upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-17 10:59:53 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 12
nextcloud/apps/oauth2
History
Peter Ringelmann 85dd814f54 fix(frontend): add strict password confirmation for sensitive admin actions 
Register axios password confirmation interceptors in the apps
management, admin delegation, admin security, and OAuth2 settings
bundles, and pass PwdConfirmationMode.Strict on requests to endpoints
protected with #[PasswordConfirmationRequired(strict: true)], so that
the user password is verified via Basic auth on the request itself
rather than relying on the session timestamp.

Signed-off-by: Peter Ringelmann <peter.ringelmann@nextcloud.com>
2026-04-21 16:49:31 +02:00
..
appinfo chore: apply new CSFixer rules 2025-07-01 16:26:50 +02:00
composer fix(oauth2): retain support for legacy ownCloud clients 2025-04-01 11:25:52 +02:00
l10n fix(l10n): Update translations from Transifex 2026-03-29 00:34:11 +00:00
lib fix: Add missing PasswordConfirmationRequired attributes 2026-04-21 13:41:43 +00:00
src fix(frontend): add strict password confirmation for sensitive admin actions 2026-04-21 16:49:31 +02:00
templates chore: Apply new rector configuration to apps folder 2025-02-13 11:46:42 +01:00
tests fix(oauth2): Do not store the code in throttle metadata 2026-03-23 09:32:12 +00:00
.l10nignore chore: Add SPDX header 2024-05-31 10:38:47 +02:00
openapi.json fix(oauth2): Limit allowed grant_type values in getToken 2025-08-25 13:40:35 +02:00
openapi.json.license chore: Add SPDX header 2024-05-31 10:38:47 +02:00