sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
71,870 Commits
635 Branches
1167 Tags
8.7 GiB
Commit Graph

284 Commits (296096e06996aee1a06d901b99adde5f04688f58)

Author SHA1 Message Date
Côme Chilliet a526a382bf
Import OCP IToken as OCPIToken to avoid a name clash in lib/private 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 15:45:14 +07:00
Côme Chilliet 37a6e15f87 Use OCP version of IToken in AppPasswordCreatedEvent 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +07:00
Côme Chilliet 8fc39aeb1c Use IToken from OCP instead of OC 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +07:00
Côme Chilliet 95ea6188dc Suppress or fix psalm errors related to InvalidTokenException 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +07:00
Côme Chilliet eee9f1eec4 Always catch OCP versions of authentication exceptions 
And always throw OC versions for BC

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +07:00
Alexander Piskun 26d343d33a
AppAPI: allowed to bypass Two-Factor 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
 2023-12-28 20:59:02 +07:00
Joas Schilling aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +07:00
Christoph Wurst a5422a3998
fix: Show error message when CSRF check fails at login 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-11-08 15:18:34 +07:00
Côme Chilliet d8b42c6131
Allow passing null to PublicKeyToken::setScope, fixes tests 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 15:52:07 +07:00
Côme Chilliet 33a24134a7
Improve docblock annotations for tokens and their exceptions 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 15:20:04 +07:00
Côme Chilliet 58a57a714e
Use more precise typing for setScope method parameter 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 15:19:38 +07:00
Côme Chilliet 1bdf952fde
Make sure that OC interfaces returns OC interfaces for backward compatibility 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 11:08:23 +07:00
Côme Chilliet b82e25ea7a
Move Exceptions used in OCP to OCP 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 10:26:25 +07:00
Côme Chilliet 356f0291a2
Align PublicKeyToken with interface changes 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 09:41:32 +07:00
Côme Chilliet f94fb33062
Move IToken and IProvider::getToken to OCP 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-20 17:51:33 +07:00
Benjamin Gaussorgues 4361019f2f
fix(twofactor): avoid error in pgsql for duplicate entry 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-10-06 11:23:23 +07:00
Lucas Azevedo 2a36acfc2b Fix typo 
Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
 2023-08-25 11:20:34 +07:00
Lucas Azevedo c93b1634d3
Fixes from static analysis 
Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>
Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
 2023-08-25 10:41:46 +07:00
Lucas Azevedo fe9b9c1955 Add last-used-before option 
Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
 2023-08-25 02:07:57 +07:00
Daniel Kesselberg 32303b6ed5 docs: remove superfluous phpdocs 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2023-08-10 15:01:56 +07:00
Joas Schilling dac31ad101
fix!: Remove legacy event dispatching Symfony's GenericEvent from 2FA Manager 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-07-27 09:57:52 +07:00
Christoph Wurst 14719110b9 chore: Replace \OC::$server->query with \OCP\Server::get in /lib 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-07-06 15:21:22 +07:00
Joas Schilling 05aa39d777
Fix event names of 2FA related typed events 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-07-03 14:25:01 +07:00
Côme Chilliet b294edad80
Merge branch 'master' into enh/type-iconfig-getter-calls 
Signed-off-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
 2023-04-20 16:52:38 +07:00
Christoph Wurst 5eb768ac5e
fix(auth): Run token statements in atomic transaction 
All or nothing

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-04-12 15:55:42 +07:00
Côme Chilliet 426c0341ff
Use typed version of IConfig::getSystemValue as much as possible 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-04-05 12:50:08 +07:00
jld3103 d9f8522003
Fix types for reading and writing config values 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-04-05 09:08:56 +07:00
Côme Chilliet 8568c11d24
Merge pull request #36033 from nextcloud/invalidateTokensWhenDeletingOAuthClientMaster 
[master] invalidate existing tokens when deleting an oauth client
 2023-03-15 11:09:51 +07:00
Artur Neumann f634badf12
public interface to invalidate tokens of user 
Signed-off-by: Artur Neumann <artur@jankaritech.com>
 2023-03-14 17:13:29 +07:00
Ember 'n0emis' Keske 6881d2f2f1
Don't try to hash a nonexisting password 
Allows to log-in via a passwordless authentication provider, eg SSO

