98b5cdc43d
Merge pull request #43942 from nextcloud/fix/43612/avoid-pwd-confirm-sso
...
fix(Session): avoid password confirmation on SSO
2024-06-07 11:25:36 +07:00
340939e688
fix(Session): avoid password confirmation on SSO
...
SSO backends like SAML and OIDC tried a trick to suppress password
confirmations as they are not possible by design. At least for SAML it was
not reliable when existing user backends where used as user repositories.
Now we are setting a special scope with the token, and also make sure that
the scope is taken over when tokens are regenerated.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2024-06-05 19:01:13 +07:00
fc3ee65526
fix(core): unsupported browser redirect url
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2024-06-01 09:34:22 +07:00
e07a190641
chore: Add SPDX header
...
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
2024-05-27 14:53:40 +07:00
7bc4ccba6a
Merge pull request #45354 from nextcloud/docs/taskprocessingapi/cleanup-endpoint-descriptions
2024-05-16 20:09:06 +07:00
a8abe9d3c2
fix(TaskProcessingApi): Cleanup error handling
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2024-05-16 15:17:10 +07:00
4c375c98a4
docs(TaskProcessingApi): Set correct status code messages
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2024-05-16 14:57:34 +07:00
eabbb73173
docs(TaskProcessingApi): Cleanup endpoint descriptions
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2024-05-16 12:43:39 +07:00
79e153735c
docs(TaskProcessingApi): Fix result endpoint description
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2024-05-16 12:43:22 +07:00
ef1c32a222
Merge pull request #45317 from nextcloud/bugfix/noid/limit-maximum-number-of-search-results
...
fix(search): Limit maximum number of search results
2024-05-16 10:10:09 +07:00
f3e72aff7c
Merge pull request #45094 from nextcloud/enh/taskprocessing-api
...
feat: TaskProcessing API
2024-05-15 11:43:08 +07:00
2bd54d30e5
fix(search): Limit maximum number of search results
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2024-05-15 09:48:23 +07:00
a8afa7f23d
fix(OCS-API): Add endpoint to list user tasks
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:41 +07:00
f3a88f04ec
fix(OCS-API): No csrf required for /tasks/taskId/file/fileId
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:41 +07:00
ec94a672d7
fix(ocs): change /tasktypes response to combine optional and non-optional IO slots
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:41 +07:00
c079a61181
feat: Add cancel endpoint to OCS API
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:41 +07:00
4d9a0eab5f
fix: update openai specs
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:41 +07:00
4a3b9b826e
refactor: identifier is now customId/custom_id
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:41 +07:00
ec27c538b5
fix: address review comments
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:41 +07:00
2c878099f1
fix: address review comments
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:40 +07:00
b85a0edc92
fix: Update autoloaders
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:40 +07:00
a5053d33c2
fix: Run cs:fix
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:40 +07:00
8ccb29ae3b
fix: psalm issues
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:40 +07:00
6203c1c7da
fix: Check if user is authorized to use the files they mentioned
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:40 +07:00
b150d779f3
refactor: rename getTaskType to getTaskTypeId
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:40 +07:00
8e5662602a
feat: Add ExApp endpoints
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:39 +07:00
7a947980db
fix: Fix psalm issues
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:39 +07:00
3b0925a064
chore: Regenerate openapi.json
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:39 +07:00
29cbb3cf71
chore: Run cs:fix
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:39 +07:00
b2b93e4219
feat: Add getFileContents endpoint to TaskProcessing OCS API
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:39 +07:00
44b896f999
feat: TaskProcessing OCS API
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2024-05-14 11:38:39 +07:00
dd997b6ac7
docs(preview): Improve API parameter descriptions
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2024-05-13 12:47:24 +07:00
22dc27810e
fix(auth): Keep redirect URL during 2FA setup and challenge
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2024-04-19 10:24:26 +07:00
ec5133b739
fix: Apply new coding standard to all files
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2024-04-02 14:16:21 +07:00
3fede00732
feat(login): Clear login form (password) after IDLE timeout
...
For security reasons it is recommended to stop the login process at a defined time,
this could prevent password leaks by e.g. user forgetting that they entered their password on public devices.
Enforced e.g. by the BSI ORP.4.A13 rule.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2024-03-25 12:22:53 +07:00
2792d8b3f5
feat: Limit email input on auth pages to 255 chars
...
Excessively long emails reported make server unresponsive.
We could at some point, consider adding a configuration for sysadmins to bypass this setting
on their instance if they want.
Signed-off-by: fenn-cs <fenn25.fn@gmail.com>
2024-03-21 10:34:55 +07:00
0de6cc7472
feat: added login's initial possible email-states
...
Signed-off-by: Eduardo Morales <emoral435@gmail.com>
2024-03-10 10:32:21 +07:00
fd4ca13867
Merge pull request #43471 from nextcloud/cache-path-by-id
...
Cache path by id
2024-03-05 17:26:25 +07:00
c7813bfdaf
feat: Implement team provider api
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2024-03-05 08:13:58 +07:00
e7a7b4a401
perf: switch places that always use the first getById result to getFirstNodeById
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2024-03-04 13:57:31 +07:00
2c51933b6b
refactor(core): Switch to attribute based routing
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2024-02-21 12:07:50 +07:00
6243a9471d
feat(core): Add OCS endpoint for confirming the user password
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2024-02-20 14:28:00 +07:00
d95e500e45
feat(core): Expose the confirm password endpoint
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2024-02-20 08:04:13 +07:00
4a509dfe8e
fix: phpunit
...
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
2024-02-13 21:06:31 +07:00
9593f4d6f9
fix: openapi
...
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
2024-02-13 21:06:31 +07:00
839ddaa354
feat: rename users to account or person
...
Replace translated text in most locations
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
2024-02-13 21:06:30 +07:00
6fc5cef6e9
fix: Support other schemes than HTTP and HTTPS in app navigation
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2024-02-06 09:36:39 +07:00
4f69f49a75
fix: Revert external url support in icon as it’s not allowed
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2024-02-06 09:36:39 +07:00
4fb5c15db5
Allow application to pass external links in navigation
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2024-02-06 09:36:39 +07:00
b64ab5fba8
refactor: Migrate IgnoreOpenAPI attributes to OpenAPI
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2024-01-18 16:14:17 +07:00
Arthur Schiwon
John Molakvoæ (skjnldsv)
Andy Scherzinger
Kate
provokateurin
Joas Schilling
Marcel Klehr
Joas Schilling
Christoph Wurst
Côme Chilliet
Ferdinand Thiessen
fenn-cs
Eduardo Morales
Robin Appelman
Julius Härtl
Vincent Petry