-
-
Notifications
You must be signed in to change notification settings - Fork 829
OIDC: Check static client registration and add login flow #11088
Conversation
* @returns Promise<string> resolves with clientId | ||
* @throws if no clientId is found | ||
*/ | ||
export const getOidcClientId = async ( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is an async function because dynamic registration is async and will happen here 🔜
…om/matrix-org/matrix-react-sdk into kerry/25468/oidc-client-static-reg
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
seems generally very sensible but I have nit-picking
src/IConfigOptions.ts
Outdated
* The issuer URL must have a trailing `/`. | ||
* OPTIONAL | ||
*/ | ||
oidc_static_clients?: Record<string, string>; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is there an EW PR to document this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
shouldn't it be called oidc_static_client_ids
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since this is very much still in development I'm not sure it should be documented yet, I'll add a task to the ticket so I don't forget
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what do you think about renaming it? I think it would be helpful to reflect the fact that the target of the map is a client_id.
* @param staticOidcClients static client config from config.json | ||
* @returns clientId if found, otherwise undefined | ||
*/ | ||
const getStaticOidcClientId = (issuer: string, staticOidcClients?: Record<string, string>): string | undefined => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
any reason to prefer the const foo = () => {...}
syntax rather than function foo { ...}
?
Likewise getOidcClientId
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just style
type: "oidcNativeFlow"; | ||
clientId: string; | ||
} | ||
/** |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
well, I guess I missed that conversation, but:
- I don't think it's even possible to come up with a set of rules for when it is appropriate to leave blank lines between sections of code. You might as well try and formulate a set of rules about when you should start a new paragraph between sentences in a document: it's entirely context-dependent.
- In any case, we don't yet have prettier/eslint rules to enforce this, so in its absence I don't think it's unreasonable to include suggestions like this.
In this instance, I think that running the type definition straight into the doc-comment for the next function is visually cluttered and it's easier to skim with a bit more whitespace. But feel free to disagree.
src/Login.ts
Outdated
* Finds static clientId for configured issuer, or attempts dynamic registration with the OP | ||
* Returns OIDC native flow when client is ready to attempt login via OIDC native flow |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd find this easier to grok the other way around. To my mind, the primary purpose of the function is to return the OidcNativeFlow
. Sure, it also finds the clientId or registers, but that's just one step along the way.
* Finds static clientId for configured issuer, or attempts dynamic registration with the OP | |
* Returns OIDC native flow when client is ready to attempt login via OIDC native flow | |
* Prepares an OidcNativeFlow for logging into the server. | |
* | |
* Finds a static clientId for configured issuer, or attempts dynamic registration with the OP, and wraps the | |
* results. |
src/IConfigOptions.ts
Outdated
* The issuer URL must have a trailing `/`. | ||
* OPTIONAL | ||
*/ | ||
