nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Carl Schwan	9b2fff5931	refactor(querybuilder): Port away from qb::execute() in tests/ Replace by either executeStatement or executeQuery Signed-off-by: Carl Schwan <carl.schwan@nextclound.com>	2025-09-02 11:55:58 +07:00
Carl Schwan	c4e6fbdae7	fix(query-builder): Don't catch UniqueConstraintViolationException UniqueConstraintViolationException is no longer throw directly but instead is now wrapped inside a \OCP\DB\Exception. So check the exception reason. Signed-off-by: Carl Schwan <carl.schwan@nextclound.com>	2025-09-02 11:55:58 +07:00
Julien Veyssier	4a35837741	feat(auth): adjust PublicKeyTokenProviderTest Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2025-08-21 12:42:44 +07:00
Ferdinand Thiessen	ac545cc478	fix(SetUserTimezoneCommand): only write user login timezone if not yet set Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-08-18 12:40:42 +07:00
Robin Appelman	aa15f9d16d	chore: run rector Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-07-01 22:45:52 +07:00
Ferdinand Thiessen	5981b7eb51	chore: apply new CSFixer rules Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de> # Conflicts: # apps/settings/lib/SetupChecks/PhpOpcacheSetup.php	2025-07-01 16:26:50 +07:00
Robin Appelman	3561937816	chore: run rector on tests with new rule Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-06-12 18:38:29 +07:00
Robin Appelman	29e39c0a2e	chore: run rector on tests Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-06-12 18:31:58 +07:00
Joas Schilling	5f9117b939	test: Fix coding standards Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-05-15 08:48:13 +07:00
Joas Schilling	53b116b8a5	test: Remove more withConsecutive Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-05-15 08:18:26 +07:00
Julius Knorr	bb6b462690	Merge pull request #51130 from nextcloud/fix/credential-passwordless-auth fix: Do not build encrypted password if there is none	2025-03-07 16:49:18 +07:00
Julius Knorr	777cd941dc	fix: Do not build encrypted password if there is none Signed-off-by: Julius Knorr <jus@bitgrid.net>	2025-03-06 09:31:29 +07:00
Ferdinand Thiessen	3c4feff028	fix: Move login via email logic to local backend Backends can decide which names they accept for login, e.g. with user_ldap you can configure arbitrary login fields. This was a hacky approach to allow login via email, so instead this is now only handled by the local user backend. This also fixes some other related problems: Other logic relys on `backend::get()` which was not handling email, so e.g. password policy could not block users logged in via email if they use out-dated passwords. Similar for other integrations, as the user backend was not consistent with what is a login name and what not. Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de> Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com> Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-03-03 18:02:07 +07:00
Daniel Calviño Sánchez	5ea5b2de84	fix: Handle exception when clearing previously removed two factor tokens If a token was already removed from the database but not from the configuration clearing the tokens will try to remove it again from the database, which caused a DoesNotExistException to be thrown. Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>	2024-11-05 11:14:05 +07:00
Daniel Calviño Sánchez	381a2aa627	fix: Clear pending two factor tokens also from configuration Otherwise as the tokens were removed from the database but not from the configuration the next time that the tokens were cleared the previous tokens were still got from the configuration, and trying to remove them again from the database ended in a DoesNotExistException being thrown. Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>	2024-11-05 11:14:04 +07:00
yemkareems	a74ef8237d	fix: crypto type made not nullable and tests run using ICrypto Signed-off-by: yemkareems <yemkareems@gmail.com>	2024-10-28 15:04:11 +07:00
yemkareems	505dfd65fd	fix: encrypt and store password, decrypt and retrieve the same Signed-off-by: yemkareems <yemkareems@gmail.com>	2024-10-28 11:22:36 +07:00
provokateurin	9836e9b164	chore(deps): Update nextcloud/coding-standard to v1.3.1 Signed-off-by: provokateurin <kate@provokateurin.de>	2024-09-19 14:21:20 +07:00
Christoph Wurst	49dd79eabb	refactor: Add void return type to PHPUnit test methods Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-09-15 22:32:31 +07:00
Daniel Kesselberg	af6de04e9e	style: update codestyle for coding-standard 1.2.3 Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2024-08-25 19:34:58 +07:00
Christoph Wurst	5100e3152d	feat(auth): Clean-up unused auth tokens and wipe tokens Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-08-13 12:39:11 +07:00
Arthur Schiwon	f6d6efef3a	refactor(Token): introduce scope constants Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2024-06-05 19:01:14 +07:00
