32303b6ed5
docs: remove superfluous phpdocs
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2023-08-10 15:01:56 +07:00
dac31ad101
fix!: Remove legacy event dispatching Symfony's GenericEvent from 2FA Manager
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-07-27 09:57:52 +07:00
14719110b9
chore: Replace \OC::$server->query with \OCP\Server::get in /lib
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2023-07-06 15:21:22 +07:00
05aa39d777
Fix event names of 2FA related typed events
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-07-03 14:25:01 +07:00
d9f8522003
Fix types for reading and writing config values
...
Signed-off-by: jld3103 <jld3103yt@gmail.com>
2023-04-05 09:08:56 +07:00
f5c361cf44
composer run cs:fix
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-01-20 11:45:08 +07:00
6abb37317f
Do not setup a session when not required on WebDAV requests
...
If basic auth is used on WebDAV endpoints, we will not setup a session
by default but instead set a test cookie. Clients which handle session
cookies properly will send back the cookie then on the second request
and a session will be initialized which can be resued for
authentication.
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-12-21 21:17:16 +07:00
419828c791
Fix the type of the return array in a few more places
...
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
2022-10-18 13:22:50 +07:00
660e550260
Only check the twofactor state once per request
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-12-01 17:56:30 +07:00
215aef3cbd
Update php licenses
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2021-06-04 22:02:41 +07:00
a34085e1a2
Move 2fa backupscode to new registration
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-04-20 21:01:16 +07:00
5ee9e1f784
Move 2FA registration to IBootstrap
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-04-20 21:01:16 +07:00
3c5cf825b3
Add real events for enabled 2fa providers for users
...
* Shiny new events
* Listener to still emit the old event
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-03-22 20:57:10 +07:00
99d525eb36
Convert 2FA token type to string
...
The IConfig service is documented to handle its data as strings, hence
this changes the code a bit to ensure we store keys as string and
convert them back when reading.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-22 14:09:37 +07:00
d89a75be0b
Update all license headers for Nextcloud 21
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-12-16 18:48:22 +07:00
49ff48fcd3
Use PSR logger in authentication
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-10-12 22:07:04 +07:00
68794ebc92
Emit an event for every disabled 2FA provider during cleanup
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-16 14:38:33 +07:00
28f8eb5dba
Add visibility to all constants
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-10 16:54:27 +07:00
caff1023ea
Format control structures, classes, methods and function
...
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.
This also removes and empty lines from method/function bodies at the
beginning and end.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-10 14:19:56 +07:00
afbd9c4e6e
Unify function spacing to PSR2 recommendation
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-09 13:54:22 +07:00
2fbad1ed72
Fix (array) indent style to always use one tab
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-09 10:16:08 +07:00
74936c49ea
Remove unused imports
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-25 22:08:08 +07:00
1f7cb027a4
Merge pull request #19820 from nextcloud/fix/mismatching-docblock-return-type
...
Fix mismatching docblock return types
2020-03-09 17:43:17 +07:00
df9e2b828a
Fix mismatching docblock return types
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-06 16:38:25 +07:00
5fc4c91a76
Fix mismatching doc block parameter types
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-06 16:28:42 +07:00
60d4b45e89
Clean up 2FA provider registry when a user is deleted
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-01-08 10:51:44 +07:00
5bf3d1bb38
Update license headers
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-05 15:38:45 +07:00
a1ef939c06
Use Symfony's new contract Event class instead of the deprecated one
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-09-12 14:44:55 +07:00
579162d7b9
Allow 2FA to be setup on first login
...
Once 2FA is enforced for a user and they have no 2FA setup yet this will
now prompt them with a setup screen. Given that providers are enabled
that allow setup then.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-17 10:11:53 +07:00
ac8a6e2244
Clean pending 2FA authentication on password reset
...
When a password is reste we should make sure that all users are properly
logged in. Pending states should be cleared. For example a session where
the 2FA code is not entered yet should be cleared.
The token is now removed so the session will be killed the next time
this is checked (within 5 minutes).
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-29 13:08:56 +07:00
83e994c11f
Make it possible to enforce mandatory 2FA for groups
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-15 08:22:52 +07:00
a95154642d
Emit event on enablign or disabling of 2FA provider
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-01 15:35:24 +07:00
259c0ce11d
Add mandatory 2FA service/class
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-30 11:47:29 +07:00
7586b19e52
Only allow 2FA state changs if providers support the operation
...
Ref https://github.com/nextcloud/server/issues/11019 .
Add `twofactorauth:cleanup` command
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-25 09:54:20 +07:00
fb98db7da7
Fix handlng of concurrent inserts of the 2FA provider registry DAO
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-31 11:46:27 +07:00
1124b87bc0
Fix 2FA being enforced if only backup codes provider is active
...
Fixes https://github.com/nextcloud/server/issues/10634 .
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-10 09:26:40 +07:00
8db66d5dfb
Fix double-inserts of the same provider state
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-09 13:56:04 +07:00
d8197f2b97
Rename providerset method to get primary providers
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-08 20:28:21 +07:00
c6e47e8a51
Fix login redirection if only one 2FA provider is active
...
Fixes https://github.com/nextcloud/server/issues/10500 .
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-08 15:25:59 +07:00
d248a0bd1e
Fix 2FA provider registry population on login
...
If the 2FA provider registry has not been populated yet, we have to make
sure all available providers are loaded and queried on login. Otherwise
previously active 2FA providers aren't detected as enabled.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-08 06:57:52 +07:00
fc149bab3c
Fix duplicate inserts in the 2fa provider registry DAO
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-07-31 06:43:44 +07:00
7be465febe
Make new classes strict and fix license header
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-06-25 07:38:52 +07:00
13d93f5b25
Make 2FA providers stateful
...
This adds persistence to the Nextcloud server 2FA logic so that the server
knows which 2FA providers are enabled for a specific user at any time, even
when the provider is not available.
The `IStatefulProvider` interface was added as tagging interface for providers
that are compatible with this new API.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-06-20 08:30:26 +07:00
eddd135f14
Dispatch event on twofactor failure and success
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-25 13:25:09 +07:00
0eebff152a
Update license headers
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 16:56:19 +07:00
9163cf9241
Fix AppPassword 2FA auth
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-12 22:28:43 +07:00
b96485b6bd
Fix login with basic auth
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-05 12:24:41 +07:00
84b7022118
Improve 2FA
...
* Store the auth state in the session so we don't have to query it every
time.
* Added some tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-29 20:27:36 +07:00
0928b5f621
Change 2FA activities to more generic security activities
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-18 22:10:57 +07:00
ed4017dfb4
fix minor issues
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-12-19 11:59:48 +07:00
Daniel Kesselberg
Joas Schilling
Christoph Wurst
jld3103
Côme Chilliet
Julius Härtl
Carl Schwan
John Molakvoæ (skjnldsv)
Roeland Jago Douma
Christoph Wurst
Morris Jobke