oidc_static_clients?: Record<string, string>; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what do you think about renaming it? I think it would be helpful to reflect the fact that the target of the map is a client_id.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm other than the stuff above
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Contains important security updates. Changes in [1.11.36](https://github.com/vector-im/element-web/releases/tag/v1.11.36) (2023-07-18) ================================================================================================= ## 🔒 Security * Fixes for [CVE-2023-37259](https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2023-37259) / [GHSA-c9vx-2g7w-rp65](GHSA-c9vx-2g7w-rp65) ## 🦖 Deprecations * Deprecate customisations in favour of Module API ([\#25736](element-hq/element-web#25736)). Fixes #25733. ## ✨ Features * OIDC: store initial screen in session storage ([\#25688](element-hq/element-web#25688)). Fixes #25656. Contributed by @kerryarchibald. * Allow default_server_config as a fallback config ([\#25682](element-hq/element-web#25682)). Contributed by @ShadowRZ. * OIDC: remove auth params from url after login attempt ([\#25664](element-hq/element-web#25664)). Contributed by @kerryarchibald. * feat(faq): remove keyboard shortcuts button ([\#9342](matrix-org/matrix-react-sdk#9342)). Fixes #22625. Contributed by @gefgu. * GYU: Update banner ([\#11211](matrix-org/matrix-react-sdk#11211)). Fixes #25530. Contributed by @justjanne. * Linkify mxc:// URLs as links to your media repo ([\#11213](matrix-org/matrix-react-sdk#11213)). Fixes #6942. * OIDC: Log in ([\#11199](matrix-org/matrix-react-sdk#11199)). Fixes #25657. Contributed by @kerryarchibald. * Handle all permitted url schemes in linkify ([\#11215](matrix-org/matrix-react-sdk#11215)). Fixes #4457 and #8720. * Autoapprove Element Call oidc requests ([\#11209](matrix-org/matrix-react-sdk#11209)). Contributed by @toger5. * Allow creating knock rooms ([\#11182](matrix-org/matrix-react-sdk#11182)). Contributed by @charlynguyen. * Expose and pre-populate thread ID in devtools dialog ([\#10953](matrix-org/matrix-react-sdk#10953)). * Hide URL preview if it will be empty ([\#9029](matrix-org/matrix-react-sdk#9029)). * Change wording from avatar to profile picture ([\#7015](matrix-org/matrix-react-sdk#7015)). Fixes element-hq/element-meta#1331. Contributed by @aaronraimist. * Quick and dirty devtool to explore state history ([\#11197](matrix-org/matrix-react-sdk#11197)). * Consider more user inputs when calculating zxcvbn score ([\#11180](matrix-org/matrix-react-sdk#11180)). * GYU: Account Notification Settings ([\#11008](matrix-org/matrix-react-sdk#11008)). Fixes #24567. Contributed by @justjanne. * Compound Typography pass ([\#11103](matrix-org/matrix-react-sdk#11103)). Fixes #25548. * OIDC: navigate to authorization endpoint ([\#11096](matrix-org/matrix-react-sdk#11096)). Fixes #25574. Contributed by @kerryarchibald. ## 🐛 Bug Fixes * Fix read receipt sending behaviour around thread roots ([\#3600](matrix-org/matrix-js-sdk#3600)). * Fix missing metaspace notification badges ([\#11269](matrix-org/matrix-react-sdk#11269)). Fixes #25679. * Make checkboxes less rounded ([\#11224](matrix-org/matrix-react-sdk#11224)). Contributed by @andybalaam. * GYU: Fix issues with audible keywords without activated mentions ([\#11218](matrix-org/matrix-react-sdk#11218)). Contributed by @justjanne. * PosthogAnalytics unwatch settings on logout ([\#11207](matrix-org/matrix-react-sdk#11207)). Fixes #25703. * Avoid trying to set room account data for pinned events as guest ([\#11216](matrix-org/matrix-react-sdk#11216)). Fixes #6300. * GYU: Disable sound for DMs checkbox