This make sure that all middlewares get a logger scoped to the
application id, among other things.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Cannot use an alias for this one, as it depends upon LoggerInterface so
that creates an infinite loop.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Also removed deprecated tag from the class as this class will not be
removed, only the interface IAppContainer and associated methods should
be removed.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Sessions created during the login flow v2 should be short lived to not leave an unexpected opened session in the browser.
This commit add a property to the session object to track its origin, and will close it as soon as possible, i.e., on the first non public page request.
Signed-off-by: Louis Chemineau <louis@chmn.me>
SSO backends like SAML and OIDC tried a trick to suppress password
confirmations as they are not possible by design. At least for SAML it was
not reliable when existing user backends where used as user repositories.
Now we are setting a special scope with the token, and also make sure that
the scope is taken over when tokens are regenerated.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
This allows apps to register middlewares that always register, not just
for the app's own requests
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Before this patch, app middlewares were registered on the dispatcher for
every app loaded in a Nextcloud process. With the patch, only
middlewares belonging to the same app of a dispatcher instance are
loaded.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Usually Nextcloud DI goes through constructor injection. This has the
implication that each instance of a class builds the full DI tree. That
is the injected services, their services, etc. Occasionally there is a
service that is only needed for one controller method. Then the DI tree
is build regardless if used or not.
If services are injected into the method, we only build the DI tree if
that method gets executed.
This is also how Laravel allows injection.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Sicne the appName is always passed for the DIContainer we can avoid
using the container query logic and instead store and use a property
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Psalm found an issue. However the issue found was because of lying
docblocks. Fixed those and did some typing to make it all better.
For #25839
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Just like for ILogger we should have a version that has the app ID
pre-set for the context (unless overwritten) so that each log entry can
be traced back to the app that produced it.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* We can't just register an alias as the services need the appId to be
injected. if we just register an alias this blows up since the main
container doesn't have the appId.
* Moved the Authtokens over to show the PoC works
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Joas Schilling
Côme Chilliet
Ferdinand Thiessen
Louis Chemineau
Robin Appelman
skjnldsv
Benjamin Gaussorgues
provokateurin
Arthur Schiwon
Andy Scherzinger
Florian Klinger
John Molakvoæ
Maxence Lange
Andrew Summers
Christoph Wurst
Julius Härtl
Julien Veyssier
Carl Schwan
Roeland Jago Douma