nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-05-19 08:25:56 -04:00

Author	SHA1	Message	Date
MichaIng	b91dc51f6c	Merge pull request #29166 from nextcloud/backport/29122/stable20 [stable20] Tokens without password should not trigger changed password invalidation	2021-10-11 17:13:05 +02:00
Julius Härtl	2377fdd8a9	Tokens without password should not trigger changed password invalidation Signed-off-by: Julius Härtl <jus@bitgrid.net>	2021-10-11 12:39:53 +00:00
Tobias Assmann	b52ebf5224	add spaces around operators Signed-off-by: Tobias Assmann <tobias.assmann@ecsec.de>	2021-10-08 08:14:52 +02:00
Tobias Assmann	3dc6f0671a	draft to prevent the invalidation of pw based authn tokens on a pw less login Signed-off-by: Tobias Assmann <tobias.assmann@ecsec.de>	2021-10-08 08:14:49 +02:00
Lukas Reschke	5a1faab167	Remove throwing annotation This class was just introduced in Nc 21. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-06-22 13:55:49 +02:00
Lukas Reschke	481715c8f8	Use execute instead of executeStatement Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-06-22 13:54:03 +02:00
Morris Jobke	a0bd1800e8	Properly cleanup entries of WebAuthn on user deletion Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2021-06-22 13:46:28 +02:00
Christoph Wurst	3a3d7ea6cd	Type the authentication listeners Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-10-15 22:34:18 +00:00
Roeland Jago Douma	e0bc29d907	Allow configuring the activity update interval of token On some systems with a lot of users this creates a lot of extra DB writes. Being able to increase this interval helps there. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-10-06 08:04:12 +00:00
Roeland Jago Douma	ac5f2914c7	Merge pull request #22641 from nextcloud/fix/credentials-store-upgrade-property-undefined Fix undefined class property access after upgrade from 19 to 20	2020-09-08 10:26:23 +02:00
Christoph Wurst	1f7f93a695	Update license headers for Nextcloud 20 (again) There are still lots of outdated headers, so time for another round of updates. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-09-07 14:37:44 +02:00
Christoph Wurst	adf100a42f	Fix undefined class property access after upgrade from 19 to 20 The serialized data in 19 has one property less and this was not considered in the code. Hence adding a fallback. Moreover I'm changing the deserialization into an array instead of object, as that is the safer option. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-09-07 13:31:24 +02:00
Roeland Jago Douma	0452877a67	Fix app password updating out of bounds When your password changes out of bounds your Nextcloud tokens will become invalid. There is no real way around that. However we should make sure that if you successfully log in again your passwords are all updates * Added event listener to the PostLoggedInEvent so that we can act on it - Only if it is not a token login * Make sure that we actually reset the invalid state when we update a token. Else it keeps being marked invalid and thus not used. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-09-03 21:13:36 +02:00
Roeland Jago Douma	7b8364e001	Merge pull request #21288 from lmamane/master Return correct loginname in credentials	2020-08-28 16:11:46 +02:00
Christoph Wurst	2a054e6c04	Update the license headers for Nextcloud 20 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-08-24 14:54:25 +02:00
Lionel Elie Mamane	ac8b40b8b1	Return correct loginname in credentials, even when token is invalid or has no password. Returning the uid as loginname is wrong, and leads to problems when these differ. E.g. the getapppassword API was creating app token with the uid as loginname. In a scenario with external authentication (such as LDAP), these tokens were then invalidated next time their underlying password was checked, and systematically ceased to function. Co-authored-by: kesselb <mail@danielkesselberg.de> for: switch to consistent camelCase Signed-off-by: Lionel Elie Mamane <lionel@mamane.lu>	2020-08-20 16:02:22 +02:00
Morris Jobke	fedf9c69d9	Use matching parameter names form interfaces and implementations Found by Psalm 3.14.1 Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-08-19 18:16:35 +02:00
Morris Jobke	725fecee34	Merge pull request #21344 from nextcloud/fix/twofactor-cleanup-event Emit an event for every disabled 2FA provider during cleanup	2020-08-13 07:25:01 +02:00
