95ea6188dc
Suppress or fix psalm errors related to InvalidTokenException
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2024-01-11 14:02:15 +07:00
eee9f1eec4
Always catch OCP versions of authentication exceptions
...
And always throw OC versions for BC
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2024-01-11 14:02:15 +07:00
26d343d33a
AppAPI: allowed to bypass Two-Factor
...
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
2023-12-28 20:59:02 +07:00
aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
2023-11-23 10:36:13 +07:00
a5422a3998
fix: Show error message when CSRF check fails at login
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2023-11-08 15:18:34 +07:00
d8b42c6131
Allow passing null to PublicKeyToken::setScope, fixes tests
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-10-23 15:52:07 +07:00
33a24134a7
Improve docblock annotations for tokens and their exceptions
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-10-23 15:20:04 +07:00
58a57a714e
Use more precise typing for setScope method parameter
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-10-23 15:19:38 +07:00
1bdf952fde
Make sure that OC interfaces returns OC interfaces for backward compatibility
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-10-23 11:08:23 +07:00
b82e25ea7a
Move Exceptions used in OCP to OCP
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-10-23 10:26:25 +07:00
356f0291a2
Align PublicKeyToken with interface changes
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-10-23 09:41:32 +07:00
f94fb33062
Move IToken and IProvider::getToken to OCP
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-10-20 17:51:33 +07:00
4361019f2f
fix(twofactor): avoid error in pgsql for duplicate entry
...
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
2023-10-06 11:23:23 +07:00
2a36acfc2b
Fix typo
...
Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
2023-08-25 11:20:34 +07:00
c93b1634d3
Fixes from static analysis
...
Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>
Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
2023-08-25 10:41:46 +07:00
fe9b9c1955
Add last-used-before option
...
Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
2023-08-25 02:07:57 +07:00
32303b6ed5
docs: remove superfluous phpdocs
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2023-08-10 15:01:56 +07:00
dac31ad101
fix!: Remove legacy event dispatching Symfony's GenericEvent from 2FA Manager
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-07-27 09:57:52 +07:00
14719110b9
chore: Replace \OC::$server->query with \OCP\Server::get in /lib
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2023-07-06 15:21:22 +07:00
05aa39d777
Fix event names of 2FA related typed events
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-07-03 14:25:01 +07:00
b294edad80
Merge branch 'master' into enh/type-iconfig-getter-calls
...
Signed-off-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
2023-04-20 16:52:38 +07:00
5eb768ac5e
fix(auth): Run token statements in atomic transaction
...
All or nothing
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2023-04-12 15:55:42 +07:00
426c0341ff
Use typed version of IConfig::getSystemValue as much as possible
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-04-05 12:50:08 +07:00
d9f8522003
Fix types for reading and writing config values
...
Signed-off-by: jld3103 <jld3103yt@gmail.com>
2023-04-05 09:08:56 +07:00
8568c11d24
Merge pull request #36033 from nextcloud/invalidateTokensWhenDeletingOAuthClientMaster
...
[master] invalidate existing tokens when deleting an oauth client
2023-03-15 11:09:51 +07:00
f634badf12
public interface to invalidate tokens of user
...
Signed-off-by: Artur Neumann <artur@jankaritech.com>
2023-03-14 17:13:29 +07:00
6881d2f2f1
Don't try to hash a nonexisting password
...
Allows to log-in via a passwordless authentication provider, eg SSO
Signed-off-by: Ember 'n0emis' Keske <git@n0emis.eu>
2023-03-13 10:32:53 +07:00
6417ea0265
fix(authentication): Handle null or empty string password hash
...
This can happen when the auth.storeCryptedPassword config is used,
which previously errored with:
Hasher::verify(): Argument #2 ($hash) must be of type string, null given
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-02-10 09:18:50 +07:00
e47d56ac36
Merge pull request #36621 from nextcloud/perf/noid/only-check-for-token-when-it-can-actually-be
...
fix(performance): Only search for auth tokens when the provided login…
2023-02-10 01:29:30 +07:00
580feecdbf
fix(authtoken): Store only one hash for authtokens with the current password per user
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2023-02-09 13:44:00 +07:00
7a85a1596e
fix(authentication): Check minimum length when creating app tokens
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-02-09 09:58:35 +07:00
03a585ab4f
fix(performance): Only search for auth tokens when the provided login is long enough
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-02-08 22:45:23 +07:00
f5c361cf44
composer run cs:fix
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-01-20 11:45:08 +07:00
c2165b84e6
Merge pull request #36001 from nextcloud/validate-user-tz
...