Signed-off-by: Ember 'n0emis' Keske <git@n0emis.eu>
 2023-03-13 10:32:53 +07:00
Joas Schilling 6417ea0265
fix(authentication): Handle null or empty string password hash 
This can happen when the auth.storeCryptedPassword config is used,
which previously errored with:
Hasher::verify(): Argument #2 ($hash) must be of type string, null given

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-10 09:18:50 +07:00
Joas Schilling e47d56ac36
Merge pull request #36621 from nextcloud/perf/noid/only-check-for-token-when-it-can-actually-be 
fix(performance): Only search for auth tokens when the provided login…
 2023-02-10 01:29:30 +07:00
Julius Härtl 580feecdbf
fix(authtoken): Store only one hash for authtokens with the current password per user 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-09 13:44:00 +07:00
Joas Schilling 7a85a1596e
fix(authentication): Check minimum length when creating app tokens 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-09 09:58:35 +07:00
Joas Schilling 03a585ab4f
fix(performance): Only search for auth tokens when the provided login is long enough 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-08 22:45:23 +07:00
Côme Chilliet f5c361cf44
composer run cs:fix 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-01-20 11:45:08 +07:00
Vincent Petry c2165b84e6
Merge pull request #36001 from nextcloud/validate-user-tz 
Validate user timezone given from login data before saving it
 2023-01-11 19:53:37 +07:00
Joas Schilling 2fb4dac7ad
fix(authentication): Update the token when the hash is null or can not be verified 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-01-09 16:32:36 +07:00
Joas Schilling 28b18d561c
fix(authentication): Only hash the new password when needed 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-01-09 15:58:26 +07:00
Joas Schilling c5bb19641c
fix(authentication): Invert the logic to the original intention 
We need to store the new authentication details when the hash did **not** verify
the old password.

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-01-09 15:13:08 +07:00
Joas Schilling 55d8aec759
fix(authentication): Only verify each hash once 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-01-09 14:53:12 +07:00
Julius Härtl 18164ae516
Merge pull request #33898 from nextcloud/fix/authtoken-password-update 
PublickKeyTokenProvider: Fix password update routine with password hash
 2023-01-05 08:01:47 +07:00
Thomas Citharel 6b7da88b0b
Validate user timezone given from login data before saving it 
Follow-up to #36000

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
 2023-01-04 18:13:25 +07:00
Joas Schilling b4a29644cc
Add a const for the max user password length 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-01-04 11:23:43 +07:00
Marcel Klehr adfe367106
PublickKeyTokenProvider: Fix password update routine with password hash 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-01-04 08:30:53 +07:00
Julius Härtl 6abb37317f
Do not setup a session when not required on WebDAV requests 
If basic auth is used on WebDAV endpoints, we will not setup a session
by default but instead set a test cookie. Clients which handle session
cookies properly will send back the cookie then on the second request
and a session will be initialized which can be resued for
authentication.

Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-12-21 21:17:16 +07:00
Roeland Jago Douma 77df92cabf
feat: add event for failed logins 
Apps might also like to know about failed logins.
This adds that event.
The private interface changes are backwards compatible so all should be fine.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2022-11-24 21:24:21 +07:00
Julius Härtl 298d2b9b58
Skip general login with email for non-valid addresses and LDAP 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-10-26 12:30:25 +07:00
Carl Schwan 00c2c620ac
Merge pull request #34554 from nextcloud/fix/psalm-twofactor-registry 
Fix wrong types in phpdoc for twofactor registry
 2022-10-18 14:42:43 +07:00
Carl Schwan 419828c791 Fix the type of the return array in a few more places 
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-10-18 13:22:50 +07:00