diff --git a/Cargo.lock b/Cargo.lock index 3c487390b..6e845c1a8 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3364,7 +3364,6 @@ dependencies = [ "sha2", "sqlx", "thiserror 2.0.12", - "time", "tokio", "tokio-util", "tower", diff --git a/Cargo.toml b/Cargo.toml index 407720da8..9e3218dde 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -10,6 +10,7 @@ package.authors = ["Element Backend Team"] package.edition = "2024" package.homepage = "https://element-hq.github.io/matrix-authentication-service/" package.repository = "https://github.com/element-hq/matrix-authentication-service/" +package.publish = false [workspace.lints.rust] unsafe_code = "deny" @@ -83,6 +84,10 @@ version = "0.1.88" [workspace.dependencies.anyhow] version = "1.0.98" +# Assert that a value matches a pattern +[workspace.dependencies.assert_matches] +version = "1.5.0" + # HTTP router [workspace.dependencies.axum] version = "0.8.4" @@ -92,9 +97,29 @@ version = "0.8.4" version = "0.10.1" features = ["cookie-private", "cookie-key-expansion", "typed-header"] +# Axum macros +[workspace.dependencies.axum-macros] +version = "0.5.0" + +# AEAD (Authenticated Encryption with Associated Data) +[workspace.dependencies.aead] +version = "0.5.2" +features = ["std"] + +# Argon2 password hashing +[workspace.dependencies.argon2] +version = "0.5.3" +features = ["password-hash", "std"] + # Constant-time base64 [workspace.dependencies.base64ct] version = "1.8.0" +features = ["std"] + +# Bcrypt password hashing +[workspace.dependencies.bcrypt] +version = "0.17.0" +default-features = true # Packed bitfields [workspace.dependencies.bitflags] @@ -107,6 +132,12 @@ version = "1.10.1" # UTF-8 paths [workspace.dependencies.camino] version = "1.1.10" +features = ["serde1"] + +# ChaCha20Poly1305 AEAD +[workspace.dependencies.chacha20poly1305] +version = "0.10.1" +features = ["std"] # Memory optimisation for short strings [workspace.dependencies.compact_str] @@ -116,6 +147,12 @@ version = "0.9.0" [workspace.dependencies.console] version = "0.15.11" +# Cookie store +[workspace.dependencies.cookie_store] +version = "0.21.1" +default-features = false +features = ["serde_json"] + # Time utilities [workspace.dependencies.chrono] version = "0.4.41" @@ -127,10 +164,51 @@ features = ["serde", "clock"] version = "4.5.39" features = ["derive"] +# Object Identifiers (OIDs) as constants +[workspace.dependencies.const-oid] +version = "0.9.6" +features = ["std"] + +# Utility for converting between different cases +[workspace.dependencies.convert_case] +version = "0.8.0" + +# CRC calculation +[workspace.dependencies.crc] +version = "3.3.0" + # Cron expressions [workspace.dependencies.cron] version = "0.15.0" +# CSV parsing and writing +[workspace.dependencies.csv] +version = "1.3.1" + +# DER encoding +[workspace.dependencies.der] +version = "0.7.10" +features = ["std"] + +# Interactive CLI dialogs +[workspace.dependencies.dialoguer] +version = "0.11.0" +default-features = false +features = ["fuzzy-select", "password"] + +# Cryptographic digest algorithms +[workspace.dependencies.digest] +version = "0.10.7" + +# Load environment variables from .env files +[workspace.dependencies.dotenvy] +version = "0.15.7" + +# ECDSA algorithms +[workspace.dependencies.ecdsa] +version = "0.16.9" +features = ["signing", "verifying"] + # Elliptic curve cryptography [workspace.dependencies.elliptic-curve] version = "0.13.8" @@ -141,16 +219,28 @@ features = ["std", "pem", "sec1"] version = "0.10.19" features = ["env", "yaml", "test"] +# URL form encoding +[workspace.dependencies.form_urlencoded] +version = "1.2.1" + # Utilities for dealing with futures [workspace.dependencies.futures-util] version = "0.3.31" +# Fixed-size arrays with trait implementations +[workspace.dependencies.generic-array] +version = "0.14.7" + # Rate-limiting [workspace.dependencies.governor] version = "0.10.0" default-features = false features = ["std", "dashmap", "quanta"] +# HMAC calculation +[workspace.dependencies.hmac] +version = "0.12.1" + # HTTP headers [workspace.dependencies.headers] version = "0.4.1" @@ -174,7 +264,7 @@ version = "0.1.3" # HTTP client and server [workspace.dependencies.hyper] version = "1.6.0" -features = ["client", "http1", "http2"] +features = ["client", "server", "http1", "http2"] # Additional Hyper utilties [workspace.dependencies.hyper-util] @@ -195,16 +285,67 @@ version = "0.27.7" features = ["http1", "http2"] default-features = false +# ICU libraries for internationalization +[workspace.dependencies.icu_calendar] +version = "1.5.2" +features = ["compiled_data", "std"] +[workspace.dependencies.icu_datetime] +version = "1.5.1" +features = ["compiled_data", "std"] +[workspace.dependencies.icu_experimental] +version = "0.1.0" +features = ["compiled_data", "std"] +[workspace.dependencies.icu_locid] +version = "1.5.0" +features = ["std"] +[workspace.dependencies.icu_locid_transform] +version = "1.5.0" +features = ["compiled_data", "std"] +[workspace.dependencies.icu_normalizer] +version = "1.5.0" +[workspace.dependencies.icu_plurals] +version = "1.5.0" +features = ["compiled_data", "std"] +[workspace.dependencies.icu_provider] +version = "1.5.0" +features = ["std", "sync"] +[workspace.dependencies.icu_provider_adapters] +version = "1.5.0" +features = ["std"] + # HashMap which preserves insertion order [workspace.dependencies.indexmap] version = "2.9.0" features = ["serde"] +# Indented string literals +[workspace.dependencies.indoc] +version = "2.0.6" + # Snapshot testing [workspace.dependencies.insta] version = "1.43.1" features = ["yaml", "json"] +# IP network address types +[workspace.dependencies.ipnetwork] +version = "0.20.0" +features = ["serde", "schemars"] + +# Iterator utilities +[workspace.dependencies.itertools] +version = "0.14.0" + +# K256 elliptic curve +[workspace.dependencies.k256] +version = "0.13.4" +features = ["std"] + +# RFC 5646 language tags +[workspace.dependencies.language-tags] +version = "0.3.2" +features = ["serde"] + # Email sending [workspace.dependencies.lettre] version = "0.11.15" @@ -219,6 +360,14 @@ features = [ "sendmail-transport", ] +# Listening on passed FDs +[workspace.dependencies.listenfd] +version = "1.0.2" + +# MIME type support +[workspace.dependencies.mime] +version = "0.3.17" + # Templates [workspace.dependencies.minijinja] version = "2.10.2" @@ -233,10 +382,43 @@ features = ["pycompat"] [workspace.dependencies.nonzero_ext] version = "0.3.0" -# K256 elliptic curve -[workspace.dependencies.k256] -version = "0.13.4" -features = ["std"] +# Open Policy Agent support through WASM +[workspace.dependencies.opa-wasm] +version = "0.1.5" + +# OpenTelemetry +[workspace.dependencies.opentelemetry] +version = "0.29.1" +features = ["trace", "metrics"] +[workspace.dependencies.opentelemetry-http] +version = "0.29.0" +features = ["reqwest"] +[workspace.dependencies.opentelemetry-jaeger-propagator] +version = "0.29.0" +[workspace.dependencies.opentelemetry-otlp] +version = "0.29.0" +default-features = false +features = ["trace", "metrics", "http-proto"] +[workspace.dependencies.opentelemetry-prometheus] +version = "0.29.1" +[workspace.dependencies.opentelemetry-resource-detectors] +version = "0.8.0" +[workspace.dependencies.opentelemetry-semantic-conventions] +version = "0.29.0" +features = ["semconv_experimental"] +[workspace.dependencies.opentelemetry-stdout] +version = "0.29.0" +features = ["trace", "metrics"] +[workspace.dependencies.opentelemetry_sdk] +version = "0.29.0" +features = [ + "experimental_trace_batch_span_processor_with_async_runtime", + "experimental_metrics_periodicreader_with_async_runtime", + "rt-tokio", +] +[workspace.dependencies.tracing-opentelemetry] +version = "0.30.0" +default-features = false # P256 elliptic curve [workspace.dependencies.p256] @@ -248,11 +430,28 @@ features = ["std"] version = "0.13.1" features = ["std"] -# PEM file decoding +# Text padding utilities +[workspace.dependencies.pad] +version = "0.1.6" + +# PBKDF2 password hashing +[workspace.dependencies.pbkdf2] +version = "0.12.2" +features = ["password-hash", "std", "simple", "parallel"] + +# PEM encoding/decoding [workspace.dependencies.pem-rfc7468] version = "0.7.0" features = ["std"] +# Parser generator +[workspace.dependencies.pest] +version = "2.8.0" + +# Pest derive macros +[workspace.dependencies.pest_derive] +version = "2.8.0" + # Pin projection [workspace.dependencies.pin-project-lite] version = "0.2.16" @@ -267,6 +466,14 @@ features = ["std"] version = "0.10.2" features = ["std", "pkcs5", "encryption"] +# Public Suffix List +[workspace.dependencies.psl] +version = "2.1.119" + +# Prometheus metrics +[workspace.dependencies.prometheus] +version = "0.14.0" + # High-precision clock [workspace.dependencies.quanta] version = "0.12.5" @@ -279,12 +486,25 @@ version = "0.3.1" [workspace.dependencies.rand_core] version = "0.6.4" +# Regular expressions +[workspace.dependencies.regex] +version = "1.11.1" + # High-level HTTP client [workspace.dependencies.reqwest] version = "0.12.19" default-features = false features = ["http2", "rustls-tls-manual-roots", "charset", "json", "socks"] +# RSA cryptography +[workspace.dependencies.rsa] +version = "0.9.8" +features = ["std", "pem"] + +# Fast hash algorithm for HashMap +[workspace.dependencies.rustc-hash] +version = "2.1.1" + # Matrix-related types [workspace.dependencies.ruma-common] version = "0.15.2" @@ -293,19 +513,31 @@ version = "0.15.2" [workspace.dependencies.rustls] version = "0.23.27" +# PEM parsing for rustls +[workspace.dependencies.rustls-pemfile] +version = "2.2.0" + +# PKI types for rustls +[workspace.dependencies.rustls-pki-types] +version = "1.12.0" + # Use platform-specific verifier for TLS [workspace.dependencies.rustls-platform-verifier] version = "0.5.3" +# systemd service status notification +[workspace.dependencies.sd-notify] +version = "0.4.5" + # JSON Schema generation [workspace.dependencies.schemars] version = "0.8.22" features = ["url", "chrono", "preserve_order"] -# SHA-2 cryptographic hash algorithm -[workspace.dependencies.sha2] -version = "0.10.9" -features = ["oid"] +# SEC1 encoding format +[workspace.dependencies.sec1] +version = "0.7.3" +features = ["std"] # Query builder [workspace.dependencies.sea-query] @@ -348,6 +580,37 @@ features = ["derive"] # Most of the time, if we need serde, we need derive version = "1.0.140" features = ["preserve_order"] +# URL encoded form serialization +[workspace.dependencies.serde_urlencoded] +version = "0.7.1" + +# Custom serialization helpers +[workspace.dependencies.serde_with] +version = "3.12.0" +features = ["hex", "chrono"] + +# YAML serialization +[workspace.dependencies.serde_yaml] +version = "0.9.34" + +# SHA-2 cryptographic hash algorithm +[workspace.dependencies.sha2] +version = "0.10.9" +features = ["oid"] + +# Digital signature traits +[workspace.dependencies.signature] +version = "2.2.0" + +# Low-level socket manipulation +[workspace.dependencies.socket2] +version = "0.5.10" + +# Subject Public Key Info +[workspace.dependencies.spki] +version = "0.7.3" +features = ["std"] + # SQL database support [workspace.dependencies.sqlx] version = "0.8.6" @@ -377,6 +640,14 @@ features = ["full"] [workspace.dependencies.tokio-stream] version = "0.1.17" +# Tokio rustls integration +[workspace.dependencies.tokio-rustls] +version = "0.26.2" + +# Tokio test utilities +[workspace.dependencies.tokio-test] +version = "0.4.4" + # Useful async utilities [workspace.dependencies.tokio-util] version = "0.7.15" @@ -405,67 +676,61 @@ features = ["cors", "fs", "add-extension", "set-header"] version = "0.1.41" [workspace.dependencies.tracing-subscriber] version = "0.3.19" - -# OpenTelemetry -[workspace.dependencies.opentelemetry] -version = "0.29.1" -features = ["trace", "metrics"] - -[workspace.dependencies.opentelemetry-http] -version = "0.29.0" -features = ["reqwest"] - -[workspace.dependencies.opentelemetry-jaeger-propagator] -version = "0.29.0" - -[workspace.dependencies.opentelemetry-otlp] -version = "0.29.0" -default-features = false -features = ["trace", "metrics", "http-proto"] - -[workspace.dependencies.opentelemetry-prometheus] -version = "0.29.1" - -[workspace.dependencies.opentelemetry-resource-detectors] -version = "0.8.0" - -[workspace.dependencies.opentelemetry-semantic-conventions] -version = "0.29.0" -features = ["semconv_experimental"] - -[workspace.dependencies.opentelemetry-stdout] -version = "0.29.0" -features = ["trace", "metrics"] - -[workspace.dependencies.opentelemetry_sdk] -version = "0.29.0" -features = [ - "experimental_trace_batch_span_processor_with_async_runtime", - "experimental_metrics_periodicreader_with_async_runtime", - "rt-tokio", -] - -[workspace.dependencies.tracing-opentelemetry] -version = "0.30.0" -default-features = false - -[workspace.dependencies.prometheus] -version = "0.14.0" +features = ["env-filter"] +[workspace.dependencies.tracing-appender] +version = "0.2.3" # URL manipulation [workspace.dependencies.url] version = "2.5.4" features = ["serde"] +# URL encoding +[workspace.dependencies.urlencoding] +version = "2.1.3" + # ULID support [workspace.dependencies.ulid] -version = "=1.1.4" # Pinned to the latest version which used rand 0.8 -features = ["serde"] +version = "=1.1.4" # Pinned to the latest version which used rand 0.8 +features = ["serde", "uuid"] + +# UUID support +[workspace.dependencies.uuid] +version = "1.17.0" + +# HTML escaping +[workspace.dependencies.v_htmlescape] +version = "0.15.8" + +# Version information generation +[workspace.dependencies.vergen-gitcl] +version = "1.0.8" +features = ["rustc"] + +# Directory traversal +[workspace.dependencies.walkdir] +version = "2.5.0" # HTTP mock server [workspace.dependencies.wiremock] version = "0.6.3" +# User-agent parser +[workspace.dependencies.woothee] +version = "0.13.0" + +# String writing interface +[workspace.dependencies.writeable] +version = "0.5.5" + +# Zero memory after use +[workspace.dependencies.zeroize] +version = "1.8.1" + +# Password strength estimation +[workspace.dependencies.zxcvbn] +version = "3.1.0" + [profile.release] codegen-units = 1 # Reduce the number of codegen units to increase optimizations lto = true # Enable fat LTO diff --git a/crates/axum-utils/Cargo.toml b/crates/axum-utils/Cargo.toml index a112beb28..6084984cd 100644 --- a/crates/axum-utils/Cargo.toml +++ b/crates/axum-utils/Cargo.toml @@ -6,7 +6,7 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true @@ -19,13 +19,13 @@ base64ct.workspace = true chrono.workspace = true headers.workspace = true http.workspace = true -icu_locid = "1.5.0" -mime = "0.3.17" +icu_locid.workspace = true +mime.workspace = true rand.workspace = true reqwest.workspace = true sentry.workspace = true serde.workspace = true -serde_with = "3.12.0" +serde_with.workspace = true serde_json.workspace = true thiserror.workspace = true tokio.workspace = true diff --git a/crates/cli/Cargo.toml b/crates/cli/Cargo.toml index 49dc86737..40c46897a 100644 --- a/crates/cli/Cargo.toml +++ b/crates/cli/Cargo.toml @@ -6,7 +6,7 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true build = "build.rs" @@ -20,38 +20,35 @@ bytes.workspace = true camino.workspace = true chrono.workspace = true clap.workspace = true -console = "0.15.11" -dialoguer = { version = "0.11.0", default-features = false, features = [ - "fuzzy-select", - "password", -] } -dotenvy = "0.15.7" +console.workspace = true +dialoguer.workspace = true +dotenvy.workspace = true figment.workspace = true futures-util.workspace = true headers.workspace = true http-body-util.workspace = true hyper.workspace = true -ipnetwork = "0.20.0" -itertools = "0.14.0" -listenfd = "1.0.2" +ipnetwork.workspace = true +itertools.workspace = true +listenfd.workspace = true rand.workspace = true rand_chacha.workspace = true reqwest.workspace = true rustls.workspace = true -sd-notify = "0.4.5" +sd-notify.workspace = true serde_json.workspace = true -serde_yaml = "0.9.34" +serde_yaml.workspace = true sqlx.workspace = true tokio.workspace = true tokio-util.workspace = true tower.workspace = true tower-http.workspace = true url.workspace = true -zeroize = "1.8.1" +zeroize.workspace = true tracing.workspace = true -tracing-appender = "0.2.3" -tracing-subscriber = { workspace = true, features = ["env-filter"] } +tracing-appender.workspace = true +tracing-subscriber.workspace = true tracing-opentelemetry.workspace = true opentelemetry.workspace = true opentelemetry-http.workspace = true @@ -90,7 +87,7 @@ syn2mas.workspace = true [build-dependencies] anyhow.workspace = true -vergen-gitcl = { version = "1.0.8", features = ["rustc"] } +vergen-gitcl.workspace = true [features] # Features used for the prebuilt binaries diff --git a/crates/config/Cargo.toml b/crates/config/Cargo.toml index feee4a7ee..35b7f83d1 100644 --- a/crates/config/Cargo.toml +++ b/crates/config/Cargo.toml @@ -6,41 +6,36 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true [dependencies] -tokio.workspace = true -tracing.workspace = true anyhow.workspace = true -futures-util.workspace = true - -camino = { workspace = true, features = ["serde1"] } +camino.workspace = true chrono.workspace = true figment.workspace = true +futures-util.workspace = true +governor.workspace = true hex.workspace = true -ipnetwork = { version = "0.20.0", features = ["serde", "schemars"] } +indoc.workspace = true +ipnetwork.workspace = true lettre.workspace = true +pem-rfc7468.workspace = true +rand_chacha.workspace = true +rand.workspace = true +rustls-pemfile.workspace = true +rustls-pki-types.workspace = true schemars.workspace = true +serde_json.workspace = true +serde_with.workspace = true +serde.workspace = true +tokio.workspace = true +tracing.workspace = true ulid.workspace = true url.workspace = true -serde.workspace = true -serde_with = { version = "3.12.0", features = ["hex", "chrono"] } -serde_json.workspace = true - -pem-rfc7468 = "0.7.0" -rustls-pki-types = "1.12.0" -rustls-pemfile = "2.2.0" -rand.workspace = true -rand_chacha.workspace = true - -indoc = "2.0.6" - -governor.workspace = true - mas-jose.workspace = true mas-keystore.workspace = true mas-iana.workspace = true diff --git a/crates/context/Cargo.toml b/crates/context/Cargo.toml index 762985080..46adc9911 100644 --- a/crates/context/Cargo.toml +++ b/crates/context/Cargo.toml @@ -6,7 +6,7 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true diff --git a/crates/data-model/Cargo.toml b/crates/data-model/Cargo.toml index 6f0e20d0c..c4e19fcdf 100644 --- a/crates/data-model/Cargo.toml +++ b/crates/data-model/Cargo.toml @@ -6,7 +6,7 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true @@ -18,11 +18,11 @@ thiserror.workspace = true serde.workspace = true serde_json.workspace = true url.workspace = true -crc = "3.3.0" +crc.workspace = true ulid.workspace = true rand.workspace = true -regex = "1.11.1" -woothee = "0.13.0" +regex.workspace = true +woothee.workspace = true ruma-common.workspace = true mas-iana.workspace = true diff --git a/crates/email/Cargo.toml b/crates/email/Cargo.toml index adaf13c77..7b8ff94c4 100644 --- a/crates/email/Cargo.toml +++ b/crates/email/Cargo.toml @@ -6,7 +6,7 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true diff --git a/crates/handlers/Cargo.toml b/crates/handlers/Cargo.toml index c2a69b31f..4bda28ced 100644 --- a/crates/handlers/Cargo.toml +++ b/crates/handlers/Cargo.toml @@ -6,88 +6,62 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true [dependencies] -# Async runtime -tokio.workspace = true -tokio-util.workspace = true -futures-util.workspace = true -async-trait.workspace = true - -# Logging and tracing -tracing.workspace = true -opentelemetry.workspace = true -opentelemetry-semantic-conventions.workspace = true - -# Error management -thiserror.workspace = true -anyhow.workspace = true -sentry.workspace = true - -# Web server -hyper.workspace = true -tower.workspace = true -tower-http.workspace = true -axum.workspace = true -axum-macros = "0.5.0" -axum-extra.workspace = true -rustls.workspace = true - aide.workspace = true +anyhow.workspace = true +argon2.workspace = true async-graphql.workspace = true -schemars.workspace = true - -# HTTP client -reqwest.workspace = true - -# Emails -lettre.workspace = true - -# Database access -sqlx.workspace = true - -# Various structure (de)serialization -serde.workspace = true -serde_with = { version = "3.12.0", features = ["hex", "chrono"] } -serde_json.workspace = true -serde_urlencoded = "0.7.1" - -# Password hashing -argon2 = { version = "0.5.3", features = ["password-hash", "std"] } -bcrypt = { version = "0.17.0", default-features = true } -pbkdf2 = { version = "0.12.2", features = [ - "password-hash", - "std", - "simple", - "parallel", -] } -zeroize = "1.8.1" - -# Various data types and utilities +async-trait.workspace = true +axum-extra.workspace = true +axum-macros.workspace = true +axum.workspace = true base64ct.workspace = true +bcrypt.workspace = true camino.workspace = true chrono.workspace = true elliptic-curve.workspace = true -hex.workspace = true +futures-util.workspace = true governor.workspace = true -icu_normalizer = "1.5.0" +headers.workspace = true +hex.workspace = true +hyper.workspace = true +icu_normalizer.workspace = true indexmap.workspace = true -pkcs8.workspace = true -psl = "2.1.119" -sha2.workspace = true -time = "0.3.41" -url.workspace = true -mime = "0.3.17" -minijinja.workspace = true +lettre.workspace = true +mime.workspace = true minijinja-contrib.workspace = true -rand.workspace = true +minijinja.workspace = true +opentelemetry-semantic-conventions.workspace = true +opentelemetry.workspace = true +pbkdf2.workspace = true +pkcs8.workspace = true +psl.workspace = true rand_chacha.workspace = true -headers.workspace = true +rand.workspace = true +reqwest.workspace = true +rustls.workspace = true +schemars.workspace = true +sentry.workspace = true +serde_json.workspace = true +serde_urlencoded.workspace = true +serde_with.workspace = true +serde.workspace = true +sha2.workspace = true +sqlx.workspace = true +thiserror.workspace = true +tokio-util.workspace = true +tokio.workspace = true +tower-http.workspace = true +tower.workspace = true +tracing.workspace = true ulid.workspace = true +url.workspace = true +zeroize.workspace = true mas-axum-utils.workspace = true mas-config.workspace = true @@ -106,13 +80,11 @@ mas-storage.workspace = true mas-storage-pg.workspace = true mas-templates.workspace = true oauth2-types.workspace = true -zxcvbn = "3.1.0" +zxcvbn.workspace = true [dev-dependencies] insta.workspace = true tracing-subscriber.workspace = true -cookie_store = { version = "0.21.1", default-features = false, features = [ - "serde_json", -] } +cookie_store.workspace = true sqlx.workspace = true wiremock.workspace = true diff --git a/crates/http/Cargo.toml b/crates/http/Cargo.toml index ae3fe6e0d..3df605792 100644 --- a/crates/http/Cargo.toml +++ b/crates/http/Cargo.toml @@ -7,6 +7,7 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true +publish.workspace = true [lints] workspace = true diff --git a/crates/i18n-scan/Cargo.toml b/crates/i18n-scan/Cargo.toml index db9a27f06..c70d7b4e7 100644 --- a/crates/i18n-scan/Cargo.toml +++ b/crates/i18n-scan/Cargo.toml @@ -1,12 +1,12 @@ [package] name = "mas-i18n-scan" version.workspace = true -license.workspace = true authors.workspace = true edition.workspace = true +license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true @@ -18,6 +18,6 @@ minijinja.workspace = true serde_json.workspace = true tracing-subscriber.workspace = true tracing.workspace = true -walkdir = "2.5.0" +walkdir.workspace = true mas-i18n.workspace = true diff --git a/crates/i18n/Cargo.toml b/crates/i18n/Cargo.toml index b654bfb5a..c73448060 100644 --- a/crates/i18n/Cargo.toml +++ b/crates/i18n/Cargo.toml @@ -1,30 +1,30 @@ [package] name = "mas-i18n" version.workspace = true -license.workspace = true authors.workspace = true edition.workspace = true +license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true [dependencies] camino.workspace = true -icu_calendar = { version = "1.5.2", features = ["compiled_data", "std"] } -icu_datetime = { version = "1.5.1", features = ["compiled_data", "std"] } -icu_locid = { version = "1.5.0", features = ["std"] } -icu_locid_transform = { version = "1.5.0", features = ["compiled_data", "std"] } -icu_plurals = { version = "1.5.0", features = ["compiled_data", "std"] } -icu_provider = { version = "1.5.0", features = ["std", "sync"] } -icu_provider_adapters = { version = "1.5.0", features = ["std"] } -icu_experimental = { version = "0.1.0", features = ["compiled_data", "std"] } -pad = "0.1.6" -pest = "2.8.0" -pest_derive = "2.8.0" -serde.workspace = true +icu_calendar.workspace = true +icu_datetime.workspace = true +icu_experimental.workspace = true +icu_locid_transform.workspace = true +icu_locid.workspace = true +icu_plurals.workspace = true +icu_provider_adapters.workspace = true +icu_provider.workspace = true +pad.workspace = true +pest_derive.workspace = true +pest.workspace = true serde_json.workspace = true +serde.workspace = true thiserror.workspace = true -writeable = "0.5.5" +writeable.workspace = true diff --git a/crates/iana-codegen/Cargo.toml b/crates/iana-codegen/Cargo.toml index e67d927f9..ae8f8d1ed 100644 --- a/crates/iana-codegen/Cargo.toml +++ b/crates/iana-codegen/Cargo.toml @@ -6,7 +6,7 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true @@ -15,10 +15,10 @@ workspace = true anyhow.workspace = true async-trait.workspace = true camino.workspace = true -convert_case = "0.8.0" -csv = "1.3.1" +convert_case.workspace = true +csv.workspace = true reqwest.workspace = true serde.workspace = true tokio.workspace = true -tracing.workspace = true tracing-subscriber.workspace = true +tracing.workspace = true diff --git a/crates/iana-codegen/src/generation.rs b/crates/iana-codegen/src/generation.rs index 4f915c54c..82f67b05b 100644 --- a/crates/iana-codegen/src/generation.rs +++ b/crates/iana-codegen/src/generation.rs @@ -164,8 +164,7 @@ pub fn json_schema_impl( ) -> std::fmt::Result { write!( f, - r#"#[cfg(feature = "schemars")] -impl schemars::JsonSchema for {} {{ + r#"impl schemars::JsonSchema for {} {{ fn schema_name() -> String {{ "{}".to_owned() }} @@ -237,8 +236,7 @@ impl schemars::JsonSchema for {} {{ pub fn serde_impl(f: &mut std::fmt::Formatter<'_>, section: &Section) -> std::fmt::Result { writeln!( f, - r#"#[cfg(feature = "serde")] -impl<'de> serde::Deserialize<'de> for {} {{ + r"impl<'de> serde::Deserialize<'de> for {} {{ fn deserialize(deserializer: D) -> Result where D: serde::de::Deserializer<'de>, @@ -248,7 +246,6 @@ impl<'de> serde::Deserialize<'de> for {} {{ }} }} -#[cfg(feature = "serde")] impl serde::Serialize for {} {{ fn serialize(&self, serializer: S) -> Result where @@ -256,7 +253,7 @@ impl serde::Serialize for {} {{ {{ serializer.serialize_str(&self.to_string()) }} -}}"#, +}}", section.key, section.key, ) } diff --git a/crates/iana-codegen/src/jose.rs b/crates/iana-codegen/src/jose.rs index 8015cad41..9f94cdf81 100644 --- a/crates/iana-codegen/src/jose.rs +++ b/crates/iana-codegen/src/jose.rs @@ -31,6 +31,7 @@ enum Requirements { RecommendedMinus, Optional, Prohibited, + Deprecated, } #[allow(dead_code)] @@ -78,10 +79,18 @@ impl EnumEntry for WebEncryptionSignatureAlgorithm { if self.reference.contains("RFC7518, Section 3") || self.reference.contains("RFC8037") || self.reference.contains("RFC8812") + || (self + .reference + .contains("RFC-ietf-jose-fully-specified-algorithms") + && self.reference.contains("Section 2")) { Some("JsonWebSignatureAlg") } else if self.reference.contains("RFC7518, Section 4") || self.reference.contains("WebCryptoAPI") + || (self + .reference + .contains("RFC-ietf-jose-fully-specified-algorithms") + && self.reference.contains("Section 3")) { Some("JsonWebEncryptionAlg") } else { diff --git a/crates/iana-codegen/src/traits.rs b/crates/iana-codegen/src/traits.rs index 39fb01a5c..c080f901c 100644 --- a/crates/iana-codegen/src/traits.rs +++ b/crates/iana-codegen/src/traits.rs @@ -89,6 +89,13 @@ pub trait EnumEntry: DeserializeOwned + Send + Sync { .into_deserialize() .filter_map(|item: Result| { item.map(|item| { + if item + .description() + .is_some_and(|desc| desc.contains("TEMPORARY")) + { + return None; + } + item.key().map(|key| { ( key, diff --git a/crates/iana/Cargo.toml b/crates/iana/Cargo.toml index b8b2f7976..796abe4ba 100644 --- a/crates/iana/Cargo.toml +++ b/crates/iana/Cargo.toml @@ -7,15 +7,11 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true +publish.workspace = true [lints] workspace = true [dependencies] -serde = { workspace = true, optional = true } -schemars = { workspace = true, optional = true } - -[features] -default = ["serde", "schemars"] -serde = ["dep:serde"] -schemars = ["dep:schemars"] +serde.workspace = true +schemars.workspace = true diff --git a/crates/iana/src/jose.rs b/crates/iana/src/jose.rs index 494d3dcb9..8ffc395ca 100644 --- a/crates/iana/src/jose.rs +++ b/crates/iana/src/jose.rs @@ -62,6 +62,12 @@ pub enum JsonWebSignatureAlg { /// ECDSA using secp256k1 curve and SHA-256 Es256K, + /// EdDSA using Ed25519 curve + Ed25519, + + /// EdDSA using Ed448 curve + Ed448, + /// An unknown value. Unknown(String), } @@ -84,6 +90,8 @@ impl core::fmt::Display for JsonWebSignatureAlg { Self::None => write!(f, "none"), Self::EdDsa => write!(f, "EdDSA"), Self::Es256K => write!(f, "ES256K"), + Self::Ed25519 => write!(f, "Ed25519"), + Self::Ed448 => write!(f, "Ed448"), Self::Unknown(value) => write!(f, "{value}"), } } @@ -109,12 +117,13 @@ impl core::str::FromStr for JsonWebSignatureAlg { "none" => Ok(Self::None), "EdDSA" => Ok(Self::EdDsa), "ES256K" => Ok(Self::Es256K), + "Ed25519" => Ok(Self::Ed25519), + "Ed448" => Ok(Self::Ed448), value => Ok(Self::Unknown(value.to_owned())), } } } -#[cfg(feature = "serde")] impl<'de> serde::Deserialize<'de> for JsonWebSignatureAlg { fn deserialize(deserializer: D) -> Result where @@ -125,7 +134,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebSignatureAlg { } } -#[cfg(feature = "serde")] impl serde::Serialize for JsonWebSignatureAlg { fn serialize(&self, serializer: S) -> Result where @@ -135,7 +143,6 @@ impl serde::Serialize for JsonWebSignatureAlg { } } -#[cfg(feature = "schemars")] impl schemars::JsonSchema for JsonWebSignatureAlg { fn schema_name() -> String { "JsonWebSignatureAlg".to_owned() @@ -339,6 +346,32 @@ impl schemars::JsonSchema for JsonWebSignatureAlg { ..Default::default() } .into(), + // --- + schemars::schema::SchemaObject { + metadata: Some(Box::new(schemars::schema::Metadata { + description: Some( + // --- + r"EdDSA using Ed25519 curve".to_owned(), + ), + ..Default::default() + })), + const_value: Some("Ed25519".into()), + ..Default::default() + } + .into(), + // --- + schemars::schema::SchemaObject { + metadata: Some(Box::new(schemars::schema::Metadata { + description: Some( + // --- + r"EdDSA using Ed448 curve".to_owned(), + ), + ..Default::default() + })), + const_value: Some("Ed448".into()), + ..Default::default() + } + .into(), ]; let description = r#"JSON Web Signature "alg" parameter"#; @@ -480,7 +513,6 @@ impl