Validate user timezone given from login data before saving it
2023-01-11 19:53:37 +07:00
2fb4dac7ad
fix(authentication): Update the token when the hash is null or can not be verified
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-01-09 16:32:36 +07:00
28b18d561c
fix(authentication): Only hash the new password when needed
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-01-09 15:58:26 +07:00
c5bb19641c
fix(authentication): Invert the logic to the original intention
...
We need to store the new authentication details when the hash did **not** verify
the old password.
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-01-09 15:13:08 +07:00
55d8aec759
fix(authentication): Only verify each hash once
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-01-09 14:53:12 +07:00
18164ae516
Merge pull request #33898 from nextcloud/fix/authtoken-password-update
...
PublickKeyTokenProvider: Fix password update routine with password hash
2023-01-05 08:01:47 +07:00
6b7da88b0b
Validate user timezone given from login data before saving it
...
Follow-up to #36000
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-01-04 18:13:25 +07:00
b4a29644cc
Add a const for the max user password length
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-01-04 11:23:43 +07:00
adfe367106
PublickKeyTokenProvider: Fix password update routine with password hash
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2023-01-04 08:30:53 +07:00
6abb37317f
Do not setup a session when not required on WebDAV requests
...
If basic auth is used on WebDAV endpoints, we will not setup a session
by default but instead set a test cookie. Clients which handle session
cookies properly will send back the cookie then on the second request
and a session will be initialized which can be resued for
authentication.
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-12-21 21:17:16 +07:00
77df92cabf
feat: add event for failed logins
...
Apps might also like to know about failed logins.
This adds that event.
The private interface changes are backwards compatible so all should be fine.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2022-11-24 21:24:21 +07:00
298d2b9b58
Skip general login with email for non-valid addresses and LDAP
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-10-26 12:30:25 +07:00
00c2c620ac
Merge pull request #34554 from nextcloud/fix/psalm-twofactor-registry
...
Fix wrong types in phpdoc for twofactor registry
2022-10-18 14:42:43 +07:00
419828c791
Fix the type of the return array in a few more places
...
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
2022-10-18 13:22:50 +07:00
c5922e67d3
Run session token renewals in a database transaction
...
The session token renewal does
1) Read the old token
2) Write a new token
3) Delete the old token
If two processes succeed to read the old token there can be two new tokens because
the queries were not run in a transaction. This is particularly problematic on
clustered DBs where 1) would go to a read node and 2) and 3) go to a write node.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2022-10-18 08:28:22 +07:00
9919116716
Merge pull request #31499 from nextcloud/bugfix/empty-secret
...
Add fallback routines for empty secret cases
2022-10-17 16:02:58 +07:00
eff877af03
Pass logger to passwordless auth WebAuthn lib
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2022-10-03 15:03:23 +07:00
ef31396727
Mark method as deprecated
...
Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
2022-09-13 13:06:54 +07:00
3ce1996d5e
Add back TokenCleanupJob to invalidate old temporary tokens
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-08-25 11:31:21 +07:00
9d1ec582ba
Do not update passwords if nothing changed
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-08-09 09:35:44 +07:00
952acd4d27
Merge pull request #33225 from nextcloud/fix/handle-one-time-passwords
...
Handle one time password better
2022-07-29 12:26:52 +07:00
702445ba3b
Handle one time password better
...
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
2022-07-28 14:26:25 +07:00
368f83095d
Fix typos in lib/private subdirectory
...
Found via `codespell -q 3 -S l10n -L jus ./lib/private`
Signed-off-by: luz paz <luzpaz@github.com>
2022-07-27 08:52:17 +07:00
cb9f3423e2
Merge pull request #30510 from nextcloud/user-cleanup-storage-before-cache
...
delete files before cleaning cache when cleaning user files
2022-07-26 23:08:04 +07:00
d5c23dbb9f
Move CappedMemoryCache to OCP
...
