sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
83,893 Commits
633 Branches
1167 Tags
8.6 GiB
Commit Graph

194 Commits (jtr/fix-public-exceptions-http-codes)

Author SHA1 Message Date
Carl Schwan c4e6fbdae7 fix(query-builder): Don't catch UniqueConstraintViolationException 
UniqueConstraintViolationException is no longer throw directly but
instead is now wrapped inside a \OCP\DB\Exception. So check the
exception reason.

Signed-off-by: Carl Schwan <carl.schwan@nextclound.com>
 2025-09-02 11:55:58 +07:00
Julien Veyssier 3d36834284
feat(auth): include the token entity in TokenInvalidatedEvent 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2025-08-21 12:42:44 +07:00
Julien Veyssier 4a35837741
feat(auth): adjust PublicKeyTokenProviderTest 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2025-08-21 12:42:44 +07:00
Julien Veyssier 3da919c783
feat(auth): dispatch new TokenInvalidatedEvent when PublicKeyTokenProvider::invalidateToken is called 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2025-08-21 12:42:44 +07:00
Julien Veyssier 8ffd30bbf9
feat(auth): dispatch new TokenInvalidatedEvent when PublicKeyTokenProvider::invalidateTokenById is called 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2025-08-21 12:42:43 +07:00
Ferdinand Thiessen 5981b7eb51
chore: apply new CSFixer rules 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

# Conflicts:
#	apps/settings/lib/SetupChecks/PhpOpcacheSetup.php
 2025-07-01 16:26:50 +07:00
Ferdinand Thiessen 0e54c2bd43
fix: Adjust Entity types 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-10-17 18:31:44 +07:00
Git'Fellow c254855222 chore(db): Correctly apply query types 
fix: psalm

fix: error

fix: add batch

fix: fatal error

fix: add batch

chore: add batch

chore: add batch

fix: psalm

fix: typo

fix: psalm

fix: return bool

fix: revert Manager
 2024-10-17 09:21:07 +07:00
Ferdinand Thiessen a8f46af20f
chore: Add proper deprecation dates where missing 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-09-20 00:46:03 +07:00
Daniel Kesselberg af6de04e9e
style: update codestyle for coding-standard 1.2.3 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-08-25 19:34:58 +07:00
Christoph Wurst 5100e3152d
feat(auth): Clean-up unused auth tokens and wipe tokens 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-08-13 12:39:11 +07:00
Arthur Schiwon 99182aac37
fix(Token): take over scope in token refresh with login by cookie 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-07-19 15:53:46 +07:00
Arthur Schiwon 6a783d9b08
fix(Session): avoid race conditions on clustered setups 
- re-stablishes old behaviour with cache to return null instead of throwing
  an InvalidTokenException when the token is cached as non-existing
- token invalidation and re-generation are bundled in a DB transaction now

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-07-10 13:28:33 +07:00
Arthur Schiwon f6d6efef3a
refactor(Token): introduce scope constants 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-05 19:01:14 +07:00
Arthur Schiwon 340939e688
fix(Session): avoid password confirmation on SSO 
SSO backends like SAML and OIDC tried a trick to suppress password
confirmations as they are not possible by design. At least for SAML it was
not reliable when existing user backends where used as user repositories.

Now we are setting a special scope with the token, and also make sure that
the scope is taken over when tokens are regenerated.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-05 19:01:13 +07:00
Daniel fca38e12c8
Merge pull request #45411 from nextcloud/fix/auth/selective-token-activity-update 
fix(auth): Update authtoken activity selectively
 2024-05-29 12:05:45 +07:00
Andy Scherzinger dae7c159f7
chore: Add SPDX header 
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
 2024-05-24 13:11:22 +07:00
Christoph Wurst bcc02a3c71
fix(auth): Update authtoken activity selectively 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-05-21 07:55:01 +07:00
Christoph Wurst fe7217d2d3
Merge pull request #45026 from nextcloud/fix/token-update 
Avoid updating the same oc_authtoken row twice
 2024-05-16 12:00:32 +07:00
Julius Härtl 04780ae30a fix: Always set last activity if we update the row of an authtoken anyways 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-04-29 15:20:17 +07:00
Joas Schilling bc4a102f52
fix(session): Avoid race condition for cache::get() vs. cache::hasKey() 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-04-29 12:45:44 +07:00
Côme Chilliet ec5133b739 fix: Apply new coding standard to all files 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-02 14:16:21 +07:00
Benjamin Gaussorgues d1189f923c
feat(perf): add cache for authtoken lookup 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-02-28 15:04:04 +07:00
Côme Chilliet a526a382bf
Import OCP IToken as OCPIToken to avoid a name clash in lib/private 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 15:45:14 +07:00
Côme Chilliet 8fc39aeb1c Use IToken from OCP instead of OC 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +07:00
Côme Chilliet 95ea6188dc Suppress or fix psalm errors related to InvalidTokenException 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +07:00
Côme Chilliet eee9f1eec4 Always catch OCP versions of authentication exceptions 
And always throw OC versions for BC

