Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OIDC: Attempt dynamic registration with OP #25468

Closed
Tracked by #25392
kerryarchibald opened this issue May 29, 2023 · 0 comments · Fixed by matrix-org/matrix-react-sdk#11074
Closed
Tracked by #25392

OIDC: Attempt dynamic registration with OP #25468

kerryarchibald opened this issue May 29, 2023 · 0 comments · Fixed by matrix-org/matrix-react-sdk#11074
Assignees
@kerryarchibald
Labels
A-Authentication A-OIDC T-Enhancement Z-Labs

Comments

@kerryarchibald
Copy link
Contributor

kerryarchibald commented May 29, 2023
edited
Loading

image
Client implementation guide

Attempt dynamic client registration with OP

Register client with the OP using

{
            client_name: <SDKConfig brand>,
            client_uri: <absolute app url>,
            tos_uri: "https://element.io/terms-of-service",
            policy_uri: "https://element.io/privacy",
            response_types: ["code"],
            grant_types: ["authorization_code", "refresh_token"],
            redirect_uris: <absolute app url>, // not used yet
            id_token_signed_response_alg: "RS256",
            token_endpoint_auth_method: "none",
            post_logout_redirect_uris: <absolute app url>, // not used yet
        };

TODO:

  • tos and privacy policy links are already in various parts of config.json, but not positively identifiable by key. Add to oidc specific config? add elsewhere on config?
{
    "privacyPolicyUrl": "https://element.io/privacy",
     "termsOfServiceUrl": "https://element.io/terms-of-service",
}

hydrogen implementation PR
MSC2966
RFC7591

AC:

