Accomodate OIDC authentication #1258
Comments
ShadowJonathan
added
effort/hard
help wanted
type/refactor
type/msc
|
I'm not sure there's much more to do in Ruma (except for the deprecations when the time comes). I believe work on OIDC should be centralised in the matrix-authentication-service project as long as it doesn't concern directly the Matrix side. It's written in Rust and split into several crates to separate concerns. I'm currently involved in creating a client library there that is needed by the project to interact with other OIDC providers and that we also plan to use for the SDK. Ultimately it'll probably also support the methods required by servers to interact with it, although currently there doesn't seem to be MSCs for how homeservers are supposed to interact with the OIDC provider. |
|
OIDC login has landed in matrix-rust-sdk: matrix-org/matrix-rust-sdk#859 A PR (MR) for OIDC support in Conduit is pending: https://gitlab.com/famedly/conduit/-/merge_requests/80 |
|
OIDC support is nearly complete in Conduit (https://gitlab.com/famedly/conduit/-/merge_requests/587). |
Background and Context
With
areweoidcyet.com, the Matrix Foundation has (imo) displayed enough commitment to the pushing ahead of the likes of MSC3861 (and related MSCs)For Ruma, this effectively means a deprecation of the old UIA and access_token (or not? unsure) method of authenticating users, or at the very least, that we support the new method for both server(s) and clients.
This is needed for conduit to support OIDC (if it ever will, with its scope goals), but most importantly, this'll be needed for rust-sdk, which is, or is poised to, downstream to a lot of important projects for element.io.
This issue is meant to track and discuss the large-scale implementation of OIDC in Ruma.
Related issues:
The text was updated successfully, but these errors were encountered: