upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-02-17 01:41:05 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 32
79918 commits 693 branches 1185 tags 6.5 GiB
Commit graph

58 commits

Author SHA1 Message Date
Richard Steinmetz
1653cd2dea
fix(oauth2): retain support for legacy ownCloud clients 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-04-02 12:05:18 +02:00
Côme Chilliet
75f8bb51ed fix: Rename config option to skipAuthPickerApplications to match what it does 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-01-07 10:34:30 +01:00
Côme Chilliet
cca0e84480 feat(oauth2): Add a test for skipping auth page 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-01-07 10:34:30 +01:00
Côme Chilliet
99e0867f0a chore: Adapt tests to added constructor parameters 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-01-07 10:34:30 +01:00
Côme Chilliet
1580c8612b
chore(apps): Apply new rector configuration to autouse classes 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-10-15 10:40:25 +02:00
Côme Chilliet
1a4978c4ea
chore: Apply rector configuration to apps folder 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-09-20 17:51:00 +02:00
provokateurin
9836e9b164
chore(deps): Update nextcloud/coding-standard to v1.3.1 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-09-19 14:21:20 +02:00
Christoph Wurst
49dd79eabb
refactor: Add void return type to PHPUnit test methods 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-09-15 22:32:31 +02:00
Julien Veyssier
120e7e838c
fix(oauth2): fix tests 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2024-09-02 14:38:39 +02:00
Julien Veyssier
034917b790
fix(oauth2): store hashed secret instead of encrypted 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2024-09-02 14:38:39 +02:00
Artur Neumann
84ee79fe43 fix: expect invalidateTokensOfUser only be called for seen users 
Signed-off-by: Artur Neumann <artur@jankaritech.com>
 2024-08-16 10:33:56 +02:00
Andy Scherzinger
cc1686dba9
chore: Add SPDX header 
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
 2024-05-31 10:38:47 +02:00
Joas Schilling
aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +01:00
Julien Veyssier
32f984c520
adjust oauth tests 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier
c6da99474e
rename oauth2_access_token's created_at to code_created_at 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier
ddfc124767
add test for refusing to get an oauth token from a code when we're not in authorization state 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier
2995b0948f
add tests for oauth2 authorization code expiration 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier
807f173dec
make oauth2 authorization code expire after 10 minutes 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Joas Schilling
25309bcb45
techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-28 15:50:45 +02:00
Julien Veyssier
629adc318f add bruteforce protection in OauthApiController 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-06-19 11:18:06 +02:00
Julien Veyssier
8086d7e41b add test that inserts a long oauth client secret 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-06-14 17:21:38 +02:00
Julien Veyssier
808819a4d0
fix oauth2 tests 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-06-08 13:02:40 +02:00
Julien Veyssier
18c742a901
encrypt oauth2 client secrets 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-06-07 11:36:08 +02:00
Artur Neumann
e97540b9c6
move mocks into private variables 
Signed-off-by: Artur Neumann <artur@jankaritech.com>
 2023-03-14 17:18:56 +01:00
Artur Neumann
707e69b203
adjust SettingsController tests 
Signed-off-by: Artur Neumann <artur@jankaritech.com>
 2023-03-14 17:13:29 +01:00
Artur Neumann
21be557e2a
invalidate existing tokens when deleting an oauth client 
Signed-off-by: Artur Neumann <artur@jankaritech.com>
 2023-03-14 17:13:23 +01:00
Côme Chilliet
9b26c4a277
Fix PHP error on PHP >= 8.2 about dynamic property use in tests 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-12-19 15:58:46 +01:00
Côme Chilliet
539162ba8b
Remove at matchers from tests in: 
* apps/oauth2
* tests/Test/Repair/Owncloud

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-08-02 15:27:52 +02:00
Carl Schwan
53db418ee9 Cleanup oauth2 admin settings 
- Use more vue components
- Add link to doc

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-07-14 12:16:13 +02:00
Joas Schilling
617528312a
Fix last tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-12-02 10:39:49 +01:00
Joas Schilling
c6ae53096c
More test fixing 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-12-01 22:17:19 +01:00
John Molakvoæ (skjnldsv)
215aef3cbd
Update php licenses 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2021-06-04 22:02:41 +02:00
Christoph Wurst
d89a75be0b
Update all license headers for Nextcloud 21 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-12-16 18:48:22 +01:00
Joas Schilling
39131519b2
Make the test pass on repeating calls 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-11-10 15:34:35 +01:00
Christoph Wurst
2a054e6c04
Update the license headers for Nextcloud 20 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-08-24 14:54:25 +02:00
Morris Jobke
234b510652
Change PHPDoc type hint from PHPUnit_Framework_MockObject_MockObject to \PHPUnit\Framework\MockObject\MockObject 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2020-08-12 13:55:19 +02:00
Christoph Wurst
1a9330cd69
Update the license headers for Nextcloud 19 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-03-31 14:52:54 +02:00
Christoph Wurst
2ee65f177e
Use the shorter phpunit syntax for mocked return values 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-03-25 22:21:27 +01:00
Daniel Kesselberg
509af24bc9
Fix invalid instantiation of TemplateResponse if client not found 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2020-03-15 11:55:07 +01:00
Christoph Wurst
5bf3d1bb38
Update license headers 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-12-05 15:38:45 +01:00
Roeland Jago Douma
3a7cf40aaa
Mode to modern phpunit 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-27 15:27:18 +01:00
Roeland Jago Douma
c007ca624f
Make phpunit8 compatible 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-27 13:34:41 +01:00
Roeland Jago Douma
68748d4f85
Some php-cs fixes 
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-22 20:52:10 +01:00
Roeland Jago Douma
9e2bb5ef36 Move oauth admin settings to initialstate 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
 2019-09-28 13:30:34 +00:00
Roeland Jago Douma
470318db36
Fix the actual oauth2 tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-07-01 09:52:27 +02:00
Roeland Jago Douma
1e6711305a
Fail gracefull if an unkown oauth2 client tries to authenticate 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-12-06 21:14:34 +01:00
Roeland Jago Douma
674930da7f
Move ExpiredTokenException to the correct namespace 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-30 19:30:45 +01:00
Roeland Jago Douma
75456b057d
Reset bruteforce on token refresh OAuth 
When using atoken obtained via OAuth the token expires. Resulting in
brute force attempts hitting the requesting IP.

This resets the brute force attempts for that UID on a valid refresh of
the token.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-30 11:21:27 +01:00
rakekniven
b24b5bd297
Update SettingsControllerTest.php 
adapted test for grammar change of URL
 2018-06-30 08:51:58 +02:00
Roeland Jago Douma
555de27567
Validate OAuth2 redirect uri 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-06-26 16:15:53 +02:00