  • Where EW config.json doesn't have TOS and policy URLs: log error, exit flow and fall back to legacy login
  • When registration fails, exit flow and fall back to legacy login
  • When registration succeeds, continue to attempt OIDC auth
  • Store response client_id for use in further interactions with OP
@kerryarchibald kerryarchibald mentioned this issue May 29, 2023
Closed
@kerryarchibald kerryarchibald mentioned this issue Jun 12, 2023
Merged
3 tasks
@kerryarchibald kerryarchibald self-assigned this Jun 12, 2023
This was referenced Jun 12, 2023
Merged
Merged
su-ex added a commit to SchildiChat/element-web that referenced this issue Feb 22, 2024
@su-ex
Merge tag 'v1.11.35' into sc
d789c9a 
* Remove `feature_favourite_messages` as it is has been abandoned for now ([\#11097](matrix-org/matrix-react-sdk#11097)). Fixes element-hq#25555.
* Don't setup keys on login when encryption is force disabled ([\element-hq#11125](matrix-org/matrix-react-sdk#11125)). Contributed by @kerryarchibald.
* OIDC: attempt dynamic client registration ([\element-hq#11074](matrix-org/matrix-react-sdk#11074)). Fixes element-hq#25468 and element-hq#25467. Contributed by @kerryarchibald.
* OIDC: Check static client registration and add login flow ([\element-hq#11088](matrix-org/matrix-react-sdk#11088)). Fixes element-hq#25467. Contributed by @kerryarchibald.
* Improve message body output from plain text editor ([\element-hq#11124](matrix-org/matrix-react-sdk#11124)). Contributed by @alunturner.
* Disable encryption toggle in room settings when force disabled ([\element-hq#11122](matrix-org/matrix-react-sdk#11122)). Contributed by @kerryarchibald.
* Add .well-known config option to force disable encryption on room creation ([\element-hq#11120](matrix-org/matrix-react-sdk#11120)). Contributed by @kerryarchibald.
* Handle permalinks in room topic ([\element-hq#11115](matrix-org/matrix-react-sdk#11115)). Fixes element-hq#23395.
* Add at room avatar for RTE ([\element-hq#11106](matrix-org/matrix-react-sdk#11106)). Contributed by @alunturner.
* Remove new room breadcrumbs ([\element-hq#11104](matrix-org/matrix-react-sdk#11104)).
* Update rich text editor dependency and associated changes ([\element-hq#11098](matrix-org/matrix-react-sdk#11098)). Contributed by @alunturner.
* Implement new model, hooks and reconcilation code for new GYU notification settings ([\element-hq#11089](matrix-org/matrix-react-sdk#11089)). Contributed by @justjanne.
* Allow maintaining a different right panel width for thread panels ([\element-hq#11064](matrix-org/matrix-react-sdk#11064)). Fixes element-hq#25487.
* Make AppPermission pane scrollable ([\element-hq#10954](matrix-org/matrix-react-sdk#10954)). Fixes element-hq#25438 and element-hq#25511. Contributed by @luixxiul.
* Integrate compound design tokens ([\element-hq#11091](matrix-org/matrix-react-sdk#11091)). Fixes vector-im/internal-planning#450.
* Don't warn about the effects of redacting state events when redacting non-state-events ([\element-hq#11071](matrix-org/matrix-react-sdk#11071)). Fixes element-hq#8478.
* Allow specifying help URLs in config.json ([\element-hq#11070](matrix-org/matrix-react-sdk#11070)). Fixes element-hq#15268.
* Fix error when generating error for polling for updates ([\element-hq#25609](element-hq#25609)).
* Fix spurious notifications on non-live events ([\element-hq#11133](matrix-org/matrix-react-sdk#11133)). Fixes element-hq#24336.
* Prevent auto-translation within composer ([\#11114](matrix-org/matrix-react-sdk#11114)). Fixes element-hq#25624.
* Fix caret jump when backspacing into empty line at beginning of editor ([\#11128](matrix-org/matrix-react-sdk#11128)). Fixes element-hq#22335.
* Fix server picker not allowing you to switch from custom to default ([\element-hq#11127](matrix-org/matrix-react-sdk#11127)). Fixes element-hq#25650.
* Consider the unthreaded read receipt for Unread dot state ([\element-hq#11117](matrix-org/matrix-react-sdk#11117)). Fixes element-hq#24229.
* Increase RTE resilience ([\element-hq#11111](matrix-org/matrix-react-sdk#11111)). Fixes element-hq#25277. Contributed by @alunturner.
* Fix RoomView ignoring alias lookup errors due to them not knowing the roomId ([\element-hq#11099](matrix-org/matrix-react-sdk#11099)). Fixes element-hq#24783 and element-hq#25562.
* Fix style inconsistencies on SecureBackupPanel ([\element-hq#11102](matrix-org/matrix-react-sdk#11102)). Fixes element-hq#25615. Contributed by @luixxiul.
* Remove unknown MXIDs from invite suggestions ([\element-hq#11055](matrix-org/matrix-react-sdk#11055)). Fixes element-hq#25446.
* Reduce volume of ring sounds to normalised levels ([\element-hq#9143](matrix-org/matrix-react-sdk#9143)). Contributed by @JMoVS.
