* Fix `element-desktop-ssoid being` included in OIDC Authorization call
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Split out oidc callback url into its own method
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix unexpected hash on oidc callback url
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update src/BasePlatform.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Store id_token rather than just id_token_claims
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Pass id_token via `id_token_hint` on `Manage Account` interaction
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix tests
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Send user credentials to service worker for MSC3916 authentication
* appease linter
* Add initial test
The test fails, seemingly because the service worker isn't being installed or because the network mock can't reach that far.
* Remove unsafe access token code
* Split out base IDB operations to avoid importing `document` in serviceworkers
* Use safe crypto access for service workers
* Fix tests/unsafe access
* Remove backwards compatibility layer & appease linter
* Add docs
* Fix tests
* Appease the linter
* Iterate tests
* Factor out pickle key handling for service workers
* Enable everything we can about service workers
* Appease the linter
* Add docs
* Rename win32 image to linux in hopes of it just working
* Use actual image
* Apply suggestions from code review
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Improve documentation
* Document `??` not working
* Try to appease the tests
* Add some notes
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Changed call sites from customisations/security to ModuleRunner.extensions
* Updated depenndecy and added tests
* Fixed style and formatting with prettier
* Fix according to Element PR comments
* Fixing issues raised in PR review
* Removed commented code. Improved encapsulation. Removed noisy logging
* Improved language of comment about calling the factory
* Refactor to get better encapsulation
* Find a better name. Provide explicit reset function. Provide more TSDoc
* Simplify mock for cryptoSetup, and add assertion for exception message.
* Remove unused className property. Adjust TSDoc comments
* Fix linting and code style issues
* Added test to ensure we canregister anduse experimental extensions
* Fix linting and code-style issues
* Added test to ensure only on registration of experimental extensions
* Added test toensure call to getDehydratedDeviceCallback()
* Test what happens when there is no implementation
* Iterating cryptoSetup tests
* Lint/prettier fix
* Assert both branches when checking for dehydrationkey callback
* Update src/modules/ModuleRunner.ts
Language and formatting
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/modules/ModuleRunner.ts
Reset by setting a fresh ExtensionsManager
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/modules/ModuleRunner.ts
Use regular comment instead of TSDoc style comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update test/MatrixClientPeg-test.ts
No need to extend the base class
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/modules/ModuleRunner.ts
Fix spelling
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/modules/ModuleRunner.ts
Fix spelling
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/modules/ModuleRunner.ts
Fix TSDoc formatting
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Simplify mock setup
* Simplified mock and cleaned up a bit
* Keeping track of extensions is an implementation detail internal to ExtensionsManager. Language and punctuation
* Addressed issues and comments from PR review
* Update src/modules/ModuleRunner.ts
Keep the flags to track implementations as direct properties
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Fix flattening of implementation map
* Update src/modules/ModuleRunner.ts
Fix whitespace
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Fix spurious session corruption error
Move the server versions check to each time we reconnect to the server
rather than the first time,although, as per comment it will still only
trigger the first time, but it will avoid us awaiting and mean we know
we're connected to the server when we try, and get automatic retries.
Fixes https://github.com/element-hq/element-web/issues/26967
* Move test & add regression test
* Write some more tests
* More comments & catch exceptions in server versions check
* Note caching behaviour
* Typo
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Remove the bit of the comment that might be wrong
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Fix overwrite login action not stopping client
* remove unneeded fixture for overwrite login test
* Fix playwrite bad import of app sources
* revert uneeded change on fore OnLoggedIn causing side effects
* Add unit test for overwrite login action
* remove un needed ts-ignore
* Reuse exported common type
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Improve client metadata used for OIDC dynamic registration
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix Native OIDC for Element Desktop by including ssoid in the url_state of the /auth call
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Reuse exported common type
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Improve client metadata used for OIDC dynamic registration
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix typo
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix test
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Mock PlatformPeg
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Mock platform
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add comment
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Improve comment
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update src/BasePlatform.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Do not remove the language when clearing local storage
Signed-off-by: Milton Moura <miltonmoura@gmail.com>
* Revised comment on getting the defined language from settings
Signed-off-by: Milton Moura <miltonmoura@gmail.com>
* Explicitly checking for language set at the device level
Signed-off-by: Milton Moura <miltonmoura@gmail.com>
* Add test that checks if device language setting is kept after a successfull delegated authentication flow
Signed-off-by: Milton Moura <miltonmoura@gmail.com>
* Adds test for unhappy path and adjusts to use the SettingsStore instead of going directly to localStorage
Signed-off-by: Milton Moura <miltonmoura@gmail.com>
* Removing unnecessary variable after test refactor
Signed-off-by: Milton Moura <miltonmoura@gmail.com>
---------
Signed-off-by: Milton Moura <miltonmoura@gmail.com>
* add delegatedauthentication to validated server config
* dynamic client registration functions
* test OP registration functions
* add stubbed nativeOidc flow setup in Login
* cover more error cases in Login
* tidy
* test dynamic client registration in Login
* comment oidc_static_clients
* register oidc inside Login.getFlows
* strict fixes
* remove unused code
* and imports
* comments
* comments 2
* util functions to get static client id
* check static client ids in login flow
* remove dead code
* OidcRegistrationClientMetadata type
* navigate to oidc authorize url
* exchange code for token
