Conversation
beastafk
force-pushed
the
full-mas-integration
branch
from
f040ca4 to
314d09c
Compare
* Add MAS (Matrix Authentication Service) admin API integration
Implements full coverage of the MAS Admin API v1 spec (37 paths, 45
endpoints) alongside the existing Synapse admin UI. When MAS is detected
at login, MAS-specific resources replace or extend the Synapse defaults.
New resources (sidebar menu, list + create/delete where applicable):
- Personal Sessions — list, create (shows one-time access token in dialog
after creation), revoke
- Compat Sessions — list, finish
- OAuth2 Sessions — list, finish
- User Sessions — list, finish
- User Emails — list, create, delete
- Upstream OAuth Links — list, create, delete
- Upstream OAuth Providers — list (read-only, from MAS YAML config)
- Registration Tokens — full CRUD (replaces Synapse tokens in MAS mode)
- Policy Data — dedicated page, set/view current policy URL
- Users — MAS user list replaces Synapse users; lock/unlock,
deactivate/reactivate, set-admin, set-password actions on edit page
Provider layer:
- dataProvider.ts: MAS-aware resource routing, cursor-based pagination
- mas.ts: all MAS API helpers, resource definitions, action functions
- types.ts: full TypeScript types for all MAS API responses
* Pin flatted version
* Fix server status polling
- Move MAS session resources (personal, browser, oauth2, compat) from sidebar into a Sessions tab inside the user profile edit page - Add MASSessionsPanel with MUI sub-tabs and inline personal session create form (token shown once in dialog after creation) - Add MASUpstreamOAuthLinksPanel replacing SSO tab in MAS mode - Fix Datagrid field label lookup by wrapping with ResourceContextProvider - Fix personal sessions list filter: use filter[user] not filter[owner_user] - Fix EmptyState to accept optional resource prop overriding context - Translate all MAS session strings in de, fa, fr, ja, ru, uk, zh Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
…dition, sidebar cleanup - Replace free-text provider_id field with Select dropdown populated from providers list (MAS API requires a ULID, not a human-readable string) - Fix token refresh race condition: singleton promise prevents multiple concurrent jsonClient calls from each triggering refreshAccessToken(), consuming the refresh token - Remove mas_upstream_oauth_links from sidebar (user-specific, lives in SSO tab only) Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
Creation is now handled inline in the user SSO tab. The standalone MASUpstreamOAuthLinkCreate component and create route are removed. Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
Providers are read-only global config — showing them inline in the user SSO tab alongside the links is more logical than a separate menu entry. Removed MASUpstreamOAuthProvidersList and the sidebar entry; providers are now rendered in a Datagrid inside MASUpstreamOAuthLinksPanel. Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
Add section headings and a Divider between the upstream OAuth links and upstream OAuth providers Datagrids. Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
- Add Keycloak 26.5.6 service on port 8180 with pre-configured test realm: - Client: clientId=mas, secret=mas-secret, redirectUris=http://localhost:8007/* - Test user: testuser / testpassword (set via admin console on first run) - Admin console: http://localhost:8180 (admin / admin) - Configure MAS upstream_oauth2 provider with discovery_mode: disabled to split browser-facing URLs (localhost:8180) from server-to-server URLs (keycloak:8080), since MAS can't reach localhost:8180 from inside the container - Add keycloak to just run-dev recipe Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
Providers are instance-wide config, not user-specific — sidebar is the right place. Add a Show page (rowClick="show") to surface the individual GET endpoint with full provider details including disabled_at. Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
…th show page
- Convert all 7 MAS session list components to DatagridConfigurable on desktop
and SimpleList on mobile (isSmall pattern via useTheme + useMediaQuery)
- Apply same responsive pattern to inline panels in user edit tabs:
MASSessionsPanel, MASUpstreamOAuthLinksPanel, MASEmailsPanel
- Replace free-text provider_id input with MUI Select dropdown populated from
useGetList("mas_upstream_oauth_providers") to ensure valid ULIDs are submitted
- Add MASUpstreamOAuthProvidersShow; add rowClick="show" to providers list
- Remove standalone create page for upstream OAuth links (inline in SSO tab)
- Make MASSessionsPanel sub-tabs scrollable on mobile
- Add TabbedFormTabs variant="scrollable" on main user edit form tabs
Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
- Add minWidth: 0 to .RaLayout-content and .RaEdit-card so flex items can shrink below min-content width; maxWidth + overflowX: auto then properly contain wide content without page-level scroll - Restore TabbedFormTabs variant="scrollable" for mobile tab bar - Wrap session Datagrid components in overflowX: auto Box containers - Add wordBreak: break-all to SimpleList secondary text for long OAuth scope URNs that otherwise overflow on mobile - Fix RaToolbar-mobileToolbar position: static in both light/dark themes Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
beastafk
force-pushed
the
full-mas-integration
branch
from
c2a955d to
7a816a4
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.