Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

MSC2965: OAuth 2.0 Authorization Server Metadata discovery #2965

Open
wants to merge 40 commits into
base: main
Choose a base branch
from
Open

MSC2965: OAuth 2.0 Authorization Server Metadata discovery #2965

Changes from 1 commit
Commits
Show all changes
40 commits
Select commit Hold shift + click to select a range
ef474ee
OIDC discovery MSC
sandhose Jan 14, 2021
4d9345c
Add `account` field
hughns May 2, 2022
4a24cf6
Add id_token_hint to account management URL
hughns May 6, 2022
f5b54bf
Add reference to MSC3861
hughns Aug 5, 2022
1cc4976
Add missing heading
hughns Sep 22, 2022
6455b1f
Fix reference to MSC3861
hughns Feb 8, 2023
2a242bb
Update proposals/2965-oidc-discovery.md
hughns Aug 21, 2023
ae920ad
Fix typo
hughns Aug 21, 2023
d9d56f3
Update 2965-oidc-discovery.md
hughns Aug 21, 2023
74b29e0
Update proposals/2965-oidc-discovery.md
hughns Aug 21, 2023
610c22c
Update proposals/2965-oidc-discovery.md
hughns Aug 21, 2023
eed9e60
OIDC Provider -> OpenID Provider
hughns Aug 21, 2023
fdcde60
Define account management URL params
hughns Aug 21, 2023
c0b2565
Link for account management URLs
hughns Aug 21, 2023
e9e3ee1
MSC2965: move from well-known discovery to a dedicated C-S endpoint
sandhose Nov 29, 2023
a36c44a
MSC2965: add a note about why the well-known alternative has been dis…
sandhose Nov 30, 2023
7642a60
MSC2965: move the account management URL to the provider metadata
sandhose Dec 5, 2023
a0218df
MSC2965: line breaks
sandhose Dec 5, 2023
e852963
MSC2965: update note about the account endpoint metadata
sandhose Dec 5, 2023
1bb6dde
Move the /auth_issuer endpoint to the v1 prefix
sandhose Feb 21, 2024
e70cd3d
Add the `org.matrix.cross_signing_reset` action
sandhose Feb 21, 2024
754b290
Typo
sandhose Feb 21, 2024
56949de
Merge branch 'matrix-org:main' into msc/sandhose/oidc-discovery
sandhose Sep 3, 2024
45e9063
Rename MSC
sandhose Sep 4, 2024
27bb308
Remove account-related URLs
sandhose Sep 4, 2024
acabca8
Mention RFC8414 as alternative
sandhose Sep 4, 2024
61fc092
Outline another alternative: publish the metadata through a C-S API
sandhose Jan 17, 2025
331ac79
Fix the alternative flow
sandhose Jan 17, 2025
76dfb12
Publish the auth server metadata through a new C-S API endpoint
sandhose Jan 17, 2025
abd969a
renamed 2965-oidc-discovery.md -> 2965-auth-metadata.md
sandhose Jan 17, 2025
0e7cea0
Clarify auth & rate limiting requirements
sandhose Jan 22, 2025
2aed234
Mention the MSCs using each metadata value
sandhose Jan 22, 2025
93d1b09
Explain what to do when next-gen auth is not available
sandhose Jan 22, 2025
ee1c23d
Add rationale for not using a .well-known endpoint
sandhose Jan 22, 2025
885a50f
Reformat with prettier
sandhose Jan 22, 2025
acd7042
Add `issuer` to the required metadata fields
sandhose Mar 5, 2025
8719e6f
Explain why we don't just use static C-S endpoints
sandhose Mar 5, 2025
27f374e
Apply suggestions from code review
sandhose Mar 5, 2025
c313791
Move the rationale for not using a `.well-known` document to the alte…
sandhose Mar 5, 2025
95a764f
Typo
sandhose Mar 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
MSC2965: line breaks
  • Loading branch information
@sandhose
sandhose committed Dec 5, 2023
commit a0218df7175ebc3e043b6c97624f481e45ab7773
3 changes: 2 additions & 1 deletion proposals/2965-oidc-discovery.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,8 @@ Content-Type: application/json
"grant_types_sypported": ["authorization_code", "refresh_token"],
"response_mode_sypported": ["query", "fragment"],
"account_management_uri": "https://account.example.com/myaccount",
"account_management_actions_supported": ["org.matrix.profile", "org.matrix.sessions_list", "org.matrix.session_view", "org.matrix.session_end"],
"account_management_actions_supported": ["org.matrix.profile", "org.matrix.sessions_list",
"org.matrix.session_view", "org.matrix.session_end"],
// some fields omitted
}
```
Expand Down