nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-02-11 14:54:02 -05:00

Author	SHA1	Message	Date
Côme Chilliet	7ed583cb8e	chore: Migrate cleanAppId and getAppPath calls to IAppManager from OC_App Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-09-13 10:08:43 +02:00
Daniel Kesselberg	af6de04e9e	style: update codestyle for coding-standard 1.2.3 Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2024-08-25 19:34:58 +02:00
S1m	9189bc290b	feat(webauthn): Add user verification to webauthn challenges Require user verification if all tokens are registered with UV flag, else discourage it Signed-off-by: S1m <git@sgougeon.fr> Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>	2024-08-15 11:03:10 +02:00
Christoph Wurst	5100e3152d	feat(auth): Clean-up unused auth tokens and wipe tokens Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-08-13 12:39:11 +02:00
Arthur Schiwon	99182aac37	fix(Token): take over scope in token refresh with login by cookie Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2024-07-19 15:53:46 +02:00
Arthur Schiwon	6a783d9b08	fix(Session): avoid race conditions on clustered setups - re-stablishes old behaviour with cache to return null instead of throwing an InvalidTokenException when the token is cached as non-existing - token invalidation and re-generation are bundled in a DB transaction now Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2024-07-10 13:28:33 +02:00
Joas Schilling	8130968a35	feat(notifications): Migrate server INotifiers to new exceptions Signed-off-by: Joas Schilling <coding@schilljs.com>	2024-06-25 11:56:24 +02:00
Arthur Schiwon	f6d6efef3a	refactor(Token): introduce scope constants Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2024-06-05 19:01:14 +02:00
Arthur Schiwon	340939e688	fix(Session): avoid password confirmation on SSO SSO backends like SAML and OIDC tried a trick to suppress password confirmations as they are not possible by design. At least for SAML it was not reliable when existing user backends where used as user repositories. Now we are setting a special scope with the token, and also make sure that the scope is taken over when tokens are regenerated. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2024-06-05 19:01:13 +02:00
Daniel	fca38e12c8	Merge pull request #45411 from nextcloud/fix/auth/selective-token-activity-update fix(auth): Update authtoken activity selectively	2024-05-29 12:05:45 +02:00
Andy Scherzinger	dae7c159f7	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-24 13:11:22 +02:00
Christoph Wurst	bcc02a3c71	fix(auth): Update authtoken activity selectively Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-05-21 07:55:01 +02:00
Christoph Wurst	fe7217d2d3	Merge pull request #45026 from nextcloud/fix/token-update Avoid updating the same oc_authtoken row twice	2024-05-16 12:00:32 +02:00
Julius Härtl	04780ae30a	fix: Always set last activity if we update the row of an authtoken anyways Signed-off-by: Julius Härtl <jus@bitgrid.net>	2024-04-29 15:20:17 +02:00
Joas Schilling	bc4a102f52	fix(session): Avoid race condition for cache::get() vs. cache::hasKey() Signed-off-by: Joas Schilling <coding@schilljs.com>	2024-04-29 12:45:44 +02:00
Ferdinand Thiessen	e8452d9ef1	fix(deps): Bump web-auth/webauthn-lib from 3.3.9 to 4.8.5 Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-04-16 11:48:13 +02:00
Côme Chilliet	ab6afe0111	fix: Fix new psalm errors from update Not sure about the SimpleContainer modification, let’s see what CI says about that. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-04-08 11:29:09 +02:00
Côme Chilliet	ec5133b739	fix: Apply new coding standard to all files Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-04-02 14:16:21 +02:00
Benjamin Gaussorgues	d1189f923c	feat(perf): add cache for authtoken lookup Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2024-02-28 15:04:04 +01:00
Vincent Petry	839ddaa354	feat: rename users to account or person Replace translated text in most locations Signed-off-by: Vincent Petry <vincent@nextcloud.com>	2024-02-13 21:06:30 +01:00
Côme Chilliet	8bcc2d352e	chore: Fix missing template parameter for IEventListener Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-30 10:57:15 +01:00
Côme Chilliet	a526a382bf	Import OCP IToken as OCPIToken to avoid a name clash in lib/private Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 15:45:14 +01:00