when DM notifications are disabled ([\#11210](matrix-org/matrix-react-sdk#11210)). Contributed by @justjanne. * force to allow calls without video and audio in embedded mode ([\#11131](matrix-org/matrix-react-sdk#11131)). Contributed by @EnricoSchw. * Fix room tile text clipping ([\#11196](matrix-org/matrix-react-sdk#11196)). Fixes #25718. * Handle newlines in user pills ([\#11166](matrix-org/matrix-react-sdk#11166)). Fixes #10994. * Limit width of user menu in space panel ([\#11192](matrix-org/matrix-react-sdk#11192)). Fixes #22627. * Add isLocation to ComposerEvent analytics events ([\#11187](matrix-org/matrix-react-sdk#11187)). Contributed by @andybalaam. * Fix: hide unsupported login elements ([\#11185](matrix-org/matrix-react-sdk#11185)). Fixes #25711. Contributed by @kerryarchibald. * Scope smaller font size to user info panel ([\#11178](matrix-org/matrix-react-sdk#11178)). Fixes #25683. * Apply i18n to strings in the html export ([\#11176](matrix-org/matrix-react-sdk#11176)). * Inhibit url previews on MXIDs containing slashes same as those without ([\#11160](matrix-org/matrix-react-sdk#11160)). * Make event info size consistent with state events ([\#11181](matrix-org/matrix-react-sdk#11181)). * Fix markdown content spacing ([\#11177](matrix-org/matrix-react-sdk#11177)). Fixes #25685. * Fix font-family definition for emojis ([\#11170](matrix-org/matrix-react-sdk#11170)). Fixes #25686. * Fix spurious error sending receipt in thread errors ([\#11157](matrix-org/matrix-react-sdk#11157)). * Consider the empty push rule actions array equiv to deprecated dont_notify ([\#11155](matrix-org/matrix-react-sdk#11155)). Fixes #25674. * Only trap escape key for cancel reply if there is a reply ([\#11140](matrix-org/matrix-react-sdk#11140)). Fixes #25640. * Update linkify to 4.1.1 ([\#11132](matrix-org/matrix-react-sdk#11132)). Fixes #23806. Changes in [1.11.35](https://github.com/vector-im/element-web/releases/tag/v1.11.35) (2023-07-04) ================================================================================================= ## 🦖 Deprecations * Remove `feature_favourite_messages` as it is has been abandoned for now ([\#11097](matrix-org/matrix-react-sdk#11097)). Fixes #25555. ## ✨ Features * Don't setup keys on login when encryption is force disabled ([\#11125](matrix-org/matrix-react-sdk#11125)). Contributed by @kerryarchibald. * OIDC: attempt dynamic client registration ([\#11074](matrix-org/matrix-react-sdk#11074)). Fixes #25468 and #25467. Contributed by @kerryarchibald. * OIDC: Check static client registration and add login flow ([\#11088](matrix-org/matrix-react-sdk#11088)). Fixes #25467. Contributed by @kerryarchibald. * Improve message body output from plain text editor ([\#11124](matrix-org/matrix-react-sdk#11124)). Contributed by @alunturner. * Disable encryption toggle in room settings when force disabled ([\#11122](matrix-org/matrix-react-sdk#11122)). Contributed by @kerryarchibald. * Add .well-known config option to force disable encryption on room creation ([\#11120](matrix-org/matrix-react-sdk#11120)). Contributed by @kerryarchibald. * Handle permalinks in room topic ([\#11115](matrix-org/matrix-react-sdk#11115)). Fixes #23395. * Add at room avatar for RTE ([\#11106](matrix-org/matrix-react-sdk#11106)). Contributed by @alunturner. * Remove new room breadcrumbs ([\#11104](matrix-org/matrix-react-sdk#11104)). * Update rich text editor dependency and associated changes ([\#11098](matrix-org/matrix-react-sdk#11098)). Contributed by @alunturner. * Implement new model, hooks and reconcilation code for new GYU notification settings ([\#11089](matrix-org/matrix-react-sdk#11089)). Contributed