------------------------------------------------------------------- /frontend/src/gql/index.ts: -------------------------------------------------------------------------------- 1 | export * from "./fragment-masking"; 2 | export * from "./gql"; -------------------------------------------------------------------------------- /frontend/src/utils/dates.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | /** Compute what the date was 90 days ago, rouding down to the start of the day */ 8 | export const getNinetyDaysAgo = (): string => { 9 | const date = new Date(Date.now() - 90 * 24 * 60 * 60 * 1000); 10 | // Round down to the start of the day to avoid rerendering/requerying 11 | date.setHours(0, 0, 0, 0); 12 | return date.toISOString(); 13 | }; 14 | -------------------------------------------------------------------------------- /frontend/src/utils/deviceIdFromScope.ts: -------------------------------------------------------------------------------- 1 | /* Copyright 2024 New Vector Ltd. 2 | * Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | * 4 | * SPDX-License-Identifier: AGPL-3.0-only 5 | * Please see LICENSE in the repository root for full details. 6 | */ 7 | 8 | const DEVICE_PREFIX = "urn:matrix:org.matrix.msc2967.client:device:"; 9 | 10 | /** 11 | * Device scopes are suffixed with the deviceId 12 | * Isolate the suffix so we can display it 13 | * @param scope the full scope of the session 14 | * @returns deviceId, or undefined when not a device scope 15 | */ 16 | export const getDeviceIdFromScope = (scope: string): string | undefined => { 17 | const [, deviceId] = scope.split(DEVICE_PREFIX); 18 | return deviceId; 19 | }; 20 | -------------------------------------------------------------------------------- /frontend/src/vite-env.d.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2022-2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | /// 8 | -------------------------------------------------------------------------------- /frontend/tests/routes/types.d.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // 3 | // SPDX-License-Identifier: AGPL-3.0-only 4 | // Please see LICENSE in the repository root for full details. 5 | 6 | /// 7 | /// 8 | -------------------------------------------------------------------------------- /frontend/tsconfig.node.json: -------------------------------------------------------------------------------- 1 | { 2 | "compilerOptions": { 3 | "composite": true, 4 | "module": "node16", 5 | "moduleResolution": "node16", 6 | "allowSyntheticDefaultImports": true, 7 | "allowJs": true, 8 | "resolveJsonModule": true 9 | }, 10 | "include": [ 11 | ".storybook/main.ts", 12 | "vite.config.ts", 13 | "vitest.global-setup.ts", 14 | "vitest.i18n-setup.ts", 15 | ".eslintrc.cjs", 16 | "postcss.config.cjs", 17 | "tailwind.config.cjs", 18 | "tailwind.templates.config.cjs", 19 | "codegen.ts", 20 | "i18next-parser.config.ts" 21 | ] 22 | } 23 | -------------------------------------------------------------------------------- /frontend/vitest.global-setup.ts: -------------------------------------------------------------------------------- 1 | // Copyright 2024 New Vector Ltd. 2 | // Copyright 2023, 2024 The Matrix.org Foundation C.I.C. 3 | // 4 | // SPDX-License-Identifier: AGPL-3.0-only 5 | // Please see LICENSE in the repository root for full details. 6 | 7 | export const setup = (): void => { 8 | process.env.TZ = "UTC"; 9 | }; 10 | -------------------------------------------------------------------------------- /overview.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/element-hq/matrix-authentication-service/d8fa8f7018bcd6e2b33628aa6932f421d885a2cf/overview.png -------------------------------------------------------------------------------- /policies/.gitignore: -------------------------------------------------------------------------------- 1 | /policy.wasm 2 | /bundle.tar.gz 3 | /coverage.json 4 | -------------------------------------------------------------------------------- /policies/.regal/config.yaml: -------------------------------------------------------------------------------- 1 | rules: 2 | style: 3 | external-reference: 4 | level: ignore 5 | line-length: 6 | level: ignore 7 | -------------------------------------------------------------------------------- /templates/emails/recovery.subject: -------------------------------------------------------------------------------- 1 | {# 2 | Copyright 2024 New Vector Ltd. 3 | Copyright 2024 The Matrix.org Foundation C.I.C. 4 | 5 | SPDX-License-Identifier: AGPL-3.0-only 6 | Please see LICENSE in the repository root for full details. 