* Fix slash commands not being enabled in certain cases ([\element-hq#11090](matrix-org/matrix-react-sdk#11090)). Fixes element-hq#25572.
* Prevent escape in threads from sending focus to main timeline composer ([\element-hq#11061](matrix-org/matrix-react-sdk#11061)). Fixes element-hq#23397.
su-ex added a commit to SchildiChat/element-desktop that referenced this issue Feb 22, 2024
@su-ex
Merge tag 'v1.11.35' into sc
8762926 
* Remove `feature_favourite_messages` as it is has been abandoned for now ([\#11097](matrix-org/matrix-react-sdk#11097)). Fixes element-hq/element-web#25555.
* Use brand and help url from config ([\element-hq#1008](element-hq#1008)).
* Don't setup keys on login when encryption is force disabled ([\#11125](matrix-org/matrix-react-sdk#11125)). Contributed by @kerryarchibald.
* OIDC: attempt dynamic client registration ([\#11074](matrix-org/matrix-react-sdk#11074)). Fixes element-hq/element-web#25468 and element-hq/element-web#25467. Contributed by @kerryarchibald.
* OIDC: Check static client registration and add login flow ([\#11088](matrix-org/matrix-react-sdk#11088)). Fixes element-hq/element-web#25467. Contributed by @kerryarchibald.
* Improve message body output from plain text editor ([\#11124](matrix-org/matrix-react-sdk#11124)). Contributed by @alunturner.
* Disable encryption toggle in room settings when force disabled ([\#11122](matrix-org/matrix-react-sdk#11122)). Contributed by @kerryarchibald.
* Add .well-known config option to force disable encryption on room creation ([\#11120](matrix-org/matrix-react-sdk#11120)). Contributed by @kerryarchibald.
* Handle permalinks in room topic ([\#11115](matrix-org/matrix-react-sdk#11115)). Fixes element-hq/element-web#23395.
* Add at room avatar for RTE ([\#11106](matrix-org/matrix-react-sdk#11106)). Contributed by @alunturner.
* Remove new room breadcrumbs ([\#11104](matrix-org/matrix-react-sdk#11104)).
* Update rich text editor dependency and associated changes ([\#11098](matrix-org/matrix-react-sdk#11098)). Contributed by @alunturner.
* Implement new model, hooks and reconcilation code for new GYU notification settings ([\#11089](matrix-org/matrix-react-sdk#11089)). Contributed by @justjanne.
* Allow maintaining a different right panel width for thread panels ([\#11064](matrix-org/matrix-react-sdk#11064)). Fixes element-hq/element-web#25487.
* Make AppPermission pane scrollable ([\#10954](matrix-org/matrix-react-sdk#10954)). Fixes element-hq/element-web#25438 and element-hq/element-web#25511. Contributed by @luixxiul.
* Integrate compound design tokens ([\#11091](matrix-org/matrix-react-sdk#11091)). Fixes vector-im/internal-planning#450.
* Don't warn about the effects of redacting state events when redacting non-state-events ([\#11071](matrix-org/matrix-react-sdk#11071)). Fixes element-hq/element-web#8478.
* Allow specifying help URLs in config.json ([\#11070](matrix-org/matrix-react-sdk#11070)). Fixes element-hq/element-web#15268.
* Fix error when generating error for polling for updates ([\#25609](element-hq/element-web#25609)).
* Fix spurious notifications on non-live events ([\#11133](matrix-org/matrix-react-sdk#11133)). Fixes element-hq/element-web#24336.
* Prevent auto-translation within composer ([\#11114](matrix-org/matrix-react-sdk#11114)). Fixes element-hq/element-web#25624.
* Fix caret jump when backspacing into empty line at beginning of editor ([\#11128](matrix-org/matrix-react-sdk#11128)). Fixes element-hq/element-web#22335.
* Fix server picker not allowing you to switch from custom to default ([\#11127](matrix-org/matrix-react-sdk#11127)). Fixes element-hq/element-web#25650.
* Consider the unthreaded read receipt for Unread dot state ([\#11117](matrix-org/matrix-react-sdk#11117)). Fixes element-hq/element-web#24229.
* Increase RTE resilience ([\#11111](matrix-org/matrix-react-sdk#11111)). Fixes element-hq/element-web#25277. Contributed by @alunturner.
* Fix RoomView ignoring alias lookup errors due to them not knowing the roomId ([\#11099](matrix-org/matrix-react-sdk#11099)). Fixes element-hq/element-web#24783 and element-hq/element-web#25562.
* Fix style inconsistencies on SecureBackupPanel ([\#11102](matrix-org/matrix-react-sdk#11102)). Fixes element-hq/element-web#25615. Contributed by @luixxiul.
* Remove unknown MXIDs from invite suggestions ([\#11055](matrix-org/matrix-react-sdk#11055)). Fixes element-hq/element-web#25446.
* Reduce volume of ring sounds to normalised levels ([\#9143](matrix-org/matrix-react-sdk#9143)). Contributed by @JMoVS.
* Fix slash commands not being enabled in certain cases ([\#11090](matrix-org/matrix-react-sdk#11090)). Fixes element-hq/element-web#25572.