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +07:00
Joas Schilling aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +07:00
Côme Chilliet d8b42c6131
Allow passing null to PublicKeyToken::setScope, fixes tests 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 15:52:07 +07:00
Côme Chilliet 33a24134a7
Improve docblock annotations for tokens and their exceptions 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 15:20:04 +07:00
Côme Chilliet 58a57a714e
Use more precise typing for setScope method parameter 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 15:19:38 +07:00
Côme Chilliet 356f0291a2
Align PublicKeyToken with interface changes 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 09:41:32 +07:00
Côme Chilliet f94fb33062
Move IToken and IProvider::getToken to OCP 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-20 17:51:33 +07:00
Lucas Azevedo 2a36acfc2b Fix typo 
Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
 2023-08-25 11:20:34 +07:00
Lucas Azevedo c93b1634d3
Fixes from static analysis 
Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>
Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
 2023-08-25 10:41:46 +07:00
Lucas Azevedo fe9b9c1955 Add last-used-before option 
Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
 2023-08-25 02:07:57 +07:00
Côme Chilliet b294edad80
Merge branch 'master' into enh/type-iconfig-getter-calls 
Signed-off-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
 2023-04-20 16:52:38 +07:00
Christoph Wurst 5eb768ac5e
fix(auth): Run token statements in atomic transaction 
All or nothing

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-04-12 15:55:42 +07:00
Côme Chilliet 426c0341ff
Use typed version of IConfig::getSystemValue as much as possible 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-04-05 12:50:08 +07:00
Côme Chilliet 8568c11d24
Merge pull request #36033 from nextcloud/invalidateTokensWhenDeletingOAuthClientMaster 
[master] invalidate existing tokens when deleting an oauth client
 2023-03-15 11:09:51 +07:00
Artur Neumann f634badf12
public interface to invalidate tokens of user 
Signed-off-by: Artur Neumann <artur@jankaritech.com>
 2023-03-14 17:13:29 +07:00
Ember 'n0emis' Keske 6881d2f2f1
Don't try to hash a nonexisting password 
Allows to log-in via a passwordless authentication provider, eg SSO

Signed-off-by: Ember 'n0emis' Keske <git@n0emis.eu>
 2023-03-13 10:32:53 +07:00
Joas Schilling 6417ea0265
fix(authentication): Handle null or empty string password hash 
This can happen when the auth.storeCryptedPassword config is used,
which previously errored with:
Hasher::verify(): Argument #2 ($hash) must be of type string, null given

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-10 09:18:50 +07:00
Joas Schilling e47d56ac36
Merge pull request #36621 from nextcloud/perf/noid/only-check-for-token-when-it-can-actually-be 
fix(performance): Only search for auth tokens when the provided login…
 2023-02-10 01:29:30 +07:00
Julius Härtl 580feecdbf
fix(authtoken): Store only one hash for authtokens with the current password per user 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-09 13:44:00 +07:00
Joas Schilling 7a85a1596e
fix(authentication): Check minimum length when creating app tokens 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-09 09:58:35 +07:00
Joas Schilling 03a585ab4f
fix(performance): Only search for auth tokens when the provided login is long enough 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-08 22:45:23 +07:00
Côme Chilliet f5c361cf44
composer run cs:fix 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-01-20 11:45:08 +07:00
Joas Schilling 2fb4dac7ad
fix(authentication): Update the token when the hash is null or can not be verified 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-01-09 16:32:36 +07:00
Joas Schilling 28b18d561c
fix(authentication): Only hash the new password when needed 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-01-09 15:58:26 +07:00