by @justjanne. * Allow maintaining a different right panel width for thread panels ([\#11064](matrix-org/matrix-react-sdk#11064)). Fixes #25487. * Make AppPermission pane scrollable ([\#10954](matrix-org/matrix-react-sdk#10954)). Fixes #25438 and #25511. Contributed by @luixxiul. * Integrate compound design tokens ([\#11091](matrix-org/matrix-react-sdk#11091)). Fixes vector-im/internal-planning#450. * Don't warn about the effects of redacting state events when redacting non-state-events ([\#11071](matrix-org/matrix-react-sdk#11071)). Fixes #8478. * Allow specifying help URLs in config.json ([\#11070](matrix-org/matrix-react-sdk#11070)). Fixes #15268. ## 🐛 Bug Fixes * Fix error when generating error for polling for updates ([\#25609](element-hq/element-web#25609)). * Fix spurious notifications on non-live events ([\#11133](matrix-org/matrix-react-sdk#11133)). Fixes #24336. * Prevent auto-translation within composer ([\#11114](matrix-org/matrix-react-sdk#11114)). Fixes #25624. * Fix caret jump when backspacing into empty line at beginning of editor ([\#11128](matrix-org/matrix-react-sdk#11128)). Fixes #22335. * Fix server picker not allowing you to switch from custom to default ([\#11127](matrix-org/matrix-react-sdk#11127)). Fixes #25650. * Consider the unthreaded read receipt for Unread dot state ([\#11117](matrix-org/matrix-react-sdk#11117)). Fixes #24229. * Increase RTE resilience ([\#11111](matrix-org/matrix-react-sdk#11111)). Fixes #25277. Contributed by @alunturner. * Fix RoomView ignoring alias lookup errors due to them not knowing the roomId ([\#11099](matrix-org/matrix-react-sdk#11099)). Fixes #24783 and #25562. * Fix style inconsistencies on SecureBackupPanel ([\#11102](matrix-org/matrix-react-sdk#11102)). Fixes #25615. Contributed by @luixxiul. * Remove unknown MXIDs from invite suggestions ([\#11055](matrix-org/matrix-react-sdk#11055)). Fixes #25446. * Reduce volume of ring sounds to normalised levels ([\#9143](matrix-org/matrix-react-sdk#9143)). Contributed by @JMoVS. * Fix slash commands not being enabled in certain cases ([\#11090](matrix-org/matrix-react-sdk#11090)). Fixes #25572. * Prevent escape in threads from sending focus to main timeline composer ([\#11061](matrix-org/matrix-react-sdk#11061)). Fixes #23397.
* Remove `feature_favourite_messages` as it is has been abandoned for now ([\#11097](matrix-org/matrix-react-sdk#11097)). Fixes element-hq/element-web#25555. * Use brand and help url from config ([\element-hq#1008](element-hq#1008)). * Don't setup keys on login when encryption is force disabled ([\#11125](matrix-org/matrix-react-sdk#11125)). Contributed by @kerryarchibald. * OIDC: attempt dynamic client registration ([\#11074](matrix-org/matrix-react-sdk#11074)). Fixes element-hq/element-web#25468 and element-hq/element-web#25467. Contributed by @kerryarchibald. * OIDC: Check static client registration and add login flow ([\#11088](matrix-org/matrix-react-sdk#11088)). Fixes element-hq/element-web#25467. Contributed by @kerryarchibald. * Improve message body output from plain text editor ([\#11124](matrix-org/matrix-react-sdk#11124)). Contributed by @alunturner. * Disable encryption toggle in room settings when force disabled ([\#11122](matrix-org/matrix-react-sdk#11122)). Contributed by @kerryarchibald. * Add .well-known config option to force disable encryption on room creation ([\#11120](matrix-org/matrix-react-sdk#11120)). Contributed by @kerryarchibald. * Handle permalinks in room topic ([\#11115](matrix-org/matrix-react-sdk#11115)). Fixes element-hq/element-web#23395. * Add at room avatar for RTE ([\#11106](matrix-org/matrix-react-sdk#11106)). Contributed