This is an helpful helper that should be used in more place than just
server and this is already the case with groupfodlers, deck, user_oidc
and more using it, so let's make it public
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
2022-07-14 15:54:31 +07:00
1c23c029af
Handler large passwords
...
For passwords bigger than 250 characters, use a bigger key since the
performance impact is minor (around one second to encrypt the password).
For passwords bigger than 470 characters, give up earlier and throw
exeception recommanding admin to either enable the previously enabled
configuration or use smaller passwords.
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
2022-07-05 11:37:14 +07:00
cdf3b60555
Handle one time passwords
...
This adds an option to disable storing passwords in the database. This
might be desirable when using single use token as passwords or very
large passwords.
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
2022-07-05 11:25:44 +07:00
db3093a46f
delete files before cleaning cache when cleaning user files
...
otherwise, when using object store, we loose track of which files the user owns before we can delete them
Signed-off-by: Robin Appelman <robin@icewind.nl>
2022-06-13 08:51:22 +07:00
90c31cfddc
Fix replacing external storage password during debug log
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2022-06-01 10:31:19 +07:00
778db45631
Merge pull request #32357 from nextcloud/user-delete-remove-wrappers
...
remove storage wrappers when deleting the user storage
2022-05-16 19:08:35 +07:00
5d69343efa
remove storage wrappers when deleting the user storage
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2022-05-12 14:40:20 +07:00
7b3e2217de
Fix user agent trimming on installation
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2022-05-09 08:36:34 +07:00
69f5f014b3
Log why the login token can't be used for credentials
...
And always pass the exception object to the logger.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2022-04-04 16:23:05 +07:00
d683e0d3d1
Automatically cut the token name on the first level
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2022-03-23 21:38:53 +07:00
a0c7798c7d
Limit the length of app password names
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2022-03-23 10:47:56 +07:00
553cb499b2
Rotate token after fallback
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-03-10 14:01:21 +07:00
81f8719cc0
Add fallback routines for empty secret cases
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-03-10 14:01:21 +07:00
397b9098e8
Also cache non-existing to reuse it
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2022-02-16 16:51:22 +07:00
7acb438e42
Merge pull request #30016 from nextcloud/techdebt/noid/remove-default-token-provider
...
Remove default token which is deprecated since Nextcloud 13
2021-12-02 16:48:03 +07:00
c0ba89ecc9
Remove default token which is deprecated since Nextcloud 13
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-12-01 18:41:31 +07:00
660e550260
Only check the twofactor state once per request
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-12-01 17:56:30 +07:00
113756db30
Fix ArrayAccess and JsonSerializable return types
...
First round of modifications for PHP 8.1
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2021-11-23 09:28:56 +07:00
7dd7256cfe
Prevent duplicate auth token activity updates
...
The auth token activity logic works as follows
* Read auth token
* Compare last activity time stamp to current time
* Update auth token activity if it's older than x seconds
This works fine in isolation but with concurrency that means that
occasionally the same token is read simultaneously by two processes and
both of these processes will trigger an update of the same row.
Affectively the second update doesn't add much value. It might set the
time stamp to the exact same time stamp or one a few seconds later. But
the last activity is no precise science, we don't need this accuracy.
This patch changes the UPDATE query to include the expected value in a
comparison with the current data. This results in an affected row when
the data in the DB still has an old time stamp, but won't affect a row
if the time stamp is (nearly) up to date.
This is a micro optimization and will possibly not show any significant
performance improvement. Yet in setups with a DB cluster it means that
the write node has to send fewer changes to the read nodes due to the
lower number of actual changes.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-10-22 09:32:22 +07:00
01b8291c76
Type the autentication provider passwords as nullable strings
...
For historic reasons we couldn't add a nullable type hint before
nullable type hints were supported by our target php versions. This is
now possible.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-10-13 17:17:25 +07:00
508fe1899c
Tokens without password should not trigger changed password invalidation
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-10-07 20:06:23 +07:00
ee049a159b
prevent the invalidation of pw based authn tokens on a pw less login
...
