nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-02-18 02:10:56 -05:00

Author	SHA1	Message	Date
Richard Steinmetz	1653cd2dea	fix(oauth2): retain support for legacy ownCloud clients Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>	2025-04-02 12:05:18 +02:00
Côme Chilliet	75f8bb51ed	fix: Rename config option to skipAuthPickerApplications to match what it does Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-01-07 10:34:30 +01:00
Côme Chilliet	e7be008dc1	feat(oauth2): Skip page before login as well for authorized applications Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-01-07 10:34:30 +01:00
provokateurin	085d4c9364	refactor(OpenAPI): Adjust scopes to match previous behavior Signed-off-by: provokateurin <kate@provokateurin.de>	2025-01-06 14:30:40 +01:00
provokateurin	381077028a	refactor(apps): Use constructor property promotion when possible Signed-off-by: provokateurin <kate@provokateurin.de>	2024-10-21 12:37:59 +02:00
Ferdinand Thiessen	2ef74b9860	Merge pull request #47329 from nextcloud/feat/add-datetime-qbmapper-support feat(AppFramework): Add full support for date / time / datetime columns	2024-10-18 19:05:08 +02:00
Git'Fellow	a1681b0756	chore(db): Apply query prepared statements Fix: psalm fix: bad file fix: bug chore: add batch chore: add batch chore: add batch fix: psalm	2024-10-17 20:30:47 +02:00
Ferdinand Thiessen	0e54c2bd43	fix: Adjust Entity types Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-10-17 18:31:44 +02:00
provokateurin	54ec472d9a	fix(BackgroundJobs): Adjust intervals and time sensitivities Signed-off-by: provokateurin <kate@provokateurin.de>	2024-10-08 11:26:53 +02:00
Côme Chilliet	1a4978c4ea	chore: Apply rector configuration to apps folder Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-09-20 17:51:00 +02:00
provokateurin	9836e9b164	chore(deps): Update nextcloud/coding-standard to v1.3.1 Signed-off-by: provokateurin <kate@provokateurin.de>	2024-09-19 14:21:20 +02:00
Julien Veyssier	120e7e838c	fix(oauth2): fix tests Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2024-09-02 14:38:39 +02:00
Julien Veyssier	034917b790	fix(oauth2): store hashed secret instead of encrypted Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2024-09-02 14:38:39 +02:00
Artur Neumann	cc44ec54ad	invalidate oauth2 tokens only for seen users Signed-off-by: Artur Neumann <artur@jankaritech.com>	2024-08-16 10:33:52 +02:00
provokateurin	d8adbce1be	refactor(oauth2): Replace security annotations with respective attributes Signed-off-by: provokateurin <kate@provokateurin.de>	2024-07-29 16:45:54 +02:00
Andy Scherzinger	cc1686dba9	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-31 10:38:47 +02:00
Côme Chilliet	eee9f1eec4	Always catch OCP versions of authentication exceptions And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 14:02:15 +01:00
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2023-11-23 10:36:13 +01:00
Julien Veyssier	d56950a6c9	adjust phpdoc types in OauthApiController Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:03 +02:00
Julien Veyssier	d2bc483adf	adjust oauth app Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	32f984c520	adjust oauth tests Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	c6da99474e	rename oauth2_access_token's created_at to code_created_at Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	e944980eb6	add db index on oauth2_access_tokens's (token_count, created_at) Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	779e1d51ac	delete oauth access token when receiving a code that has expired Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	1ab45bad5d	refuse oauth authorization code if a token has already been delivered (active token) Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	7bba410997	cleanup access tokens that are still in authorization state and that have expired Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	2995b0948f	add tests for oauth2 authorization code expiration Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	807f173dec	make oauth2 authorization code expire after 10 minutes Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Joas Schilling	25309bcb45	techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-08-28 15:50:45 +02:00
jld3103	1c19c567fe	oauth2: Add OpenAPI spec Signed-off-by: jld3103 <jld3103yt@gmail.com>	2023-07-12 07:32:30 +02:00
Julien Veyssier	629adc318f	add bruteforce protection in OauthApiController Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-06-19 11:18:06 +02:00
Julien Veyssier	578bf8cc0b	add extra migration that sets the secret column length in case the previous step has run when it was setting it to 256 Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-06-14 17:21:38 +02:00
Julien Veyssier	24e517c5b3	make oauth2 client secret column larger Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-06-14 17:21:38 +02:00
Julien Veyssier	18c742a901	encrypt oauth2 client secrets Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-06-07 11:36:08 +02:00
Artur Neumann	f634badf12	public interface to invalidate tokens of user Signed-off-by: Artur Neumann <artur@jankaritech.com>	2023-03-14 17:13:29 +01:00
Artur Neumann	21be557e2a	invalidate existing tokens when deleting an oauth client Signed-off-by: Artur Neumann <artur@jankaritech.com>	2023-03-14 17:13:23 +01:00
luz paz	9d26671f05	Fix typos in apps/ subdirectory Found via `codespell -q 3 -S l10n,./apps/files_external/3rdparty -L adn,ba,boxs,keypair,jus,optionel,ressource,tabel ./apps/` Signed-off-by: luz paz <luzpaz@github.com> Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>	2022-09-05 12:59:54 +00:00
Carl Schwan	53db418ee9	Cleanup oauth2 admin settings - Use more vue components - Add link to doc Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-07-14 12:16:13 +02:00
Daniel Kesselberg	11cacb52d4	Use property name for addType Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2022-05-12 21:12:46 +02:00
Louis Chemineau	c5722869be	Add oauth2_clients migration for Owncloud Signed-off-by: Louis Chemineau <louis@chmn.me>	2022-03-24 18:08:43 +01:00
Joas Schilling	c6ae53096c	More test fixing Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-12-01 22:17:19 +01:00
J0WI	3b656446af	Introduce ISecureRandom::CHAR_ALPHANUMERIC Signed-off-by: J0WI <J0WI@users.noreply.github.com>	2021-07-08 15:11:31 +02:00
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2021-06-04 22:02:41 +02:00
Christoph Wurst	99f2fa73d1	Fix usage of rename executeUpdate Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-05-05 10:35:25 +02:00
Roeland Jago Douma	c2f7c417b2	Add psalm annotation to the DB handlers of OAuth2 * Psalm annotations * To new executeUpdate Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2021-03-11 14:33:15 +01:00
Christoph Wurst	cb057829f7	Update license headers for 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-29 11:57:22 +02:00
Christoph Wurst	28f8eb5dba	Add visibility to all constants Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:54:27 +02:00
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 14:19:56 +02:00
Christoph Wurst	44577e4345	Remove trailing and in between spaces Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 16:07:47 +02:00
Christoph Wurst	1a9330cd69	Update the license headers for Nextcloud 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-31 14:52:54 +02:00

1 2

88 commits