* navigate to oidc authorize url
* navigate to oidc authorize url
* test
* adjust for js-sdk code
* login with oidc native flow: messy version
* tidy
* update test for response_mode query
* tidy up some TODOs
* use new types
* add identityServerUrl to stored params
* unit test completeOidcLogin
* test tokenlogin
* strict
* whitespace
* tidy
* unit test oidc login flow in MatrixChat
* strict
* tidy
* extract success/failure handlers from token login function
* typo
* use for no homeserver error dialog too
* reuse post-token login functions, test
* shuffle testing utils around
* shuffle testing utils around
* i18n
* tidy
* Update src/Lifecycle.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* tidy
* comment
* update tests for id token validation
* move try again responsibility
* prettier
* add friendly error messages for oidc authorization failures
* i18n
* update for new translations, tidy
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* test persistCredentials without a pickle key
* test setLoggedIn with pickle key
* lint
* type error
* extract token persisting code into function, persist refresh token
* store has_refresh_token too
* pass refreshToken from oidcAuthGrant into credentials
* rest restore session with pickle key
* retreive stored refresh token and add to credentials
* extract token decryption into function
* remove TODO
* very messy poc
* utils to persist clientId and issuer after oidc authentication
* add dep oidc-client-ts
* persist issuer and clientId after successful oidc auth
* add OidcClientStore
* comments and tidy
* expose getters for stored refresh and access tokens in Lifecycle
* revoke tokens with oidc provider
* test logout action in MatrixChat
* comments
* prettier
* test OidcClientStore.revokeTokens
* put pickle key destruction back
* comment pedantry
* working refresh without persistence
* extract token persistence functions to utils
* add sugar
* implement TokenRefresher class with persistence
* tidying
* persist idTokenClaims
* persist idTokenClaims
* tests
* remove unused cde
* create token refresher during doSetLoggedIn
* tidying
* also tidying
* OidcClientStore.initClient use stored issuer when client well known unavailable
* test Lifecycle.logout
* update Lifecycle test replaceUsingCreds calls
* fix test
* tidy
* test tokenrefresher creation in login flow
* test token refresher
* Update src/utils/oidc/TokenRefresher.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* use literal value for m.authentication
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* improve comments
* fix test mock, comment
* typo
* add sdkContext to SoftLogout, pass oidcClientStore to logout
* fullstops
* comments
* fussy comment formatting
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* test persistCredentials without a pickle key
* test setLoggedIn with pickle key
* lint
* type error
* extract token persisting code into function, persist refresh token
* store has_refresh_token too
* pass refreshToken from oidcAuthGrant into credentials
* rest restore session with pickle key
* retreive stored refresh token and add to credentials
* extract token decryption into function
* remove TODO
* very messy poc
* comments
* prettier
* comment pedantry
* working refresh without persistence
* extract token persistence functions to utils
* add sugar
* implement TokenRefresher class with persistence
* tidying
* persist idTokenClaims
* persist idTokenClaims
* tests
* remove unused cde
* create token refresher during doSetLoggedIn
* tidying
* also tidying
* update Lifecycle test replaceUsingCreds calls
* tidy
* test tokenrefresher creation in login flow
* test token refresher
* Update src/utils/oidc/TokenRefresher.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* use literal value for m.authentication
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* improve comments
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* test persistCredentials without a pickle key
* test setLoggedIn with pickle key
* lint
* type error
* extract token persisting code into function, persist refresh token
* store has_refresh_token too
* pass refreshToken from oidcAuthGrant into credentials
* rest restore session with pickle key
* retreive stored refresh token and add to credentials
* extract token decryption into function
* remove TODO
* comments
* prettier
* comment pedantry
* fix code smell - nullish coalesce instead of ||
* more comments
* test persistCredentials without a pickle key
* test setLoggedIn with pickle key
* lint
* type error
* extract token persisting code into function, persist refresh token
* store has_refresh_token too
* pass refreshToken from oidcAuthGrant into credentials
* rest restore session with pickle key
* comments
* prettier
* Update src/Lifecycle.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* comments
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* utils to persist clientId and issuer after oidc authentication
* add dep oidc-client-ts
* persist issuer and clientId after successful oidc auth
* add OidcClientStore
* comments and tidy
* format
* add delegatedauthentication to validated server config
* dynamic client registration functions
* test OP registration functions
* add stubbed nativeOidc flow setup in Login
* cover more error cases in Login
* tidy
* test dynamic client registration in Login
* comment oidc_static_clients
* register oidc inside Login.getFlows
* strict fixes
* remove unused code
* and imports
* comments
* comments 2
* util functions to get static client id
* check static client ids in login flow
* remove dead code
* OidcRegistrationClientMetadata type
* navigate to oidc authorize url
* exchange code for token
* navigate to oidc authorize url
* navigate to oidc authorize url
* test
* adjust for js-sdk code
* login with oidc native flow: messy version
* tidy
* update test for response_mode query
* tidy up some TODOs
* use new types
* add identityServerUrl to stored params
* unit test completeOidcLogin
* test tokenlogin
* strict
* whitespace
* tidy
* unit test oidc login flow in MatrixChat
* strict
* tidy
* extract success/failure handlers from token login function
* typo
* use for no homeserver error dialog too
* reuse post-token login functions, test
* shuffle testing utils around
* shuffle testing utils around
* i18n
* tidy
* Update src/Lifecycle.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* tidy
* comment
* update tests for id token validation
* move try again responsibility
* prettier
* use more future proof config for static clients
* test util for oidcclientconfigs
* rename type and lint
* correct oidc test util
* store issuer and clientId pre auth navigation
* adjust for js-sdk changes
* update for js-sdk userstate, tidy
* update MatrixChat tests
* update tests
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* extract success/failure handlers from token login function
* typo
* use for no homeserver error dialog too
* i18n
* tidy
* Update src/Lifecycle.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* move try again responsibility
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Fixes authentication when user is registered via module API
* Remove "on_logging_in" action
---------
Signed-off-by: Mikhail Aheichyk <mikhail.aheichyk@nordeck.net>
Co-authored-by: Mikhail Aheichyk <mikhail.aheichyk@nordeck.net>
Michael Telatynski