nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-02-03 20:41:22 -05:00

Author	SHA1	Message	Date
Carl Schwan	6408ed0b51	feat(AppFramework): Add missing NoSameSiteCookieRequired attribute Allow to replace the old annotation. Signed-off-by: Carl Schwan <carl.schwan@nextcloud.com>	2026-01-28 21:48:16 +01:00
Ferdinand Thiessen	d26ec02aa1	refactor(core): migrate login flow ui from jQuery to Vue Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2026-01-14 01:15:01 +01:00
Ferdinand Thiessen	5981b7eb51	chore: apply new CSFixer rules Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de> # Conflicts: # apps/settings/lib/SetupChecks/PhpOpcacheSetup.php	2025-07-01 16:26:50 +02:00
Ferdinand Thiessen	495c364268	chore: use consistent casing for header names (required by openAPI) Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-06-09 19:24:26 +02:00
Ferdinand Thiessen	fa7310add9	fix: handle IDLE timeout Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-06-03 14:24:51 +02:00
provokateurin	82fb8f8508	refactor: Extend rector to core/ Signed-off-by: provokateurin <kate@provokateurin.de>	2025-05-15 00:16:54 +02:00
Richard Steinmetz	246da73a36	fix(oauth2): retain support for legacy ownCloud clients Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>	2025-04-01 11:25:52 +02:00
Côme Chilliet	f52b4c5eb2	fix: Remove skip of grant page, only skip first step Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-01-07 10:34:30 +01:00
Côme Chilliet	e7be008dc1	feat(oauth2): Skip page before login as well for authorized applications Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-01-07 10:34:30 +01:00
Côme Chilliet	9b366c65d4	feat(oauth): Allow to skip the grant step for selected applications Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-01-07 10:34:30 +01:00
provokateurin	9836e9b164	chore(deps): Update nextcloud/coding-standard to v1.3.1 Signed-off-by: provokateurin <kate@provokateurin.de>	2024-09-19 14:21:20 +02:00
Daniel Kesselberg	af6de04e9e	style: update codestyle for coding-standard 1.2.3 Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2024-08-25 19:34:58 +02:00
provokateurin	c57c3c1573	refactor(core): Replace security annotations with respective attributes Signed-off-by: provokateurin <kate@provokateurin.de>	2024-07-26 07:30:45 +02:00
Andy Scherzinger	e07a190641	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-27 14:53:40 +02:00
provokateurin	2c51933b6b	refactor(core): Switch to attribute based routing Signed-off-by: provokateurin <kate@provokateurin.de>	2024-02-21 12:07:50 +01:00
provokateurin	b64ab5fba8	refactor: Migrate IgnoreOpenAPI attributes to OpenAPI Signed-off-by: provokateurin <kate@provokateurin.de>	2024-01-18 16:14:17 +01:00
Côme Chilliet	95ea6188dc	Suppress or fix psalm errors related to InvalidTokenException Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 14:02:15 +01:00
Côme Chilliet	eee9f1eec4	Always catch OCP versions of authentication exceptions And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 14:02:15 +01:00
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2023-11-23 10:36:13 +01:00
Julien Veyssier	c6da99474e	rename oauth2_access_token's created_at to code_created_at Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	807f173dec	make oauth2 authorization code expire after 10 minutes Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
jld3103	1be836273d	core: Add OpenAPI spec Signed-off-by: jld3103 <jld3103yt@gmail.com>	2023-07-13 07:24:15 +02:00
Faraz Samapoor	fc0e2a938f	Applies agreed-upon indentation convention to the changed controllers. Based on https://github.com/nextcloud/server/pull/38636#discussion_r1218167753 Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>	2023-06-05 18:35:32 +03:30
Faraz Samapoor	450bf5c99e	Refactors controllers by using PHP8's constructor property promotion. Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>	2023-06-04 23:20:35 +03:30
Faraz Samapoor	a1ef0285f8	Refactors "strpos" calls in /core to improve code readability. Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>	2023-06-02 13:13:19 +03:30
Christoph Wurst	20e00cdf17	feat(app-framework): Add UseSession attribute to replace annotation Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-01-27 09:40:35 +01:00