* Prevent escape in threads from sending focus to main timeline composer ([\#11061](matrix-org/matrix-react-sdk#11061)). Fixes element-hq/element-web#23397.
su-ex added a commit to SchildiChat/matrix-react-sdk that referenced this issue Feb 22, 2024
@su-ex
Merge tag 'v3.75.0' into sc
46f8db6 
* Remove `feature_favourite_messages` as it is has been abandoned for now ([\matrix-org#11097](matrix-org#11097)). Fixes element-hq/element-web#25555.
* Don't setup keys on login when encryption is force disabled ([\matrix-org#11125](matrix-org#11125)). Contributed by @kerryarchibald.
* OIDC: attempt dynamic client registration ([\matrix-org#11074](matrix-org#11074)). Fixes element-hq/element-web#25468 and element-hq/element-web#25467. Contributed by @kerryarchibald.
* OIDC: Check static client registration and add login flow ([\matrix-org#11088](matrix-org#11088)). Fixes element-hq/element-web#25467. Contributed by @kerryarchibald.
* Improve message body output from plain text editor ([\matrix-org#11124](matrix-org#11124)). Contributed by @alunturner.
* Disable encryption toggle in room settings when force disabled ([\matrix-org#11122](matrix-org#11122)). Contributed by @kerryarchibald.
* Add .well-known config option to force disable encryption on room creation ([\matrix-org#11120](matrix-org#11120)). Contributed by @kerryarchibald.
* Handle permalinks in room topic ([\matrix-org#11115](matrix-org#11115)). Fixes element-hq/element-web#23395.
* Add at room avatar for RTE ([\matrix-org#11106](matrix-org#11106)). Contributed by @alunturner.
* Remove new room breadcrumbs ([\matrix-org#11104](matrix-org#11104)).
* Update rich text editor dependency and associated changes ([\matrix-org#11098](matrix-org#11098)). Contributed by @alunturner.
* Implement new model, hooks and reconcilation code for new GYU notification settings ([\matrix-org#11089](matrix-org#11089)). Contributed by @justjanne.
* Allow maintaining a different right panel width for thread panels ([\matrix-org#11064](matrix-org#11064)). Fixes element-hq/element-web#25487.
* Make AppPermission pane scrollable ([\matrix-org#10954](matrix-org#10954)). Fixes element-hq/element-web#25438 and element-hq/element-web#25511. Contributed by @luixxiul.
* Integrate compound design tokens ([\matrix-org#11091](matrix-org#11091)). Fixes vector-im/internal-planning#450.
* Don't warn about the effects of redacting state events when redacting non-state-events ([\matrix-org#11071](matrix-org#11071)). Fixes element-hq/element-web#8478.
* Allow specifying help URLs in config.json ([\matrix-org#11070](matrix-org#11070)). Fixes element-hq/element-web#15268.
* Fix spurious notifications on non-live events ([\matrix-org#11133](matrix-org#11133)). Fixes element-hq/element-web#24336.
* Prevent auto-translation within composer ([\matrix-org#11114](matrix-org#11114)). Fixes element-hq/element-web#25624.
* Fix caret jump when backspacing into empty line at beginning of editor ([\matrix-org#11128](matrix-org#11128)). Fixes element-hq/element-web#22335.
* Fix server picker not allowing you to switch from custom to default ([\matrix-org#11127](matrix-org#11127)). Fixes element-hq/element-web#25650.
* Consider the unthreaded read receipt for Unread dot state ([\matrix-org#11117](matrix-org#11117)). Fixes element-hq/element-web#24229.
* Increase RTE resilience ([\matrix-org#11111](matrix-org#11111)). Fixes element-hq/element-web#25277. Contributed by @alunturner.
* Fix RoomView ignoring alias lookup errors due to them not knowing the roomId ([\matrix-org#11099](matrix-org#11099)). Fixes element-hq/element-web#24783 and element-hq/element-web#25562.
* Fix style inconsistencies on SecureBackupPanel ([\matrix-org#11102](matrix-org#11102)). Fixes element-hq/element-web#25615. Contributed by @luixxiul.
* Remove unknown MXIDs from invite suggestions ([\matrix-org#11055](matrix-org#11055)). Fixes element-hq/element-web#25446.
* Reduce volume of ring sounds to normalised levels ([\matrix-org#9143](matrix-org#9143)). Contributed by @JMoVS.
* Fix slash commands not being enabled in certain cases ([\matrix-org#11090](matrix-org#11090)). Fixes element-hq/element-web#25572.
* Prevent escape in threads from sending focus to main timeline composer ([\matrix-org#11061](matrix-org#11061)). Fixes element-hq/element-web#23397.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kerryarchibald kerryarchibald

Labels
A-Authentication A-OIDC T-Enhancement Z-Labs
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

OIDC: attempt dynamic client registration matrix-org/matrix-react-sdk
1 participant
@kerryarchibald