by @alunturner. * Remove new room breadcrumbs ([\#11104](matrix-org/matrix-react-sdk#11104)). * Update rich text editor dependency and associated changes ([\#11098](matrix-org/matrix-react-sdk#11098)). Contributed by @alunturner. * Implement new model, hooks and reconcilation code for new GYU notification settings ([\#11089](matrix-org/matrix-react-sdk#11089)). Contributed by @justjanne. * Allow maintaining a different right panel width for thread panels ([\#11064](matrix-org/matrix-react-sdk#11064)). Fixes element-hq/element-web#25487. * Make AppPermission pane scrollable ([\#10954](matrix-org/matrix-react-sdk#10954)). Fixes element-hq/element-web#25438 and element-hq/element-web#25511. Contributed by @luixxiul. * Integrate compound design tokens ([\#11091](matrix-org/matrix-react-sdk#11091)). Fixes vector-im/internal-planning#450. * Don't warn about the effects of redacting state events when redacting non-state-events ([\#11071](matrix-org/matrix-react-sdk#11071)). Fixes element-hq/element-web#8478. * Allow specifying help URLs in config.json ([\#11070](matrix-org/matrix-react-sdk#11070)). Fixes element-hq/element-web#15268. * Fix error when generating error for polling for updates ([\#25609](element-hq/element-web#25609)). * Fix spurious notifications on non-live events ([\#11133](matrix-org/matrix-react-sdk#11133)). Fixes element-hq/element-web#24336. * Prevent auto-translation within composer ([\#11114](matrix-org/matrix-react-sdk#11114)). Fixes element-hq/element-web#25624. * Fix caret jump when backspacing into empty line at beginning of editor ([\#11128](matrix-org/matrix-react-sdk#11128)). Fixes element-hq/element-web#22335. * Fix server picker not allowing you to switch from custom to default ([\#11127](matrix-org/matrix-react-sdk#11127)). Fixes element-hq/element-web#25650. * Consider the unthreaded read receipt for Unread dot state ([\#11117](matrix-org/matrix-react-sdk#11117)). Fixes element-hq/element-web#24229. * Increase RTE resilience ([\#11111](matrix-org/matrix-react-sdk#11111)). Fixes element-hq/element-web#25277. Contributed by @alunturner. * Fix RoomView ignoring alias lookup errors due to them not knowing the roomId ([\#11099](matrix-org/matrix-react-sdk#11099)). Fixes element-hq/element-web#24783 and element-hq/element-web#25562. * Fix style inconsistencies on SecureBackupPanel ([\#11102](matrix-org/matrix-react-sdk#11102)). Fixes element-hq/element-web#25615. Contributed by @luixxiul. * Remove unknown MXIDs from invite suggestions ([\#11055](matrix-org/matrix-react-sdk#11055)). Fixes element-hq/element-web#25446. * Reduce volume of ring sounds to normalised levels ([\#9143](matrix-org/matrix-react-sdk#9143)). Contributed by @JMoVS. * Fix slash commands not being enabled in certain cases ([\#11090](matrix-org/matrix-react-sdk#11090)). Fixes element-hq/element-web#25572. * Prevent escape in threads from sending focus to main timeline composer ([\#11061](matrix-org/matrix-react-sdk#11061)). Fixes element-hq/element-web#23397.
* Remove `feature_favourite_messages` as it is has been abandoned for now ([\#11097](matrix-org/matrix-react-sdk#11097)). Fixes element-hq#25555. * Don't setup keys on login when encryption is force disabled ([\element-hq#11125](matrix-org/matrix-react-sdk#11125)). Contributed by @kerryarchibald. * OIDC: attempt dynamic client registration ([\element-hq#11074](matrix-org/matrix-react-sdk#11074)). Fixes element-hq#25468 and element-hq#25467. Contributed by @kerryarchibald. * OIDC: Check static client registration and add login flow ([\element-hq#11088](matrix-org/matrix-react-sdk#11088)). Fixes element-hq#25467. Contributed by @kerryarchibald. * Improve message body output from plain text editor ([\element-hq#11124](matrix-org/matrix-react-sdk#11124)). Contributed by @alunturner. * Disable encryption toggle in room settings when force disabled ([\element-hq#11122](matrix-org/matrix-react-sdk#11122)). Contributed by @kerryarchibald. * Add .well-known config option to force disable encryption on room creation ([\element-hq#11120](matrix-org/matrix-react-sdk#11120)). Contributed by @kerryarchibald. * Handle permalinks in room topic ([\element-hq#11115](matrix-org/matrix-react-sdk#11115)). Fixes element-hq#23395. * Add at room avatar for RTE ([\element-hq#11106](matrix-org/matrix-react-sdk#11106)). Contributed by @alunturner. * Remove new room breadcrumbs ([\element-hq#11104](matrix-org/matrix-react-sdk#11104)). * Update rich text editor dependency and associated changes ([\element-hq#11098](matrix-org/matrix-react-sdk#11098)). Contributed by @alunturner. * Implement new model, hooks and reconcilation code for new GYU notification settings ([\element-hq#11089](matrix-org/matrix-react-sdk#11089)). Contributed by @justjanne. * Allow maintaining a different right panel width for thread panels ([\element-hq#11064](matrix-org/matrix-react-sdk#11064)). Fixes element-hq#25487. * Make AppPermission pane scrollable ([\element-hq#10954](matrix-org/matrix-react-sdk#10954)). Fixes element-hq#25438 and element-hq#25511. Contributed by @luixxiul. * Integrate compound design tokens ([\element-hq#11091](matrix-org/matrix-react-sdk#11091)). Fixes vector-im/internal-planning#450. * Don't warn about the effects of redacting state events when redacting non-state-events ([\element-hq#11071](matrix-org/matrix-react-sdk#11071)). Fixes element-hq#8478. * Allow specifying help URLs in config.json ([\element-hq#11070](matrix-org/matrix-react-sdk#11070)). Fixes element-hq#15268. * Fix error when generating error for polling for updates ([\element-hq#25609](element-hq#25609)). * Fix spurious notifications on non-live events ([\element-hq#11133](matrix-org/matrix-react-sdk#11133)). Fixes element-hq#24336. * Prevent auto-translation within composer ([\#11114](matrix-org/matrix-react-sdk#11114)). Fixes element-hq#25624. * Fix caret jump when backspacing into empty line at beginning of editor ([\#11128](matrix-org/matrix-react-sdk#11128)). Fixes element-hq#22335. * Fix server picker not allowing you to switch from custom to default ([\element-hq#11127](matrix-org/matrix-react-sdk#11127)). Fixes element-hq#25650. * Consider the unthreaded read receipt for Unread dot state ([\element-hq#11117](matrix-org/matrix-react-sdk#11117)). Fixes element-hq#24229. * Increase RTE resilience ([\element-hq#11111](matrix-org/matrix-react-sdk#11111)). Fixes element-hq#25277. Contributed by @alunturner. * Fix RoomView ignoring alias lookup errors due to them not knowing the roomId ([\element-hq#11099](matrix-org/matrix-react-sdk#11099)). Fixes element-hq#24783 and element-hq#25562. * Fix style inconsistencies on SecureBackupPanel ([\element-hq#11102](matrix-org/matrix-react-sdk#11102)). Fixes element-hq#25615. Contributed by @luixxiul. * Remove unknown MXIDs from invite suggestions ([\element-hq#11055](matrix-org/matrix-react-sdk#11055)). Fixes element-hq#25446. * Reduce volume of ring sounds to normalised levels ([\element-hq#9143](matrix-org/matrix-react-sdk#9143)). Contributed by @JMoVS. * Fix slash commands not being enabled in certain cases ([\element-hq#11090](matrix-org/matrix-react-sdk#11090)). Fixes element-hq#25572. * Prevent escape in threads from sending focus to main timeline composer ([\element-hq#11061](matrix-org/matrix-react-sdk#11061)). Fixes element-hq#23397.