7 | -#} 8 | 9 | {%- set _ = translator(lang) -%} 10 | {%- set mxid -%} 11 | @{{ user.username }}:{{ branding.server_name }} 12 | {%- endset -%} 13 | 14 | {{ _("mas.emails.recovery.subject", mxid=mxid) }} 15 | -------------------------------------------------------------------------------- /templates/emails/recovery.txt: -------------------------------------------------------------------------------- 1 | {# 2 | Copyright 2024 New Vector Ltd. 3 | Copyright 2024 The Matrix.org Foundation C.I.C. 4 | 5 | SPDX-License-Identifier: AGPL-3.0-only 6 | Please see LICENSE in the repository root for full details. 7 | -#} 8 | 9 | {%- set _ = translator(lang) -%} 10 | {{ _("mas.emails.recovery.headline", server_name=branding.server_name) }} 11 | 12 | {{ _("mas.emails.recovery.copy_link") }} 13 | 14 | {{ recovery_link }} 15 | 16 | {{ _("mas.emails.recovery.you_can_ignore") }} 17 | -------------------------------------------------------------------------------- /templates/emails/verification.html: -------------------------------------------------------------------------------- 1 | {# 2 | Copyright 2024, 2025 New Vector Ltd. 3 | Copyright 2021-2024 The Matrix.org Foundation C.I.C. 4 | 5 | SPDX-License-Identifier: AGPL-3.0-only 6 | Please see LICENSE in the repository root for full details. 7 | -#} 8 | 9 | {%- set _ = translator(lang) -%} 10 | 11 | {%- if browser_session is defined -%} 12 | {%- set username = browser_session.user.username -%} 13 | {%- elif user_registration is defined -%} 14 | {%- set username = user_registration.username -%} 15 | {%- endif -%} 16 | 17 | {{ _("mas.emails.greeting", username=(username|default("user"))) }}
    18 |
    19 | {{ _("mas.emails.verify.body_html", code=authentication_code.code) }}
    20 | -------------------------------------------------------------------------------- /templates/emails/verification.subject: -------------------------------------------------------------------------------- 1 | {# 2 | Copyright 2024, 2025 New Vector Ltd. 3 | Copyright 2021-2024 The Matrix.org Foundation C.I.C. 4 | 5 | SPDX-License-Identifier: AGPL-3.0-only 6 | Please see LICENSE in the repository root for full details. 7 | -#} 8 | 9 | {%- set _ = translator(lang) -%} 10 | 11 | {{ _("mas.emails.verify.subject", code=authentication_code.code) }} 12 | -------------------------------------------------------------------------------- /templates/emails/verification.txt: -------------------------------------------------------------------------------- 1 | {# 2 | Copyright 2024, 2025 New Vector Ltd. 3 | Copyright 2021-2024 The Matrix.org Foundation C.I.C. 4 | 5 | SPDX-License-Identifier: AGPL-3.0-only 6 | Please see LICENSE in the repository root for full details. 7 | -#} 8 | 9 | {%- set _ = translator(lang) -%} 10 | 11 | {%- if browser_session is defined -%} 12 | {%- set username = browser_session.user.username -%} 13 | {%- elif user_registration is defined -%} 14 | {%- set username = user_registration.username -%} 15 | {%- endif -%} 16 | 17 | {{ _("mas.emails.greeting", username=(username|default("user"))) }} 18 | 19 | {{ _("mas.emails.verify.body_text", code=authentication_code.code) }} 20 | -------------------------------------------------------------------------------- /templates/pages/upstream_oauth2/link_mismatch.html: -------------------------------------------------------------------------------- 1 | {# 2 | Copyright 2024 New Vector Ltd. 3 | Copyright 2022-2024 The Matrix.org Foundation C.I.C. 4 | 5 | SPDX-License-Identifier: AGPL-3.0-only 6 | Please see LICENSE in the repository root for full details. 7 | -#} 8 | 9 | {% extends "base.html" %} 10 | 11 | {% block content %} 12 |
    13 |
    14 | {{ icon.warning() }} 15 |
    16 | 17 |
    18 |

    19 | {{ _("mas.upstream_oauth2.link_mismatch.heading") }} 20 |

    21 |
    22 |
    23 | 24 | {{ logout.button(text=_("action.sign_out"), csrf_token=csrf_token) }} 25 | {% endblock content %} 26 | --------------------------------------------------------------------------------