core::str::FromStr for JsonWebEncryptionAlg { } } -#[cfg(feature = "serde")] impl<'de> serde::Deserialize<'de> for JsonWebEncryptionAlg { fn deserialize(deserializer: D) -> Result where @@ -491,7 +523,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebEncryptionAlg { } } -#[cfg(feature = "serde")] impl serde::Serialize for JsonWebEncryptionAlg { fn serialize(&self, serializer: S) -> Result where @@ -501,7 +532,6 @@ impl serde::Serialize for JsonWebEncryptionAlg { } } -#[cfg(feature = "schemars")] impl schemars::JsonSchema for JsonWebEncryptionAlg { fn schema_name() -> String { "JsonWebEncryptionAlg".to_owned() @@ -833,7 +863,6 @@ impl core::str::FromStr for JsonWebEncryptionEnc { } } -#[cfg(feature = "serde")] impl<'de> serde::Deserialize<'de> for JsonWebEncryptionEnc { fn deserialize(deserializer: D) -> Result where @@ -844,7 +873,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebEncryptionEnc { } } -#[cfg(feature = "serde")] impl serde::Serialize for JsonWebEncryptionEnc { fn serialize(&self, serializer: S) -> Result where @@ -854,7 +882,6 @@ impl serde::Serialize for JsonWebEncryptionEnc { } } -#[cfg(feature = "schemars")] impl schemars::JsonSchema for JsonWebEncryptionEnc { fn schema_name() -> String { "JsonWebEncryptionEnc".to_owned() @@ -992,7 +1019,6 @@ impl core::str::FromStr for JsonWebEncryptionCompressionAlgorithm { } } -#[cfg(feature = "serde")] impl<'de> serde::Deserialize<'de> for JsonWebEncryptionCompressionAlgorithm { fn deserialize(deserializer: D) -> Result where @@ -1003,7 +1029,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebEncryptionCompressionAlgorithm { } } -#[cfg(feature = "serde")] impl serde::Serialize for JsonWebEncryptionCompressionAlgorithm { fn serialize(&self, serializer: S) -> Result where @@ -1013,7 +1038,6 @@ impl serde::Serialize for JsonWebEncryptionCompressionAlgorithm { } } -#[cfg(feature = "schemars")] impl schemars::JsonSchema for JsonWebEncryptionCompressionAlgorithm { fn schema_name() -> String { "JsonWebEncryptionCompressionAlgorithm".to_owned() @@ -1101,7 +1125,6 @@ impl core::str::FromStr for JsonWebKeyType { } } -#[cfg(feature = "serde")] impl<'de> serde::Deserialize<'de> for JsonWebKeyType { fn deserialize(deserializer: D) -> Result where @@ -1112,7 +1135,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebKeyType { } } -#[cfg(feature = "serde")] impl serde::Serialize for JsonWebKeyType { fn serialize(&self, serializer: S) -> Result where @@ -1122,7 +1144,6 @@ impl serde::Serialize for JsonWebKeyType { } } -#[cfg(feature = "schemars")] impl schemars::JsonSchema for JsonWebKeyType { fn schema_name() -> String { "JsonWebKeyType".to_owned() @@ -1249,7 +1270,6 @@ impl core::str::FromStr for JsonWebKeyEcEllipticCurve { } } -#[cfg(feature = "serde")] impl<'de> serde::Deserialize<'de> for JsonWebKeyEcEllipticCurve { fn deserialize(deserializer: D) -> Result where @@ -1260,7 +1280,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebKeyEcEllipticCurve { } } -#[cfg(feature = "serde")] impl serde::Serialize for JsonWebKeyEcEllipticCurve { fn serialize(&self, serializer: S) -> Result where @@ -1270,7 +1289,6 @@ impl serde::Serialize for JsonWebKeyEcEllipticCurve { } } -#[cfg(feature = "schemars")] impl schemars::JsonSchema for JsonWebKeyEcEllipticCurve { fn schema_name() -> String { "JsonWebKeyEcEllipticCurve".to_owned() @@ -1397,7 +1415,6 @@ impl core::str::FromStr for JsonWebKeyOkpEllipticCurve { } } -#[cfg(feature = "serde")] impl<'de> serde::Deserialize<'de> for JsonWebKeyOkpEllipticCurve { fn deserialize(deserializer: D) -> Result where @@ -1408,7 +1425,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebKeyOkpEllipticCurve { } } -#[cfg(feature = "serde")] impl serde::Serialize for JsonWebKeyOkpEllipticCurve { fn serialize(&self, serializer: S) -> Result where @@ -1418,7 +1434,6 @@ impl serde::Serialize for JsonWebKeyOkpEllipticCurve { } } -#[cfg(feature = "schemars")] impl schemars::JsonSchema for JsonWebKeyOkpEllipticCurve { fn schema_name() -> String { "JsonWebKeyOkpEllipticCurve".to_owned() @@ -1535,7 +1550,6 @@ impl core::str::FromStr for JsonWebKeyUse { } } -#[cfg(feature = "serde")] impl<'de> serde::Deserialize<'de> for JsonWebKeyUse { fn deserialize(deserializer: D) -> Result where @@ -1546,7 +1560,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebKeyUse { } } -#[cfg(feature = "serde")] impl serde::Serialize for JsonWebKeyUse { fn serialize(&self, serializer: S) -> Result where @@ -1556,7 +1569,6 @@ impl serde::Serialize for JsonWebKeyUse { } } -#[cfg(feature = "schemars")] impl schemars::JsonSchema for JsonWebKeyUse { fn schema_name() -> String { "JsonWebKeyUse".to_owned() @@ -1677,7 +1689,6 @@ impl core::str::FromStr for JsonWebKeyOperation { } } -#[cfg(feature = "serde")] impl<'de> serde::Deserialize<'de> for JsonWebKeyOperation { fn deserialize(deserializer: D) -> Result where @@ -1688,7 +1699,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebKeyOperation { } } -#[cfg(feature = "serde")] impl serde::Serialize for JsonWebKeyOperation { fn serialize(&self, serializer: S) -> Result where @@ -1698,7 +1708,6 @@ impl serde::Serialize for JsonWebKeyOperation { } } -#[cfg(feature = "schemars")] impl schemars::JsonSchema for JsonWebKeyOperation { fn schema_name() -> String { "JsonWebKeyOperation".to_owned() diff --git a/crates/iana/src/oauth.rs b/crates/iana/src/oauth.rs index 60a8d7ed0..530e4bd7b 100644 --- a/crates/iana/src/oauth.rs +++ b/crates/iana/src/oauth.rs @@ -59,7 +59,6 @@ impl core::str::FromStr for OAuthAccessTokenType { } } -#[cfg(feature = "serde")] impl<'de> serde::Deserialize<'de> for OAuthAccessTokenType { fn deserialize(deserializer: D) -> Result where @@ -70,7 +69,6 @@ impl<'de> serde::Deserialize<'de> for OAuthAccessTokenType { } } -#[cfg(feature = "serde")] impl serde::Serialize for OAuthAccessTokenType { fn serialize(&self, serializer: S) -> Result where @@ -80,7 +78,6 @@ impl serde::Serialize for OAuthAccessTokenType { } } -#[cfg(feature = "schemars")] impl schemars::JsonSchema for OAuthAccessTokenType { fn schema_name() -> String { "OAuthAccessTokenType".to_owned() @@ -194,7 +191,6 @@ impl core::str::FromStr for OAuthAuthorizationEndpointResponseType { } } -#[cfg(feature = "serde")] impl<'de> serde::Deserialize<'de> for OAuthAuthorizationEndpointResponseType { fn deserialize(deserializer: D) -> Result where @@ -205,7 +201,6 @@ impl<'de> serde::Deserialize<'de> for OAuthAuthorizationEndpointResponseType { } } -#[cfg(feature = "serde")] impl serde::Serialize for OAuthAuthorizationEndpointResponseType { fn serialize(&self, serializer: S) -> Result where @@ -215,7 +210,6 @@ impl serde::Serialize for OAuthAuthorizationEndpointResponseType { } } -#[cfg(feature = "schemars")] impl schemars::JsonSchema for OAuthAuthorizationEndpointResponseType { fn schema_name() -> String { "OAuthAuthorizationEndpointResponseType".to_owned() @@ -333,7 +327,6 @@ impl core::str::FromStr for OAuthTokenTypeHint { } } -#[cfg(feature = "serde")] impl<'de> serde::Deserialize<'de> for OAuthTokenTypeHint { fn deserialize(deserializer: D) -> Result where @@ -344,7 +337,6 @@ impl<'de> serde::Deserialize<'de> for OAuthTokenTypeHint { } } -#[cfg(feature = "serde")] impl serde::Serialize for OAuthTokenTypeHint { fn serialize(&self, serializer: S) -> Result where @@ -354,7 +346,6 @@ impl serde::Serialize for OAuthTokenTypeHint { } } -#[cfg(feature = "schemars")] impl schemars::JsonSchema for OAuthTokenTypeHint { fn schema_name() -> String { "OAuthTokenTypeHint".to_owned() @@ -462,7 +453,6 @@ impl core::str::FromStr for OAuthClientAuthenticationMethod { } } -#[cfg(feature = "serde")] impl<'de> serde::Deserialize<'de> for OAuthClientAuthenticationMethod { fn deserialize(deserializer: D) -> Result where @@ -473,7 +463,6 @@ impl<'de> serde::Deserialize<'de> for