Roeland Jago Douma	884f3d009a	Discourage webauthn user interaction Else people might have the feeling this is also doing 2FA. And since it is only prefered it can be ignored and hacked around. Once we have proper 2FA with webauthn in one go this probably needs to be revisted. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-07-16 21:10:07 +02:00
Christoph Wurst	68794ebc92	Emit an event for every disabled 2FA provider during cleanup Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-06-16 14:38:33 +02:00
Christoph Wurst	3474afa938	Clean up auth tokens when user is deleted Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-06-15 19:24:04 +02:00
Christoph Wurst	2006a6dd0e	Improve traces of invalid token exceptions Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-05-27 09:21:47 +02:00
Roeland Jago Douma	f4ac9ffa2c	Remember the webauthn name of devices Fixes #20289 we should not reset to default once we have logged in with the device. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-05-07 16:13:19 +02:00
Christoph Wurst	cb057829f7	Update license headers for 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-29 11:57:22 +02:00
Julius Härtl	2eadf9d567	Do not create remember me cookie Signed-off-by: Julius Härtl <jus@bitgrid.net>	2020-04-23 19:12:54 +02:00
Christoph Wurst	28f8eb5dba	Add visibility to all constants Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:54:27 +02:00
Christoph Wurst	1584c9ae9c	Add visibility to all methods and position of static keyword Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:51:06 +02:00
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 14:19:56 +02:00
Christoph Wurst	14c996d982	Use elseif instead of else if Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 10:35:09 +02:00
Christoph Wurst	afbd9c4e6e	Unify function spacing to PSR2 recommendation Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 13:54:22 +02:00
Christoph Wurst	2a529e453a	Use a blank line after the opening tag Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 11:50:14 +02:00
Christoph Wurst	41b5e5923a	Use exactly one empty line after the namespace declaration For PSR2 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 11:48:10 +02:00
Christoph Wurst	2fbad1ed72	Fix (array) indent style to always use one tab Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 10:16:08 +02:00
Christoph Wurst	85e369cddb	Fix multiline comments Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-08 22:24:54 +02:00
Roeland Jago Douma	19ca921676	Merge pull request #20241 from nextcloud/fix/license-headers-19 Update the license headers for Nextcloud 19	2020-04-01 12:44:21 +02:00
Roeland Jago Douma	590849e4d7	Merge pull request #19858 from nextcloud/feature/webauthn Add WebAuthn support	2020-03-31 22:55:13 +02:00
Roeland Jago Douma	53db05a1f6	Start with webauthn Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>	2020-03-31 22:17:07 +02:00
Roeland Jago Douma	f04f34b94b	Make password nullable in LoginData Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-03-31 21:52:01 +02:00
Roeland Jago Douma	84f3d2ddeb	[POC] Event for failed login attempts Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-03-31 21:41:02 +02:00
Christoph Wurst	1a9330cd69	Update the license headers for Nextcloud 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-31 14:52:54 +02:00
Christoph Wurst	74936c49ea	Remove unused imports Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-25 22:08:08 +01:00
Roeland Jago Douma	3b26bfe879	Merge pull request #20127 from nextcloud/bugfix/noid/check-user-on-remote-wipe Check the user on remote wipe	2020-03-24 20:26:52 +01:00
Joas Schilling	dc7913efcd	Fix recursive calls in logging via server methods Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-03-18 18:59:49 +01:00
Joas Schilling	9935c71ec3	Check the user on remote wipe Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-03-16 09:29:28 +01:00
Christoph Wurst	1f7cb027a4	Merge pull request #19820 from nextcloud/fix/mismatching-docblock-return-type Fix mismatching docblock return types	2020-03-09 17:43:17 +01:00
Christoph Wurst	df9e2b828a	Fix mismatching docblock return types Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-06 16:38:25 +01:00
Christoph Wurst	5fc4c91a76	Fix mismatching doc block parameter types Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-06 16:28:42 +01:00
Christoph Wurst	6127c288e8	Fix license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-01-13 14:23:49 +01:00
Christoph Wurst	60d4b45e89	Clean up 2FA provider registry when a user is deleted Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-01-08 10:51:44 +01:00
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-12-05 15:38:45 +01:00

1 2 3 4

194 commits