Signed-off-by: Tobias Assmann <tobias.assmann@ecsec.de>
2021-07-16 14:31:06 +07:00
dbed0ce680
Properly cleanup entries of WebAuthn on user deletion
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2021-06-18 09:42:32 +07:00
215aef3cbd
Update php licenses
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2021-06-04 22:02:41 +07:00
ed2d02d5f1
better cleanup of user files on user deletion
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-04-27 20:29:51 +07:00
a34085e1a2
Move 2fa backupscode to new registration
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-04-20 21:01:16 +07:00
5ee9e1f784
Move 2FA registration to IBootstrap
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-04-20 21:01:16 +07:00
74a7c2eefc
Use correct getSystemValue type
...
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2021-04-12 22:54:50 +07:00
3c5cf825b3
Add real events for enabled 2fa providers for users
...
* Shiny new events
* Listener to still emit the old event
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-03-22 20:57:10 +07:00
7be2ce82e7
Merge pull request #25544 from nextcloud/refactor/app-password-created-event
...
Move app_password_created to a typed event
2021-03-02 08:18:59 +07:00
cd457cc68b
Always renew apppasswords on login
...
Else you can end up that you renewed your password (LDAP for example).
But they still don't work because you did not use them before you logged
in.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-02-10 19:02:37 +07:00
f8808e260d
Move app_password_created to a typed event
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-02-09 18:49:35 +07:00
99d525eb36
Convert 2FA token type to string
...
The IConfig service is documented to handle its data as strings, hence
this changes the code a bit to ensure we store keys as string and
convert them back when reading.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-22 14:09:37 +07:00
d89a75be0b
Update all license headers for Nextcloud 21
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-12-16 18:48:22 +07:00
b47a2730c0
Type the authentication listeners
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-10-15 16:43:21 +07:00
49ff48fcd3
Use PSR logger in authentication
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-10-12 22:07:04 +07:00
2664c7f75f
Type some of the core mappers
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-10-12 11:10:09 +07:00
d9015a8c94
Format code to a single space around binary operators
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-10-05 20:25:24 +07:00
76a7600e2e
Allow configuring the activity update interval of token
...
On some systems with a lot of users this creates a lot of extra DB
writes.
Being able to increase this interval helps there.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-10-04 09:31:41 +07:00
ac5f2914c7
Merge pull request #22641 from nextcloud/fix/credentials-store-upgrade-property-undefined
...
Fix undefined class property access after upgrade from 19 to 20
2020-09-08 10:26:23 +07:00
1f7f93a695
Update license headers for Nextcloud 20 (again)
...
There are still lots of outdated headers, so time for another round of
updates.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-09-07 14:37:44 +07:00
adf100a42f
Fix undefined class property access after upgrade from 19 to 20
...
The serialized data in 19 has one property less and this was not
considered in the code. Hence adding a fallback. Moreover I'm changing
the deserialization into an array instead of object, as that is the
safer option.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-09-07 13:31:24 +07:00
0452877a67
Fix app password updating out of bounds
...
When your password changes out of bounds your Nextcloud tokens will
become invalid. There is no real way around that. However we should make
sure that if you successfully log in again your passwords are all
updates
* Added event listener to the PostLoggedInEvent so that we can act on it
- Only if it is not a token login
* Make sure that we actually reset the invalid state when we update a
token. Else it keeps being marked invalid and thus not used.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-03 21:13:36 +07:00
Côme Chilliet
Alexander Piskun
Joas Schilling
Christoph Wurst
Benjamin Gaussorgues
Lucas Azevedo
Daniel Kesselberg
Côme Chilliet
jld3103
Artur Neumann
Ember 'n0emis' Keske
Joas Schilling
Julius Härtl
Vincent Petry
Thomas Citharel
Marcel Klehr
Roeland Jago Douma
Carl Schwan
luz paz
Robin Appelman
Tobias Assmann
Morris Jobke
John Molakvoæ (skjnldsv)
J0WI
Christoph Wurst
Roeland Jago Douma