OAuthClientAuthenticationMethod { } } -#[cfg(feature = "serde")] impl serde::Serialize for OAuthClientAuthenticationMethod { fn serialize(&self, serializer: S) -> Result where @@ -483,7 +472,6 @@ impl serde::Serialize for OAuthClientAuthenticationMethod { } } -#[cfg(feature = "schemars")] impl schemars::JsonSchema for OAuthClientAuthenticationMethod { fn schema_name() -> String { "OAuthClientAuthenticationMethod".to_owned() @@ -590,7 +578,6 @@ impl core::str::FromStr for PkceCodeChallengeMethod { } } -#[cfg(feature = "serde")] impl<'de> serde::Deserialize<'de> for PkceCodeChallengeMethod { fn deserialize(deserializer: D) -> Result where @@ -601,7 +588,6 @@ impl<'de> serde::Deserialize<'de> for PkceCodeChallengeMethod { } } -#[cfg(feature = "serde")] impl serde::Serialize for PkceCodeChallengeMethod { fn serialize(&self, serializer: S) -> Result where @@ -611,7 +597,6 @@ impl serde::Serialize for PkceCodeChallengeMethod { } } -#[cfg(feature = "schemars")] impl schemars::JsonSchema for PkceCodeChallengeMethod { fn schema_name() -> String { "PkceCodeChallengeMethod".to_owned() diff --git a/crates/jose/Cargo.toml b/crates/jose/Cargo.toml index 10989baf5..9ca221bb3 100644 --- a/crates/jose/Cargo.toml +++ b/crates/jose/Cargo.toml @@ -7,30 +7,31 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true +publish.workspace = true [lints] workspace = true [dependencies] -base64ct = { version = "1.8.0", features = ["std"] } +base64ct.workspace = true chrono.workspace = true -digest = "0.10.7" -ecdsa = { version = "0.16.9", features = ["signing", "verifying"] } +digest.workspace = true +ecdsa.workspace = true elliptic-curve.workspace = true -generic-array = "0.14.7" -hmac = "0.12.1" -k256 = { version = "0.13.4", features = ["ecdsa"] } -p256 = { version = "0.13.2", features = ["ecdsa"] } -p384 = { version = "0.13.1", features = ["ecdsa"] } +generic-array.workspace = true +hmac.workspace = true +k256.workspace = true +p256.workspace = true +p384.workspace = true rand.workspace = true -rsa = "0.9.8" +rsa.workspace = true schemars.workspace = true -sec1 = "0.7.3" -serde.workspace = true +sec1.workspace = true serde_json.workspace = true -serde_with = "3.12.0" +serde_with.workspace = true +serde.workspace = true sha2.workspace = true -signature = "2.2.0" +signature.workspace = true thiserror.workspace = true url.workspace = true diff --git a/crates/jose/src/jwa/asymmetric.rs b/crates/jose/src/jwa/asymmetric.rs index 15bd1e805..21472deb6 100644 --- a/crates/jose/src/jwa/asymmetric.rs +++ b/crates/jose/src/jwa/asymmetric.rs @@ -167,7 +167,7 @@ impl AsymmetricSigningKey { Ok(Self::es256k(params.try_into()?)) } - (JsonWebKeyPrivateParameters::Okp(_params), JsonWebSignatureAlg::EdDsa) => { + (JsonWebKeyPrivateParameters::Okp(_params), _) => { Err(AsymmetricKeyFromJwkError::UnsupportedAlgorithm { alg: alg.clone() }) } @@ -401,7 +401,7 @@ impl AsymmetricVerifyingKey { Ok(Self::es256k(params.try_into()?)) } - (JsonWebKeyPublicParameters::Okp(_params), JsonWebSignatureAlg::EdDsa) => { + (JsonWebKeyPublicParameters::Okp(_params), _) => { Err(AsymmetricKeyFromJwkError::UnsupportedAlgorithm { alg: alg.clone() }) } diff --git a/crates/keystore/Cargo.toml b/crates/keystore/Cargo.toml index a46b816f6..668d555ad 100644 --- a/crates/keystore/Cargo.toml +++ b/crates/keystore/Cargo.toml @@ -7,15 +7,19 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true +publish.workspace = true [lints] workspace = true [dependencies] -aead = { version = "0.5.2", features = ["std"] } -const-oid = { version = "0.9.6", features = ["std"] } -der = { version = "0.7.10", features = ["std"] } +aead.workspace = true +base64ct.workspace = true +chacha20poly1305.workspace = true +const-oid.workspace = true +der.workspace = true elliptic-curve.workspace = true +generic-array.workspace = true k256.workspace = true p256.workspace = true p384.workspace = true @@ -23,13 +27,10 @@ pem-rfc7468.workspace = true pkcs1.workspace = true pkcs8.workspace = true rand.workspace = true -rsa = { version = "0.9.8", features = ["std", "pem"] } -sec1 = { version = "0.7.3", features = ["std"] } -spki = { version = "0.7.3", features = ["std"] } +rsa.workspace = true +sec1.workspace = true +spki.workspace = true thiserror.workspace = true -generic-array = "0.14.7" -chacha20poly1305 = { version = "0.10.1", features = ["std"] } -base64ct = "1.8.0" mas-iana.workspace = true mas-jose.workspace = true diff --git a/crates/listener/Cargo.toml b/crates/listener/Cargo.toml index 1c2a336f5..14d84ea9b 100644 --- a/crates/listener/Cargo.toml +++ b/crates/listener/Cargo.toml @@ -6,7 +6,7 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true @@ -15,25 +15,25 @@ workspace = true bytes.workspace = true futures-util.workspace = true http-body.workspace = true -hyper = { workspace = true, features = ["server"] } hyper-util.workspace = true +hyper.workspace = true pin-project-lite.workspace = true -socket2 = "0.5.10" +socket2.workspace = true thiserror.workspace = true -tokio.workspace = true -tokio-rustls = "0.26.2" +tokio-rustls.workspace = true tokio-util.workspace = true -tower.workspace = true +tokio.workspace = true tower-http.workspace = true +tower.workspace = true tracing.workspace = true mas-context.workspace = true [dev-dependencies] anyhow.workspace = true -rustls-pemfile = "2.2.0" +rustls-pemfile.workspace = true +tokio-test.workspace = true tokio.workspace = true -tokio-test = "0.4.4" tracing-subscriber.workspace = true [[example]] diff --git a/crates/matrix-synapse/Cargo.toml b/crates/matrix-synapse/Cargo.toml index 27e0018ec..8e3e1841c 100644 --- a/crates/matrix-synapse/Cargo.toml +++ b/crates/matrix-synapse/Cargo.toml @@ -6,7 +6,7 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true @@ -20,7 +20,7 @@ serde.workspace = true thiserror.workspace = true tracing.workspace = true url.workspace = true -urlencoding = "2.1.3" +urlencoding.workspace = true mas-http.workspace = true mas-matrix.workspace = true diff --git a/crates/matrix/Cargo.toml b/crates/matrix/Cargo.toml index 4f194bd22..2182c6426 100644 --- a/crates/matrix/Cargo.toml +++ b/crates/matrix/Cargo.toml @@ -6,7 +6,7 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true diff --git a/crates/oauth2-types/Cargo.toml b/crates/oauth2-types/Cargo.toml index b0f4ffa69..4707bb137 100644 --- a/crates/oauth2-types/Cargo.toml +++ b/crates/oauth2-types/Cargo.toml @@ -7,25 +7,26 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true +publish.workspace = true [lints] workspace = true [dependencies] base64ct.workspace = true -serde.workspace = true -serde_json.workspace = true -language-tags = { version = "0.3.2", features = ["serde"] } -url.workspace = true -serde_with = { version = "3.12.0", features = ["chrono"] } chrono.workspace = true +indexmap.workspace = true +language-tags.workspace = true +serde_json.workspace = true +serde_with.workspace = true +serde.workspace = true sha2.workspace = true thiserror.workspace = true -indexmap.workspace = true +url.workspace = true mas-iana.workspace = true mas-jose.workspace = true [dev-dependencies] -assert_matches = "1.5.0" +assert_matches.workspace = true insta.workspace = true diff --git a/crates/oidc-client/Cargo.toml b/crates/oidc-client/Cargo.toml index 95f01193a..5b35ec913 100644 --- a/crates/oidc-client/Cargo.toml +++ b/crates/oidc-client/Cargo.toml @@ -7,26 +7,27 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true +publish.workspace = true [lints] workspace = true [dependencies] async-trait.workspace = true -base64ct = { version = "1.8.0", features = ["std"] } +base64ct.workspace = true chrono.workspace = true elliptic-curve.workspace = true -form_urlencoded = "1.2.1" +form_urlencoded.workspace = true headers.workspace = true http.workspace = true -language-tags = "0.3.2" -mime = "0.3.17" +language-tags.workspace = true +mime.workspace = true p256.workspace = true rand.workspace = true reqwest.workspace = true -serde.workspace = true serde_json.workspace = true -serde_urlencoded = "0.7.1" +serde_urlencoded.workspace = true +serde.workspace = true thiserror.workspace = true tracing.workspace = true url.workspace = true @@ -38,10 +39,10 @@ mas-keystore.workspace = true oauth2-types.workspace = true [dev-dependencies] -assert_matches = "1.5.0" +assert_matches.workspace = true bitflags.workspace = true +http-body-util.workspace = true rand_chacha.workspace = true +rustls.workspace = true tokio.workspace = true wiremock.workspace = true -http-body-util.workspace = true -rustls.workspace = true diff --git a/crates/policy/Cargo.toml b/crates/policy/Cargo.toml index 22128dd17..ca927bcc6 100644 --- a/crates/policy/Cargo.toml +++ b/crates/policy/Cargo.toml @@ -6,7 +6,7 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true @@ -14,10 +14,10 @@ workspace = true [dependencies] anyhow.workspace = true arc-swap.workspace = true -opa-wasm = "0.1.5" -serde.workspace = true +opa-wasm.workspace = true +schemars.workspace = true serde_json.workspace = true -schemars = { workspace = true, optional = true } +serde.workspace = true thiserror.workspace = true tokio.workspace = true tracing.workspace = true @@ -25,9 +25,5 @@ tracing.workspace = true mas-data-model.workspace = true oauth2-types.workspace = true -[features] -jsonschema = ["dep:schemars"] - [[bin]] name = "schema" -required-features = ["jsonschema"] diff --git a/crates/policy/src/bin/schema.rs b/crates/policy/src/bin/schema.rs index d993cdbe9..3fbe09adb 100644 --- a/crates/policy/src/bin/schema.rs +++ b/crates/policy/src/bin/schema.rs @@ -4,6 +4,11 @@ // SPDX-License-Identifier: AGPL-3.0-only // Please see LICENSE in the repository root for full details. +#![expect( + clippy::disallowed_types, + reason = "We use Path/PathBuf instead of camino here for simplicity" +)] + use std::path::{Path, PathBuf}; use mas_policy::model::{ @@ -12,17 +17,14 @@ use mas_policy::model::{ use schemars::{JsonSchema, r#gen::SchemaSettings}; fn write_schema(out_dir: Option<&Path>, file: &str) { - let mut writer: Box = match out_dir { - Some(out_dir) => { - let path = out_dir.join(file); - eprintln!("Writing to {path:?}"); - let file = std::fs::File::create(path).expect("Failed to create file"); - Box::new(std::io::BufWriter::new(file)) - } - None => { - eprintln!("--- {file} ---"); - Box::new(std::io::stdout()) - } + let mut writer: Box = if let Some(out_dir) = out_dir { + let path = out_dir.join(file); + eprintln!("Writing to {path:?}"); + let file = std::fs::File::create(path).expect("Failed to create file"); + Box::new(std::io::BufWriter::new(file)) + } else { + eprintln!("--- {file} ---"); + Box::new(std::io::stdout()) }; let settings = SchemaSettings::draft07().with(|s| { diff --git a/crates/policy/src/model.rs b/crates/policy/src/model.rs index 4301b4165..d57a81655 100644 --- a/crates/policy/src/model.rs +++ b/crates/policy/src/model.rs @@ -13,12 +13,12 @@ use std::net::IpAddr; use mas_data_model::{Client, User}; use oauth2_types::{registration::VerifiedClientMetadata, scope::Scope}; +use schemars::JsonSchema; use serde::{Deserialize, Serialize}; /// A well-known policy code. -#[derive(Deserialize, Debug, Clone, Copy)] +#[derive(Deserialize, Debug, Clone, Copy, JsonSchema)] #[serde(rename_all = "kebab-case")] -#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))] pub enum Code { /// The username is too short. UsernameTooShort, @@ -71,8 +71,7 @@ impl Code { } /// A single violation of a policy. -#[derive(Deserialize, Debug)] -#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))] +#[derive(Deserialize, Debug, JsonSchema)] pub struct Violation { pub msg: String, pub redirect_uri: Option, @@ -111,9 +110,8 @@ impl EvaluationResult { } /// Identity of the requester -#[derive(Serialize, Debug, Default)] +#[derive(Serialize, Debug, Default, JsonSchema)] #[serde(rename_all = "snake_case")] -#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))] pub struct Requester { /// IP address of the entity making the request pub ip_address: Option, @@ -122,8 +120,7 @@ pub struct Requester { pub user_agent: Option, } -#[derive(Serialize, Debug)] -#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))] +#[derive(Serialize, Debug, JsonSchema)] pub enum RegistrationMethod { #[serde(rename = "password")] Password, @@ -133,9 +130,8 @@ pub enum RegistrationMethod { } /// Input for the user registration policy. -#[derive(Serialize, Debug)] +#[derive(Serialize, Debug, JsonSchema)] #[serde(tag = "registration_method")] -#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))] pub struct RegisterInput<'a> { pub registration_method: RegistrationMethod, @@ -148,21 +144,16 @@ pub struct RegisterInput<'a> { } /// Input for the client registration policy. -#[derive(Serialize, Debug)] +#[derive(Serialize, Debug, JsonSchema)] #[serde(rename_all = "snake_case")] -#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))] pub struct ClientRegistrationInput<'a> { - #[cfg_attr( - feature = "jsonschema", - schemars(with = "std::collections::HashMap") - )] + #[schemars(with = "std::collections::HashMap")] pub client_metadata: &'a VerifiedClientMetadata, pub requester: Requester, } -#[derive(Serialize, Debug)] +#[derive(Serialize, Debug, JsonSchema)] #[serde(rename_all = "snake_case")] -#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))] pub enum GrantType { AuthorizationCode, ClientCredentials, @@ -171,23 +162,16 @@ pub enum GrantType { } /// Input for the authorization grant policy. -#[derive(Serialize, Debug)] +#[derive(Serialize, Debug, JsonSchema)] #[serde(rename_all = "snake_case")] -#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))] pub struct AuthorizationGrantInput<'a> { - #[cfg_attr( - feature = "jsonschema", - schemars(with = "Option>") - )] + #[schemars(with = "Option>")] pub user: Option<&'a User>, - #[cfg_attr( - feature = "jsonschema", - schemars(with = "std::collections::HashMap") - )] + #[schemars(with = "std::collections::HashMap")] pub client: &'a Client, - #[cfg_attr(feature = "jsonschema", schemars(with = "String"))] + #[schemars(with = "String")] pub scope: &'a Scope, pub grant_type: GrantType, @@ -196,9 +180,8 @@ pub struct AuthorizationGrantInput<'a> { } /// Input for the email add policy. -#[derive(Serialize, Debug)] +#[derive(Serialize, Debug, JsonSchema)] #[serde(rename_all = "snake_case")] -#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))] pub struct EmailInput<'a> { pub email: &'a str, diff --git a/crates/router/Cargo.toml b/crates/router/Cargo.toml index cde2ad69d..b31302fc0 100644 --- a/crates/router/Cargo.toml +++ b/crates/router/Cargo.toml @@ -6,14 +6,14 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true [dependencies] axum.workspace = true +serde_urlencoded.workspace = true serde.workspace = true -serde_urlencoded = "0.7.1" -url.workspace = true ulid.workspace = true +url.workspace = true diff --git a/crates/spa/Cargo.toml b/crates/spa/Cargo.toml index 84155e508..292338a67 100644 --- a/crates/spa/Cargo.toml +++ b/crates/spa/Cargo.toml @@ -6,13 +6,12 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true [dependencies] +camino.workspace = true serde.workspace = true thiserror.workspace = true -camino = { workspace = true, features = ["serde1"] } - diff --git a/crates/storage-pg/Cargo.toml b/crates/storage-pg/Cargo.toml index 32f0ac2e0..0bf34ec0b 100644 --- a/crates/storage-pg/Cargo.toml +++ b/crates/storage-pg/Cargo.toml @@ -6,29 +6,28 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true [dependencies] async-trait.workspace = true -sqlx.workspace = true -sea-query.workspace = true -sea-query-binder.workspace = true chrono.workspace = true -serde_json.workspace = true -thiserror.workspace = true -tracing.workspace = true futures-util.workspace = true -opentelemetry.workspace = true opentelemetry-semantic-conventions.workspace = true - -rand.workspace = true +opentelemetry.workspace = true rand_chacha.workspace = true +rand.workspace = true +sea-query-binder.workspace = true +sea-query.workspace = true +serde_json.workspace = true +sqlx.workspace = true +thiserror.workspace = true +tracing.workspace = true +ulid.workspace = true url.workspace = true -uuid = "1.17.0" -ulid = { workspace = true, features = ["uuid"] } +uuid.workspace = true oauth2-types.workspace = true mas-storage.workspace = true diff --git a/crates/storage/Cargo.toml b/crates/storage/Cargo.toml index 447f6ec40..f22ef1d6e 100644 --- a/crates/storage/Cargo.toml +++ b/crates/storage/Cargo.toml @@ -6,7 +6,7 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true @@ -17,8 +17,8 @@ chrono.workspace = true futures-util.workspace = true opentelemetry.workspace = true rand_core.workspace = true -serde.workspace = true serde_json.workspace = true +serde.workspace = true thiserror.workspace = true tracing-opentelemetry.workspace = true tracing.workspace = true diff --git a/crates/syn2mas/Cargo.toml b/crates/syn2mas/Cargo.toml index 544c0b245..5452c14be 100644 --- a/crates/syn2mas/Cargo.toml +++ b/crates/syn2mas/Cargo.toml @@ -6,48 +6,44 @@ authors.workspace = true edition.workspace = true homepage.workspace = true repository.workspace = true +publish.workspace = true -# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html +[lints] +workspace = true [dependencies] anyhow.workspace = true arc-swap.workspace = true bitflags.workspace = true camino.workspace = true -figment.workspace = true -serde.workspace = true -serde_json.workspace = true -thiserror.workspace = true -thiserror-ext.workspace = true -tokio.workspace = true -tokio-util.workspace = true -sqlx.workspace = true chrono.workspace = true compact_str.workspace = true -tracing.workspace = true -futures-util = "0.3.31" -rustc-hash = "2.1.1" -url.workspace = true - -rand.workspace = true -rand_chacha = "0.3.1" -uuid = "1.17.0" -ulid = { workspace = true, features = ["uuid"] } - +figment.workspace = true +futures-util.workspace = true mas-config.workspace = true mas-iana.workspace = true mas-storage.workspace = true oauth2-types.workspace = true - -opentelemetry.workspace = true opentelemetry-semantic-conventions.workspace = true +opentelemetry.workspace = true +rand_chacha.workspace = true +rand.workspace = true +rustc-hash.workspace = true +serde_json.workspace = true +serde.workspace = true +sqlx.workspace = true +thiserror-ext.workspace = true +thiserror.workspace = true +tokio-util.workspace = true +tokio.workspace = true +tracing.workspace = true +ulid.workspace = true +url.workspace = true +uuid.workspace = true [dev-dependencies] -mas-storage-pg.workspace = true - anyhow.workspace = true insta.workspace = true serde.workspace = true -[lints] -workspace = true +mas-storage-pg.workspace = true diff --git a/crates/tasks/Cargo.toml b/crates/tasks/Cargo.toml index 18eb740d5..9cd39c20b 100644 --- a/crates/tasks/Cargo.toml +++ b/crates/tasks/Cargo.toml @@ -6,7 +6,7 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true @@ -14,21 +14,21 @@ workspace = true [dependencies] anyhow.workspace = true async-trait.workspace = true -cron.workspace = true chrono.workspace = true -rand.workspace = true +cron.workspace = true +opentelemetry-semantic-conventions.workspace = true +opentelemetry.workspace = true rand_chacha.workspace = true +rand.workspace = true +serde_json.workspace = true +serde.workspace = true sqlx.workspace = true thiserror.workspace = true -tokio.workspace = true tokio-util.workspace = true -tracing.workspace = true +tokio.workspace = true tracing-opentelemetry.workspace = true -opentelemetry.workspace = true -opentelemetry-semantic-conventions.workspace = true +tracing.workspace = true ulid.workspace = true -serde.workspace = true -serde_json.workspace = true mas-context.workspace = true mas-data-model.workspace = true @@ -36,6 +36,6 @@ mas-email.workspace = true mas-i18n.workspace = true mas-matrix.workspace = true mas-router.workspace = true -mas-storage.workspace = true mas-storage-pg.workspace = true +mas-storage.workspace = true mas-templates.workspace = true diff --git a/crates/templates/Cargo.toml b/crates/templates/Cargo.toml index 68bbadb1d..a99f5ae56 100644 --- a/crates/templates/Cargo.toml +++ b/crates/templates/Cargo.toml @@ -6,33 +6,30 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true -publish = false +publish.workspace = true [lints] workspace = true [dependencies] -arc-swap.workspace = true -tracing.workspace = true -tokio.workspace = true -walkdir = "2.5.0" - anyhow.workspace = true -thiserror.workspace = true - -minijinja.workspace = true -minijinja-contrib.workspace = true -serde.workspace = true -serde_json.workspace = true -serde_urlencoded = "0.7.1" -v_htmlescape = "0.15.8" - +arc-swap.workspace = true camino.workspace = true chrono.workspace = true -url.workspace = true http.workspace = true -ulid.workspace = true +minijinja-contrib.workspace = true +minijinja.workspace = true rand.workspace = true +serde_json.workspace = true +serde_urlencoded.workspace = true +serde.workspace = true +thiserror.workspace = true +tokio.workspace = true +tracing.workspace = true +ulid.workspace = true +url.workspace = true +v_htmlescape.workspace = true +walkdir.workspace = true oauth2-types.workspace = true mas-data-model.workspace = true diff --git a/crates/tower/Cargo.toml b/crates/tower/Cargo.toml index 52ef9da13..38067f120 100644 --- a/crates/tower/Cargo.toml +++ b/crates/tower/Cargo.toml @@ -7,16 +7,17 @@ edition.workspace = true license.workspace = true homepage.workspace = true repository.workspace = true +publish.workspace = true [lints] workspace = true [dependencies] http.workspace = true -tracing.workspace = true -tracing-opentelemetry.workspace = true -tower.workspace = true -opentelemetry.workspace = true opentelemetry-http.workspace = true opentelemetry-semantic-conventions.workspace = true +opentelemetry.workspace = true pin-project-lite.workspace = true +tower.workspace = true +tracing-opentelemetry.workspace = true +tracing.workspace = true diff --git a/deny.toml b/deny.toml index 4b2704f3f..152c525e5 100644 --- a/deny.toml +++ b/deny.toml @@ -57,7 +57,6 @@ deny = [ multiple-versions = "deny" skip = [ - { name = "base64", version = "0.21.7" }, # many dependencies depends on this old version { name = "regex-syntax", version = "0.6.29" }, # tracing-subscriber[env-filter] -> matchers depends on the old version { name = "regex-automata", version = "0.1.10" }, # ^ { name = "itertools", version = "0.13.0" }, # zxcvbn depends on this old version diff --git a/docs/config.schema.json b/docs/config.schema.json index 0f7f371d0..534165920 100644 --- a/docs/config.schema.json +++ b/docs/config.schema.json @@ -543,6 +543,14 @@ { "description": "ECDSA using secp256k1 curve and SHA-256", "const": "ES256K" + }, + { + "description": "EdDSA using Ed25519 curve", + "const": "Ed25519" + }, + { + "description": "EdDSA using Ed448 curve", + "const": "Ed448" } ] }, diff --git a/misc/update.sh b/misc/update.sh index de9d4001c..4cbea8c31 100644 --- a/misc/update.sh +++ b/misc/update.sh @@ -14,7 +14,7 @@ cargo run -p mas-config > "${CONFIG_SCHEMA}" cargo run -p mas-handlers --bin graphql-schema > "${GRAPHQL_SCHEMA}" cargo run -p mas-handlers --bin api-schema > "${API_SCHEMA}" cargo run -p mas-i18n-scan -- --update "${BASE_DIR}/templates/" "${BASE_DIR}/translations/en.json" -OUT_DIR="${POLICIES_SCHEMA}" cargo run -p mas-policy --features jsonschema +OUT_DIR="${POLICIES_SCHEMA}" cargo run -p mas-policy cd "${BASE_DIR}/frontend" npm run format