Carl Schwan	b70c6a128f	Update core to PHP 7.4 standard - Typed properties - Port to LoggerInterface Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-05-20 22:18:06 +02:00
Joas Schilling	db1813f640	Show user account on grant loginflow step Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-05-13 10:50:30 +02:00
Vincent Petry	80388663af	Add direct arg to login flow Signed-off-by: Vincent Petry <vincent@nextcloud.com> Co-Authored-by: Carl Schwan <carl@carlschwan.eu>	2022-03-28 10:28:45 +02:00
Julius Härtl	61dd1d3d97	Pass username prefill through unauthenticated request redirects Signed-off-by: Julius Härtl <jus@bitgrid.net>	2021-12-29 11:52:31 +01:00
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2021-06-04 22:02:41 +02:00
Christoph Wurst	f8808e260d	Move app_password_created to a typed event Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-02-09 18:49:35 +01:00
Christoph Wurst	2a054e6c04	Update the license headers for Nextcloud 20 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-08-24 14:54:25 +02:00
Joas Schilling	543fabe279	Make magic strings of ClientFlowLogin and v2 publicly available Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-07-17 09:06:13 +02:00
Roeland Jago Douma	ffad3f83fe	Validate app password on alternative login Fixes #20838 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-05-07 16:32:28 +02:00
Christoph Wurst	cb057829f7	Update license headers for 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-29 11:57:22 +02:00
Christoph Wurst	28f8eb5dba	Add visibility to all constants Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:54:27 +02:00
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 14:19:56 +02:00
Christoph Wurst	14c996d982	Use elseif instead of else if Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 10:35:09 +02:00
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-12-05 15:38:45 +01:00
RussellAult	19791b2460	Check getRedirectUri() for queries Resolves Issue #17885 Check getRedirectUri() for queries, and add a '&' instead of a '?' to $redirectUri if it already has them; otherwise, $redirectUri might end up with two '?'. Signed-off-by: RussellAult <russellault@users.noreply.github.com>	2019-11-13 14:05:03 +01:00
Sergej Nikolaev	1b5d85a4ca	fix oauth client redirect Signed-off-by: Sergej Nikolaev <kinolaev@gmail.com>	2019-10-04 21:09:13 +03:00
Roeland Jago Douma	6dc179ee12	Fix login flow form actions So fun fact. Chrome considers a redirect after submitting a form part of the form actions. Since we redirect to a new protocol (nc://login/). Causing the form submission to work but the redirect failing hard. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-08-11 19:53:49 +02:00
Daniel Kesselberg	c583c5e7e2	Emit event if app password created Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2019-02-18 17:47:43 +01:00
Daniel Kesselberg	149a98edf6	Publish activity for app token created by client login flow Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2019-02-17 23:49:54 +01:00
Roeland Jago Douma	b68567e9ba	Add StandaloneTemplateResponse This can be used by pages that do not have the full Nextcloud UI. So notifications etc do not load there. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-02-06 11:26:18 +01:00
Roeland Jago Douma	66367797df	Fix template paramter Else we get shown an error page instead of the correct 403. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-01-18 15:30:38 +01:00
Roeland Jago Douma	e6ac233947	Fix loginflow with apptoken enter on iOS It seems iOS doesn't like us to change the location. So now we submit it to the server that geneartes the redirect. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-01-04 21:51:36 +01:00
Roeland Jago Douma	763b52d402	Fix SAML Client login flow on Apple devices Because the redirect from the SAML/SSO endpoint is a POST the lax/strict cookies are not properly send. Note that it is not strictly requried on this endpoint as we do not need the remember me data. Only the real session info is enough. The endpoint is also already protected by a state token. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-12-17 12:50:32 +01:00
John Molakvoæ (skjnldsv)	5e4990fadd	Remove redirect page Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2018-11-29 10:27:22 +01:00

1 2

71 commits