Andy Scherzinger	1f7e2ba599	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-13 17:41:36 +07:00
Andrew Summers	f9ce6bfdff	Refactor `OC\Server::getHasher` Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>	2024-03-15 13:04:27 +07:00
Benjamin Gaussorgues	d1189f923c	feat(perf): add cache for authtoken lookup Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2024-02-28 15:04:04 +07:00
Alexander Piskun	26d343d33a	AppAPI: allowed to bypass Two-Factor Signed-off-by: Alexander Piskun <bigcat88@icloud.com>	2023-12-28 20:59:02 +07:00
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2023-11-23 10:36:13 +07:00
Lucas Azevedo	771a7b92cc	Add tests for occ user:auth-tokens:delete Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>	2023-08-25 02:27:41 +07:00
Côme Chilliet	f57c12b14e	Fix various deprecation warnings in tests on PHP 8.3 Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-08-14 18:13:12 +07:00
Joas Schilling	dac31ad101	fix!: Remove legacy event dispatching Symfony's GenericEvent from 2FA Manager Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-07-27 09:57:52 +07:00
Joas Schilling	05aa39d777	Fix event names of 2FA related typed events Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-07-03 14:25:01 +07:00
Côme Chilliet	8d5165e8dc	Adapt tests to config value typing Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-04-05 17:42:14 +07:00
Artur Neumann	37cfccabc1	unit tests for Manager::invalidateTokensOfUser Signed-off-by: Artur Neumann <artur@jankaritech.com>	2023-03-14 17:13:30 +07:00
Joas Schilling	a81d8ecef5	Fix unit tests Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-02-09 16:15:47 +07:00
Côme Chilliet	f5c361cf44	composer run cs:fix Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-01-20 11:45:08 +07:00
Marcel Klehr	adfe367106	PublickKeyTokenProvider: Fix password update routine with password hash Signed-off-by: Marcel Klehr <mklehr@gmx.net>	2023-01-04 08:30:53 +07:00
Christoph Wurst	9d0e79f10d	Fix PublicKeyTokenProviderTest import and mock * IDBConnection import missing * Atomic doesn't need a mock Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2022-11-10 15:40:35 +07:00
Julius Härtl	298d2b9b58	Skip general login with email for non-valid addresses and LDAP Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-10-26 12:30:25 +07:00
Christoph Wurst	c5922e67d3	Run session token renewals in a database transaction The session token renewal does 1) Read the old token 2) Write a new token 3) Delete the old token If two processes succeed to read the old token there can be two new tokens because the queries were not run in a transaction. This is particularly problematic on clustered DBs where 1) would go to a read node and 2) and 3) go to a write node. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2022-10-18 08:28:22 +07:00
Carl Schwan	9919116716	Merge pull request #31499 from nextcloud/bugfix/empty-secret Add fallback routines for empty secret cases	2022-10-17 16:02:58 +07:00
Carl Schwan	702445ba3b	Handle one time password better Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-07-28 14:26:25 +07:00
Carl Schwan	1c23c029af	Handler large passwords For passwords bigger than 250 characters, use a bigger key since the performance impact is minor (around one second to encrypt the password). For passwords bigger than 470 characters, give up earlier and throw exeception recommanding admin to either enable the previously enabled configuration or use smaller passwords. Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-07-05 11:37:14 +07:00
Carl Schwan	cdf3b60555	Handle one time passwords This adds an option to disable storing passwords in the database. This might be desirable when using single use token as passwords or very large passwords. Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-07-05 11:25:44 +07:00
Joas Schilling	7b3e2217de	Fix user agent trimming on installation Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-05-09 08:36:34 +07:00
Joas Schilling	d683e0d3d1	Automatically cut the token name on the first level Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-03-23 21:38:53 +07:00
Joas Schilling	343476f54f	Fix unit tests Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-03-23 11:00:34 +07:00
Carl Schwan	01e2a26749	Fix unit tests Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-03-10 14:19:48 +07:00
Joas Schilling	3e20cffc86	More test fixing Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-12-01 22:38:57 +07:00
Joas Schilling	c6ae53096c	More test fixing Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-12-01 22:17:19 +07:00
Joas Schilling	9f00179037	More unit test adjustments Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-12-01 21:40:14 +07:00

1 2 3 4

164 Commits (17e51646eccc5ff7d9d87a6cce514bdfbc60a4c7)