* Remove `feature_favourite_messages` as it is has been abandoned for now ([\matrix-org#11097](matrix-org#11097)). Fixes element-hq/element-web#25555. * Don't setup keys on login when encryption is force disabled ([\matrix-org#11125](matrix-org#11125)). Contributed by @kerryarchibald. * OIDC: attempt dynamic client registration ([\matrix-org#11074](matrix-org#11074)). Fixes element-hq/element-web#25468 and element-hq/element-web#25467. Contributed by @kerryarchibald. * OIDC: Check static client registration and add login flow ([\matrix-org#11088](matrix-org#11088)). Fixes element-hq/element-web#25467. Contributed by @kerryarchibald. * Improve message body output from plain text editor ([\matrix-org#11124](matrix-org#11124)). Contributed by @alunturner. * Disable encryption toggle in room settings when force disabled ([\matrix-org#11122](matrix-org#11122)). Contributed by @kerryarchibald. * Add .well-known config option to force disable encryption on room creation ([\matrix-org#11120](matrix-org#11120)). Contributed by @kerryarchibald. * Handle permalinks in room topic ([\matrix-org#11115](matrix-org#11115)). Fixes element-hq/element-web#23395. * Add at room avatar for RTE ([\matrix-org#11106](matrix-org#11106)). Contributed by @alunturner. * Remove new room breadcrumbs ([\matrix-org#11104](matrix-org#11104)). * Update rich text editor dependency and associated changes ([\matrix-org#11098](matrix-org#11098)). Contributed by @alunturner. * Implement new model, hooks and reconcilation code for new GYU notification settings ([\matrix-org#11089](matrix-org#11089)). Contributed by @justjanne. * Allow maintaining a different right panel width for thread panels ([\matrix-org#11064](matrix-org#11064)). Fixes element-hq/element-web#25487. * Make AppPermission pane scrollable ([\matrix-org#10954](matrix-org#10954)). Fixes element-hq/element-web#25438 and element-hq/element-web#25511. Contributed by @luixxiul. * Integrate compound design tokens ([\matrix-org#11091](matrix-org#11091)). Fixes vector-im/internal-planning#450. * Don't warn about the effects of redacting state events when redacting non-state-events ([\matrix-org#11071](matrix-org#11071)). Fixes element-hq/element-web#8478. * Allow specifying help URLs in config.json ([\matrix-org#11070](matrix-org#11070)). Fixes element-hq/element-web#15268. * Fix spurious notifications on non-live events ([\matrix-org#11133](matrix-org#11133)). Fixes element-hq/element-web#24336. * Prevent auto-translation within composer ([\matrix-org#11114](matrix-org#11114)). Fixes element-hq/element-web#25624. * Fix caret jump when backspacing into empty line at beginning of editor ([\matrix-org#11128](matrix-org#11128)). Fixes element-hq/element-web#22335. * Fix server picker not allowing you to switch from custom to default ([\matrix-org#11127](matrix-org#11127)). Fixes element-hq/element-web#25650. * Consider the unthreaded read receipt for Unread dot state ([\matrix-org#11117](matrix-org#11117)). Fixes element-hq/element-web#24229. * Increase RTE resilience ([\matrix-org#11111](matrix-org#11111)). Fixes element-hq/element-web#25277. Contributed by @alunturner. * Fix RoomView ignoring alias lookup errors due to them not knowing the roomId ([\matrix-org#11099](matrix-org#11099)). Fixes element-hq/element-web#24783 and element-hq/element-web#25562. * Fix style inconsistencies on SecureBackupPanel ([\matrix-org#11102](matrix-org#11102)). Fixes element-hq/element-web#25615. Contributed by @luixxiul. * Remove unknown MXIDs from invite suggestions ([\matrix-org#11055](matrix-org#11055)). Fixes element-hq/element-web#25446. * Reduce volume of ring sounds to normalised levels ([\matrix-org#9143](matrix-org#9143)). Contributed by @JMoVS. * Fix slash commands not being enabled in certain cases ([\matrix-org#11090](matrix-org#11090)). Fixes element-hq/element-web#25572. * Prevent escape in threads from sending focus to main timeline composer ([\matrix-org#11061](matrix-org#11061)). Fixes element-hq/element-web#23397.
Fixes element-hq/element-web#25467
When
Feature.OidcNativeFlow
is enabled attempts to get OIDC OP clientId duringLogin.getFlows
.clientId
is found by checking statically registered oidc client ids.Returns
oidcNativeFlow
as the only available flow when a statically registered clientId is found. Otherwise continues with existing matrix login using/login
.No UI, so
oidcNativeFlow
is displayed as:Dynamic registration is handled in the next PR #11074
Checklist
Here's what your changelog entry will look like:
✨ Features