Add SSO login support#119
Conversation
Changes:
1. Updated Cargo.toml
Added "sso-login" feature to the matrix-sdk dependency
2. Updated connection.rs
Added a local HTTP server to automatically capture the SSO callback
Added SsoLoginUrl(String) variant to ClientMessage enum
Added LoginType import from ruma::api::client::session::get_login_types::v3
Updated response_receiver to handle SsoLoginUrl messages
Modified sync_loop to:
Query available login flows using get_login_types()
Check if SSO is available
Generate and display SSO URL when SSO is available and credentials are empty
Fall back to password login when credentials are provided
Added login_with_token() method to complete SSO login with a token
3. Updated server.rs
Added receive_sso_url() method to display SSO URL and optionally open browser
Added complete_sso_login() method to complete SSO login with a token
Added use_sso parameter (defaults to False)
4. Updated commands/matrix.rs
Added sso-complete command to the command structure
Added handler method sso_complete_command()
Added subcommand to argparse
How to use:
* Connect with empty username/password (and with use_sso on):
/matrix connect myserver
The plugin will:
Check if SSO is available on matrix.org
Display the SSO login URL
Optionally open it in your browser
* After completing SSO in the browser:
Copy the loginToken from the callback URL (the parameter after loginToken=)
* Run:
/matrix sso-complete m <login-token>
The plugin will complete the login and you'll be connected.
The implementation follows the same pattern as the matrix-rust-sdk
examples and should work with matrix.org and other homeservers that
support SSO.
Note that the sessions list in the WEB client will be showing the
connected device as unverified, which still works for connections not
leveraging E2E encryption (https transport encrpytion would still
apply).
Assisted-by: Cursor AI agent (Claude 4.5 Opus)
Signed-off-by: Bogdan Dobrelya <bogdando@yahoo.com>
|
It works for me with weechat v4.8.1, and matrix.org account. |
|
I want to give it a try with my matrix.org and archlinux.org sso accounts. I'm getting the localhost [not connected] and the SSO session will timeout. How do I setup the local http server? |
the local http server is started by the plugin code. The failed connection is expected, you should only copy the loginToken from the address URL, and use it with sso-complete, as documented in the commit message. Thanks for trying, let me know how it goes for you |
|
Thanks. Login works for Arch SSO. Problem here: all connected channels are listed at the end is seems and not connected to the matrix/Server account and are wildly mixed with other irc channels. |
ouch, that's unfortunate. I am not certain I could help to address that, just the 1st time trying this thing :) UPDATE: I tried and it looks much better already, @andyrtr |
|
After each /quit and restart and /matrix connect ServerName the SSO has to be done again. Is there any way to permanently store it? A /save doesn't do this for me. |
@andyrtr it could be, but implementing that would become another degree of complexity to me. We could start with that basic support and improve. |
|
I can't get autosort script to work here with the matrix-rs plugin Accounts. Autosort works with two znc-libera/znc-oftc buffers but password login for Matrix.org account and my sso ArchLinux account won'r get listed in a separate buffer. But that's unrelated to sso. Have you had a look at iamb sso ? |
2 participants
Changes:
Updated Cargo.toml Added "sso-login" feature to the matrix-sdk dependency
Updated connection.rs
Added a local HTTP server to automatically capture the SSO callback.
Added SsoLoginUrl(String) variant to ClientMessage enum.
Added LoginType import from ruma::api::client::session::get_login_types::v3.
Updated response_receiver to handle SsoLoginUrl messages Modified sync_loop to:
Query available login flows using get_login_types() Check if SSO is available
Generate and display SSO URL when SSO is available and credentials are empty
Fall back to password login when credentials are provided.
Added login_with_token() method to complete SSO login with a token.
Updated server.rs
Added receive_sso_url() method to display SSO URL and optionally open browser.
Added complete_sso_login() method to complete SSO login with a token.
Added use_sso parameter (defaults to False).
Updated commands/matrix.rs
Added sso-complete command to the command structure.
Added handler method sso_complete_command().
Added subcommand to argparse.
How to use:
The plugin will:
Check if SSO is available on matrix.org
Display the SSO login URL
Optionally open it in your browser
After "completing" SSO in the browser (the connection failure is expected): Copy the loginToken from the callback URL (the parameter after loginToken=)
Run:
/matrix sso-complete m <login-token>The plugin will complete the login and you'll be connected.
The implementation follows the same pattern as the matrix-rust-sdk examples and should work with matrix.org and other homeservers that support SSO.
Note that the sessions list in the WEB client will be showing the connected device as unverified, which still works for connections not leveraging E2E encryption (https transport encrpytion would still apply).
Assisted-by: Cursor AI agent (Claude 4.5 Opus)