Côme Chilliet	37a6e15f87	Use OCP version of IToken in AppPasswordCreatedEvent Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 14:02:15 +01:00
Côme Chilliet	8fc39aeb1c	Use IToken from OCP instead of OC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 14:02:15 +01:00
Côme Chilliet	95ea6188dc	Suppress or fix psalm errors related to InvalidTokenException Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 14:02:15 +01:00
Côme Chilliet	eee9f1eec4	Always catch OCP versions of authentication exceptions And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 14:02:15 +01:00
Alexander Piskun	26d343d33a	AppAPI: allowed to bypass Two-Factor Signed-off-by: Alexander Piskun <bigcat88@icloud.com>	2023-12-28 20:59:02 +03:00
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2023-11-23 10:36:13 +01:00
Christoph Wurst	a5422a3998	fix: Show error message when CSRF check fails at login Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-11-08 15:18:34 +01:00
Côme Chilliet	d8b42c6131	Allow passing null to PublicKeyToken::setScope, fixes tests Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-10-23 15:52:07 +02:00
Côme Chilliet	33a24134a7	Improve docblock annotations for tokens and their exceptions Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-10-23 15:20:04 +02:00
Côme Chilliet	58a57a714e	Use more precise typing for setScope method parameter Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-10-23 15:19:38 +02:00
Côme Chilliet	1bdf952fde	Make sure that OC interfaces returns OC interfaces for backward compatibility Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-10-23 11:08:23 +02:00
Côme Chilliet	b82e25ea7a	Move Exceptions used in OCP to OCP Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-10-23 10:26:25 +02:00
Côme Chilliet	356f0291a2	Align PublicKeyToken with interface changes Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-10-23 09:41:32 +02:00
Côme Chilliet	f94fb33062	Move IToken and IProvider::getToken to OCP Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-10-20 17:51:33 +02:00
Benjamin Gaussorgues	4361019f2f	fix(twofactor): avoid error in pgsql for duplicate entry Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2023-10-06 11:23:23 +02:00
Lucas Azevedo	2a36acfc2b	Fix typo Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>	2023-08-25 11:20:34 -03:00
Lucas Azevedo	c93b1634d3	Fixes from static analysis Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com> Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>	2023-08-25 10:41:46 -03:00
Lucas Azevedo	fe9b9c1955	Add last-used-before option Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>	2023-08-25 02:07:57 -03:00
Daniel Kesselberg	32303b6ed5	docs: remove superfluous phpdocs Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2023-08-10 15:01:56 +02:00
Joas Schilling	dac31ad101	fix!: Remove legacy event dispatching Symfony's GenericEvent from 2FA Manager Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-07-27 09:57:52 +02:00
Christoph Wurst	14719110b9	chore: Replace \OC::$server->query with \OCP\Server::get in /lib Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-07-06 15:21:22 +02:00
Joas Schilling	05aa39d777	Fix event names of 2FA related typed events Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-07-03 14:25:01 +02:00
Côme Chilliet	b294edad80	Merge branch 'master' into enh/type-iconfig-getter-calls Signed-off-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>	2023-04-20 16:52:38 +02:00
Christoph Wurst	5eb768ac5e	fix(auth): Run token statements in atomic transaction All or nothing Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-04-12 15:55:42 +02:00
Côme Chilliet	426c0341ff	Use typed version of IConfig::getSystemValue as much as possible Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-04-05 12:50:08 +02:00
jld3103	d9f8522003	Fix types for reading and writing config values Signed-off-by: jld3103 <jld3103yt@gmail.com>	2023-04-05 09:08:56 +02:00
Côme Chilliet	8568c11d24	Merge pull request #36033 from nextcloud/invalidateTokensWhenDeletingOAuthClientMaster [master] invalidate existing tokens when deleting an oauth client	2023-03-15 11:09:51 +01:00
Artur Neumann	f634badf12	public interface to invalidate tokens of user Signed-off-by: Artur Neumann <artur@jankaritech.com>	2023-03-14 17:13:29 +01:00

1 2 3 4 5 ...

305 commits